Do-it-yourself security devices and systems are growing in popularity, thanks to the wide availability and affordability of network-connected consumer devices. Today we are testing one of the more prominent devices on the market – the Ring Video Doorbell.
Ring Pro vs Ring
Ring currently offers two models of video doorbells — Ring Video Doorbell and Ring Video Doorbell Pro. Both offer video recording, night vision, Live View (live security video stream via the app), motion detection, two-way audio and cloud recording. Both can be installed using the existing doorbell wiring and provide connectivity via the Wi-Fi. However the Pro model offers higher-resolution HD video at 1080p (vs 720p of the non-pro version), supports 5GHz as well as 2.4GHz Wi-Fi, and provides several other upgrades. The Pro is also smaller in size, but costs roughly $50 USD more and does not support installation without existing doorbell power wiring (the standard Ring model offers the option of being powered with a rechargeable battery).
Installing Ring Pro
The Ring Pro comes with a choice of 4 interchangeable faceplates, a supplemental Pro Power module, mounting hardware, tools, and documentation. It even includes a drill bit needed for installation to masonry walls.
Installing the Pro Power module
The first step is to wire the included Pro Power module into the existing doorbell. The Pro Power kit increases the amount of power delivered from the house doorbell to Ring, so it can perform all the tasks old doorbell button did not have to do: run the Wi-Fi radio, camera, night vision, motion detection and 2-way audio.
This step may seem intimidating to users not handy with tools, but it amounts to simply unscrewing two wires inside the doorbell, attaching these wires to the connectors included with the Power module, and then connecting the Pro Power wires to the terminals inside the doorbell. The instructions included with Ring Pro are straight-forward, and Ring also provides how-to videos on their website.
The Pro Power module attaches inside the doorbell with 2-sided tape, and after some wire-tucking, the doorbell cover fits just like before.
Installing Ring Pro
With the Pro Power module installed, we headed outside to remove the existing doorbell button.
The Ring Pro connects to the two wires from the old door bell button.
The Ring Pro is secured to the wall with two screws, and the protective faceplate snaps in place and is secured with a small screw. The entire process of installing the hardware took less than 30 minutes.
Setup is performed via the Ring app available for IOS, Android and Windows.
During setup, the Ring Pro creates a Wi-Fi hotspot to which the app connects to complete configuration. The setup wizard guides the user to connect the Ring Pro to the home Wi-Fi network. After the setup, the Ring stops broadcasting its own hotspot.
Using the App
The app is intuitive and simple to use. The main screen provides a scrolling feed of recently recorded activity, including doorbell rings, motion detection, and Live View.
The app also allows several configuration options for the device, including alert settings and adjusting motion detection sensitivity and coverage. Motion Zones in particular were useful and easy to set up, allowing the significantly reduce the number of false positives by excluding areas you don’t want to trigger recordings – streets, trees, etc.
The Motion Zones performed well in real-life tests, beginning recording as soon as someone entered the zone, and continuing recording until the person exited.
With any network-connected devices, there is an inherent risk of introducing new vulnerabilities to the network. New IoT products are complex devices, often combining hardware and software components from multiple manufacturers. Even in the unlikely event that the initial product is completely secure, it takes a single flawed firmware update to render it vulnerable. Unfortunately, consumer goods manufacturers have a rather poor track record of securing the devices they ship. “Smart” home devices can fall victim to hacking, botnets, and even ransomware.
Ring vulnerability history
Ring has not avoided the scrutiny of security researchers, with a major vulnerability discovered in early 2016, allowing attackers to put the device into setup mode and use its Wi-Fi hotspot to pull the network configuration settings, including WiFi login and password from the Gainspan server on the device. To Ring’s credit, this vulnerability was fixed promptly with the version 1.6.39 firmware update.
In March 2017, the Ring was in the news again, this time with concerns about portions of the video feed being routed to servers in China. The company again responded promptly, investigating the issue and conducting an independent security audit of the device. The issue was determined to not represent a security risk to consumers, but Ring had still fixed it promptly with firmware 1.4.29 update.
Any hardware or software vendor can find themselves in a vulnerability crisis with one of their products. Even seasoned enterprise vendors have found themselves in the media spotlight in recent years. What sets a vendor apart is not only how often this happens with their products, but also how quickly they respond to and address the issue. Granted, some vulnerabilities are more fundamental and difficult to fix than others, but so far Ring has shown a good track record, and deserves props.
Securing the Ring
The Ring Pro provides several security features. Users can make additional smart choices during setup and configuration to make the device more secure:
- Use a secure network. Ring Pro supports WPA2 encryption, so make sure your WiFi network has WPA2 security enabled, to ensure the communication between RingPro and your wireless router is encrypted.
- Connect Ring Pro to your guest network. There is no reason to connect your doorbell to the same network as the computers and home servers that contain your personal and confidential information. Instead, connect it to a guest Wi-Fi. (You can still secure it with WPA2).
- Use a strong password for your Ring account. Don’t underestimate the risk of reusing passwords or using weak passwords. Use a password generator to create a unique strong password to reduce the risk of password-cracking and credentials-stuffing attacks.