Tag Archives: Branding

Finally, a smart device manufacturer is taking device security seriously, and that’s great news indeed.

You may recall reading about a serious issue with Ring security systems recently.

The news was that the security issue allowed hackers to commandeer user systems and spy on them.

The hackers were sending the users messages and making disturbing threats about watching them, effectively turning their own systems against them.

In response to those events, Ring has taken the bold step of outright requiring all users to make use of two factor authentication, or 2FA for short. Effective immediately, you will not be able to log into your Ring account without 2FA.

Ring’s President, Leila Rouhi, had this to say about the change:

“While we already offered two-factor authentication to customers, starting today we’re making a second layer of verification mandatory for all users when they log into their Ring accounts. This added authentication helps prevent unauthorized users from gaining access to your Ring account, even if they have your username and password.”

Ring’s implementation of 2FA relies on emailing or texting users a six-digit code which must be entered in addition to the standard username and password.

In addition to that, Ring also announced that they’re giving users increased control over the info they share with third-party service providers and will have the ability to opt out of personalized advertising.

Rouhi continues:

“Beginning immediately, we are temporarily pausing the use of most third-party analytics services in the Ring apps and website while we work on providing users with more ability to opt-out in Control Center. In early spring, we will provide you with additional options to limit sharing information with third-party service providers.”

These are significant steps that put Ring miles ahead of just about every other smart device manufacturer in business today. While we have a few issues with their implementation, in general, these are good moves that are long overdue. Kudos to Ring for getting serious about device security!

On the Dark Web, there’s a live webcast show called “NulledCast” that few people have ever heard of. It’s pretty popular in Dark Web circles, though.

The premise of the show is this: The hosts will hack the cameras in home security systems and mess with the owners. Ring and Nest are the two most popular targets.

Recently, Ring has been getting the most attention, which has resulted in some of the NulledCast antics bubbling up from the Dark Web and being mentioned in mainstream news media.

The hackers are using recycled/re-used passwords to get access to the devices. The attacks range from annoying to creepy and disturbing.  In one case, the hackers took control of cameras at an animal shelter and using the shelter’s speakers, sent a message to a staffer there bragging about how they had just killed a kitten.

In another recent example, they took control of a Ring device used by a minority family and shouted racial slurs at them.  In still another, the hackers talked to and taunted to a young boy while he was playing video games in his room.

Yet another family was taunted by ghostly voices that suddenly started coming from their features, with the hackers laughing that they could still see the family, even as they began powering the cameras down.  Finally, another recent example included a creepy conversation with an eight year old girl that was instructing her to mess up her room and break her television set.

The people who are on the receiving end of these attacks have a range of reactions from being slightly unnerved to outright terrified, and unfortunately, there’s no end in sight.  Smart devices like most of the home security systems sold today and a raft of other appliances have notoriously poor security, if they have any at all, which is why shows like NulledCast are so easy to produce.  If you use a Ring Device, be aware that someone may be watching.

Recently the US branch of the global telecom company T-Mobile disclosed a security breach that impacted a small percentage of its customer base.

Specifically, the breach revealed certain information belonging to a small number of the company’s prepaid cellphone users.

The exposed data included customer names, billing addresses, account numbers, rate plans, plan features and user phone numbers. The company stressed that no payment card information or passwords were compromised.

T-Mobile has contacted and has begun working with law enforcement agencies to further investigate the matter. If you were among the impacted users, you should have already received an SMS today from the company.  If you haven’t received a notification and you’re concerned that you may have been impacted, you can get a definitive answer from T-Mobile by contacting them at privacy@t-mobile.com.

This has been a fairly good year for Telecoms in general.  Other than Sprint’s data breach earlier in the year, this is only the second data breach in 2019 involving a major Telecom company.

As breaches go, this one is quite minor, and odds are quite small that you have been impacted by it.  Again though, if it’s something you’re worried about, the company has made it easy to get peace of mind.  Overall, T-Mobile’s handling of the incident has been better than average. In the weeks ahead as the investigation draws to a close, if there are new details to be learned, the company will no doubt disclose them when and as they are able.

With 2019 rapidly drawing to a close, it seems unlikely that we’ll see a spate of Telecomm data breaches. 2019 is likely to be remembered as a year where the Telecomm companies dodged a bullet. Overall, the total number of data breaches continues to surge higher, a trend which is likely to continue for the foreseeable future.