A newly launched bug bounty program is offering nearly $18,000 to anyone who can successfully disconnect Ring Video Doorbells from Amazon’s cloud servers while keeping the devices fully functional.
This initiative aims to address ongoing privacy concerns about Ring’s data-handling practices and the lack of local storage options for users.
The bounty targets Ring doorbells released in 2021 or later, challenging hackers to create a software or firmware modification that allows for local control.
The total bounty pot currently stands at $17,924, funded by public donations and a matching fund.
The goal is to develop a solution that integrates the modified Ring doorbell directly with a local PC or server via Wi-Fi or a physical connection.
This modification must completely sever the device’s connection to Amazon servers and eliminate the need for Amazon hardware to function.
Crucially, the solution must not involve replacing the doorbell’s hardware and should be achievable with inexpensive, readily available tools.
FULU requires that the modification preserve all on-device hardware features, including motion detection and color night vision.
The creator must also provide clear instructions that a moderately technical user can follow to execute the process in under an hour.
RequirementDetailsLocal IntegrationMust connect directly to a local PC/server via Wi-Fi or physical connection, ideally supporting Home Assistant.No Cloud DependencyMust stop sending data to Amazon servers and not require Amazon hardware.Feature PreservationOn-device features (e.g., motion detection, color night vision) must remain functional.No Hardware ReplacementMust not replace the doorbell’s hardware.Accessible ToolingMust use readily available, low-cost tools.Clear InstructionsMust include step-by-step instructions a moderately technical user can complete in under one hour.Model EligibilityMust work on at least one Ring model released in 2021 or later.ComplianceMust meet the general bounty terms.
Ideally, the solution should also allow for user-friendly integration with Home Assistant platforms. The bounty is open to any eligible individual who can meet these criteria and the general terms outlined by FULU.
Privacy Concerns Drive Bounty
The motivation behind this bounty stems from persistent privacy issues associated with Ring, an Amazon subsidiary.
In 2024, Ring agreed to a $5.6 million settlement following a Federal Trade Commission complaint alleging the company provided all employees with full access to customer videos.
The FTC also claimed Ring failed to patch known vulnerabilities, resulting in approximately 55,000 customer accounts being compromised.
More recently, Ring faced significant backlash over its proposed “Search Party” feature, which ultimately led the company to terminate its partnership with Flock.
Currently, Ring doorbell owners cannot store their video feeds locally or prevent data from being sent to Amazon’s servers.
This lack of control has raised concerns that the very devices intended to enhance home security might be compromising user privacy.
The FULU bounty program seeks to empower users by providing a viable alternative for managing their Ring doorbell data.
Interested hackers have until December 31, 2031, to submit a successful solution to bounty@FULU.org.
If no viable modification is presented by the deadline, contributors will have the option to receive a refund or donate their contribution to FULU.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post $10K+ Bounty Offered to Hacker Who Can Disconnect Ring Video Doorbells from Amazon Cloud appeared first on Cyber Security News.
.webp?w=0&resize=0,0&ssl=1 "Top 10 Best User Access Management Tools in 2026")
