Ring Pro, Calling China?

It looks like this was a mammoth fail according to the VPs comments.  This comment did make me LOL:

[–]akesh45 [score hidden] 28 minutes ago 

Here is an update from Ring, 

Thank you all for your patience. As always, Ring is committed to protecting the privacy and security of our neighbors. I have been monitoring the discussion here closely and understand there is confusion as to what is happening with the Ring Pro device. I would like to take this opportunity to further clarify where we are today.

1. The security of our devices and protecting our customers’ information are our top priority. Since these posts were raised, we have spent many hours investigating these issues. At this time, it is our assessment this is not a security threat to our customers; we do acknowledge, though, that this architecture could have been better executed.

2. As background, the data packet that is sent to the IP address in question represents 20ms of audio data. Although some have suggested this could be a vulnerability, we are confident it does not open up the Doorbell to any external threats. Any packets that would have been sent back to the originating IP address of the doorbell were immediately discarded and the socket itself completely shut down after the individual packet had been sent.

3. What’s more, Ring does not use off-the-shelf cameras from overseas. We work for years, both with partners and internally, to design, manufacture and develop our products; we take extensive measures to build quality products that are secure.

4. Nevertheless, out of an abundance of caution, Ring has a firmware update ready that will change the way the socket is closed.

5. This firmware update has begun rolling out and will be active on all Ring Pro devices in the next few days.

We deeply value input from our neighbors and the broader community. We will provide additional updates as appropriate. 

Sincerely,
Joshua Roth
Chief Technology Officer at Ring