back to article REVEALED: Simple 'open sesame' to unlock your HOME by radiowave

A pair of security researchers probing the Z-Wave home-automation standard managed to unlock doors and disable sensors controlled by the technology. Behrang Fouladi and Sahand Ghanoun took a long hard look at Z-Wave for their presentation at last week's Black Hat hacking conference in Las Vegas. The wireless standard dominates …

COMMENTS

This topic is closed for new posts.

Page:

This post has been deleted by a moderator

Bronze badge

Who..?

... would use a wireless lock on their front door?

7
1
Silver badge
WTF?

Re: Who..?

Those who use 'keyless' entries to their cars perhaps?

Again, no one here has asked the question...

Just because we can do x,y,z, should we?

8
0
Anonymous Coward

Re: Who..?

Both my aging parents have managed to either lose keys, or worse, just leave them stuck in the outside lock. They're not ready for the funny farm yet, just a little forgetful. So an RFID controlled lock is just the ticket.

1
1
Bronze badge

Re: Who..?

"So an RFID controlled lock is just the ticket."

Wouldn't they just lose the RFID tag/key too?

Unless you are planning to chip your parents like cattle...

5
0
Silver badge

Re: Who..?

Wouldn't they just lose the RFID tag/key too? Unless you are planning to chip your parents like cattle...

No need to secure the keys to a person.

If you lose a regular key, you assume it's no longer secure and you change your locks.

It's the same for RFID, but "changing the locks" instead involves a mere few keystrokes decomissioning the single RFID key that was lost. Faster and cheaper than replacing your locks.

1
0
Bronze badge

Re: Who..?

I was going to suggest putting the RFID key on a necklace to prevent loss, but then I realised you could do that with a normal house key too. Maybe the RFID key would be lighter/less pointy though, so more likely it wont be taken off?

0
0
Silver badge

Re: Who..?

@AC 09:46 GMT

As others have asked already I also wonder how they are not going to lose the RFID tag.

No need to be aging though to get oneself locked out. Happened to me quite recently (or maybe I'm showing some age, too?!) and cost me a few hundred quid to open/replace the lock. I'm probably going to biometrics soon since it's rather difficult to forget ones hand inside the house when leaving. I'm fully aware of the possible problems with biometrics but for me that's just the right solution.

0
0
Bronze badge

Re: Who..?

just get a key chain that attaches to a belt

1
1
JDX
Gold badge

Re: Who..?

Many businesses use such locks, this isn't just about homes.

As for why... the humble key was not originally chosen because it's the best possible way of securing a lock. It was chosen because at the time, it was the best solution afforded by modern technology. Assuming an old solution must be better than a new one is as bad as assuming a modern solution is better than a old one.

4
0
Silver badge
Mushroom

Re: Who..?

But the businesses don't use a wireless lock! The reader might be RFID, but it runs over a nice bit of cable inside the building to the main control box.

The wireless locks are for the lazy / cheapskate customers who want something swanky, but don't want the cost involved in doing it properly by laying cables around the house and redecorating afterwards.

1
0
Thumb Up

Re: Who..?

Same except i had a 4 year old to slide in an slightly open window, something your average burglar is not likely to have. (the whining doesn't stop)

0
0
Silver badge

Re: Who..?

"just get a key chain that attaches to a belt"

You know, it took me almost a year to figure out where the horizontal scratches on my new car were coming from. Seemed like every time I drove to the station I would return from work to find a new scratch.

Then I realized that fucktards with dogchains on their belts were dragging past my car while it was parked in the station carpark. I made a point of not parking next to SUVs or pickups after that and the problem was much mitigated.

Then there are those who proudly deploy the belt-mounted retractable key hawser. Why do morons think it is cool to carry a dozen keys and a bottle opener dangling off one hip?

1
1
Silver badge

Re: Who..?

" I'm probably going to biometrics soon since it's rather difficult to forget ones hand inside the house when leaving. "

I had the great pleasure of experiencing state of the art consumer biometrics while visiting Universal Studios Islands of Adventure in Florida this year, where the lockers they provide are locked and released by fingerprint.

The biggest issue with the idea seemed to be the high levels of exhaustion exhibited by the people employed to unlock lockers that refused to open again, and the increasing levels of irritation of non-English speaking merry-makers who couldn't get their stuff and couldn't find the locker-opener-upperer. One French lady was reduced to tears by the swinish machine until I found someone to help her out.

I developed the theory it was down to changes in shape of peoples' fingers due to humidity and A/C since people would lock the lockers after standing outside in the heat and/or rain but unlock them after upwards of an hour in cool, dry air, though one of my lockers testily announced that it didn't like the cut of my jib, had quarantined my stuff and wouldn't even attempt reading my fingerprint until I had consulted a human. Presumably the computer was having a bad day and was tired of the names people were calling it.

I wish you well during the depths of a cold wet English winter as you struggle with your own front door. I suggest a backup keyed entry be installed and the neighbours alerted to the possibilities of strong invective.

3
0

Re: Who..?

Hah, I was 11 when I was induced into climbing through a lavvy window to let in the responsible adult who'd locked us out. After I'd asked if he'd got the key.

No whining from me tho. A simple bribe to not tell my mother :) not sure how well this will fit into your child rearing toolbox

0
0
Silver badge

Re: Who..?@ Stevie

"Why do morons think it is cool to carry a dozen keys and a bottle opener dangling off one hip?"

It isn't cool, but it *is* efficient. My keys are attached to an anodised bright red carabiner (with a torch in it!), all the time. In the house they are hung up in the same place. Out of the house they are on my belt (unless I'm dressed up, in which case in my computer bag or suit pocket). No-one else in my house does remotely the same thing - guess where the delays and panics come from when keys can't be found? I then get told off for being grumpy due to basic inefficiency.

I do take care not to scratch people's cars though - mainly by not squeezing through gaps between them!

To cut a long story short - you'll prize my keys from my cold, dead belt-loop!

1
0
Silver badge

Not fair

"security through obscurity has, yet again, arguably proved to be worse than no security at all."

This is not true, there is a lock on the door and it will repel most potential burglars. The exploit shows that security through obscurity must always be considered as potentially flawed, but in the real world it still works most of the time.

Arguably my ass. That qualifier doesn't save yours this time :).

7
2
Silver badge
Alert

Re: Not fair

Schultz, I partly agree with you as it's still better than no lock at all. But the problem is that the users believe they are safe when in fact they are more vulnerable than with a good, ordinary key lock.

5
0
Anonymous Coward

Re: Not fair

> more vulnerable than with a good, ordinary key lock.

Not really. You can easily make a "bump" key for an ordinary lock. This will enable anybody to open the lock in seconds.

0
6
Bronze badge
Coat

Re: Not fair

Which is why it's worth investing some money in lock barrels that don't allow this sort of attack.

3
0
Silver badge

Re: Not fair

"Not really. You can easily make a "bump" key for an ordinary lock. This will enable anybody to open the lock in seconds"

Only if you buy cheap-ass, shitty locks (usually only rated for internal use). And if you have those on your front door - kiss any insurance cover goodbye.

4
0

Re: Not fair

Obscurity is to security what camouflage is to armor.

1
1
JDX
Gold badge

Re: Not fair

And yet camouflage is still used even on armoured vehicles.

1
0
Silver badge

Re: Not fair

> And yet camouflage is still used even on armoured vehicles.

Nice try, and I did chuckle.

"Security by obscurity" is more like painting your armoured vehicle luminescent yellow and then getting all upset when people can see it. And, if you were the MPAA/RIAA/BPI demanding a law be passed to make it illegal for people to look at your luminescent yellow armoured vehicle rather than fix the actual issue.

2
0
Anonymous Coward

Re: Not fair

A thief can bump a euro cylinder. They can also snap them in under 60 seconds if there's about 10mm or so to clamp a tool onto.

0
0
Anonymous Coward

Re: Not fair

There are millions of these around since Euro cylinders have been around much longer than these techniques have.

I've warned countless people about this and have been met with indifference. It was only when a family member got broken into that people took notice.

0
0
Anonymous Coward

Re: Not fair

A thief (or a so-called locksmith in much of Europe) does not piss around picking a lock when it can be drilled or, more often, a window smashed.

Note that there are countermeasures to both attacks I describe above. The point is they will not waste their time trying not to fuck up your lock.

0
0
Silver badge

Re: Not fair

"A thief (or a so-called locksmith in much of Europe) does not piss around picking a lock when it can be drilled"

This is noisy, it attracts attention (especially if the barrel is hardened against drilling). As for snapping, an anti-snap lock will leave the thief holding a useless shard of metal with the lock still firmly in the door. Bumping? Well helloooooo anti-bump locks. Yes, if you buy a £10 piece of crap then your points hold. If, however, you throw some actual wedge at an actual lock you improve your chances. And one good lock at that, not six shitty ones weakening the door and frame

When we moved house we changed the locks after a few lock-picking classes. Eye-opener. Bumping is a piece of piss on a cheap lock. If you are reading this, own property and you haven't been to lock-picking classes, go.

The goal is not to be impenetrable - the goal is to be too much bother so bastards move on.

3
0

It's all academic anyhow.

Security is a myth. Look, a lock on a door only keeps honest people out.

And if the security on a house is "That" good that it can't be cracked, the next avenue of attack is a crowbar. Not on the locks themselves, but menacingly waved at the owner of the house.

Of course, if you don't wish to go down the direct physical route, there is always social engineering, and good old blackmail and extortion.

With any security, humans are the weakest link. And, well, you know the rest....

5
0

Re: It's all academic anyhow.

Yes - unless you want super thick laminated glass or big hefty bars on all your windows, a determined burglar can always get in using a decidedly low-tech housebrick. Might make some noise and potentially draw attention, but that depends on where you live.

2
0
Silver badge

Re: It's all academic anyhow.

A burglar would have trouble getting into my home with a brick. I think they would struggle to throw it through the second storey windows and even if one did break it would require a very long set of ladders and draw a lot of attention from my neighbours.

Even more difficult would have been when I lived on the 20th floor.

So a burglar can't always get in using a brick, no matter how determined they are.

0
3
Silver badge

Re: It's all academic anyhow.

If you lived in an apartment that had fire code compliant doors they are designed to break open fairly easily. Even doors with steel doors with steel frames have weakness designed into the area on both sides of the knob and deadlock cylinders.

Unless you put your own security doors in then a cinder block will open almost any door. The thing the police carry is massive overkill.

1
0
Anonymous Coward

Re: It's all academic anyhow.

> Unless you put your own security doors in then a cinder block will open almost any door.

And even if he does, then you just knock a hole on the wall. Seen that happen. :-)

1
0
Anonymous Coward

Re: The thing the police carry is massive overkill.

The police most likely want to open the door first time, so "massive overkill" helps probably ensure this. Especially as they can't necessarily know in advance exactly what sort of non-standard door they might be facing.

1
0
jai
Silver badge

hmmmm

and i was quite taken with this solution so i don't have to struggle to use keys to unlock the door when my hands a full of shopping or large boxes: http://www.kwikset.com/Kevo/Default.aspx

0
0
Anonymous Coward

Looks good, but iPhone only means it is of little use unless your entire family and anyone you want to grant access is an iPhone fan......

0
0

and i was quite taken with this solution so i don't have to struggle to use keys to unlock the door when my hands a full of shopping or large boxes: http://www.kwikset.com/Kevo/Default.aspx

Kwikset? They can bolt on all the electronic bits and bobs they want, but when the SmartKey barrel itself can be picked or destroyed within 15-30 seconds it's all a bit moot.

http://www.wired.com/threatlevel/2013/08/kwikset-smarkey-lock-vulns/

0
0

This post has been deleted by its author

Anonymous Coward

Security through obscurity...

... can work.

A business near me was getting repeated break-ins without triggering the alarm, so had the alarm upgraded... same thing happened.

It only stopped when they installed some plain boxes with flashing LEDs. The burglars were familiar with the standard alarm systems and knew how to get around them, but the blinking light on a no-name box they were unsure of :)

Anonymous for obvious reasons.

4
0
Anonymous Coward

Physical locks rule!

Once again, Yale lock for when everyone is home in the daytime, plus mortise locks and bolts for the evening. Double glazing should stop all but the most determined bastard coming in through the window (but I've witnessed a fireman, who must have thought no one else was looking, deal with one of those with ease, during a fire emergency).

1
0
Rol
Bronze badge

Try This

If the "key" was challenged by the "lock" replay wouldn't work.

Key says, "Hi I'm Mr Smith"

Lock says "Hi Mr Smith 15821547", which is a random number.

Key applies algorithm and says "Mr Smith 75452458"

Lock compares this to its own calculated answer and voila, the door unlocks.

This is so simple and so fundamental to security that not to implement it, is tantamount to assisting in a crime.

I've mentioned this technique before on The Reg, but it's worthy of mention again and again and again, until the muppets who sell "security" get it.

1
5

Re: Try This

Er... did you read the article? The replay attack was on a wireless sensor not a door lock.

"Our attacker just identifies a lock on the network and sends it a new network key from his own network controller; the fickle door lock happily forgets its previous attachment and stands ready to respond to new commands, suitably encrypted using the new key, such as "open the door, please"."

The network key is part of the "algorithm" you mentioned.

0
1

Re: Try This

That would help with the sensor example, but not the lock in this article. The security flaw here is that the lock was re-paired to a new controller, which then told it to open. The authentication was done correctly, and the door opened as commanded - only it was told to do so by the intruder's controller, not the house's correct one.

1
1
Rol
Bronze badge

Re: Try This

"Lock" as a generic term refers to anything you want to prevent unauthorised access to, be it a lock, wifi or the button that launches nuclear Armageddon.

That's why I put lock and key in quotes.

Do keep up!

1
4

Simple solution to being locked out

Buy a key safe (approx £20) from somewhere like Wilkinsons. It's attached to the wall using serious screws, so difficult to lever/hammer off. . It requires a 4 digit pin to open it & remove the key(s). Preferably site the key safe out of view.

0
1
Anonymous Coward

Re: Simple solution to being locked out

Are you serious?! You trust your house security to a £20 tin box from Wilkos?

Locating it out of sight means the person who opens it with a tin opener won't be observed in the 30 seconds it takes them to do this.

Give your spare key to a trusted neighbour, and use the £20 to buy them some wine/chocolates.

7
0

Re: Simple solution to being locked out

I suggest that Anonymous replier to my message looks at the particular key safes from Wilkos before making comments. The key safe that I bought is made of hardened steel. In fact, very similar ones are provided by some Social Services departments to older people.

0
0
Coat

Re: Simple solution to being locked out

It would seem to me that remembering a 4 digit pin might be harder than remembering to take a key out of a lock. Which would probably lead to:

"1234, That is amazing! I've got the same combination on my luggage!"*

*ok it was actually 12345

0
0
Anonymous Coward

Lightwave RF Too

I use Lightwave RF (a similar standard to Z-Wave) at home, and had considered using a wireless-controlled relay to open and close my electric garage door. Then I thought about the protocols, looked into it's security, and found almost half a dozen ways of triggering the relay from outside; in some cases no prior knowledge of or access to the network was needed. Truly scary!

In the case of LWRF it's not a case of flawed implementation, but simply no security in the design whatsoever.

All of these manufacturers need to either take security seriously, or make it clear in big writing on their packaging that it shouldn't be used for anything security or safety related. I can cope if some criminal wants to turn my fountain on and off, or even flash my house lights - but wouldn't use any of these technologies anywhere near a security or safety device unless they make massive improvements in security.

0
0
Gold badge
FAIL

So the *illusion* of security without the reality.

What could possibly go wrong?

0
0

Page:

This topic is closed for new posts.

Forums