Smart door lock systems are vulnerable to attacks
The smart locks produced by vendors such as Quicklock, iBlulock, Okidokey, and Mesh Motion were found vulnerable to hacking.
According to researchers Anthony Rose and Ben Ramsey, using Bluetooth LE are insecure and are vulnerable to attacks. The researchers highlighted quite a few problems with the door locks, which they believe are trivial to hack, divulging the people relying on them to possible theft.
The research consisted of an experiment, where they succeeded in hacking 12 locks out of the 16 smart locks systems. The smart locks produced by vendors such as Quicklock, iBlulock, Plantraco, Ceomate, Elecycle, Vians, Okidokey, and Mesh Motion were found vulnerable to hacking.
Few locks had simple security flaws, like sending the lock password in cleartext, while in case of masked passwords the authentication request can be recorded and can be used around later.
The researchers were able to hack even more secured locks by exploiting the source code fuzzing techniques, making it easier to crash the lock software.
The four smart locks they tested that couldn't be broken came from vendors such as August, Noke Locks, Masterlock, and Kwickset Kevo. However the researchers were actually able to unlock the Kwickset Kevo lock using a flathead screwdriver.