Wednesday, December 18, 2019

Response to all the hyped postings about the Ring "hack story" / Ring review

First off could people stop posting variations of this same story? I must have seen it posted at least dozen times in a couple days. Everyone should have seen it by now. And if they have not they probably will not gain anything from seeing it now. I'm making this cause I'm tired of explaining the story and correcting all the bad replies to all these posts.

Second if you actually read the accounts this hype is based on, it is mainly A guy doing these "hacks" for a podcast. He and his audience thinks it is funny.  Like a radio talk show host making crank phone calls.

Third any script kiddie can do this to accounts on ANY site if login info is reused on multiple sites without 2FA. BTW This is totally diff from brute forcing which even basic VPS served sites block pretty quick these days.

This is the 21st century. Passwords are like door locks. Reusing passwords if like locking your door with an old style lever tumbler lock might be better than leaving it unlocked but I doubt you are still using them on your doors. SMS 2FA is like upgrading to a typical pin tumbler lock. True 2FA with a fob or app is like adding a deadbolt. If you have deadbolts on you doors then you should have 2FA on any accounts you care about someone getting into.

If any of the above is news to you, get studying or hire someone to handle your online interactions NOW! At bare minimum use something like Lastpass to generate unique passwords for each and remember them for you. Personally I would also suggest getting a domain with mail forwarding and using a unique email address with each site as well. That way when you start to see spam come to that address you know the site has either been breached (often this never reported much less makes the news) or they have sold on your info. In the former you need to change your login ASAP. In the later you may want to route that email address trash and stop doing business with that site.

Now as whether you should get a Ring

I bought the original Ring Doorbell back in 2015 and sent it back same day. The video was awful and it took forever to connect.

Recently I got a deal from Amazon for a Ring 2 with Show 5 for less than the normal Ring 2 price so I thought I'd give it another go. Some of the things I ran into:

  • Failed install with flashing light pattern not in list of options. All options basically said rerun setup. Redid install from scratch despite doorbell showing in app since there seemed to be no way to rerun setup on it or remove it. Seemed to sort in end was same cam and old one disappeared.
  • Installed at my desk then moved outside to install on the door frame and could no longer connect to it. Assuming was because it needed to switch to closer AP so told WiFi to do reconnect. It would not reconnect till I powered it off and on again. This is probably because I have multiple APs but I've only seen this before in really old IP cameras where they get stuck on a channel till rebooted. Fortunate this should not be an issue that often.
  • I've been running a ping sorting the WiFi issues
  • Initial tests seem to show the same bad lag as with the original cam. I'll add more details after more tests.
My playlist of sample videos. Note most should have link in the description to a video of the same shot from another camera to compare with.

Seriously if you are just looking for a cam to watch your front door there are a lot of better options out there for less money. The reason to get Ring is the same one I hear the most complains about, the neighbors app. The video doorbell option with replacement guarantee was the main thing I was looking for.  If a doorbell is your main use and you do not need the neighbors app then you might want to look at the Ezviz DB1 It has 3MP rez (half again what Ring has) and can stream to your NVR as well as the cloud and SD card.

No comments:

Post a Comment