Are you a woman or do you live with any women you care about? It was just last year it was reported that Ring employees had access to live customer camera feeds and would regularly watch each other’s homes and joke about who each other had slept with.
If you’re okay with someone in front of a computer screen watching what you and the people you care about do through a camera or even share those videos across the internet, then you’re all good!
Your other reply is horrible - LMGTFY has apparently gotten much worse and now uses their own heavily monetized search engine rather than Google - so here's a direct link to what the source probably is:
> Although the source said they never personally witnessed any egregious abuses, they told The Intercept “if [someone] knew a reporter or competitor’s email address, [they] could view all their cameras.” The source also recounted instances of Ring engineers “teasing each other about who they brought home” after romantic dates. Although the engineers in question were aware that they were being surveilled by their co-workers in real time, the source questioned whether their companions were similarly informed.
Assuming read access to your device: Detecting a shift in daily patterns to burgle your house when you're on vacation.
Assuming write access to your device: implanting false digital evidence on your device, calling the cops, and framing you
Assuming root access to your device and network: if you work from home, exfiltrating company-confidential from your home network. Running a botnet from your home.
So IoT vendors working with local burglars? Or local cops? I guess we know Amazon certainly has done the latter... (but not to frame Ring owners, that would be an odd business model...) Having rogue IoT devices on your LAN attack other machines on it is a valid concern, though your traffic would be encrypted, and your actual workstations firewalled?
Part of concern is vulnerabilities in your devices when exposed to the internet. The manufacturer doesn’t have to be malicious, just infosec incompetent.
look at it this way, if major companies who spend billions to hire the best industry security experts to secure their devices and their networks still find themselves regularly compromised, then consider how many of the iot companies are tiny or/and clearly place a significantly higher value on marketing/sales/shareholder return then they do on security, then ask yourself if you want the security and very specific details of your life to reside in the data these companies devices collect.
i don’t want to say they’re malicious but it should be clear by now that a very tiny fraction of companies are taking the security of this data and it’s collectors at even a fraction of how serious they should. even behemoths like amazon have had massive problems with their devices and have been very loose with the data collected.
I have worked with some electronics vendors. Their IT practices leave a lot to be desired.
I could completely see that someone working there could get access to all info on all clients without anyone noticing and selling it over dark net.
If somebody ever gained access to Ring's online video storage, they could easily process it to get a list of addresses and home/not-home schedules. They then could sell subscription access to that online for cheap, giving criminals a huge list of target homes (wealthy enough to be buying amazon's security products) and when it is safe to break in to them.
This was a thing starting in the early 10s. URL was something like burgleme.com. It used Facebook posts to identify when people were away from their homes.
If you’re okay with someone in front of a computer screen watching what you and the people you care about do through a camera or even share those videos across the internet, then you’re all good!