When Amazon launched its Amazon Key service last month, it also offered a remedy for anyone—realistically, most people—who might be creeped out that the service gives random strangers unfettered access to your home. That security antidote? An internet-enabled camera called Cloud Cam, designed to sit opposite your door and reassuringly record every Amazon Key delivery.
But now security researchers have demonstrated that with a simple program run from any computer in Wi-Fi range, that camera can be not only disabled but frozen. A viewer watching its live or recorded stream sees only a closed door, even as their actual door is opened and someone slips inside. That attack would potentially enable rogue delivery people to stealthily steal from Amazon customers, or otherwise invade their inner sanctum.
And while the threat of a camera-hacking courier seems an unlikely way for your house to be burgled, the researchers argue it potentially strips away a key safeguard in Amazon's security system. When WIRED brought the research to Amazon's attention, the company responded that it plans to send out an automatic software update to address the issue later this week.
"The camera is very much something Amazon is relying on in pitching the security of this as a safe solution," says Ben Caudill, the founder of the Seattle-based security firm Rhino Security Labs, whose researchers discovered and demonstrated the Amazon Key attack. "Disabling that camera on command is a pretty powerful capability when you’re talking about environments where you’re relying heavily on that being a critical safety mechanism."
The Rhino Labs proof-of-concept attack on Amazon Key is relatively simple. In their demonstration, shown in the video above, a delivery person unlocks the door with their Amazon Key app, opens the door, drops off a package, and then closes the door behind them. Normally, they'd then lock the door with their app. In this attack, they instead run a program on their laptop—or, Rhino's researchers suggest, on a simple handheld device anyone could build using a Raspberry Pi minicomputer and an antenna—that sends a series of "deauthorization" commands to the home's Cloud Cam.
That so-called deauth technique isn't exactly a software bug in Cloud Cam. It's an issue for practically all Wi-Fi devices, one that allows anyone to spoof a command from a Wi-Fi router that temporarily kicks a device off the network. In this case, Rhino's script sends the command again and again, to keep the camera offline as long as the script is running. Most disturbingly, Amazon's camera doesn't respond to that attack by going dark or alerting the user that the camera is offline. Instead, it continues to show any live viewer—or anyone watching back a recording—the last frame the camera saw when it was connected.
That means the deauth command sent by the delivery-person-turned-hacker standing just outside your door can freeze the camera on the image of a closed door, while he then waltzes in a second time and closes the door behind them. Once inside, the intruder can simply move beyond the view of the Cloud Cam, stop sending the deauth command to allow the camera to reconnect, and hit the lock button on their app. Neither the lock's logs nor the video record would appear amiss to the Amazon Key user, even as a stranger runs amok inside their house.
"As a partially trusted Amazon delivery person, you can compromise the security of anyone's house you have temporary access to without any logs or entries that would be unusual or suspicious," Caudill says.
"We currently notify customers if the camera is offline for an extended period," Amazon said in a statement. "Later this week we will deploy an update to more quickly provide notifications if the camera goes offline during delivery."
The company nonetheless downplayed the likelihood of its delivery staff actually exploiting Rhino's technique, and noted that it doesn't allow any staffer to unlock a door without being authorized to deliver a package at a certain address and time, even if the camera is disabled. Amazon also pointed out that it offers a Happiness Guarantee, and claimed—without any direct evidence—that it would be able to immediately identify any driver that did use the trick to break into someone's house.
"Every delivery driver passes a comprehensive background check that is verified by Amazon before they can make in-home deliveries, every delivery is connected to a specific driver, and before we unlock the door for a delivery, Amazon verifies that the correct driver is at the right address, at the intended time," the company's statement reads.
To Amazon's point, any delivery person who does exploit that trick for thievery or spying would still face some serious challenges. They'd be the prime suspect, so to speak, for any obvious burglary of the house, so they'd have to limit their crimes to subtler thefts, like copying sensitive documents for identity theft. And of course, they'd also have to find another way out of the house, since they'll have locked the front door behind them.
"At the point where you’re clever enough to do this, that’s the easy part of the problem," Caudill argues.
Rhino's researchers also point out that when their attack kicks a Cloud Cam off the network, it also disconnects the Amazon Key lock on the door, too. That's because the lock doesn't actually have its own internet connection. Instead, it communicates via the Zigbee wireless protocol to the Cloud Cam, which acts as its connection to the Wi-Fi router and the rest of the internet.
The researchers argue that this could enable a separate attack as well. In that scenario, a hacker follows an Amazon delivery person around and waits for them to make a delivery. Just as they're closing the door to leave, the hacker triggers the deauth command, knocking Amazon Key offline and preventing the door from locking. When the delivery person leaves, the hacker then breaks into the home through the unlocked door.
But that attack, while open to a far wider collection of potential hackers than the rogue delivery person scenario, is even less likely to succeed. The delivery person would have to be rushed or careless enough to not pull on the door to check that it was locked, and to not notice that their app showed an extended "locking" status message, a spinning icon, and then a timeout error. Amazon notes that its delivery people are told never to leave a house when its door is unlocked, and that the company will also call a customer immediately if it sees that their door is left unlocked for more than several minutes.
Caudill concedes that a rogue delivery person disabling someone's camera constitutes a more practical attack. And while he notes that an Amazon software update changes how an Amazon Key camera alerts customers that it's offline could limit the problem, he also argues that a full fix would require caching a certain amount of recording locally even when it's not connected to the internet, so that any mischievous door-opening is still captured even when the camera's offline.
Anything short of a compete fix, Caudill says, will only have even more serious implications as Amazon opens up Amazon Key to other services in the coming months. The company has said it plans to integrate the feature with cleaning service Merry Maids, dog-walking service Rover, and more.
In the meantime, wary users should consider setting up another, separate security camera as a backup for Amazon's Cloud Cam. They could, hypothetically, place a clock or other moving object in the frame of the Cloud Cam's view, so that any freezing of the image would become immediately apparent. Or Caudill offers a harsher but far simpler solution: "Don't use Amazon Key."
