Smart Locks: Dumb Security

Forums Security News (Security) Smart Locks: Dumb Security

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • #24463
      TelegramGroup IoTForIndia
      Moderator
      • Topic 2519
      • Replies 0
      • posts 2519
        @iotforindiatggroup

        #News(Security) [ via IoTForIndiaGroup ]


        Smart locks often get physical security wrong
        This is beyond irony: most non-smart lock vendors have spent years trying to make their products resistant to attack. Closed shackle designs can make it very hard to get bolt cutters in close enough to cut effectively:
        So why do vendors make such ridiculous claims? Here’s one: a very cheap padlock which we weren’t expecting much of, but it claims ‘Good cutting resistance from bolt cutters’. Why make such a stupid claim? It’s like saying that it’s ‘unhackable’ 😉


        Magnet attacks
        Hall-effect sensors are often used in smart locks to detect the presence of a key and therefore allow new users to be added.

        It is sometimes possible to fool the sensor by placing a small magnet on the lock case. The lock now believes that it’s in a position where new user fingerprints can be enrolled. Fail!

        Conclusion
        Smart lock vendors would be well advised to ensure that they offer similar or better physical security when compared to a non-smart lock of similar price.

        We haven’t touched on smart attacks against smart locks here, but the attack surface is usually significant too: USB, BLE, API etc etc

        We are looking forward to receiving a smart lock for testing that we can’t hack with dumb attacks, though several vendors are making good progress.


        Read More..

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.