Security Researchers Find Flaw in Amazon Key


haalkab / Pixabay

A security company has revealed that Amazon Key is not foolproof, but the online retail giant assured that the delivery system is safe.

Amazon Key allows couriers access inside a house or apartment to drop off a package if the recipient isn’t around.

After studying the Amazon Key system and conducting tests, Rhino Security Labs revealed that fake delivery men could disable the Cloud camera that monitors deliveries.

Rhino Labs disclosed its findings to Wired, accompanied by two videos that showed techniques that allowed fake delivery men to enter dwellings that have installed Amazon Key.

Findings

Wired said: “Security researchers have demonstrated that with a simple program run from any computer in Wi-Fi range, that camera can be not only disabled but frozen.”

A viewer watching live or recorded stream sees only a closed door, even as their actual door is opened and someone slips inside.”

That attack would potentially enable rogue delivery people to stealthily steal from Amazon customers, or otherwise invade their inner sanctum.”

Recommended for You

Webcast, November 30th: How Zendesk Scaled to 100,000 Customers in 150+ Countries – Simply and Beautifully

Amazon Statements

Wired said it brought the findings to Amazon’s attention and the company reportedly said it plans to issue an automatic software update to address the issue.

In a separate statement emailed to Mashable, the online retailer said it is aware of Rhino Labs findings but downplayed any threat to Amazon Key.

Amazon emphasized that all Amazon Key deliveries “time-stamped reports detailing how long doors are opened, and the company alerts customers if the camera goes offline for a long time.”

An Amazon representative told Mashable also that the company conducts a “comprehensive background check” on all drivers and that each delivery is tied to an individual driver so that any illicit activity can be detected right away.

Aside from Amazon Key, the company also has a locker system to complement it.

What’s Next?

What are your thoughts on the findings of Rhino Security Labs on the Amazon Key system? Share them by commenting below.



Source link

WP Twitter Auto Publish Powered By : XYZScripts.com
Exit mobile version