Just saw an ad for a lock you can open from your phone. Does this seem like a super terrible idea? It’s made in China so maybe easy to hack or has a backdoor, the WiFi could be picked up from a car outside, and uses batteries so you could possibly be locked outside if they suddenly went dead and weren’t able to warn the user ahead of time. I realize a properly setup router should keep the WiFi safe, but I’d imagine as these go more mainstream hackers would see this as a really fun thing to crack and take advantage of.
Electronics companies are not physical security companies, so even if they made the software and hardware secure (which they didn’t), the physical locks usually have some easily exploitable weaknesses, because that part just isn’t in their wheelhouse.
WiFi door locks have been around for years, and there are tons of different makes and models.
Here’s a Wirecutter roundup of the ones they think are the best.
Uh…major lock manufacturers have been making smart locks for years.
Yale, Schlage, etc…
They’re fine, someone would need your login to the lock app to open remotely. Many of them only work with directional bluetooth also, and they all have some sort of backup in case the battery dies, usually a physical key.
Smart locks are a great idea if you are an AirBnB host, or frequently have guests over. You can give someone a temporary code, or enable their phone to work via bluetooth and then revoke permission whenever you want.
They’re not perfect, though.
But neither are regular door locks. In fact, nearly all common door locks can be trivially picked by someone who has the right tools and knowledge. Like picked as in 3 seconds and you’re in.
In short, your door lock is not the thing that’s keeping thieves out of your house.
I was referring to the cheaper Chinese ones I thought were being referenced in the original post. There are definitely some okay ones that exist from major manufacturers.
Oh, fair enough. I would not personally buy anything from China that connects to my network.
I’m not sure it’s even possible to get anything with chips that has no parts manufactured in China.
Correct, that is not possible. Even the Raspberry Pi has parts from the PRC these days.
Very interesting. I’m not getting one, but very curious how safe and secure they really are. But yes in the grand scheme of things, normal locks are easy to compromise.
There are a few locks that aren’t easily bumpable, but they’re not cheap and neither are the keys. Some of those are stillvulnerable to drilling, though, if noise isn’t a big issue.
I am not a locksmith and might have been lied to by one.
With a couple simple tweaks, even cheap locks can be hardened against attacks. Your doors and windows are your weak spots.
Just keep your eye out for tripod mounted laser trucks and you should be fine.
I’ve been using a Z-wave / Internet-connected Schlage smart lock for five years now. I got some early negative comments from some friends / family, “Someone could hack you and open your door!”
Well, guess what? Someone could throw a rock through one of my patio doors and walk right it, and it would take a lot less skill than hacking my lock. As a former first responder who saw many a door be taken down by the fire department, a good solid kick or a judicious pry-bar usually just tears the frame away from the wall, too. So, yeah, home door locks are a social construct. They’re really just there to keep out the casual intruder. Any determined person is going to get into your house, unless you’re very, very paranoid and have things like iron bars across all windows, reinforced steel door frames, etc…
So, yeah, get whatever makes your life most convenient (and The Wirecutter recommends). Internet of Awesome! :P
I would certainly have purchased and installed a smart door lock myself, if I didn’t have a unusual and extremely beefy NYC lock that wasn’t compatible (“jimmy proof”, if anyone’s curious) and a solid steel door. They’re great.
Doorbell, too. Can’t do that either, unless I want a battery-powered one and screw that noise.