Results 1 to 15 of 15

Thread: KeyWe smart lock vulnerability can't be patched

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    29,288
    Thanks
    0
    Thanked
    1,924 times in 668 posts

    KeyWe smart lock vulnerability can't be patched

    But upcoming versions of the house door lock will feature upgradable firmware.
    Read more.

  2. #2
    Senior Member
    Join Date
    Aug 2019
    Posts
    217
    Thanks
    0
    Thanked
    10 times in 7 posts

    Re: KeyWe smart lock vulnerability can't be patched

    And that's why i pretty much stay away from anything wireless, only things i have are the phone - RC stuff and FPV transmitters.

    The home wifi that for all else are pretty much a must have drug,,,,, well i am clean if you dont count the cables routed throughout the apartment for internet and security cameras ( on a separate non connected devise of course )

  3. #3
    RGB Champion Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    5,591
    Thanks
    256
    Thanked
    595 times in 498 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO
      • CPU:
      • i7 5960X o/c to 4.summat
      • Memory:
      • 16GB Corsair DDR4 somethingorother
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phankecks Enthoo Luxe perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync
      • Internet:
      • BT 0.7Mbps 'In The Sticks' version

    Re: KeyWe smart lock vulnerability can't be patched

    Presumably you're also locked out of your house in the event of a power cut... a great many of which I fully expect, once our new Labour Overlords take power later this week?

    Pretty much anything electronic is hackable anyway, from keyless cars to marital aids, to 'too-Smart-for-their-own-good' devices like this. I'm surprised that this is news to users.
    _______________________________________________________________________

    "Listen, we're bona fide. We're not from London. Could we have some fuel and wood?"

  4. #4
    Theoretical Element Spud1's Avatar
    Join Date
    Jul 2003
    Location
    North West
    Posts
    7,042
    Thanks
    259
    Thanked
    263 times in 207 posts
    • Spud1's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2x 2.8ghz Quad Core Xeons (octo-core)
      • Memory:
      • 4gb DDR2 FB-Dimm
      • Storage:
      • 1x1TB, 1x320gb, 2x500gb, 1x250gb, 120GB SSD
      • Graphics card(s):
      • Nvidia Geforce 560Ti
      • PSU:
      • Mac pro PSU
      • Case:
      • Mac Pro Case
      • Operating System:
      • Windows 8
      • Monitor(s):
      • 1x22" LG 3D TFT 1x 19" ViewSonic
      • Internet:
      • 80mb BT Infinity

    Re: KeyWe smart lock vulnerability can't be patched

    This is clearly bad and i'ts good they are fixing things, but ultimately this is still more secure than the vast majority of door locks in the UK.

    Most door locks are trivial to pick in seconds with a bit of practice, and many cheaper ones can simply be snapped anyway. The "hacks" on electronic locks generally require much more sophistication and effort/planning, and so whilst this is an issue, it's not necessarily a reason not to buy one.

    Of course, a good door lock with lot of security pins is a better, more secure option - but they also cost over £100 in general, and most people seem to speind more in the £10-£20 region for their locks...

    The bigger issue with smart locks that I have found is that it's very hard to find decent quality ones which are compatible with UK multi-point locking UPVC doors. There are a few, but they are either mega expensive or cheap and unreliable.

    Plenty of choice in the US though, just not much here..yet.

  5. #5
    Senior Member
    Join Date
    Aug 2019
    Posts
    217
    Thanks
    0
    Thanked
    10 times in 7 posts

    Re: KeyWe smart lock vulnerability can't be patched

    I want to strap a claymore mine to my front door, so if tampering = shish kebab :-)
    Okay that will ruin some of my stuff, but really the price of a dead criminal can never be too high.

  6. #6
    RGB Champion Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    5,591
    Thanks
    256
    Thanked
    595 times in 498 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO
      • CPU:
      • i7 5960X o/c to 4.summat
      • Memory:
      • 16GB Corsair DDR4 somethingorother
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phankecks Enthoo Luxe perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync
      • Internet:
      • BT 0.7Mbps 'In The Sticks' version

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by Spud1 View Post
    Most door locks are trivial to pick in seconds with a bit of practice, and many cheaper ones can simply be snapped anyway.
    But neither are as easy as many people tend to assert... and not every lock can be snapped.
    Rather, a thief will look for an easier entry point... such as the window you left open!
    _______________________________________________________________________

    "Listen, we're bona fide. We're not from London. Could we have some fuel and wood?"

  7. #7
    Senior Member
    Join Date
    Jul 2003
    Posts
    10,528
    Thanks
    624
    Thanked
    335 times in 231 posts

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by Ttaskmaster View Post
    Pretty much anything electronic is hackable anyway, from keyless cars to marital aids.
    Erm, I'm not sure I want to ask for links to stories about hacked marital aids, but I've always been a curious sort lol

  8. #8
    Theoretical Element Spud1's Avatar
    Join Date
    Jul 2003
    Location
    North West
    Posts
    7,042
    Thanks
    259
    Thanked
    263 times in 207 posts
    • Spud1's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2x 2.8ghz Quad Core Xeons (octo-core)
      • Memory:
      • 4gb DDR2 FB-Dimm
      • Storage:
      • 1x1TB, 1x320gb, 2x500gb, 1x250gb, 120GB SSD
      • Graphics card(s):
      • Nvidia Geforce 560Ti
      • PSU:
      • Mac pro PSU
      • Case:
      • Mac Pro Case
      • Operating System:
      • Windows 8
      • Monitor(s):
      • 1x22" LG 3D TFT 1x 19" ViewSonic
      • Internet:
      • 80mb BT Infinity

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by Ttaskmaster View Post
    But neither are as easy as many people tend to assert... and not every lock can be snapped.
    Rather, a thief will look for an easier entry point... such as the window you left open!
    This is true....locks are generally a good deterrent regardless of their quality - a window is easier to smash and jump in through.

    I did want to test the theory of picking locks a few years ago, so I bought some Southord picks, a practice lock and watched some youtube videos.

    A day later, I decided to test it on my own front door. took me 10 minutes and I was in....they were standard locks the builder had used (its a newbuild property). Did the same with my euro cylinders on the french doors. My boss wasn't too impressed when I then tried it out at work either and again the doors just opened

    The same day I replaced my locks with good security locks and problem was solved. Really isn't difficult if you have a bit of dexterity, even on the "basic" security locks with a couple of mushroom pins.

  9. #9
    Senior Member
    Join Date
    May 2014
    Posts
    1,558
    Thanks
    93
    Thanked
    209 times in 150 posts

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by [GSV]Trig View Post
    Erm, I'm not sure I want to ask for links to stories about hacked marital aids, but I've always been a curious sort lol
    https://www.wired.co.uk/article/sex-...s-security-fix

    You literally can't make this up...

  10. #10
    RGB Champion Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    5,591
    Thanks
    256
    Thanked
    595 times in 498 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO
      • CPU:
      • i7 5960X o/c to 4.summat
      • Memory:
      • 16GB Corsair DDR4 somethingorother
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phankecks Enthoo Luxe perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync
      • Internet:
      • BT 0.7Mbps 'In The Sticks' version

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by [GSV]Trig View Post
    Erm, I'm not sure I want to ask for links to stories about hacked marital aids, but I've always been a curious sort lol
    I've discussed it at length on this forum already...

    Quote Originally Posted by Spud1 View Post
    This is true....locks are generally a good deterrent regardless of their quality - a window is easier to smash and jump in through.
    Not even - A great many security features are simply bypassed using non-destructive methods.

    Quote Originally Posted by Spud1 View Post
    The same day I replaced my locks with good security locks and problem was solved. Really isn't difficult if you have a bit of dexterity, even on the "basic" security locks with a couple of mushroom pins.
    Again, bypass. Picking requires practice and dexterity, even bumping needs a certain touch. As a former locksporter myself, burgling a house is far simpler with bypass tools... and they exist for just about every lock within the realm of affordable home security.
    _______________________________________________________________________

    "Listen, we're bona fide. We're not from London. Could we have some fuel and wood?"

  11. #11
    Senior Member
    Join Date
    Sep 2016
    Location
    Merseyside
    Posts
    497
    Thanks
    18
    Thanked
    35 times in 29 posts
    • EvilCycle's system
      • Motherboard:
      • ASUS ROG MAXIMUS IX HERO
      • CPU:
      • Intel I7 7700K (OC to 4.8GHz on Corsair H100i V2)
      • Memory:
      • 16GB Corsair Vengeance DDR4 @ 3000MHz
      • Storage:
      • Samsung 840 evo 120GB SSD + 3 x 500GB 72000rpm HDD's
      • Graphics card(s):
      • Gigabyte AORUS GeForce RTX 2080 XTREME
      • PSU:
      • DEEPCOOL DQ 750st
      • Case:
      • Corsair Obsidian Series 750D Airflow Edition
      • Operating System:
      • Windows 10
      • Internet:
      • Virgin Media 380Mb (Fibre Optic)

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by Gentle Viking View Post
    I want to strap a claymore mine to my front door, so if tampering = shish kebab :-)
    Okay that will ruin some of my stuff, but really the price of a dead criminal can never be too high.
    Tripwire and a shotgun is probably cheaper

  12. #12
    Long member
    Join Date
    Apr 2008
    Posts
    1,545
    Thanks
    59
    Thanked
    275 times in 194 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by Spud1 View Post
    This is clearly bad and i'ts good they are fixing things, but ultimately this is still more secure than the vast majority of door locks in the UK.

    Most door locks are trivial to pick in seconds with a bit of practice, and many cheaper ones can simply be snapped anyway. The "hacks" on electronic locks generally require much more sophistication and effort/planning, and so whilst this is an issue, it's not necessarily a reason not to buy one.

    Of course, a good door lock with lot of security pins is a better, more secure option - but they also cost over £100 in general, and most people seem to speind more in the £10-£20 region for their locks...

    The bigger issue with smart locks that I have found is that it's very hard to find decent quality ones which are compatible with UK multi-point locking UPVC doors. There are a few, but they are either mega expensive or cheap and unreliable.

    Plenty of choice in the US though, just not much here..yet.
    I pick locks. I also had a copper review our house security as part of our firearms stuff.

    If your house front door cylinder is of the pin tumber type and is more than 10 years old, replace it.

    Modern Eurolock cylinders at a cost of ~£12+ will usually have a security pin or two out of six, scores in the side and basic anti drill protection. They can't be raked and single pin picking is possible but requires even an autist a few months to get the skill level needed.

    The other thing which has happened is that the tolerances have got better as manufacturing has improved. This means that even the cheaper cylinders are making it hard to defeat even a couple of spool pins and certainly not in the time required for a break in.

    So yes, if you have oldish locks then the thieves will go for them and that's the trend identified by my firearms guy. I recently bought a tenners worth of Eurocylinder and a mate and me examined it down the pub. It had basic security features in all the right places and the tolerances were excellent. It took me 9 minutes to pick it. Bear in mind I picked a drugs cupboard rated lock in around 30 seconds so 9 minutes isn't bad. That's 9 minutes sat comfortably not checking my back as well, rather than bent over and flinching at every noise.

    The real issue on modern locks is ensuring they are fitted properly with the correct mounting hardware. Most locks have particular fitting instructions but when things are replaced, most people just use what works for them, rather than what works for that particular lock system.

    Security is about time. Make breaking in take long enough and be noisy enough and your lock will have done its job. Add in another layer or two and they will just walk away and not bother.

    I do agree that the technical skill to do this is not exactly common but what happens is someone learns how to do it, pops it into a product and sells it. Thieves buy it and target rich people who can afford these kinds of systems.

  13. #13
    Senior Member this_is_gav's Avatar
    Join Date
    Dec 2005
    Posts
    4,841
    Thanks
    175
    Thanked
    247 times in 214 posts

    Re: KeyWe smart lock vulnerability can't be patched

    Ah, the joy of living in an area where you could leave your door unlocked for months at a time without anything happening.

  14. #14
    RGB Champion Ttaskmaster's Avatar
    Join Date
    Nov 2013
    Location
    Reading, UK
    Posts
    5,591
    Thanks
    256
    Thanked
    595 times in 498 posts
    • Ttaskmaster's system
      • Motherboard:
      • Asus X99-PRO
      • CPU:
      • i7 5960X o/c to 4.summat
      • Memory:
      • 16GB Corsair DDR4 somethingorother
      • Storage:
      • Samsung Evo 120GB and Seagate Baracuda 2TB
      • Graphics card(s):
      • Gigabyte G1 GTX980Ti
      • PSU:
      • EVGA Supernova G2 1000W
      • Case:
      • Phankecks Enthoo Luxe perspex window
      • Operating System:
      • Win10 64 Home
      • Monitor(s):
      • Acer Predator XB270HU 1440 IPS GSync
      • Internet:
      • BT 0.7Mbps 'In The Sticks' version

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by this_is_gav View Post
    Ah, the joy of living in an area where you could leave your door unlocked for months at a time without anything happening.
    Parkhurst... or Broadmoor?
    _______________________________________________________________________

    "Listen, we're bona fide. We're not from London. Could we have some fuel and wood?"

  15. #15
    Registered+
    Join Date
    Jun 2014
    Posts
    87
    Thanks
    0
    Thanked
    6 times in 6 posts

    Re: KeyWe smart lock vulnerability can't be patched

    Quote Originally Posted by this_is_gav View Post
    Ah, the joy of living in an area where you could leave your door unlocked for months at a time without anything happening.
    Well it would be hard to get away with anything if you live in a place where everyone's related...

  16. Received thanks from:

    Strawb77 (15-12-2019)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •