Smart Device Security
I read an article this morning on my phone arguing that you shouldn't buy smart locks because many of them are susceptible to attacks and the companies behind them aren't taking accountability.
And, I agree with the 2 points, but not the conclusion.
Here's the thing. If sales fell to 0 tomorrow, the situation wouldn't improve. Companies would simply exit the smart lock business. "But, you're suggesting putting me at risk just so a flawed product doesn't stop existing?". Well, yes, and not really. Are you suggesting there are no security flaws with your traditional lock? Can't they be picked? Forced? Bypassed? Worse... can't those things be done be a broader community than those capable of actually hacking your smart lock?
The point is simple... even if all smart lock companies adopt all best practices suggested, it wouldn't guarantee the locks aren't hackable. After all, doesn't the WPA2 standard meet such best practices? And doesn't KRACK prove that they aren't infallible? What such standards and adoptions succeed at is market penetration. KRACK is precisely a danger because of how widespread WPA2 authentication is. Market fragmentation is a security feature in a sense. It is actually the same way Apple was able to claim for years that they were safer than PCs. Macs weren't any more secure, they were largely untested and they gained popularity it was proven that A) the devices were susceptible and B) Apple was less capable at patching vulnerabilities (NOTE: Apple has gotten better, I wouldn't feel comfortable simply saying outright that they are worse at patching any more).
Fragmentation is an even stronger argument in exploits that are hyper-local. Yes, someone could theoretically hack an internet connected smart lock from Norway. But, that would be useless if they didn't know where you lived and weren't there while the door was unlocked. So... who are these would-be cyber attackers? Well, it seems like either a sophisticated and co-ordinated effort would be required, or you're worried about gangs of cyber-criminals roaming the streets, getting close enough to your house to hack into your WiFi, test for the presence of a Smart Lock and hope that it is one they know how to hack... oh and also that you don't have say... a smart door bell or camera.
In the first case (sophisticated attack) I'd say you're screwed. In this case you've been targeted. Someone is dead set on getting in AND they have people able to hack a smart lock. You think simply having a normal dead bolt would be sufficient? Wake up and smell the fucking coffee. This is a borderline fictitious example. If you're worth the effort, the smart lock is likely buried behind other security measures.
And frankly, I'm not sure if the second example is more or less whack. Sure, roaming a subdivision you're probably more likely to stumble across a house where the smart lock is the only security device. Stumble through enough subdivisions and you're likely to even find one you happen to know how to hack. Stumble through even more, and you'll meet both conditions. But! Will you know you met the conditions? How do you know they have no other security measures? And perhaps more importantly... how many people like this do you think exist?
I'm not saying to ignore the security threat. At some level, everything is calculated risk. And while I think the real world risk is NEAR zero, I can fully accept that it isn't actually zero. The fear mongering in such articles, going so far as to recommend that no one buy these things, implies that the risk is reasonable. I don't think it is. But, if you're concerned, don't buy JUST a smart lock. Add in a smart doorbell or camera. Increase the number of layers of security which need to be compromised.
There is no software or hardware which cannot be hacked. Every product has its strengths and flaws. Like I said, a dead bolt can be hacked because locks can be picked.
To make my point, an example of how a smart lock might simultaneously make your house both secure and insecure. A sophisticated burglar who knows how to hack all vulnerable smart locks approaches my house. He detects I have no smart lock, so he simply breaks in by force. I don't discover anything happened until I get home. Burglar is long gone.
Scenario #2, I have a smart lock. He hacks into mi WiFi and unlocks the devices remotely. I get sent an alert on my smart phone letting me know my house has been unlocked. I call the cops. They get there in a timely fashion.
In the second case, because the burglar was able to hack my lock, he didn't have to damage my property to get in, and since I can get alerts I can also detect the break-in before I get back home. I can a neighbour or friends or police to check on the house. Sure, if he was relying on his smart lock hacking skills, he may have simply left when he didn't find one. But you can't rely on that either. People still just break into houses... and I'll bet statistically, that at the moment, virtually all such break-ins are by force or exploiting people who forget to lock up.
Note that this scenario requires ONLY a smart lock and a burglar capable of hacking into it. More or less the "dreaded" situation outlined in the article.
Now let's combine this example with some other non-security related smart devices. Cheapest thing to add? Lights. Wire in IFTTT to have some of the lights come on when the door is unlocked. You've just created uncertainty. Unless the burglar was studious and 100% sure the house was empty you may have just scared him away with nothing more than a few light bulbs.
Toss in a smart doorbell like Ring. Oops, now the burglar doesn't even reach the door and perhaps not even WiFi range to hack your devices before you have a live feed and you're calling the cops.
Here is my thought... I believe most domestic robberies are opportunistic. Feel free to check the stats or chat with local law enforcement if you want to be sure. Given the skillset of the average subdivision thug, you're probably more likely to have your home robbed because you forgot to lock the door than because you used an insecure smart lock. And since most smart locks can automatically lock themselves and with a bit of extra hardware can checked on and locked remotely it seems that smart locks should, at the very least, prevent more thefts than they enable.
Sure, if the average kid walking down the street knew how to hack every major brand of smart lock, my advice might be different. But, at the moment at least, I doubt that is the case.
[update]
I wanted to add a bit to clarify. I had a few main points here. It isn't to state that security doesn't matter or that these points are non-issues. They are small issues, and if handled inappropriately could, over time become widespread issues, like KRACK. Regardless my main points were intended to be:
[update #2]
So yeah, I did a bit of looking around to try and see if my thoughts on net security increase were valid. Apparently stats are something crazy like 10% of all households will have a break-in and varying reports indicate somewhere north of 10%-30% of those are through an unlocked front door. Frankly, I think the 30% reports are misrepresenting another stat which is that 30% are through unlocked first floor doors OR windows, but it could be different regions or different sample sets.
Whatever the cause of the discrepancy the fact is simple, even at the minimum, this means 1% of all households, seemingly at a minimum, are robbed by someone just walking in the front door.
1% may not sound huge. But contrast this with the number of reported cases of the government forcing a smart lock company to grant someone unauthorized access to a house or reported cases of a sophisticated burglar hacking a smart lock over blue tooth which totals exactly zero incidents I'm aware of and I think I make my case rather clear. The ability to auto-lock and remotely lock a home should (at present) result in reducing your risk of a break-in by a measurable, if small, amount while the security risks touted by the experts expose you to an additional (estimated) 0% risk.
[/update #2]
And, I agree with the 2 points, but not the conclusion.
Here's the thing. If sales fell to 0 tomorrow, the situation wouldn't improve. Companies would simply exit the smart lock business. "But, you're suggesting putting me at risk just so a flawed product doesn't stop existing?". Well, yes, and not really. Are you suggesting there are no security flaws with your traditional lock? Can't they be picked? Forced? Bypassed? Worse... can't those things be done be a broader community than those capable of actually hacking your smart lock?
The point is simple... even if all smart lock companies adopt all best practices suggested, it wouldn't guarantee the locks aren't hackable. After all, doesn't the WPA2 standard meet such best practices? And doesn't KRACK prove that they aren't infallible? What such standards and adoptions succeed at is market penetration. KRACK is precisely a danger because of how widespread WPA2 authentication is. Market fragmentation is a security feature in a sense. It is actually the same way Apple was able to claim for years that they were safer than PCs. Macs weren't any more secure, they were largely untested and they gained popularity it was proven that A) the devices were susceptible and B) Apple was less capable at patching vulnerabilities (NOTE: Apple has gotten better, I wouldn't feel comfortable simply saying outright that they are worse at patching any more).
Fragmentation is an even stronger argument in exploits that are hyper-local. Yes, someone could theoretically hack an internet connected smart lock from Norway. But, that would be useless if they didn't know where you lived and weren't there while the door was unlocked. So... who are these would-be cyber attackers? Well, it seems like either a sophisticated and co-ordinated effort would be required, or you're worried about gangs of cyber-criminals roaming the streets, getting close enough to your house to hack into your WiFi, test for the presence of a Smart Lock and hope that it is one they know how to hack... oh and also that you don't have say... a smart door bell or camera.
In the first case (sophisticated attack) I'd say you're screwed. In this case you've been targeted. Someone is dead set on getting in AND they have people able to hack a smart lock. You think simply having a normal dead bolt would be sufficient? Wake up and smell the fucking coffee. This is a borderline fictitious example. If you're worth the effort, the smart lock is likely buried behind other security measures.
And frankly, I'm not sure if the second example is more or less whack. Sure, roaming a subdivision you're probably more likely to stumble across a house where the smart lock is the only security device. Stumble through enough subdivisions and you're likely to even find one you happen to know how to hack. Stumble through even more, and you'll meet both conditions. But! Will you know you met the conditions? How do you know they have no other security measures? And perhaps more importantly... how many people like this do you think exist?
I'm not saying to ignore the security threat. At some level, everything is calculated risk. And while I think the real world risk is NEAR zero, I can fully accept that it isn't actually zero. The fear mongering in such articles, going so far as to recommend that no one buy these things, implies that the risk is reasonable. I don't think it is. But, if you're concerned, don't buy JUST a smart lock. Add in a smart doorbell or camera. Increase the number of layers of security which need to be compromised.
There is no software or hardware which cannot be hacked. Every product has its strengths and flaws. Like I said, a dead bolt can be hacked because locks can be picked.
To make my point, an example of how a smart lock might simultaneously make your house both secure and insecure. A sophisticated burglar who knows how to hack all vulnerable smart locks approaches my house. He detects I have no smart lock, so he simply breaks in by force. I don't discover anything happened until I get home. Burglar is long gone.
Scenario #2, I have a smart lock. He hacks into mi WiFi and unlocks the devices remotely. I get sent an alert on my smart phone letting me know my house has been unlocked. I call the cops. They get there in a timely fashion.
In the second case, because the burglar was able to hack my lock, he didn't have to damage my property to get in, and since I can get alerts I can also detect the break-in before I get back home. I can a neighbour or friends or police to check on the house. Sure, if he was relying on his smart lock hacking skills, he may have simply left when he didn't find one. But you can't rely on that either. People still just break into houses... and I'll bet statistically, that at the moment, virtually all such break-ins are by force or exploiting people who forget to lock up.
Note that this scenario requires ONLY a smart lock and a burglar capable of hacking into it. More or less the "dreaded" situation outlined in the article.
Now let's combine this example with some other non-security related smart devices. Cheapest thing to add? Lights. Wire in IFTTT to have some of the lights come on when the door is unlocked. You've just created uncertainty. Unless the burglar was studious and 100% sure the house was empty you may have just scared him away with nothing more than a few light bulbs.
Toss in a smart doorbell like Ring. Oops, now the burglar doesn't even reach the door and perhaps not even WiFi range to hack your devices before you have a live feed and you're calling the cops.
Here is my thought... I believe most domestic robberies are opportunistic. Feel free to check the stats or chat with local law enforcement if you want to be sure. Given the skillset of the average subdivision thug, you're probably more likely to have your home robbed because you forgot to lock the door than because you used an insecure smart lock. And since most smart locks can automatically lock themselves and with a bit of extra hardware can checked on and locked remotely it seems that smart locks should, at the very least, prevent more thefts than they enable.
Sure, if the average kid walking down the street knew how to hack every major brand of smart lock, my advice might be different. But, at the moment at least, I doubt that is the case.
[update]
I wanted to add a bit to clarify. I had a few main points here. It isn't to state that security doesn't matter or that these points are non-issues. They are small issues, and if handled inappropriately could, over time become widespread issues, like KRACK. Regardless my main points were intended to be:
- The devices add convenience, which often comes at a trade off elsewhere. In this case, there are security concerns. But those concerns are small and should be considered niche.
- IE - The value added alone may outweigh any security concerns. You have to judge this for yourself.
- The devices may actually result in a net increase in security.
- At present, I think we can agree that an unlocked house is more vulnerable than one with locked smart lock. That may change over time. If you are fastidious and NEVER forget to lock your home, it may be all trade off on the security front. But for most, a lock which either automatically locks or which you can remotely lock eliminates the simplest and probably one of the largest causes of household theft.
- Note: I knew my wife occasionally forgot to lock the door. Now that we have the smart lock I have a log of activity and I KNOW just how frequently she actually does it. A lot. Probably %50+ of the times during the day when she goes out, regardless of length of time out of the house. And during most of that initial tracking she wasn't even aware I had configured auto-lock so it wasn't simply that she was relying on the lock to lock itself.
- People who make their livings off of security are downright batty.
- I have stories!
[update #2]
So yeah, I did a bit of looking around to try and see if my thoughts on net security increase were valid. Apparently stats are something crazy like 10% of all households will have a break-in and varying reports indicate somewhere north of 10%-30% of those are through an unlocked front door. Frankly, I think the 30% reports are misrepresenting another stat which is that 30% are through unlocked first floor doors OR windows, but it could be different regions or different sample sets.
Whatever the cause of the discrepancy the fact is simple, even at the minimum, this means 1% of all households, seemingly at a minimum, are robbed by someone just walking in the front door.
1% may not sound huge. But contrast this with the number of reported cases of the government forcing a smart lock company to grant someone unauthorized access to a house or reported cases of a sophisticated burglar hacking a smart lock over blue tooth which totals exactly zero incidents I'm aware of and I think I make my case rather clear. The ability to auto-lock and remotely lock a home should (at present) result in reducing your risk of a break-in by a measurable, if small, amount while the security risks touted by the experts expose you to an additional (estimated) 0% risk.
[/update #2]
Comments
Post a Comment