Talk about getting 'locked out' of your own house!

[razaldo]

Apparently LockState sent the wrong firmware update to nearly 500 of its smart locks and bricked them.

 

Quote

The failure occurred last Monday when LockState mistakenly sent some 6i lock models a firmware update developed for 7i locks. The update left earlier 6i models unable to be locked and no longer able to receive over-the-air updates. LockState Marketing Manager John Cargile told Ars that the failure hit about 500 locks. The company is offering affected customers one of two options: (1) return the back portion of the lock to LockState so the firmware can be updated, with a turnaround time of about five to seven days, or (2) request a replacement interior lock, with a turnaround time of about 14 to 18 days. In the meantime, customers can use a physical key to unlock doors. (Like most hotel rooms, the doors automatically lock each time they're closed.)

Replacements are going to take 14 to 18 days which would raise a whole different set of logistical problems.

 

This is the reason why Internet of Things is not one of the best ideas. There are too many failure points in an IOT device, to list a few:

1. The end user stupidity

2. Firmware provider stupidity

3. Hacker intelligence

[8uhbbhu8]

wow lol! This is the one reason why I don't like electronic smart locks for homes. Too easy to break and too easy to tinker with and get in despite what manufacturers say.

 

OTA capable locks are never a good idea and should not be used imo

[You_are_a_cunt]

I smell a massive lawsuit incoming.

[captain_to_fire]

I still prefer mechanical locks and metal keys. My car though is keyless. 

Edited August 15, 2017 by hey_yo_

[Nicnac]

Good ol hardware keys ftw lol

[razaldo]

47 minutes ago, hey_yo_ said:

I still prefer mechanical locks and metal keys. My car though is keyless. 

This is still a mechanical lock (technically at least). And the manufacturer is also recommending that "In the meantime, customers can use a physical key to unlock doors."

 

This should be an issue though for anyone relying on these locks remotely (what I mean is that they open / close them from a location far away, for what ever reasons).

 

50 minutes ago, revsilverspine said:

I smell a massive lawsuit incoming.

Yeah, imagine someone that had their children / pets locked in. This looks like an incoming PR disaster for the company.

[SCHISCHKA]

smart locks, bad idea. In Auckland's victoria park there were what you could call smart locks. solenoids on a timer, I dont know if they could be remote controlled but they were one of many smart public toilets. They would auto lock after dark and did all sorts of smart things. What was not smart about them was a fully grown man could rip the door open. Within 12 months the locks were so abused they just did not work and had to be replaced with old fashioned locks.

[razaldo]

Just now, SCHISCHKA said:

smart locks, bad idea. In Auckland's victoria park there were what you could call smart locks. solenoids on a timer, I dont know if they could be remote controlled but they were one of many smart public toilets. They would auto lock after dark and did all sorts of smart things. What was not smart about them was a fully grown man could rip the door open. Within 12 months the locks were so abused they just did not work and had to be replaced with old fashioned locks.

Just imagine the rage - late night, had Indian food for dinner, the pressure in your bladder is greater than the force of the Niagra falls. How will you not rip apart the toilet door and sh&% all over the smart lock.

[RadiatingLight]

59 minutes ago, Nicnac said:

Good ol hardware keys ftw lol

Raid keys?

Raid 5 for the low low price of $299.99!!

[SCHISCHKA]

8 minutes ago, razaldo said:

Just imagine the rage - late night, had Indian food for dinner, the pressure in your bladder is greater than the force of the Niagra falls. How will you not rip apart the toilet door and sh&% all over the smart lock.

you dont want to see the paeroa toilets on a sunday night. no other toilets for at least a 30 min drive. The toilet was blocked and was full of water so i pissed in the drain. What I did not know about these "smart" toilets was they flush themselves when you exit. When a blocked toilet full of water flushes it creates quite a horrifying flood. I ran as fast as I could and I could hear crying from the toilet next door

[Master Disaster]

Theres a reason why almost 100% of MoBo manufacturers use some kind of redundant firmware backup, be it an auto flashing backup at the point of failure or a dual firmware solution. Heck the recent trend has been to offer an inbuilt external flashing method that works even if the board is bricked (BIOS Flashback)

 

This is that reason (well partly to cover from bad firmware updates but also because of customer stupidity)

[ionbasa]

And here I am with my 3-point mortise lock on my double door. Couldn't even use a smart lock if I wanted to

 

As a side note, I do have IoT devices in my home, just nothing crucial yet: video doorbell, sprinkler controller, thermostat, and my solar panel micro-inverters. Manufacturers should be more careful with firmware updates, although this seems like a accident, it just goes to show that more fail safes need to be put into place.

[ScratchCat]

1 hour ago, Nicnac said:

Good ol hardware keys ftw lol

Intel agrees with their hardware RAID keys for X299

[Trik'Stari]

It's almost as if giving an internet connection to things that don't f**king need an internet connection, is a f**king bad idea.

[Master Disaster]

14 minutes ago, Trik'Stari said:

It's almost as if giving an internet connection to things that don't f**king need an internet connection, is a f**king bad idea.

Well if fate of the furious is to be believed its possible for hackers to take remote control over anything and everything.

[razaldo]

16 minutes ago, Master Disaster said:

Well if fate of the furious is to be believed its possible for hackers to take remote control over anything and everything.

Someone should manufacture an IOT bidet... 

[jagdtigger]

45 minutes ago, ionbasa said:

And here I am with my 3-point mortise lock on my double door. Couldn't even use a smart lock if I wanted to

 

As a side note, I do have IoT devices in my home, just nothing crucial yet: video doorbell, sprinkler controller, thermostat, and my solar panel micro-inverters. Manufacturers should be more careful with firmware updates, although this seems like a accident, it just goes to show that more fail safes need to be put into place.

No crucial? Well its more like a mission critical system... Your solar panel and other  stuff is just expensive when a hacker bricks it...

 

This IoT and smart devices insanity is getting worse by the day... They are expensive and dont have any real benefits over the good old dumb ones.

[ionbasa]

3 minutes ago, jagdtigger said:

No crucial? Well its more like a mission critical system... Your solar panel and other  stuff is just expensive when a hacker bricks it...

Well, what is a hacker going to do? The device that's connected to the internet is only used for reporting production data. The best they can do is find out how much energy I'm producing. The worst they can do is brick the front end device, in which case, I can always watch the meter from my power company count backwards

 

[Trik'Stari]

25 minutes ago, Master Disaster said:

Well if fate of the furious is to be believed its possible for hackers to take remote control over anything and everything.

I am very glad that I decided not to see that movie.

[jagdtigger]

Just now, ionbasa said:

Well, what is a hacker going to do? The device that's connected to the internet is only used for reporting production data. The best they can do is find out how much energy I'm producing. The worst they can do is brick the front end device, in which case, I can always watch the meter from my power company count backwards

 

Anything can be hacked, and when something becoming popular it will get hacked. Its just the way things are on the internet. If they get into the front end then they can search for weaknesses in the main units FW. And this is the part where it gets expensive if they find something that can be abused. Everyone jumps on the pros of this junk but ignores the cons...

[NumLock21]

So there is no manual over ride for those deadlocks and everyone with those, have to stand outside, until their locks are fixed?

 

Manual over ride = using a standard key.

[razaldo]

4 minutes ago, NumLock21 said:

So there is manual over ride for those deadlocks and everyone with those, have to stand outside, until their locks are fixed?

 

Manual over ride = using a standard key.

People using them for remote solutions are locked out / in

 

Imagine using this on an air bnb property 

[NumLock21]

6 minutes ago, razaldo said:

People using them for remote solutions are locked out / in

 

Imagine using this on an air bnb property 

They can crawl in and out the Windows but, it will make them look like burglars.

[PlayStation 2]

Smart locks? Really. I'd love to know why one can't use a traditional key lock.

[silberdrachi]

The longer i work in the technology industry the less i trust things like this. Electronic consumer locks, internet connected thermostats, always listening smart home speakers, RFID car keys. As much as i love the idea of a smart home, i dont think its happening for a very very very long time.

 

My first crypto security class in college they gave us an example about how david beckam got his car stolen by a pretty basic replay attack, because the MFG didnt think anything through. He got a new one, and the same thing happened shortly after. Because as it is now there is no great way to provide the user the complete hands free experience that everyone seems to want while still having a modicum of security. Sure you cant jimmy the lock with a screwdriver anymore, but that doesnt mean its really secure. Jeep showed us that a few years ago with their massive security hole that allowed you to take control of the whole system.

 

Sad thing is that soon you wont really have the choice about it. High quality tvs dont come without smart features now days, and it seems basically impossible to find a car from the factory that doesnt contain some sort of connectable infotainment system. Or those ODB cell enabled readers that insurance companies give out for discounts on people's bills that also are completely open to hacking. Until something massively horrible happens nothing will change.