this post was submitted on 23 Sep 2024
1345 points (97.4% liked)

People Twitter

5268 readers
672 users here now

People tweeting stuff. We allow tweets from anyone.

RULES:

  1. Mark NSFW content.
  2. No doxxing people.
  3. Must be a tweet or similar
  4. No bullying or international politcs
  5. Be excellent to each other.

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 2 months ago (2 children)

That’s fair. I can store like 20 codes or something, so I just keep one extra in there then rotate it after whoever I had to give it to is done with needing it.

I live on a really busy street in a city, so I’m really not worried about someone breaking a window to get inside. Sure there’s a nonzero chance a methie might smash a window, but around here it’s mostly just testing car door handles and maybe smashing the car window if there’s a visible wallet or pill bottle or something.

Walking up to my door and doing a replay attack, or sending a master password to the lock takes seconds and doesn’t look any more suspicious than a resident entering the house. This talk is from 2016, but I doubt things have gotten significantly better, and I don’t want to be replacing my door lock, or even worrying about updating firmware, whenever something like this is found (Picking BLE Locks - Anthony Rose & Ben Ramsey).

But yeah, I’m not saying anyone’s an idiot for using a smart lock or anything, odds are it will never matter either way.

[–] [email protected] 7 points 2 months ago* (last edited 2 months ago) (2 children)

There are a lot of zwave s2 locks out there. No Bluetooth at all.

128-bit AES isn't amazing, but it's more solid than bluetooth and most hardware locks.

Most locks, including deadbolts, can be picked or bumped in seconds. The physical lock is the weakest point. You can get zwave s2 smart locks with just pin pads, no physical key. That's probably the most secure option.

[–] [email protected] 4 points 2 months ago

Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

CVE-2020-9060 Z-Wave devices based on Silicon Labs 500 series chipsets using S2 are susceptible to denial of service and resource exhaustion via malformed SECURITY NONCE GET, SECURITY NONCE GET 2, NO OPERATION, or NIF REQUEST messages.

Oof. Could you imagine having a vindictive neighbor who is mad at you over some dumb shit you have no idea about, then then DoS’ing your lock that has no physical key?

Again probably as close to zero as a non zero chance can be of actually happening, but idk just give me a key and some buttons for when I have bags and shit.

Also, if i decided to go in to home invasions I’d rather just carry around a phone or a raspberry pi or something and pop smart locks than carry around a snap gun.

Everything you’re saying is right though, there’s always a trade off when it comes to security.

[–] [email protected] 3 points 2 months ago

Lock picking takes skill. I've defeated a deadbolt and doorknob with a cordless drill in ~15 seconds. And it's not even all that loud.

[–] [email protected] 4 points 2 months ago

Always have a backup trigger. A open/close sensor is hard to beat. They would have to know where it is and have access to it to bypass it. And for good measure a shock sensor to know if someone is trying to break it down.