this post was submitted on 16 Apr 2024
81 points (100.0% liked)

Late Stage Capitalism

5614 readers
1 users here now

founded 5 years ago
MODERATORS
 

Smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can open them remotely.

https://web.archive.org/web/20240415235929/https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/

The lock's maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp's parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

P.S. never give cybersecurity spooks clicks even after they go "freelance" or whatever

#realestate #landlords #latestagecapitalism #security #enshittification #cybersecurity @[email protected]

top 12 comments
sorted by: hot top controversial new old
[–] [email protected] 37 points 7 months ago (2 children)

Imagine if a Chinese company did this. Liberals would be hooting and hollering about Xi Jinping personally breaking into your apartment to rearrange your anime collection and take pictures of the files on your computer. There'd be immediate calls to ban the company from all business dealings within the US. But because it's a US private corporation that abuses the shit out of the proletariat there'll be a some pressure to fix it and they'll maybe eventually get around to doing it and get a slap on the wrist if anything for this and a slap on the wrist for the rent fixing collusion.

[–] [email protected] 11 points 7 months ago* (last edited 7 months ago) (1 children)

I don't think (lower class) proletarians use "smart" locks

[–] [email protected] 13 points 7 months ago

No but their landleeches might. The guy who found this out works for Amazon hosting and lived in an apartment complex that installed them. He investigated and complained about this and was brushed off.

[–] [email protected] 3 points 7 months ago

There are calls to ban Hikvision and they haven't done anything like that (capitalism still prevails in Poland and I see their gear all over, both in budget and pro spaces)

[–] [email protected] 22 points 7 months ago (1 children)

the critical weakness

It's not a bug, it's a feature.

[–] [email protected] 7 points 7 months ago

Yeah, you don't get 'hard-coded credentials' from some bug. This had to be intentional.

[–] [email protected] 17 points 7 months ago

That RealPage algorithmic price fixing scheme is so fucked up. True innovations in collusion. Not too surprising their lock system is complete shit.

[–] [email protected] 15 points 7 months ago (1 children)
[–] [email protected] 9 points 7 months ago (1 children)

@[email protected] seriously why would anyone feel safe protected by something that looks like that lmao. i already heard about them locking people out like crazy

[–] [email protected] 8 points 7 months ago (1 children)

People are generally too trusting and uncritical of technology.

I'd rather take an old school lock and key to some electronic pad that'll effectively lock me out of my home until it gets updated. Haha

[–] [email protected] 9 points 7 months ago (1 children)

People are ignorant, they do not know how stuff works, so they don't see the problems of propietary software in house "IoT" things.

People just think it's cool to have a lock that you can open with your phone and not give it much thought afterwards.

[–] [email protected] 4 points 7 months ago

True but I also think there are good use cases for such locks and would probably buy one if there were an open source lock available, or even one with easily replaceable firmware that was affordable.

Important thing to remember is that all locks are at best an inconvenience for any dedicated intruder and also to yourself if it fails.