Ring Doorbell App used to monitor your home through your smartphones, PC or Tablets. Every device includes a lens, a built-in microphone, and a speaker.
So with the app you can watch and speak to the person at your home from anywhere, also it helps to detect motions.
Ring Doorbell App Data Sharing
According to the investigation by EFF, the Ring Doorbell android app shares the customer personally identifiable information with third-party trackers.
The data shared are such as private IP addresses, persistent identifiers, names, mobile network carriers and sensor data on the devices of paying customers.
The data shared with Four main analytics and marketing companies that include branch.io, mixpanel.com, appsflyer.com, and facebook.com.
By having these bits of information the analytics companies combine them to make a whole picture of the user device.
The data shared by the app to AppsFlyer is more alarming, it shares data include magnetometer, gyroscope, and accelerometer and current calibration settings.
Ring also sharing the data with Google crash logging service Crashalytics. It uses HTTPS encrypted traffic which makes analysis job difficult.
Also, it has an app-level certificate pinning to ensure the is the issuance of certificates or mismanagement in the certificate chain.
Researchers managed to inject the code in runtime with Frida framework, “that the certificate provided by our mitmproxy instance would be accepted as valid”.
EFF said that by “leveraging an image of the secure home while profiting from a surveillance network which facilitates police departments’ unprecedented access into the private lives of citizens, as we have previously covered.”
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates
