BeyondMachines Apr 21, 2024

Go analog.
A mechanical lock vendor makes a mistake, one series of locks break or can be unlocked. Criminals still have to find them.

A "smart" lock vendor makes a mistake, all locks are unlocked or broken. Criminals can compromise them remotely, with full location available.

Show threadOliver D. ReithmaierApr 21, 2024
@beyondmachines1 analogue isn't safer. It's just less accessible. It's security by obscurity. Wether your lock is digital or mechanical is of no concern to a crowbar.
Show threadBeyondMachines Apr 21, 2024

@odr_k4tana
A mechanical lock is safer because of the Swiss Cheese failure model, not because of security by obscurity. A mechanical lock cannot fail if the vendor goes out of business. You require physical access to tamper with such a lock...

But if you claim that digital locks are just as good, go for them.

We'll just publish the next fail fast events, like this one
https://beyondmachines.net/event_details/chirp-smart-locks-vulnerable-to-unauthorized-access-due-to-hardcoded-secrets-t-3-a-p-t

Chirp smart locks vulnerable to unauthorized access due to hardcoded secrets

Chirp Systems' Android software for smart locks has critical vulnerabilities, including hard-coded passwords and private keys, which could allow unauthorized remote access. Despite an update claiming "bug fixes and improved stability," it remains uncertain if the vulnerabilities, including potentially insecure NFC-based alternatives, are fully resolved.

BeyondMachines
Show threadOliver D. ReithmaierApr 21, 2024

@beyondmachines1 Again: my crowbar won't care what kinda lock you have.
Swiss cheese models are all fun and games, but if your underlying threat model is wrong, it's useless.

Effectively, digital locks often offer more upsides than downsides, even in terms of security (not to mention usability, which btw is a prerequisite for security to be effective).

Btw: Publishing lock fails is good. They need to get fixed. Keep doing that. But analogue locks are plagued with problems, too (cf. lockpicking lawyer).

Analogue isn't safer/more secure. It's a different threat model.

Show threadMisuse CaseApr 21, 2024

@odr_k4tana @beyondmachines1 The threat model for hacking a smart lock involves relatively little effort to get into hundreds or thousands of houses where you know the location with little fuss or noise, and you will look to eyewitnesses like you might belong there.

For a physical lock and your crowbar? You have to use the crowbar for every house you want to break into and anyone who sees you will know what you’re doing.

1/2

Show threadMisuse CaseApr 21, 2024

@odr_k4tana @beyondmachines1 Also if a digital lock vendor goes out of business then *you* may be locked out of *your own* house because the software/firmware is dead. Not so with a physical lock.

2/2

Show threadOliver D. Reithmaier

@MisuseCase @beyondmachines1 You're assuming network/cloud dependencies. You're assuming people don't see me enter into an apartment I am not supposed to enter. You're assuming people see or hear me use the crowbar.
You're assuming I still have my physical key. You're assuming a neighborhood that knows each other well. You're assuming digital knowledge beyond simple use.

This is what your case depends on.

Apr 21, 2024 at 1:02pmWeb
Show threadMisuse CaseApr 21, 2024
@odr_k4tana @beyondmachines1 I do threat modeling as part of my job. I’m only doing a back-of-the-envelope exercise for this, but physical locks and digital locks really aren’t equivalent in terms of their vulnerabilities or threat models. Maybe in a neighborhood that’s already got a very high crime rate they’re similar. But then you have different problems.
Show threadBeyondMachines Apr 21, 2024

@odr_k4tana We see you claim to be a scholar on your profile.

Do share your threat model for public review.

So far you are just claiming someone else is wrong. Not really scholarly.

@MisuseCase