"Florida Tech Student Finds Privacy Flaws in Connected Security and Doorbell Cameras"
Florida Tech computer science student Blake Janes discovered systematic design flaws in internet-connected doorbells and security cameras manufactured by Ring, Nest, SimpliSafe, and eight other manufacturers. Janes found that a shared account can still have access to a video feed despite it appearing to have been removed. The mechanism implemented for removing user accounts does not function as it should because it fails to remove active user accounts. Malicious actors could exploit this flaw to maintain access to a camera system for an unlimited time. They can use this time to record audio and video, posing a significant threat to users' privacy. This invasion of privacy can be achieved using the devices' companion applications, which eliminates the need for advanced hacking tools. The devices found to contain flaws include the Blink Camera, D-Link Camera, Canary Camera, and many more. This article continues to discuss the security flaws found in connected security and doorbell cameras, as well as how vendors have responded to this discovery.