by Jason Snell
Breaking into the smart home (through the front door)
Paul Wagensail at Tom’s Guide:
Researcher Anthony Rose, an electrical engineer, said that of 16 Bluetooth smart locks he and fellow researcher Ben Ramsey had tested, 12 locks opened when wirelessly attacked. The locks — including models made by Quicklock, iBlulock, Plantraco, Ceomate, Elecycle, Vians, Okidokey and Mesh Motion — had security vulnerabilities that ranged from ridiculously easy to moderately difficult to exploit.
“We figured we’d find vulnerabilities in Bluetooth Low Energy locks, then contact the vendors. It turned out that the vendors actually don’t care,” Rose said. “We contacted 12 vendors. Only one responded, and they said, ‘We know it’s a problem, but we’re not gonna fix it.'”
I’m a fan of smart home tech as a concept, but it’s important to always put the tech in the context of what could happen if it fails. If a lightbulb stays on or goes off, no big deal. My front door? That’s a bigger deal. And a lot of the companies making this tech are barely capable of shipping functional products, let alone addressing serious security flaws.