Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Sunday August 13 2017, @02:56AM   Printer-friendly
from the when-bad-ideas-go-wrong dept.

According to The Register a firmware update mistake has managed to brick hundreds of internet-connected door locks:

The upshot is you can't use the builtin keypad on the devices to unlock the door. Lockstate's smart locks are popular among Airbnb hosts as it allows them to give guests an entry code to get into properties without having to share physical keys. Lockstate is even a partner with Airbnb.

Earlier this week, though, new software was automatically sent out to folks' $469 Lockstate 6000i locks – one of the upstart's top residential smart locks – which left the keypad entirely useless. The crashed locks – which connect to your home Wi-Fi for remote control and monitoring as well as firmware updates – are now going to be out of action for at least a week.

[...] The physical key on the lock should still work, but that's going to be cold comfort for a lot of Airbnb users, who prefer to keep the physical keys to themselves and set an access code for each lodger that stops by.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @03:00AM (4 children)

    by Anonymous Coward on Sunday August 13 2017, @03:00AM (#553075)

    "If you are not the sole holder of the private key, then you do not own the BTC."

    The same applies here. You don't own the device if you're not the sole person who can control it.

    • (Score: 4, Interesting) by kaszz on Sunday August 13 2017, @03:36AM (3 children)

      by kaszz (4211) on Sunday August 13 2017, @03:36AM (#553088) Journal

      In other words Lockstate and the buyer owns it..

      The question then becomes if it's more secure to let Lockstate do the automatic update thing and risk their incompetence. Or to block them from doing anything by ripping out the phone-home connection. But instead risking a lock that can be thwarted by some security leap you missed ?

      Another approach is to flash it with your own firmware..
      At 2:09 [youtube.com] the interior design of the lock should be obvious. The square SMD chip (QFP-64?) in the upper left corner is likely the MCU. Find the JTAG points, flash it. Another approach is to make a replacement board that uses the connector to the right. That way you can do the lock thing correctly.
      Overview of both sides [youtube.com]. In particular outside only have keypad, and the inside have keypad+battery box.

      As the lock lacks any wired connection to anything. I'll assume it phones home via 802.11 and DHCP. Or does it use Bluetooth, or GSM/3G ?

      • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @03:42AM (2 children)

        by Anonymous Coward on Sunday August 13 2017, @03:42AM (#553091)

        If it were the case that Lockstate AND the buyer (the intersection) owns it, then they'd both have to agree on how it's controlled.

        What you are describing is Lockstate OR the buyer (the union) owns it.

        This distinction is not splitting hairs; the lack of appreciation for this distinction is the root of all disputes.

        • (Score: 2) by kaszz on Sunday August 13 2017, @03:48AM (1 child)

          by kaszz (4211) on Sunday August 13 2017, @03:48AM (#553094) Journal

          AND - because both can tell the unit to contradict the order from the other "user".

          So the user should verify code and lock the manufacturer out of the product.

          • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @03:50AM

            by Anonymous Coward on Sunday August 13 2017, @03:50AM (#553095)

            Now, we're back to what the Bitcoiners say. (XOR).

  • (Score: 4, Insightful) by black6host on Sunday August 13 2017, @03:13AM (10 children)

    by black6host (3827) Subscriber Badge on Sunday August 13 2017, @03:13AM (#553079) Journal

    If you need 5 9's of up-time then be prepared to pay for it. That doesn't excuse faulty updates but if you don't have an SLA then you haven't much recourse. A sub $500 lock with a guaranteed non-failure rate is most unlikely. Especially when you connect such things to the net. Foolish. Both in execution as well as expectations.

    • (Score: 3, Insightful) by Anonymous Coward on Sunday August 13 2017, @03:23AM (2 children)

      by Anonymous Coward on Sunday August 13 2017, @03:23AM (#553081)

      A high-quality <device> need be designed only once; it can be replicated thereafter at scale.

      The problem is that there is no such thing as a high-quality <device>; every <device> sucks, because it is designed by people, and people suck—even if the design were great, people would gouge consumers to the point of making the <device> irrelevant.

      • (Score: 5, Insightful) by lx on Sunday August 13 2017, @06:10AM (1 child)

        by lx (1915) on Sunday August 13 2017, @06:10AM (#553132)

        Mechanical locks are being made relatively cheaply with an uptime of decades and no need for power or internet access.

        It's the IT people who suck. Other engineering disciplines take reliability more seriously.

        • (Score: 3, Insightful) by TheRaven on Sunday August 13 2017, @03:06PM

          by TheRaven (270) on Sunday August 13 2017, @03:06PM (#553273) Journal

          Mechanical locks are being made relatively cheaply with an uptime of decades and no need for power or internet access.

          And most of them are vulnerable to known attacks. If you want a physical lock that gets an update shipped to you as soon as cheap off-the-shelf lockpicks can open it, then you're going to end up spending a lot more money.

          --
          sudo mod me up
    • (Score: 4, Insightful) by Grishnakh on Sunday August 13 2017, @03:27AM (5 children)

      by Grishnakh (2831) on Sunday August 13 2017, @03:27AM (#553083)

      This whole "pay for it" thing is BS. Just look at "enterprise software": it costs an absolute fortune, yet it's all complete and utter crap. Paying a lot for something doesn't mean you're going to get a better-designed product, just (maybe, if the contract says so) that you'll be able to get a hold of someone faster. Then that person will tell you "oh sorry! We'll have a fix for you in a week or so!" Or you can have a contract that guarantees a certain performance, and then when they fail (and they will), you'll have to hash it out in court with them.

      Bottom line: don't outsource your building's security to a cloud service.

      • (Score: 2) by black6host on Sunday August 13 2017, @03:36AM (4 children)

        by black6host (3827) Subscriber Badge on Sunday August 13 2017, @03:36AM (#553089) Journal

        I agree with what you are saying. I just found it unreasonable that people who bought a sub $500 lock that was connected to the internet would think it wouldn't fail :)

        • (Score: 2) by kaszz on Sunday August 13 2017, @04:03AM (1 child)

          by kaszz (4211) on Sunday August 13 2017, @04:03AM (#553102) Journal

          It's not the money that is the failure point here. It's the internet connected + lack of due diligence. If you didn't check the code, then it shall be assumed to be faulty for something critical as this.

          As for code quality it seems the open source model beats the commercial development model. Except for code done using formal verification like NASA space shuttle and L4-microkernel. This firmware was likely developed in the lock-opens, lock-closes and the GUI looks splashy.. SHIP!
          (I wonder if SpaceX does the formal verification thing..)

          • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @03:46PM

            by Anonymous Coward on Sunday August 13 2017, @03:46PM (#553286)

            From 2013-- https://lwn.net/Articles/540368/ [lwn.net]

            > ... Linux runs everywhere at SpaceX, he said, on everything from desktops to spacecraft. ...

            No mention of formal verification, I wonder if this is a suitable workaround?

            > When the build fails, it should "fail loudly" with a "monitor that starts flashing red" and email to everyone on the team. When that happens, you should "respond immediately" to fix the problem. In his team, they have a full-size Justin Bieber cutout that gets placed facing the team member who broke the build. They found that "100% of software engineers don't like Justin Bieber", and will work quickly to fix the build problem.

        • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @07:49PM (1 child)

          by Anonymous Coward on Sunday August 13 2017, @07:49PM (#553344)

          And why would they not think so?
          Because it's cheap? It was one of the top tier models.
          Because reviews? see the xkcd about the reviews (tornado app).
          Or because you expect non-die hard techies to know as much as you do about tech?

          Stop blaming users and start looking into how to make software products that are as reliable as a car or a washing machine

          • (Score: 2) by Grishnakh on Monday August 14 2017, @02:06AM

            by Grishnakh (2831) on Monday August 14 2017, @02:06AM (#553420)

            Stop blaming users and start looking into how to make software products that are as reliable as a car or a washing machine

            Why shouldn't users be blamed? They're the ones with the ultimate authority. The buck stops with them, so ultimately it's all their fault.

            If you disagree, then please explain why a company should even bother putting out a quality product, and not just half-ass it and throw something out there. Exactly what reason is there to make one of these things reliable? I can't think of one. Will consumers look carefully to see if these things are as reliable as washing machines? No. Then what exactly is the incentive? Professional pride? That doesn't help the company make more profit, but cutting corners and shipping early do.

            The only time companies have an actual responsibility to put out a quality product is if:

            1) they'll get in legal or governmental trouble if they screw up (either they'll run afoul of some regulation, or they'll get sued to death),
            Examples: not meeting crash standards means you can't even sell your car on the market; making a car that blows up too easily when in a crash means you get sued for ridiculous amounts of money and lose.

            2) the reputation they'll acquire will be so lousy compared to their competition (or compared to not buying the product at all) that people won't want to buy it.
            Examples: American cars in the 80s, IBM DeskStar hard drives, possibly Microsoft's Windows Phones (arguable)

    • (Score: 2) by kaszz on Sunday August 13 2017, @03:46AM

      by kaszz (4211) on Sunday August 13 2017, @03:46AM (#553092) Journal

      The assumption is wrong. The lock already worked fine but the manufacturer did not check their update properly before committing it. So they should just refrain from even attempting to push them out. I recall a TLD that fucked up a whole country domain for hours.. "doh". So even services that should be conscientious aren't.

      Lesson: Don't rely on others for your security.

      So all this clue(wire)less stuff, binary blob, cloud, H-1B coded security, microsoft etc. = Junk.

  • (Score: 4, Insightful) by Grishnakh on Sunday August 13 2017, @03:24AM

    by Grishnakh (2831) on Sunday August 13 2017, @03:24AM (#553082)

    Let this be a lesson on trusting your physical security to the cloud.

  • (Score: 5, Insightful) by jmorris on Sunday August 13 2017, @04:16AM (10 children)

    by jmorris (4844) <{jmorris} {at} {beau.org}> on Sunday August 13 2017, @04:16AM (#553106)

    Guys, kinda missing the story here. $469 for a frickin' lock? Home Dept lists forty electronic door locks for under a hundred bucks. Another hundred and one in the 100-150 band. Does adding a Wifi chip and chaining you to a (now proven to be) dangerous cloud service justify that extra expense? It does not. Even if it did, some of the ones I just mentioned are even IoT crap for a third of this clunker's sticker price.

    But the bottom line is to JUST SAY NO to the Internet of Things. It is all a dangerous ripoff. With our current software development models it is literally impossible to build an IoT and hope to keep it secure.

    • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @11:02AM

      by Anonymous Coward on Sunday August 13 2017, @11:02AM (#553179)

      Yup. Yesterday I just finished rebuilding the mortise and tenon lock on the front door of my 190 year old house. My neighbor, who knows I am in IT asked why i didn't get one of the new digital locks. The current lock is only 120 years old but can be repaired and best of all... It locks. Simple.

    • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @11:43AM (2 children)

      by Anonymous Coward on Sunday August 13 2017, @11:43AM (#553190)

      The funny price just adds insult to injury. People who buy smart things are dumb or at least technologically illiterate.

      • (Score: 0) by Anonymous Coward on Sunday August 13 2017, @07:53PM (1 child)

        by Anonymous Coward on Sunday August 13 2017, @07:53PM (#553345)

        Nice victim blaming...
        How about: we techies managed to hoodwink everyone who buys "smart" anything into trusting us. .. suckers!!

        • (Score: 1) by Virindi on Sunday August 13 2017, @09:02PM

          by Virindi (3484) on Sunday August 13 2017, @09:02PM (#553363)

          we techies managed to hoodwink everyone who buys "smart" anything into trusting us. .. suckers!!

          Yeah no. That was the MBAs looking for more revenue streams and more control and lock-in of customers.

    • (Score: 2) by Runaway1956 on Sunday August 13 2017, @12:48PM (2 children)

      by Runaway1956 (2926) Subscriber Badge on Sunday August 13 2017, @12:48PM (#553225) Journal

      But, how do I demonstrate my coolness and e-peen with a lock that costs less than $400? The first time I bring a girl home, and she sees my sub-standard $300 electronic lock, she'll run away screaming! Why do you think I pay $800 for an iphone, when I could get something just as good for less than $500? E-peen, man, e-peen. The guy with the biggest peen gets the girls! /sarcasm

      --
      #eatyourliver #WalkAway #CTRLLeft
      • (Score: 2) by Grishnakh on Monday August 14 2017, @02:11AM (1 child)

        by Grishnakh (2831) on Monday August 14 2017, @02:11AM (#553424)

        The first time I bring a girl home, and she sees my sub-standard $300 electronic lock, she'll run away screaming! Why do you think I pay $800 for an iphone, when I could get something just as good for less than $500?

        It's absolutely true: women with iPhones won't date men with Android phones (or even with older iPhones):
        http://www.marketwatch.com/story/single-iphone-owners-dont-want-to-date-someone-with-an-android-phone-2017-02-07 [marketwatch.com]

        • (Score: 0) by Anonymous Coward on Monday August 14 2017, @02:55AM

          by Anonymous Coward on Monday August 14 2017, @02:55AM (#553435)

          How about men with no cell phone?

          Not even if they are older and have lots of money??

    • (Score: 2) by Grishnakh on Monday August 14 2017, @02:08AM (2 children)

      by Grishnakh (2831) on Monday August 14 2017, @02:08AM (#553422)

      With our current software development models it is literally impossible to build an IoT and hope to keep it secure.

      No, it's not. Companies just don't want to adopt the development methods used to make stuff like avionics software, nor are they willing to spend the money that requires. Consumers are too stupid to know the difference, and don't really have a way of judging the software quality even if they do.

      • (Score: 0) by Anonymous Coward on Monday August 14 2017, @03:00AM

        by Anonymous Coward on Monday August 14 2017, @03:00AM (#553439)

        Believe or or not, a top guy at a USA aerospace supplier told me that they have avionics quality software written by a group in India. It seems that they have their own office in India where they hire and train their own people. He said it's working OK and is somewhat cheaper than doing it in USA. No one working at that office is contracted from one of the big Indian IT firms.

      • (Score: 2) by jmorris on Monday August 14 2017, @03:19AM

        by jmorris (4844) <{jmorris} {at} {beau.org}> on Monday August 14 2017, @03:19AM (#553451)

        We haven't fought anyone that could fight back since avionics went from mostly hardware to mostly software. Is it really more secure? We do not know and the only way we will find out could be a disaster of biblical proportions as the mightiest military machine in the annals of humanity is swept from the field in a military reverse for the history books. Just one more thing that cause our planners chug more Maalox at night as they ponder the possibilities of a reheated Korean War.

        One thing we can be certain of though, a set of zero day exploits against the U.S. military would be a closely held secret. We can assume multiple potential foes have the full source tree to most of our most vital systems. We don't know if full unrestricted cyber warfare could end up being as deadly as NBC and we won't until two highly computerized societies and militaries wage unrestricted war. WMD could get redefined to be NBCC but good luck getting anyone to obey a ban since it is the ultimate David vs. Goliath equalizer.

        Just imagine what would happen if every weapon, planes, cruise missles, the works, were closing in on the Norks and suddenly the whole GPS system rebooted and every sat went into a several day realign and resync cycle. Or worse, received an order to expend their entire supply of maneuvering fuel. Now activate a worm in the AWACS planes to make them give out bogus tracks showing dozens of fighter planes and a hundred ICBM missile tracks.

        Our IoT problems are mostly haxor dweebs and we can't stop them. Who knows if our national security level IT can withstand nation state actors? And we have no way to know. I do know that the last decade or so has been an almost unending theme of disillusionment with the competence of "the smart people" at all levels. It is turning out they ain't so smart. And remember that offense seems a lot easier than defense in hacking. And has the "Intelligence community" got a single assessment of enemy capability right? And they are a dog that isn't barking. Nah, no problem.

(1)