Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Sunday August 13 2017, @02:56AM   Printer-friendly
from the when-bad-ideas-go-wrong dept.

According to The Register a firmware update mistake has managed to brick hundreds of internet-connected door locks:

The upshot is you can't use the builtin keypad on the devices to unlock the door. Lockstate's smart locks are popular among Airbnb hosts as it allows them to give guests an entry code to get into properties without having to share physical keys. Lockstate is even a partner with Airbnb.

Earlier this week, though, new software was automatically sent out to folks' $469 Lockstate 6000i locks – one of the upstart's top residential smart locks – which left the keypad entirely useless. The crashed locks – which connect to your home Wi-Fi for remote control and monitoring as well as firmware updates – are now going to be out of action for at least a week.

[...] The physical key on the lock should still work, but that's going to be cold comfort for a lot of Airbnb users, who prefer to keep the physical keys to themselves and set an access code for each lodger that stops by.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Grishnakh on Monday August 14 2017, @02:08AM (2 children)

    by Grishnakh (2831) on Monday August 14 2017, @02:08AM (#553422)

    With our current software development models it is literally impossible to build an IoT and hope to keep it secure.

    No, it's not. Companies just don't want to adopt the development methods used to make stuff like avionics software, nor are they willing to spend the money that requires. Consumers are too stupid to know the difference, and don't really have a way of judging the software quality even if they do.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:00AM

    by Anonymous Coward on Monday August 14 2017, @03:00AM (#553439)

    Believe or or not, a top guy at a USA aerospace supplier told me that they have avionics quality software written by a group in India. It seems that they have their own office in India where they hire and train their own people. He said it's working OK and is somewhat cheaper than doing it in USA. No one working at that office is contracted from one of the big Indian IT firms.

  • (Score: 2) by jmorris on Monday August 14 2017, @03:19AM

    by jmorris (4844) on Monday August 14 2017, @03:19AM (#553451)

    We haven't fought anyone that could fight back since avionics went from mostly hardware to mostly software. Is it really more secure? We do not know and the only way we will find out could be a disaster of biblical proportions as the mightiest military machine in the annals of humanity is swept from the field in a military reverse for the history books. Just one more thing that cause our planners chug more Maalox at night as they ponder the possibilities of a reheated Korean War.

    One thing we can be certain of though, a set of zero day exploits against the U.S. military would be a closely held secret. We can assume multiple potential foes have the full source tree to most of our most vital systems. We don't know if full unrestricted cyber warfare could end up being as deadly as NBC and we won't until two highly computerized societies and militaries wage unrestricted war. WMD could get redefined to be NBCC but good luck getting anyone to obey a ban since it is the ultimate David vs. Goliath equalizer.

    Just imagine what would happen if every weapon, planes, cruise missles, the works, were closing in on the Norks and suddenly the whole GPS system rebooted and every sat went into a several day realign and resync cycle. Or worse, received an order to expend their entire supply of maneuvering fuel. Now activate a worm in the AWACS planes to make them give out bogus tracks showing dozens of fighter planes and a hundred ICBM missile tracks.

    Our IoT problems are mostly haxor dweebs and we can't stop them. Who knows if our national security level IT can withstand nation state actors? And we have no way to know. I do know that the last decade or so has been an almost unending theme of disillusionment with the competence of "the smart people" at all levels. It is turning out they ain't so smart. And remember that offense seems a lot easier than defense in hacking. And has the "Intelligence community" got a single assessment of enemy capability right? And they are a dog that isn't barking. Nah, no problem.