The future that the Internet of Things gives us is beautiful, but one issue that is always overlooked is security. In this week's DEF CON contest, two researchers, Anthony Rose and Ben Ramsey, once again showed us this, and they easily put in 12 BLE Bluetooth smart locks.
They found that some devices store passwords in clear text, such as Quicklock and iBluLock locks. Anyone with a Bluetooth analyzer can easily intrude on these devices. There are locks that are vulnerable to replay attacks, which means that an intruder can obtain data wirelessly when the device owner unlocks it, and then replay the data to unlock it. Some of the other attacks are more complicated, but the same is not difficult.
There are other researchers who have also found loopholes in the door locks. For example, August's lock can be extracted from the paired mobile phone with a one-time key. Fortunately, this loophole has been blocked.
What's even more sad is that after he issued a vulnerability report to those smart lock manufacturers, only one responded, but it did not issue a patch.
For many devices, as long as the attacker can use the high-end equipment and tools to crack, Ramsey's two tools are cheap, adding up to less than 200 US dollars. For smart products such as door locks that are safe, it is better to buy the goods from the brand manufacturers.
Laptop Stands And Risers,Laptop Riser Computer Laptop Stand,Laptop Folding Table Stand Aluminum,Laptop Stand Portable Aluminum Laptop Riser
Shenzhen ChengRong Technology Co.,Ltd. , https://www.chengrongtech.com