Any truth to this article:
This is pretty big. The EFE is quite reputable and what they showed as outgoing data is alarming. Another reason that I never wanted to touch a Ring device.
Agreed. Unfortunately just the tip of the iceberg I think. And OK @SoulDessin you avoid Ring, but who can you use unless you go completely off grid?
It’s Facebook that does it for me. I avoid them, don’t want anything to do with them. And yet an app for my doorbell is pulling stuff (completely unrelated to the doorbell) off my Android and sending it to Facebook?
I do wish these articles would take the next step and do the same investigation of Google/Eufy/Wyze/Arlo etc.
And how does Apple’s ‘what happens on your iPhone, stays on your iPhone’ statement stack up? Why not test the app on iOS too?
Gut feel is this is industry-wide.
I have Ring doorbells. Not happy to hear this. If I would cancel my subscription and just use the free version with no recordings, do you think they would still be using my data? Is it the App that is problem?
I have had RING since may 2016. Lots of dealings with customer service. About 50% satisfactory. I would never have any of their interior cameras. Leo has dropped them and I think I should as well.
I don’t think what Ring plan you are on will make a difference. The article describes how they managed to inspect all the https traffic being generated by the Android Ring app which was being sent to Branch, AppsFlyer, MixPanel, Crashalytics and Facebook.
Ring’s response is this is analytics and telemetry.
“Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimise the customer experience and evaluate the effectiveness of our marketing.”
I guess I will just have to give up Ring and delete the app. Sad that the Apple App Store would allow the Ring App to do that.
Note this article only discusses the Android app (although I see no reason why the iOS app would be any different). If concerned, maybe drop the iOS app and just use the web access for now. See how this plays out? I’d expect Ring to respond by allowing users to opt-out of their customer experience programme (if this is what it is).
For now, I think I’ll see what the fallout is after this situation has been investigated.
46 libraries used last time it was scanned. No wonder it is so bloated.
I recommend using these to help judge the privacy implications of apps
Permissions on Android puzzles me. If you look at the Ring app’s permissions you see this, and you think ‘OK, seems acceptable, just the mic to talk and storage to save stuff’. Note camera/contacts/location is denied.
But hidden behind the hamburger menu top right is ‘All permissions’ which I assume is everything the app has. Eh? So it does have cam/contacts/location priv? And a whole lot of other stuff that I can’t control? Which matches the info @Dr.Flay provided.
Or am I not understanding these screens? @JasonHowell any ideas?
@rojo118 the general internet rule is, “if you aren’t paying for a service, you arethe service.”
I hate to say it, but I just can not find any good self hosted doorbell systems. Plenty of security camera systems, but no doorbells.
As the Ring doorbell is not free, I don’t get the reference.
The app may be free but can only be used with a paid product .That is no different to having a free key with a new lock. it is part of the whole package.
They do offer continued support/access for free and even though you do pay for some things, some companies just want to maximize their profit. I wouldn’t be surprised if they ramped up the data gathering on the free accounts just to make as much as possible from the ones that aren’t continuing to pay them as much as the others.
A little tinfoil hat-ish, but these companies have proven to live up to it, at times.
Security researcher Brian Krebs retweeted the EFF’s tweet about this article and 3hrs ago the retweet had 5,900 likes and 6,400 further retweets. Looks like this story is getting some traction.
Here is another article about the matter:
This is a mixed bag, I think… If you use ANYTHING on the internet - you are being tracked some kind of way. And, many apps track you and apparently sell your information. If you like your camera, I wouldn’t necessarily stop using it. If you did not have one and was thinking of buying one… THEN, I’d probably look elsewhere. But, who knows if the other camera apps are doing the same thing…
@gigastacey’s IoT podcast is worth a listen this week for a slightly more balanced view. Since the anti-Ring stuff started I’ve been wondering what’s behind the EFF/Vice/BuzzFeed etc. reporting. Still none the wiser really. Good that these companies are under scrutiny, but most stuff being reported is industry-wide I reckon.
The new Control Center is now released in the Ring app. Worth checking. I had authorised devices going back years that I no longer have. So I’ve reset everything.
Some new data here from a BBC article suggests amongst the data retained is not only the exact location of the device but also every time it was rung and what interaction the user had with it after each activation: