|
|
|
|
|
|
by ssully
2517 days ago
|
|
|
I had my house broken into once and they just used a crowbar. My neighbor heard them do it, but assumed someone was just doing some work outside. I get why people are hard on smart locks, but I really don't see them as any more insecure then regular locks. |
|
|
For example, here[1] is a "keyless bluetooth padlock" that can be opened trivially by rapping the locking pall with any hammar-like tool ("rock"). (it also has far too much around the shackle, so can also be opened with a a simple shim (e.g. a small cutout from a cola can). Another common problem are locks that don't seal their electronics securely, so they can be attacked by simply unscrewing a panel, ripping out the electronics. and touching the battery wires to the locking pal's actuator.
However, that type of problem are simply poor designs. In theory, in the future better designs could be made that include protections against well-known attack methods similar to what is already included in many "regular" locks.
A fundamental concern with locks that depend on radio (or worse, the internet) is what the lock does when when the radio/internet communication fails (for any reason). Does the lock fail-open, or fail-closed[2]? Did the lock even address this important question? Does the lock open if someone unplugs the router? Or does it trap people behind the lock if a fire destroys the cable/DSL modem? Physical locks also have failure-mode concerns, but they tend to be limited to something happening locally, With "smart" devices, you are adding remote resources (like the internet router in another room, or remote servers, etc) as a critical component of the lock's security. That is a terrible idea if you that remote resource is intrinsically outside your control.
[1] https://www.youtube.com/watch?v=vIbXC5LR8aQ
[2] https://en.wikipedia.org/wiki/Fail-safe#Fail_safe_and_fail_s...