Hackers are getting really good at hacking Ring cameras and the results are terrifying

antitox

Well-Known Member
https://mashable.com/article/ring-cameras-easily-hacked-and-its-terrifying/


In case you needed another reminder of the potentially terrifying downside of having a Wi-Fi-connected security camera in your home, consider this: it's surprisingly easy for hackers to gain access to them.
Hackers have created software that essentially streamlines the process, and are selling and sharing it on internet forums, Motherboard reported. The exploit is possible not because of any one vulnerability in Ring's software, but rather how it takes advantage of insecure passwords in order to get into the accounts in question.
This is much more than a theoretical vulnerability. There have been reports all around the country of people encountering strangers on the other end of their in-home security camera.
Recently, local news in Tennessee reported on a distressing incident in which a hacker yelled racial slurs at an 8-year-old girl in her bedroom just four days after her mother set up a new Ring camera she had gotten from a Black Friday deal.
From BuzzFeed's description of the interaction:

For nearly 10 minutes, he interacted with Alyssa. He could see her, talk to her, and had access to a second system placed in her baby sister's room downstairs.
Thinking it was her younger sister playing music, the third grader wandered upstairs to her room as the eerie song, “Tiptoe Through the Tulips," blared from the Ring camera. The man proceeded to tell her to go call her "mommy" the n-word and demand that she repeat it back to him: "Come on girl, say it with me."
"Mom?" Alyssa asked, confused. "Who is that?
"I'm your best friend," the replied. "You can do whatever you want right now. You can mess up your room, you can break your TV. You can do whatever you want."
As horrifying as it sounds, what happened to that family wasn't a one-off occurrence. A similar incident occurred in Florida just a few days earlier.
For its part, Ring points out that these hacks are possible because people are using weak passwords that have previously been compromised. Hackers often obtain lists of login credentials and attempt to reuse them on other services in what's sometimes known as "credential stuffing."
But the Amazon-owned company also doesn't require camera owners to use two-factor authentication, which could help prevent these types of attacks, even though the company told Motherboard their reps "encourage" the practice.
So if all this hasn't scared you away from your home security cameras, you should — at the very least — double check those security settings.
 

Círeth

Well-Known Member
Always use different passwords for everything and make sure you use passwords that are NOT personal to you.

Don't use your name, address, spouse's name, child's name, pet's name, name of your company. Ideal passwords are three unrelated words separated by numbers or strings of letters and numbers that stand for something. If you have trouble remembering all your passwords then there are programs that will do that for you and input them when and where required. All you need to remember is a secure master password for the program.

This is a classic example of a good password:

CorrectHorseBatteryStaple

Everyone tech-security savvy knows that one so don't use it but use the same principle. Another good method is this one. Think of a sentence you can remember such as:

My dog was a bad boy today, he chased the cat, and barked at the chickens.

Then take the first letter of each word and put them together substituting connecting words like and for 'x':

Mdwabbthctcxbatc

Throw in some numbers at intervals you can remember, like where the punctuation would be. So for example:

My dog was a bad boy today 5 he chased the cat 9 and barked at the chickens 3

And do the same thing and you have:

Mdwabbt5hctc9xbatc3

You can remember that because you remember the sentence but no one is going to guess that string of letters and numbers. Although obviously don't use that example now because it's no longer secure because everyone can read it.
 

Círeth

Well-Known Member
For people who can literally have over 100 passwords and who also have memory problems, this can be impractical.

Which leaves us at an impasse.

My only good solution is to get this stage of the world over with so that the King of Justice can rule.
That's why you use a master password program like Keepass. Then you need only remember the one, master password.
 
Top