The Products
Always Home Cam
To allay possible privacy and security concerns regarding the drone, Ring has incorporated several security features. When not flying around the home the drone rests on a docking station, which blocks its camera. This means that the device can only capture video when it is in flight. Furthermore, the owner decides the areas of the house the drone can access. Before using the drone, the owner sets up the drone by recording the different flight paths the drone can take. These become the only places the drone can fly. In addition, Ring says in a blog post that the device “cannot be manually controlled.” This means that even if hackers were to hack into the drone, they would not be able to make it fly off its predetermined flight paths. Finally, the drone emits an audible hum whilst flying so that the owner is warned if the device mistakenly activates. Although what Kumar says is true, there has already been instances where vein-based authentication systems have been attacked. Furthermore, security researchers warn that the more common palm scanners become, the more willing people will be to use them. However, biometric data is particularly sensitive, because unlike passwords, this data cannot simply be changed if hackers steal it. Or when the data is accidentally exposed. Other security researchers worry that such data could be read in some other way and digitally reproduced. Databases of people’s palm data will not be stored locally on publicly accessible machines that can be manipulated. However, critics state that a system could have been setup to generate a palm signature locally, delete the image of an individual’s hand and send only the encrypted signature for analysis. The fact that all palm images are sent to the cloud for processing creates a single point of failure. “Both the home drone and the palm payment are going to rely heavily on the cloud and on the security provided by that cloud storage,” says Joseph Lorenzo Hall, a long-time security and privacy researcher. “That’s worrying because it means all the risks – rogue employees, government data requests, data breach, secondary uses – associated with data collection on the server-side could be possible. I’m much more comfortable having a biometric template stored locally rather than on a server where it might be exfiltrated.”
New Gadgets Keep Pushing Privacy Boundaries
As Greer warns, and other privacy advocates have warned in the past, privacy rights are much harder to restore once they are gone than they are to maintain.