Smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can open them remotely.

https://web.archive.org/web/20240415235929/https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/

The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

P.S. never give cybersecurity spooks clicks even after they go “freelance” or whatever

#realestate #landlords #latestagecapitalism #security #enshittification #cybersecurity @[email protected]

  • 小莱卡@lemmygrad.ml
    link
    fedilink
    arrow-up
    9
    ·
    7 months ago

    People are ignorant, they do not know how stuff works, so they don’t see the problems of propietary software in house “IoT” things.

    People just think it’s cool to have a lock that you can open with your phone and not give it much thought afterwards.

    • Galli [comrade/them]@hexbear.net
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 months ago

      True but I also think there are good use cases for such locks and would probably buy one if there were an open source lock available, or even one with easily replaceable firmware that was affordable.

      Important thing to remember is that all locks are at best an inconvenience for any dedicated intruder and also to yourself if it fails.