"Smart Lock Has a Security Vulnerability That Leaves Homes Open for Attacks"
A vulnerability in the KeyWe smart lock has been discovered by security researchers at F-Secure. KeyWe's smart lock was designed to make it easier for homeowners to lock and unlock their doors by allowing them to do so through the use of an app. However, the vulnerability discovered by researchers could allow hackers to sniff the traffic between the mobile app and the smart lock to recover the secret key needed to unlock the smart lock. One researcher pointed out that the exploitation of this flaw can be performed, using inexpensive network-sniffing devices. The researchers also found that the flaw cannot easily be patched because the firmware used by the current version of the lock can't receive over-the-air updates. This article continues to discuss the smart lock vulnerability, KeyWe's response to this discovery, and the risk posed by IoT devices because of the lack of cybersecurity standards for such devices.
CNET reports "Smart Lock Has a Security Vulnerability That Leaves Homes Open for Attacks"