Google confirms that second-hand Nest Cams could have been used to spy on people
There been many concerns voiced about the privacy and security implications of many smart products. Some are well-founded, as a new admission from Google that its Nest Cams could be used to spy on people goes to show.
The problem does not center around hackers, but people who have sold or given away their Nest Cams. Even after the new owner performed a factory reset of the camera -- following Google's own instructions -- it was still possible for the original owner to access the camera feed.
See also:
- Google is bringing RCS messaging to users directly instead of waiting for carriers
- com uses clever entrapment technique and accuses Google of stealing song lyrics from its site
- Google Photos will soon stop syncing to Google Drive
As first reported by Wirecutter, the problem was discovered by a member of the Wink Facebook group who found that he was able to access images on a Nest Cam he had sold. It seems that a connection established via his Wink Hub was maintained even after a reset.
Wirecutter tested this, and was able to recreate the problem. While the retained link did not allow the original owner unfettered access to a Next Cam feed -- "just" a series of frequently updated still images -- there is understandable concern.
Thankfully, the gaping security hole has now been plugged, with no need for owners to take any action.
In a statement, a Google spokesperson said:
We were recently made aware of an issue affecting some Nest cameras connected to third-party partner services via Works with Nest. We've since rolled out a fix for this issue that will update automatically, so if you own a Nest camera, there's no need to take any action.
It is not known for how long this problem existed, or how many people were affected by it.