Skip to main content
  1. Home
  2. Smart Home
  3. News

Researchers already found a way to fool Amazon Key and shut off your camera

By

amazon key hack news camera
Image used with permission by copyright holder
It sounded too good to be true from the start: A lock that allowed deliverymen and service providers in without a key, all while promising to be perfectly safe and monitorable. We’re talking, of course, about Amazon Key, a system that allows folks into your home once they have scanned a unique barcode. We called it “invasive and creepy” once it was announced and now that a report from Wired suggests the system can be hacked, our opinion seems further justified.

A team of security researchers from Seattle-based Rhino Security Labs demonstrated that Amazon Key and its companion Cloud Cam could be disabled and frozen, allowing just about anyone to waltz into your home. If the system is thus disarmed, even if you’re watching a “live” stream, you wouldn’t see anything out of the ordinary. This wasn’t just an unfounded claim — when Wired told Amazon about the new security research, the company noted that it would issue a software patch to fix the problem “later this week.”

Recommended Videos

So how exactly would an attack work? According to Rhino, a delivery person would first have to gain legitimate access, unlocking your door with the Amazon Key app. But instead of relocking the door with their app, they could simply run a program either on a computer or on a handheld device built with a Raspberry Pi and an antenna that would deauthorize the Cloud Cam. Rather than going dark, the Cloud Cam would simply continuously show the last frame recorded before it was deauthorized. That means that the attacker, or anyone else, would go undetected.

Related

To be fair, the likelihood of such an attack is rather slim. An attacker would have to be authorized to deliver a package at a certain address and time, regardless of whether or not the Cloud Cam were switched on or off. “Every delivery driver passes a comprehensive background check that is verified by Amazon before they can make in-home deliveries, every delivery is connected to a specific driver, and before we unlock the door for a delivery, Amazon verifies that the correct driver is at the right address, at the intended time,” Amazon pointed out. So unless a delivery person had a longstanding plan to do something nefarious, the whole scenario is rather unlikely. All the same, Amazon noted in a statement, “We currently notify customers if the camera is offline for an extended period. Later this week we will deploy an update to more quickly provide notifications if the camera goes offline during delivery.”

Image used with permission by copyright holder

Perhaps more concerning, however, is the fact that when a Cloud Cam is disabled, the Amazon Key is also disconnected. After all, the lock doesn’t maintain its own internet connection, as it relies upon the “Zigbee wireless protocol to the Cloud Cam, which acts as its connection to the Wi-Fi router and the rest of the internet,” Wired reports. This means that a potential thief could just follow a delivery person, and send the deauthorization command as the delivery is completed. Then, once is the coast is clear, the criminal could simply walk through the unlocked door.

Of course, this would involve a delivery person not paying attention to whether or not the door locked behind him or her, and Amazon notes that it instructs drivers not to leave a house if the door is unlocked. Plus, Amazon is also supposed to call a customer if a door is left unlocked for more than a few minutes.

Editors’ Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Amazon to end support for Cloud Cam – here’s what it means
Amazon Cloud Cam

Amazon has revealed it’s ending support for its Cloud Cam home security camera toward the end of this year, though it’s aiming to soften the blow by offering owners a couple of freebies.

In a widely reported email sent by Amazon to affected customers, the company said it will replace the Cloud Cam with its newer security camera, the Blink Mini, and also provide a one-year Blink Subscription Plus Plan worth $100.

Read more
How to access your favorite music streaming services on Amazon Echo Show
amazon prime music streaming coming

You could say it’s the original use for an Amazon Echo device: Playing music hands-free. Amazon Echo has come a long way since its early days of being a simple smart home speaker: Music and audio quality have vastly improved with each iteration, and the company has added video screens to these devices, now dubbed Echo Show, making them home hubs that can play music and stream video, act as home security cameras, and even facilitate video chats. But music is still a primary feature.
What music streaming services are available on Amazon Echo Show?

Amazon has wisely agreed to play nicely with a surprising variety of music services. Naturally, they’d like it best if you use the default Amazon Music service, which with a Prime membership gives you access to millions of songs (and an upgrade to Amazon Music Unlimited basically means any and every song you want is at your fingertips). Amazon Music is a fine service, but depending on what you’re used to or which other music services you subscribed to before you got an Echo device, you may want to link to another option.

Read more
Best ways to use Amazon Echo Show in the kitchen
Amazon Echo Show 15 hanging horizontally on the wall in a kitchen.

One of the most popular places to put an Amazon Echo Show is in the kitchen. After all, the kitchen is the heart of the home and a family gathering place, so it makes sense to keep it in a spot where everyone can access Alexa to help with all kinds of tasks. Amazon Echo Show devices, including the newly announced, wall-mountable Echo Show 15, are remarkably handy in the kitchen. Here are the best ways to use it.
Watch cooking videos

Some of us learn better by watching. If you want a helping hand when learning to make a new dish or to better understand a cooking technique, ask Alexa to show you how. Just say, “Alexa, show me how to chop an onion,” or “How do I make crepes,” and she'll pull and show you guided videos that you can follow. Choose the smaller Echo Show 5 if you need to save space, or consider the bigger Echo Show 8. Check out our Echo Show 5 versus Echo Show 8 comparison, too.
Ask Alexa for recipe conversions
How many cups of butter are in that stick? How many tablespoons are in an ounce? If you're baking a cake from one of grandma's old recipe cards and need different measurements, just ask your Echo Show device to do the conversion for you. That way, there are no mistakes and no need to second-guess, ensuring that your family recipe for pound cake will be moist and tasty.
Play music, radio, or podcasts
A dinner party or family time is always better with a soundtrack. Ask Alexa to play music by genre, artist, or album, or link the Echo Show to other music services like Spotify or Apple Music, and access your playlists, too. You can also ask Alexa to play your favorite podcast or even a local radio station.
Set timers and alarms
The single timer on your oven, microwave, or stove can't compete with the abilities of your Amazon Echo Show device at keeping tabs on multiple cooking timers. You can ask Alexa to set multiple timers or alarms to ensure nothing burns or overcooks.
Stay sanitary

Read more