Finally! Ring Doorbells get End-to-End Encryption, but There’s a Big Catch

Amazon’s Ring unit is moving ahead with plans to allow end-to-end encryption (E2EE). U.S. customers can turn it on now, with the feature rolling out to other countries any second now.

But there’s always a catch. You need to remember a huge random passphrase. And a lot of features will stop working—including the ability to resell your device on the used market.

Is it a dark pattern? If it walks and swims and quacks like one, then it probably is. In today’s SB Blogwatch, we’ve got a bad feeling about Ring.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Turning into random objects.

I’m Sorry, Dave; I’m Afraid I Can’t Do That

What’s the craic? Jay Peters reports—“Ring’s end-to-end encryption … available now”:

More secure
Ring’s end-to-end encryption for video streams is leaving technical preview, is now available to US users, and is currently rolling out globally. … The opt-in feature makes it so that your video streams can only be viewed by you on an enrolled iOS or Android device.

Ring first announced video end-to-end encryption in September 2020 and launched the technical preview in January. … If you use two-step authentication to provide extra security to your account, Ring now supports authenticator apps, which [is] more secure than SMS.

And Steven J. Vaughan-Nichols adds—“Amazon is finally delivering it”:

Use E2EE—I will be
Did you know that that handy video your Ring doorbell takes … isn’t private? … Not only are your videos kept in the Amazon Web Services (AWS) cloud, [but they’re] transmitted in the clear.

A sufficiently motivated hacker, or your local police force, can easily watch who’s walking by your door. Until now. … If you decide to install this optional privacy feature, you’ll need to install a new version of the Ring application on your smartphone. Once installed, it uses a Public Key Infrastructure (PKI) security system based on an RSA 2048-bit asymmetric account signing key pair.

You’ll also need to set a passphrase, which you must remember. … If you lose it, you’re out of luck. [But] if you value your privacy, and you still like the convenience of Ring, I encourage you to use E2EE. I will be.

Wait. Pause. “Transmitted in the clear,” you say? roc97007 has a TILT moment:

Wait, what? … They were sending data in the clear all this time?

Wow, that’s so last century.

But raxxorrax thinks that’s a misunderstanding:

Transport layer
They probably always had encryption. Amazon enforces it for the transport layer.

Horse’s mouth? Amazon’s anonymous PR gnomes profit in this “Whitepaper”:

Autogenerated passphrase
E2EE’s enhanced security and privacy feature requires some functionality trade-off as certain capabilities require processing and analysis of decrypted video content. For instance, applying computer vision to video content cannot be performed if the content is encrypted – any Ring cloud service that needs to decrypt videos for processing will not work. (Also, turning on E2EE will not encrypt any videos created before E2EE enrollment – the service only encrypts videos created after enrollment.)

Therefore, features such as Motion Verification and People-Only Mode will be disabled. Some of our users prefer the functionality trade-off for enhanced security and privacy.

When the user begins the process of enrolling E2EE … the app presents a 10-word autogenerated passphrase … generated locally by the Ring app [which is not] retained on the device. … If the user [later] needs to enroll a new mobile device … the user provides the passphrase … in their new Ring app. [So] it is recommended the user securely store a copy of the passphrase.

Planned Ring E2EE improvements will include enhancements to passphrase generation to reduce the possibility of offensive phrases.

Hilarious “possibility” aside, how does Amazon expect regular users to remember a random 10-word phrase? And CricTic points out some other downsides:

You will not be able to …
A bunch of features get turned off … so I’m glad they are making users opt-in. Here are a few of the features our family uses all the time that wouldn’t work: …

  • Shared Users (like a spouse) will not be able to view your videos
  • You will not be able to view encrypted videos on, the Windows desktop app, the Mac desktop app, or the Rapid Ring app.
  • You will not be able to use Live View from multiple mobile devices simultaneously.
  • You will not be able to use the Event Timeline.
  • You will not be able to see Rich Event Notifications (camera snapshots in the notification)
  • You will not be able to watch Ring videos on Amazon Echo Show, FireTV, or FireTablet.

In a similar vein, here’s westlake’s bloody critique:

Mobile devices
One reason the camera is there is so the video can easily be reviewed in my absence if things go south. If I didn’t think intrusion was a risk I wouldn’t have installed the system.

Binding the feed to a unique cell phone or set of phones and a potentially irretrievable key code doesn’t appeal to me. And I am not that welded to mobile devices.

Now law enforcement can only get footage from you, not Amazon? u/gurenkagurenda waves the IANAL card:

The whole point
Yes, they can ask you for it. And if they don’t have a warrant, you can tell them to **** off.

Because it’s end to end encrypted. That’s the whole point.

Meanwhile, isn’t 2048-bit RSA enough for you? CryptoNred snarks it up:

When do I get a post-quantum doorbell? Modular multiplicative group exponentiation isn’t my jam. When do I get isogeny- or lattice-based encryption for my front door?

And Finally:

Don’t try this at home, kids

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: Michael Cornelius (cc:by-sa)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 615 posts and counting.See all posts by richi