75 percent of Bluetooth smart locks can be hacked

Anthony Rose, an electrical engineer, was able to hack 12 out of 16 Bluetooth Low Energy smart locks as part of his research into their vulnerabilities. He presented his findings at the DEF CON hacker conference in Las Vegas on Saturday.

Via Tom's Guide:

Four locks, for example, transmitted their user passwords in plaintext to smartphones, making it easy for anyone with a $100 Bluetooth sniffer to pluck the passwords out of thin air.

Two of those four models, the Quicklock Doorlock and Quicklock Padlock, sent the password twice, Rose said. He and Ramsey found that they could change the user password by returning the same command with the second iteration of the password changed to something else, freezing out the legitimate user.

"The user can't reset it without removing the battery, and he can't remove the battery without unlocking the lock," Rose said.

Other lock manufacturers said they encrypted the user password for Bluetooth transmissions, Rose said. Technically, they did. But with at least one, Rose discovered that he could simply grab the encrypted password out of the air, then send it back to the lock — and the lock would unlock without the password ever being decrypted.

Notable Replies

  1. Betcha 100% of them can be hacked.

  2. "So does this use the Hacking mini-game or the Lockpicking mini-game?" ~ Someone who has played too much Fallout 4

  3. More kids die by accidental drowning in the bath than by hacked bluetooth lock. Are we going to regulate bathtubs too?

  4. There's one important difference. Picking a good mechanical lock requires skill (and takes time). But as soon as wireless locks are in wide use, you'll be able to download an Android app that unlocks any vulnerable lock: it will take seconds to work, and require no expertise to use at all.

Continue the discussion bbs.boingboing.net

11 more replies