Smart lock design flaw opens the door for attackers

An exploitable design flaw with a smart lock means attackers can easily overcome it and the lock's inability to receive updates means it can't easily be fixed. Researchers at F-Secure found they were able to exploit poorly designed protocols in the KeyWe Smart Lock to intercept the secret passphrase that controls the lock as it's exchanged between the physical device and the mobile app. "The lock has several protection mechanisms. Unfortunately, the lock's design makes bypassing these mechanisms to eavesdrop on messages exchanged by the lock and app fairly easy for attackers -- leaving it open to a relatively simple… [Continue Reading]