This wildly unsafe video doorbell is still for sale on Amazon here's what
you should know
Date:
Thu, 29 Feb 2024 21:10:22 +0000
Description:
Consumer Reports found this video doorbell sold on Amazon has deeply flawed security that can be easily broken.
FULL STORY ======================================================================
In a recently published article, Consumer Reports (CR) is warning people of a faulty video doorbell being sold on Amazon that can be easily commandeered by a total stranger.
The device itself doesnt have a specific name as its sold under different brand names across multiple commerce platforms; not just Amazon. These names include Fishbot, Gemee, Luckwolf, Rakeblue, and Tuck. It doesnt matter where or from whom you buy the doorbell since they can all be controlled by the Aiwit app which itself is owned by Chinese electronics company Eken. CR, as part of its investigation , bought the device and had a couple of staff members test its security. Needless to say, its really bad. All a bad actor needs to take over Ekens product is to have Aiwits app installed on their smartphone. Bad security
According to their findings, a random person can walk up to a targets house, hold down the doorbell button to put it into pairing mode, then connect it to their phones Wi-Fi hotspot and take complete control. What's even scary is gaining access allows strangers to see the doorbells serial number. With that number, they can remotely view still images from the source video feed at any time. If that wasnt enough, the pictures are time stamped so they know
exactly when someone leaves and comes back to their home.
The security issues dont stop there. These doorbells actually expose your
home IP address and the name of your Wi-Fi network to the internet without
any sort of encryption attached. Serial numbers can be shared with others online, giving those people access as well. CR points out that the devices lack a visible ID issued by the Federal Communications Commission (FCC). Without this label, its actually illegal to sell the product in the United States.
Whats particularly egregious is Ekens doorbell was given Amazons Choice
badge, meaning it gets promoted by the platform as a high-quality item. Contact
Following the investigation, CR reached out to multiple platforms informing them of the faulty doorbell. Few responded; one of which was Walmart who told the publication that theyve removed the product from their website with no plans on bringing it back. Amazon, on the other hand, is staying quiet. They were still selling the device at the time of this writing. Consumer Reports even contacted Eken, but, they were met with radio silence. TechRadar also contacted Amazon and will update this story with its response.
Its worth mentioning Eken sells indoor cameras, although its unknown if these have the same vulnerabilities too. CR told TheVerge that they havent tested the other models nor does it appear that Aiwit servers have any sort of defense from would-be hackers. Anybody can send in a ton of requests and seemingly gain entry to peoples feed without much pushback.
Consumer Reports is recommending current owners immediately disconnect the Eken video doorbell from their Wi-Fi and remove it from their door. Theyre also asking online retailers to be more proactive in ensuring the quality of the items they sell.
If youre looking for other options, check out TechRadars list of the best video doorbell for 2024 . You might also like Best home security systems of 2024 The best antivirus software in 2024 for PC Apples HomePod with a screen now rumored for 2025 release, but has the Echo Show already won that smart home race?
======================================================================
Link to news story:
https://www.techradar.com/home/smart-home/unsafe-video-doorbell-still-for-sale -heres-what-you-should-know
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)