• The Pantser@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    1 month ago

    Eh if they are savvy enough to unlock my door they are smart enough to break my window. Also if they can unlock my door I still have zwave open/close sensors that will trigger the alarm so I will take the convince of smart locks over non smart any day. I can keep the wandering bums out but remotely let family members in without having to give out my code or keys.

    • borari@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      0
      ·
      1 month ago

      That’s fair. I can store like 20 codes or something, so I just keep one extra in there then rotate it after whoever I had to give it to is done with needing it.

      I live on a really busy street in a city, so I’m really not worried about someone breaking a window to get inside. Sure there’s a nonzero chance a methie might smash a window, but around here it’s mostly just testing car door handles and maybe smashing the car window if there’s a visible wallet or pill bottle or something.

      Walking up to my door and doing a replay attack, or sending a master password to the lock takes seconds and doesn’t look any more suspicious than a resident entering the house. This talk is from 2016, but I doubt things have gotten significantly better, and I don’t want to be replacing my door lock, or even worrying about updating firmware, whenever something like this is found (Picking BLE Locks - Anthony Rose & Ben Ramsey).

      But yeah, I’m not saying anyone’s an idiot for using a smart lock or anything, odds are it will never matter either way.

      • mosiacmango@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        1 month ago

        There are a lot of zwave s2 locks out there. No Bluetooth at all.

        128-bit AES isn’t amazing, but it’s more solid than bluetooth and most hardware locks.

        Most locks, including deadbolts, can be picked or bumped in seconds. The physical lock is the weakest point. You can get zwave s2 smart locks with just pin pads, no physical key. That’s probably the most secure option.

        • Malfeasant@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          1 month ago

          Lock picking takes skill. I’ve defeated a deadbolt and doorknob with a cordless drill in ~15 seconds. And it’s not even all that loud.

        • borari@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          0
          ·
          1 month ago

          Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

          CVE-2020-9060 Z-Wave devices based on Silicon Labs 500 series chipsets using S2 are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

          Oof. Could you imagine having a vindictive neighbor who is mad at you over some dumb shit you have no idea about, then then DoS’ing your lock that has no physical key?

          Again probably as close to zero as a non zero chance can be of actually happening, but idk just give me a key and some buttons for when I have bags and shit.

          Also, if i decided to go in to home invasions I’d rather just carry around a phone or a raspberry pi or something and pop smart locks than carry around a snap gun.

          Everything you’re saying is right though, there’s always a trade off when it comes to security.

      • The Pantser@lemmy.world
        link
        fedilink
        arrow-up
        0
        ·
        1 month ago

        Always have a backup trigger. A open/close sensor is hard to beat. They would have to know where it is and have access to it to bypass it. And for good measure a shock sensor to know if someone is trying to break it down.