Why the KRACK hack is bad for smart locks.

October 27, 2017

 

 

What a week it has been for smart locks! In the last week, we had 3 massive events which will have resounding effects on the smart lock industry for quite some time.

 

Firstly we had the first ever smart lock company acquisition - August was acquired by the world’s number one lock manufacturer Assa Abloy for an undisclosed amount (see here).

 

Secondly we had the launch of Amazon key which allows delivery drivers to access customer’s houses to drop off packages through the use of a smart lock and accompanying security camera (see here).

 

And thirdly, we had the KRACK hack - another widespread vulnerability affecting practically everyone and everything that uses Wi-Fi was revealed on Monday, allowing hackers to decrypt and potentially look at everything people are doing online.

 

The KRACK hack can be abused to allow hackers to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. Most smart locks use Wi-Fi to connect to the broadband internet, and therefore are exposed to the KRACK hack.

 

Its only been a week since the announcement of the KRACK hack and so far it appears its still a little early to determine the effect of the hack on smart devices including Wi-Fi connected smart locks. The biggest question being asked right now about Wi-Fi connected smart locks such as August, Kevo, Schlage and others are ‘what patches, updates or anything if at all can be done to protect against the hack?’

 

You can see August’s response below on Twitter to a concerned customer, but not everyone is convinced yet, that everything is ok with Wi-Fi smart locks.

 

 

 

 

 

What the KRACK hack demonstrates is that Wi-Fi is not an appropriate technology to use in Smart locks as its not secure. And security is what locks are all about - locks make premises secure.

 

Wi-Fi is a technology that connects devices such as computers, mobile phones, smartTV’s etc to the broadband internet. The broadband internet is a network built over 20 years ago, operating on a bandwidth greater than 1MHZ, to allow data to race all around the world to enable you to do all this wonderful stuff such as live streaming, downloading music and movies, live skype calls, chat, sending email files etc. The broadband internet was not built for smart locks, or smart devices to communicate with each other and the cloud.

 

For example, if you hit the unlock button command on your smart phone app to unlock your smart lock on your front door, then this command goes up into the broadband network where it fights with other data, and becomes exposed with all the other data racing around up there. It’s a bit like swimming with sharks.  Sometimes you might be able to jump into shark infested waters, swim around safely, and come out again. But you are always vulnerable to attacks.

 

What smart devices like smart locks need right now is a secure, new network, purposely built for smart devices, that’s separate from the existing risky broadband internet. So does this exist? Yes, this network does exist and its called the NarrowBand Internet of Things(NBIoT) network, and its currently being rolled out across the globe. Click here to learn more about NB IoT.

Please reload

Recent Posts

Please reload

Archive

Please reload

Tags