Security flaws in smart doorbells may open the door to hackers

Security flaws in smart doorbells may open the door to hackers

The peace of mind that comes with connected home security gadgets may be false – your smart doorbell may make an inviting target for unwanted visitors



Smart doorbells commonly found on marketplaces such as Amazon and eBay contain serious vulnerabilities that expose their owners to a host of security and privacy threats, according to an investigation led by the British consumer watchdog Which?.


Together with NCC Group, Which? looked into 11 internet-connected video- and audio-equipped doorbells, finding disconcerting vulnerabilities in all of them. A number of the gadgets are designed to have the look and feel of Amazon’s Ring and Google’s Nest Hello and are sold either under their own brands or have no discernible branding. Some devices were promoted with the “Amazon’s Choice” logo and received rave users reviews.


Notably, this includes the Victure VD300 smart doorbell, listed as “the number one bestseller in ‘door viewers’”. The device was found to send a Wi-Fi network password to servers in China unencrypted. If stolen, the login details might not just give crooks access to the victim’s Wi-Fi network, but also to other devices connected to it and exposing people’s sensitive data in the process.


The lack of data encryption was overall a common find in the test and also affected video footage, which was often stored unencrypted.


RELATED READING: These things may be cool, but are they safe?


Other flaws had to do with poor password protections, since the units came with basic and easy-to-guess default passwords or thei ..

Support the originator by clicking the read the rest link below.