So, disregarding physical brute force (because that lock bypass method will never change), let’s say a smart lock today is functionally equivalent to a traditional lock in terms of security. How’s that smart lock going to look in 5 years? In 10? When is the manufacturer going to abandon the product and stop providing security updates? It’s only a matter of time before whatever firmware it shipped with becomes obsolete. And then it’s just one more thing on the list of pwnd devices that unscrupulous actors can access at will. Your friendly neighborhood junkie in search of quick cash might not know the difference, but a list of people that have e-Lock v2.2 would be very lucrative to the types of people that run the current smash and grab operations.
Soft/firmware obsolescence is a thing with any “smart” device, but it becomes especially egregious when it’s built into what are traditionally durable devices like appliances. And even more so when it’s something embedded, like a lock, outlet, etc. It becomes “replace that light fixture, or leave that vulnerability on the network.” A lock takes that from “someone can waltz into my home network” to “someone can waltz through my front door.”
Don’t let it use the manufacturer’s cloud service, but use your own local server (like Home Assistant) accessible only through VPN (Wireguard, Tailscale), keep your home router up to date. This alone eliminates the largest attack surfaces and offers way more privacy.
So, disregarding physical brute force (because that lock bypass method will never change), let’s say a smart lock today is functionally equivalent to a traditional lock in terms of security. How’s that smart lock going to look in 5 years? In 10? When is the manufacturer going to abandon the product and stop providing security updates? It’s only a matter of time before whatever firmware it shipped with becomes obsolete. And then it’s just one more thing on the list of pwnd devices that unscrupulous actors can access at will. Your friendly neighborhood junkie in search of quick cash might not know the difference, but a list of people that have e-Lock v2.2 would be very lucrative to the types of people that run the current smash and grab operations.
Soft/firmware obsolescence is a thing with any “smart” device, but it becomes especially egregious when it’s built into what are traditionally durable devices like appliances. And even more so when it’s something embedded, like a lock, outlet, etc. It becomes “replace that light fixture, or leave that vulnerability on the network.” A lock takes that from “someone can waltz into my home network” to “someone can waltz through my front door.”
Don’t let it use the manufacturer’s cloud service, but use your own local server (like Home Assistant) accessible only through VPN (Wireguard, Tailscale), keep your home router up to date. This alone eliminates the largest attack surfaces and offers way more privacy.