75 Percent of Bluetooth Smart Locks Can Be Hacked (tomsguide.com) 87
It turns out, the majority of Bluetooth smart locks you see on the market can easily be hacked and opened by unauthorized users. The news comes from DEF CON hacker conference in Las Vegas, where security researchers revealed the vulnerability, adding that concerned OEMs are doing little to nothing to patch the hole. Tom's Guide reports: Researcher Anthony Rose, an electrical engineer, said that of 16 Bluetooth smart locks he and fellow researcher Ben Ramsey had tested, 12 locks opened when wirelessly attacked. The locks -- including models made by Quicklock, iBlulock, Plantraco, Ceomate, Elecycle, Vians, Okidokey and Mesh Motion -- had security vulnerabilities that ranged from ridiculously easy to moderately difficult to exploit. "We figured we'd find vulnerabilities in Bluetooth Low Energy locks, then contact the vendors. It turned out that the vendors actually don't care," Rose said. "We contacted 12 vendors. Only one responded, and they said, 'We know it's a problem, but we're not gonna fix it.'" The problems didn't lie with the Bluetooth Low Energy protocol itself, Rose said, but in the way the locks implemented Bluetooth communications, or with a lock's companion smartphone app. Four locks, for example, transmitted their user passwords in plaintext to smartphones, making it easy for anyone with a $100 Bluetooth sniffer to pluck the passwords out of thin air.
Telnet (Score:2)
Four locks, for example, transmitted their user passwords in plaintext to smartphones, making it easy for anyone with a $100 Bluetooth sniffer to pluck the passwords out of thin air.
Right
Re: 100% (Score:2, Informative)
The update at the end of the article states the August smartlock, one of the 4 called out as being good, has now been hacked. Up to 81% at least
Locks are for honest people :) (Score:3, Interesting)
I go by the notion that locks are for honest people and things like smartlocks and connected locks are primarily for the convenience of the owner. Realistically, for most consumer applications of locks, if someone wanted to get in, the lock isn't keeping them out. So while I'm disappointed at the overall non-concern for real security by the manufacturers, I'm not incredibly surprised and I'd be really surprised, outside of a handful of specific targetted cases, that any real thief would even bother with hacking a lock.
Re: (Score:1)
Oh rly? [lmgtfy.com]
What we see here is yet another example of how the manufactures of IoT devices don't give a shit about security.
Re: (Score:3)
That's not really an accurate analogy. One wouldn't need to hack the lock of a jeep to get access to the contents of the jeep.
Re: (Score:2)
According to BosnianBill on YouTube, MasterLock's main weakness is the tumbler. check out his videos. He rakes a MasterLock with a ziptie and opens it.
Re: (Score:2)
Keep honest people honest but make a good product (Score:3)
I go by the notion that locks are for honest people and things like smartlocks and connected locks are primarily for the convenience of the owner. Realistically, for most consumer applications of locks, if someone wanted to get in, the lock isn't keeping them out.
That's true but there is no point in making it easier than necessary for a lock to get picked. At least with the deadbolt on my door someone would either have to A) smash the door which tends to leave evidence or B) pick the lock which (should) take non-trivial amounts of time. You are quite correct that locks are generally more for keeping honest people honest than to keep out determined criminals but that doesn't excuse making a shoddy, easily bypassed product.
Re:Keep honest people honest but make a good produ (Score:4, Informative)
Most house deadbolts take about 1 second to covertly open:
https://www.youtube.com/watch?v=iaBIvKzBCxI
Hopefully you bought a replacement for the junk the builder installed.
Re: (Score:3)
Re: (Score:1)
Re:Locks are for honest people :) (Score:5, Insightful)
Such a bullshit cliche. Honest people don't need locks to stop them from opening things they shouldn't be opening.
Re: Locks are for honest people :) (Score:1)
To keep those on the line between honesty and criminality from straying across without effort - like a fence.
Re: (Score:2)
Exactly. The nihilistic view of honest people is that they are simply an opportunity away from being a dishonest person :).
Re: (Score:1)
Yep, we need meta insurance. Oh wait.
Re: (Score:2)
Do you even know what "cliche" means? What cliche did I use?
Re: (Score:2)
Honest people don't need locks to stop them from opening things they shouldn't be opening.
This may be true of your home's exterior door or your car door in modern western society, but it certainly is not in
other settings. People often find themselves in situations where they need to try doorknobs until they find the right
room/closet, and a locked door is a good way to tell them "not the right door." Signs are usually a better way, but
sometimes it is silly to put a sign on everything.
For example, you don't leave the door to your dangerous laboratory unlocked and then send your temp worker
down t
Re:Locks are for honest people :) (Score:5, Insightful)
Realistically, for most consumer applications of locks, if someone wanted to get in, the lock isn't keeping them out.
This is very true, but even then the lock accomplishes something else: it creates evidence of a break-in. You show your home insurance adjuster a kicked in door, they cut a check. You swear up and down that you locked the door and someone must have hacked it, have a fun few months/years in court...
Being able to hack the lock from a car parked on the street also has advantages: it cuts down on the amount of time and noise you have to make to break in. After all, there's a reason thieves are getting into electronic gizmos to unlock car doors...
Re: (Score:2)
This is very true, but even then the lock accomplishes something else: it creates evidence of a break-in.
A bump key or a properly-handled tensioner and rake don't leave any evidence.
Re: (Score:2)
Re: (Score:2)
That makes sense. However, it doesn't really affect the point. If you have to disassemble the lock to discover that there was a break-in, then you'll never know there was a break-in. I suppose if you have some *other* reason to believe there might have been a break-in the lock could provide evidence, but that seems like a pretty rare situation, one which wouldn't justify putting locks everywhere.
Re: (Score:2)
As you said these are convenience things, and short of someone looking to specificly target that home these bluetooth locks probably shouldn't be on the front-door in the first place. They should be on the carport door, where you want a quick entry/exit, and still have the garage door as a second barrier.
Crooks LOVE unlocked garages or other crummy garage security. It gives them plenty of time unobserved to deal with the garage/house door.
Re: (Score:2)
Then they realised the IoT devices were using 900MHz or 433, or 468, or 968... or 5.8GHz.. or cellular.
Their 2.4GHz high-power device is also illegal, so they're breaking and entering and violating FCC rules turning their crime into a federal offence.
Re: (Score:2)
Because of all the law enforcement agencies in the USA, uncle charlie is the one to fear most?
Uncle charlie doesn't care what you do as long as you don't interfere with their cash cows. 1000W linear on a crappy CB, no enforcement, had to put a pin through the jackass's coax myself.
Re: (Score:1)
Same as regular locks? (Score:2)
"had security vulnerabilities that ranged from ridiculously easy to moderately difficult to exploit."
and
"We contacted 12 vendors. Only one responded, and they said, 'We know it's a problem, but we're not gonna fix it.'"
Soooo... pretty much the same standard as most consumer (non-smart) locks? I agree that it's pretty pathetic, but given that most locks are susceptible to a "bump key" and that even some supposedly secure safes can be easily opened with a magnet [youtube.com], the locks are mostly about keeping honest peo
Re: (Score:2)
The difference is dumb locks you have to access physically to break them open and while doing so you may look suspicious -- there is a time pressure that raises the barrier. With smart locks, you can take your time working the lock at a distance, and once it is unlocked you can casually access the protected item as if it were yours.
Re: (Score:2)
Yeah, especially since I actually mentioned them in my post...
Maybe a video [youtube.com] would help illustrate how quickly these things work.
Re: (Score:2)
If they used LUDDITE locks instead of APPY locks, then those APPY hackers wouldn't have been able to hack the LUDDITE locks
Luddite!
Transmit the password as cleartext? (Score:3)
Cryptography (Score:2)
I am not willing to pay or put up with the inconvenience of perfect physical security for my home.
The thing is, perfect smart lock (I mean, at least perfect on the software side) are technically possible.
There are modern cryptographic method that could work very well in this situation.
The smartlock makers where simply too lazy to even try it.
And that's sad.
Re: (Score:2)
They're probably not lazy, but rather they probably all obtained the electronic guts from some Chinese manufacturer that builds lock guts for hundreds of different companies, using basically the same firmware, just changing the VID/PID pairs. The lock manufacturer probably played no part in the development of the electronics or in the firmware that runs on the device, which means that any fix would require them to lean on the actual hardware vendor, who would then do anything and everything to avoid actua
Cheap ass (Score:2)
And it would have nearly cost them as much to only obtain the *electro-mecanical* guts from Chinese (i.e.: physical lock + motors + power stage),
hire some cryptography master student for an internship to write actually competent security code,
and flash and solder some ATMega or other pico controller themselves.
It would be both way much more secure.
And they could proudly write some "assembled in USA" sticker on the box, knowing that they keep some jobs inland (the master student writing the picocontroller co
Breaking news! (Score:2)
I agree that this is a clear vulnerability... but seriously: if a single lock is the only thing separating an intruder and your valuables, bluetooth isn't going to save you anymore than a standard tumbler lock.
If anything, the data spillage on the password is the biggest problem (given people's propensity to recycle passwords). NOW the *ahem* "hacker" probably has a good guess on the login to your computer, wifi, bank account, etc. To prevent this human performance er
Hackdot? (Score:1)
There's an increasing number of security-related Slashdot stories. While not necessarily a bad thing, perhaps an easier way should be provided to browse non-security-related stories when one wants to. Suggestions welcome.
Security certainly is a growing problem, I don't dispute that, but reading too many gets depressing.
A preliminary suggestion is to adjust the top "Categories" to have checkmarks. Your preferred (default) checkmarks would be stored with your user profile, along with a link next to the catego
"...we're not gonna fix it" (Score:1)
I wonder, does this attitude have any effect on sales? To explicitly state this publicly must mean they are very confident that it doesn't.
Wow (Score:1)
Only 75%
Omg. It's almost as if their interest ends at getting your money. Who'd have thunk?
That's because the default pin (Score:2)
Failure on all fronts (Score:2)
Same with keys. (Score:5, Insightful)
Most locks can be opened in 5 seconds with a 'bump key'.
Even the best locks can easily be defeated by a sledge hammer.
The real advantage of most locks is that it TELLS you when they have been attacked. A good Bluetooth lock should keep an easily accessible record of how many times and when it was opened.
But yes, this should be fixed. Even simple encryption is better than plain text password transmission.
Re: (Score:1)
Actually, I think plain text is better than poor encryption. Poor encryption is worse than none, as it leads you to believe the communication is "secure" (and gives the marketing weasels air cover). At least with plain text, you know it's vulnerable.
Re: (Score:1)
> Even the best locks can easily be defeated by a sledge hammer.
https://www.youtube.com/watch?v=mkP1rA5Jhpw
75% today (Score:2)
75% today, but it'll be 100% in a few weeks or maybe a few months.
Bolt cutters (Score:1)
Re: (Score:1)
Hammers and cold steel pry bars work well.
We used to open military cases with those. Faster than trying to get the rusted lock open.
Safety is a myth. Everything can be opened, if you're willing to do it.
"smart" things (Score:2)
does anyone else think all the "smart" devices are really just stupid ways of solving a previously solved problem?
Re: (Score:2)
I am shocked (Score:1)
Shocked that the "hackers" can only break 75 percent.
They must be n00bZ
Locksmith told me Kwikset is unpickable (Score:3)
Not all Kwikset but apparently the new ones that you can re-key yourself. He said the tool that's supposed to let locksmiths pick them won't even work. Locked myself out one day and discovered that my only option was basically going to be to drill through it.
Made me both happy and sad at the same time....
Re: (Score:2)
Your locksmith was incorrect.
https://www.youtube.com/watch?... [youtube.com]
But his incorrect information did allow him to charge you for drilling out your old lock and sell you a new one.
Re: (Score:1)
It didn't last long, I guess (from article): "Update: In an Aug. 7 presentation at DEF CON, another researcher showed how he'd defeated most of the security precautions on the August Smart Lock.".
Not sure what "most of the security" pertains to, though.
95% of regular locks can be hacked (Score:2)
Not that reporting insecurities in Bluetooth implementations isn't important, but the reality is someone is far more likely to kick your door open or manipulate your mechanical lock than they are to go to the trouble of sniffing your short range BTLE traffic to find a way to electronically open your lock.
most physical locks are also pickable (Score:2)
mosty physical locks are also pickable — with a pick and a tension bar — at 25% — the electronic locks might be less pickable than their physical counterparts.. :-p
Who cares (Score:2)
Honestly... who cares, really. Smart locks aren't about security, they are about convenience. The fact that most residential mechanical locks can be picked in mere seconds by a skilled lock smith with cheap tools should be more concerning. A hacker will need specialized software to hack bluetooth locks, greatly reducing the likelihood of a bad-dooer doing something to your house.
Further, locks don't stop dishonest people from doing dishonest things. You could kick down a door faster than you can pick the lo
$100 BLE sniffer? No, $39 (Score:1)
You want the Nordic nRF51-DK, a devboard which, when loaded with some free Nordic-provided firmware, is a most excellent BLE sniffer ("nRF-Sniffer") - plugs into Wireshark. You can probably lash one together for less than $39 (it's just an NRF51822 and a USB-UART) but this board is quite tasty.
Anyway, $39 online. Highly recommended, I use it all the time.
https://www.nordicsemi.com/eng/Products/nRF51-DK