this post was submitted on 23 Sep 2024
1344 points (97.2% liked)
People Twitter
5264 readers
1405 users here now
People tweeting stuff. We allow tweets from anyone.
RULES:
- Mark NSFW content.
- No doxxing people.
- Must be a tweet or similar
- No bullying or international politcs
- Be excellent to each other.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That’s fair. I can store like 20 codes or something, so I just keep one extra in there then rotate it after whoever I had to give it to is done with needing it.
I live on a really busy street in a city, so I’m really not worried about someone breaking a window to get inside. Sure there’s a nonzero chance a methie might smash a window, but around here it’s mostly just testing car door handles and maybe smashing the car window if there’s a visible wallet or pill bottle or something.
Walking up to my door and doing a replay attack, or sending a master password to the lock takes seconds and doesn’t look any more suspicious than a resident entering the house. This talk is from 2016, but I doubt things have gotten significantly better, and I don’t want to be replacing my door lock, or even worrying about updating firmware, whenever something like this is found (Picking BLE Locks - Anthony Rose & Ben Ramsey).
But yeah, I’m not saying anyone’s an idiot for using a smart lock or anything, odds are it will never matter either way.
There are a lot of zwave s2 locks out there. No Bluetooth at all.
128-bit AES isn't amazing, but it's more solid than bluetooth and most hardware locks.
Most locks, including deadbolts, can be picked or bumped in seconds. The physical lock is the weakest point. You can get zwave s2 smart locks with just pin pads, no physical key. That's probably the most secure option.
Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
Oof. Could you imagine having a vindictive neighbor who is mad at you over some dumb shit you have no idea about, then then DoS’ing your lock that has no physical key?
Again probably as close to zero as a non zero chance can be of actually happening, but idk just give me a key and some buttons for when I have bags and shit.
Also, if i decided to go in to home invasions I’d rather just carry around a phone or a raspberry pi or something and pop smart locks than carry around a snap gun.
Everything you’re saying is right though, there’s always a trade off when it comes to security.
Lock picking takes skill. I've defeated a deadbolt and doorknob with a cordless drill in ~15 seconds. And it's not even all that loud.
Always have a backup trigger. A open/close sensor is hard to beat. They would have to know where it is and have access to it to bypass it. And for good measure a shock sensor to know if someone is trying to break it down.