Funny thing, that. They actually have Activation Lock (of sorts).
I regret it now but a few years back someone had moved into a home, dumped their Ring doorbell that came with the house, and we shoved it on our house. When we went to set it up Ring blocked the setup attempt because it was account bound.
... Apparently if you call Ring to release it (they can), frontline CS can see the entire log of when the doorbell was online, when it was last rung, and used that information to go "oh, it hasn't been rang in like eight months" to decide that I wasn't some criminal and that I can set up the doorbell myself.
You could take a picture from the real footage, remove the people from it and insert yourself into the front yard. Then when they open the door act confused that you cant see them.
edit: my doorbell resets if you hold it down for 10 seconds then it takes wifi credentials with a QR code and thinks you are it's new owner.
Awesome, as it doesn't actually work from the street door right now, and I can't get the condo management company to fix it. Guess I just need to post a QR code outside?
Anyone is probably a hyperbole here, regardless its accessible via internet, it is always in the category of relatively secure. Applies to pretty much every device connected to internet. Absolute security is a myth, it does not exists.
One can argue that a particular manufacturer is relatively more secure than other, however as long as the software is changing/evolving, eventually it will opens up the possibility/window to hack it
Can you actually access any of the doorbells on the internet with this? It reads to me like you need physical access to extract the signing keys etc over the debug port before you can actually impersonate the device
An attack that could remotely ring my old-fashioned hard-wired doorbell would be really cool to read about. It's the classic electromechanical style with an AC line transformer wired directly between the chime & the button.
If you want to do some fun hacking project, Temu and similar websites are a trove of insecure cheap IoT devices made with almost 0 security consideration. Security camera, car chargers, sport tracking devices, etc.
If you are a bad actor, that is also probably a very easy way to find new ways to enroll devices in your botnet.
OT: do many people who come to your door actually ring your doorbell? 95% of people who come to my door, which has a doorbell and does not have a knocker, knock.
Do people just prefer knocking nowadays? Have Ring type doorbells become so common that people don't realize that a simple pushbutton beside the door with no camera can be a doorbell?
22 comments
[ 0.25 ms ] story [ 52.4 ms ] threadWould it cheer me that people were reaching out and ringing my doorbell?
Or would it make me sad because I would be reminded that there was not a friend ringing at the door?
I sit firmly in the "only smart device is my printer and I keep a loaded gun next to it in case it makes a weird noise" camp.
I regret it now but a few years back someone had moved into a home, dumped their Ring doorbell that came with the house, and we shoved it on our house. When we went to set it up Ring blocked the setup attempt because it was account bound.
... Apparently if you call Ring to release it (they can), frontline CS can see the entire log of when the doorbell was online, when it was last rung, and used that information to go "oh, it hasn't been rang in like eight months" to decide that I wasn't some criminal and that I can set up the doorbell myself.
edit: my doorbell resets if you hold it down for 10 seconds then it takes wifi credentials with a QR code and thinks you are it's new owner.
One can argue that a particular manufacturer is relatively more secure than other, however as long as the software is changing/evolving, eventually it will opens up the possibility/window to hack it
If you are a bad actor, that is also probably a very easy way to find new ways to enroll devices in your botnet.
Do people just prefer knocking nowadays? Have Ring type doorbells become so common that people don't realize that a simple pushbutton beside the door with no camera can be a doorbell?