SoylentNews is people
SoylentNews
This fingerprint-verified smart lock can be foiled by a magnet:
Tapplock, a company that makes fingerprint-verified locks, has had a rough time with its locks' security. The company's flagship lock, which has been available since 2019, is apparently easy to pop open with a magnet. YouTuber LockPickingLawyer published a video last week showing how he could use a powerful magnet to turn the motor inside the Tapplock One Plus, causing it to open. The entire process takes less than 30 seconds.
The Tapplock One Plus costs $99 and features a fingerprint sensor. It also has built-in Bluetooth, so people can unlock it using an app. In response to the video, Tapplock commented: "Wow! Shout out to LPL for finding this exploit. Working on a fix with magnetic shielding, will be back."
This is a commendable reply, although it doesn't do much for people who already bought the lock. Most companies ignore bug reports or fail to fix the flaw. It at least seems like Tapplock wants to figure out how to prevent this kind of attack.
(Score: 4, Insightful) by Arik on Monday April 06 2020, @06:11AM (8 children)
So thumbs up to tapplock, sounds like a relatively good company.
If laughter is the best medicine, who are the best doctors?
(Score: 4, Insightful) by ledow on Monday April 06 2020, @08:27AM (1 child)
No, thumbs-up would have been to do that BEFORE you started mass production and putting them into shops.
Post-production testing is basically worthless.
(Score: 4, Insightful) by Arik on Monday April 06 2020, @09:10AM
If laughter is the best medicine, who are the best doctors?
(Score: 4, Interesting) by driverless on Monday April 06 2020, @09:05AM (5 children)
And it's not just tapplock, almost every one of these sooper-dooper-high-tech gadget locks ends up having various trivial weaknesses in them that make them far less secure than a good old-fashioned keyed lock. Sure, you can pick a keyed lock one at a time, but once someone's published the whole string of vulns in the sooper-dooper lock any script kiddie can open every single one of them with minimal effort.
Which is why I'll never put a gadget lock on my house.
(Score: 0) by Anonymous Coward on Monday April 06 2020, @04:28PM (1 child)
> Sure, you can pick a keyed lock one at a time
Haven't checked recently, but my memory was that picking a Medico was damn hard, the pins slide like normal but also rotate. Maybe that has changed if someone worked out some special tools?
(Score: 2) by Arik on Tuesday April 07 2020, @03:40AM
If laughter is the best medicine, who are the best doctors?
(Score: 2) by darkfeline on Monday April 06 2020, @08:16PM
> you can pick a keyed lock one at a time
Like 99.9% of the locks in the US (pin and tumbler) (and fewer, but still a significant proportion in Europe) can be popped by a pick gun or some raking or bumping in less than a second.
Join the SDF Public Access UNIX System today!
(Score: 2) by PartTimeZombie on Monday April 06 2020, @10:27PM (1 child)
Here's one that's cheap. [aliexpress.com]
Like really cheap. You can change the currency at the top of the page to whatever you like.
I am going to assume something that cheap is just to slow a thief down, rather than stop him.
(Score: 2) by driverless on Tuesday April 07 2020, @04:05AM
Friend of mine who runs the local lockpicking club said that a cheap crappy Chinese padlock was one of the toughest padlocks (outside of high-security ones) he's ever picked because everything was so sloppily-made that... OK, I don't know the technical details but whatever it was that normally works didn't work very well and he had to spend ages messing around with it. He bought it specifically as a teaching padlock because he thought it'd be a doddle to open but it ended up being a right pain and not suited for teaching at all.