• MelodiousFunk@kbin.social
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    So, disregarding physical brute force (because that lock bypass method will never change), let’s say a smart lock today is functionally equivalent to a traditional lock in terms of security. How’s that smart lock going to look in 5 years? In 10? When is the manufacturer going to abandon the product and stop providing security updates? It’s only a matter of time before whatever firmware it shipped with becomes obsolete. And then it’s just one more thing on the list of pwnd devices that unscrupulous actors can access at will. Your friendly neighborhood junkie in search of quick cash might not know the difference, but a list of people that have e-Lock v2.2 would be very lucrative to the types of people that run the current smash and grab operations.

    Soft/firmware obsolescence is a thing with any “smart” device, but it becomes especially egregious when it’s built into what are traditionally durable devices like appliances. And even more so when it’s something embedded, like a lock, outlet, etc. It becomes “replace that light fixture, or leave that vulnerability on the network.” A lock takes that from “someone can waltz into my home network” to “someone can waltz through my front door.”

    • Shurimal@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Don’t let it use the manufacturer’s cloud service, but use your own local server (like Home Assistant) accessible only through VPN (Wireguard, Tailscale), keep your home router up to date. This alone eliminates the largest attack surfaces and offers way more privacy.