|Bad boys, bad boys, what ya gonna do?|
In November 2014 we blogged about another key break-in threat called "cyber locksmiths" - see here. In this threat, so called 'Cyber locksmiths' were taking pictures of people from social media, or they were taking pictures of your metal keys unattended such as when left at valet parking, and sending them of to so-called 'Cyber locksmiths' to get a duplicate key made up from the key photograph. The duplicate key is then posted out to you within a few days, no questions asked.
Back in 2012, the UK police reported a rise in the number of thieves breaking into homes through a technique called lock snapping. As the title suggests, thieves use screwdrivers or something similar to easily snap the lock cylinder in two, and then push the door open.
Also back in 2012, we had the Onity hotel key card lock hacking incidents. A hacker called Cody Brocious demonstrated at a conference how for you can make a device with $50 worth of parts, and break into over 4 million hotel rooms. Not long after this there was a spate of hotel break ins tied to Cody's online videos.
Back in May 2013, Security magazines were reporting that smart locks that use a technology called Z-wave, could be easily hacked. In the last couple of weeks some mainstream US TV stations were picking up the hacking smart lock story too - e.g see here
Way back in 2002, the fingerprint locks that you used to see on 'futuristic movies' made during the eighties were shown to be hackable, from using the most unlikey of items, a gummi bear - yes, can you believe it! - See the article here.
And finally for the last couple of years, hackers have been demonstrating how easy it is to hack open wi-fi enabled smart locks - e.g see here and here.
Ok, so do you see any patterns emerging here? Is there only one thing that is consistent in all of this? Is nothing safe anymore? Whether it be old school locks (metal key) or new school locks (electronic/smartlocks)?
The car thieves in New York and LA are hacking locks with a technology called Radio Frequency ID; the lock snappers in UK are snapping metal key cylinder locks; the cyber locksmiths are easily cutting your metal keys from photographs; the hotel locks hacked used a technology called 'magnetic stripes'. And smart locks that use technologies such as Z-wave and wi-fi have also been shown to be hackable.
So what's going on? Surely everyone must agree that being broken into is not a pleasant thing? Surely being attacked in a hotel room by someone breaking in with vulnerable locks is horrible? Surely this is costing people and companies tens of millions of dollars? Are your insurance premiums going to go up because of all the break-ins happening everywhere?
So what are we doing about it? Who is responsible for fixing the problems? Do we now have to replace 1 billion car door locks now, and 1 billion house and workplace door locks? Is nothing and nowhere safe?
As a society we can no longer turn our back on locks and security because it is 'too risky', or 'too dangerous', or 'too difficult'.
We have to fight back against the hackers and lock vulnerabilities. We should be supporting Research and Development in locks and security. We should be supporting start-ups to develop new technologies. We should be setting global standards. We should be having Senate inquiries to what is going on with locks and security. We should be constantly testing and improving. We should be having new laws, and policies so as to protect our citizens. Isn't it in our constitutions that we should protect the general welfare our citizens. What does the 14th Amendment say about guaranteeing rights and safety of citizens?
If you care about your safety, and you're assets, and your families safety, then do something about it. Write to your local politician; support security companies R&D; research what is safe and what is not; change your old locks, ask hotels you stay in to upgrade their locks.
Or we could just sit back and pretend there is nothing wrong, and just welcome thieves into our cars, our houses, and our workplaces.