Posts
Hello, Ayotovites! I came across an article on Habré about hacking a smart lock. The auth…
October 3, 2025 at 7:22 PM•Max Knyazev is typing…Telegram mirror
Hello, Ayotovites!
Stumbled upon article on Habré about hacking a smart lock. The author there showed in detail how in a couple of minutes you can bypass all its beautiful “tricks” - biometrics, maps, Bluetooth, etc. I won’t go into detail about it, but if you want, read the link above. In this post, I rather want to explain why history is important and what exactly it shows
🤌
Firstly, such devices are often purchased with the thought: “that’s it, now security is in my pocket - fingerprints, an application, everything is like an adult.” But in reality it turns into theater
absurdity
security. Externally, the lock looks cool, but in fact the brains are located outside, the lid is held on by tape, and critical contacts can be closed with a needle. It's like building a bunker and putting a wooden door in it without a lock.
🏛
Secondly, we must remember the purpose. Many in the comments correctly noted: such locks are generally not invented to protect an apartment or house. This is a story on the level of “close the closet with mops” or “put it in the toilet so that random visitors do not come in.” In such conditions, there are enough such devices. But if you hang this on the front door of your apartment and think that “now I’m safe,” you’re digging a hole for yourself ( or are you engaged in self-deception, as my math teacher from the National Research University Higher School of Economics liked to say )
🤦♂️
Third, mechanics always decide. If the lock has an ordinary key cylinder, then no fingerprints will help: the entire level of protection immediately drops to the quality of this very key. And this is what many people forget: backup mechanics are not insurance, but a weak point
🔐
Fourth - service functions. In the firmware of this lock there was a “secret” code, after which the door remained open. This was intended for convenience, but it turned out as always: vulnerability in its purest form. And there are many such examples. Manufacturers think about how to make life easier for themselves and the user, but they forget that the lock has only one purpose - to keep strangers out
✋
And fifthly, the human factor. People take pictures of their purchases and their keys appear in the frame. Some people post instructions, others show a panel with fingerprints. All this turns into a gift for the attacker. And here the question is not only for manufacturers, but also for you and me: safety is not only a device, but also how we use it. Many people compromise themselves in completely unexpected ways.
🧐
My opinion is simple: for “toy” scenarios - yes, you can take it. For real protection of housing - absolutely not. When choosing a lock, you need to look not at what is written on the box, but at how the architecture is arranged: where is the electronics located, is there a tamper -detectors, what mechanics are used and what level of safety is confirmed by certificates. And to be completely honest, I have yet to see a single really cool smart lock that is significantly safer than a good mechanical option.
😏
The Internet of Things is only good if the device actually gets better (it is more convenient to use, there are more reasonable functionality, etc. ), and not when we try to recreate the same functions that already existed, but only more expensive and more complex
🤑
And the article itself on Habré turned out to be very revealing. A good example of how smart features do not make a device smart in terms of security ( unfortunately, the opposite happens more often )
🙂
#internet_things
#information_security
Open original post on TelegramStumbled upon article on Habré about hacking a smart lock. The author there showed in detail how in a couple of minutes you can bypass all its beautiful “tricks” - biometrics, maps, Bluetooth, etc. I won’t go into detail about it, but if you want, read the link above. In this post, I rather want to explain why history is important and what exactly it shows
Firstly, such devices are often purchased with the thought: “that’s it, now security is in my pocket - fingerprints, an application, everything is like an adult.” But in reality it turns into theater
Secondly, we must remember the purpose. Many in the comments correctly noted: such locks are generally not invented to protect an apartment or house. This is a story on the level of “close the closet with mops” or “put it in the toilet so that random visitors do not come in.” In such conditions, there are enough such devices. But if you hang this on the front door of your apartment and think that “now I’m safe,” you’re digging a hole for yourself ( or are you engaged in self-deception, as my math teacher from the National Research University Higher School of Economics liked to say )
Third, mechanics always decide. If the lock has an ordinary key cylinder, then no fingerprints will help: the entire level of protection immediately drops to the quality of this very key. And this is what many people forget: backup mechanics are not insurance, but a weak point
Fourth - service functions. In the firmware of this lock there was a “secret” code, after which the door remained open. This was intended for convenience, but it turned out as always: vulnerability in its purest form. And there are many such examples. Manufacturers think about how to make life easier for themselves and the user, but they forget that the lock has only one purpose - to keep strangers out
And fifthly, the human factor. People take pictures of their purchases and their keys appear in the frame. Some people post instructions, others show a panel with fingerprints. All this turns into a gift for the attacker. And here the question is not only for manufacturers, but also for you and me: safety is not only a device, but also how we use it. Many people compromise themselves in completely unexpected ways.
My opinion is simple: for “toy” scenarios - yes, you can take it. For real protection of housing - absolutely not. When choosing a lock, you need to look not at what is written on the box, but at how the architecture is arranged: where is the electronics located, is there a tamper -detectors, what mechanics are used and what level of safety is confirmed by certificates. And to be completely honest, I have yet to see a single really cool smart lock that is significantly safer than a good mechanical option.
The Internet of Things is only good if the device actually gets better (it is more convenient to use, there are more reasonable functionality, etc. ), and not when we try to recreate the same functions that already existed, but only more expensive and more complex
And the article itself on Habré turned out to be very revealing. A good example of how smart features do not make a device smart in terms of security ( unfortunately, the opposite happens more often )
#internet_things
#information_security
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.