Amazon Key security flaw exposed
Last month, the world was introduced to Amazon Key, a service exclusively for Prime members that enables in-home delivery and service appointments. And, well, you probably saw this one coming, it just got hacked.
According to Wired, security researchers demonstrated that a burglar could use software to freeze the Cloud Cam and make it look like the door was still closed while they entered the home. A team led by Ben Caudill, the founder of Rhino Security Labs, have posted a video on YouTube demonstrating the hack. "The camera is very much something Amazon is relying on in pitching the security of this as a safe solution," Caudill told Wired. "Disabling that camera on command is a pretty powerful capability when you’re talking about environments where you’re relying heavily on that being a critical safety mechanism.”
A spokesperson from Amazon said: “Safety and security are built into every aspect of the service. Every delivery driver passes a comprehensive background check that is verified by Amazon before they can make in-home deliveries, every delivery is connected to a specific driver, and before we unlock the door for a delivery, Amazon verifies that the correct driver is at the right address, at the intended time. We currently notify customers if the camera is offline for an extended period. Later this week we will deploy an update to more quickly provide notifications if the camera goes offline during delivery. The service will not unlock the door if the Wi-Fi is disabled and the camera is not online.”