Connect with us

Gadgets

Security flaws in a popular smart home hub let hackers unlock front doors – TechCrunch

Published

on

When is a smart home not so smart? When it can be hacked.

That’s exactly what security researchers Chase Dardaman and Jason Wheeler did with one of the Zipato smart hubs. In new research published Tuesday and shared with TechCrunch, Dardaman and Wheeler found three security flaws which, when chained together, could be abused to open a front door with a smart lock.

Smart home technology has come under increasing scrutiny in the past year. Although convenient to some, security experts have long warned that adding an internet connection to a device increases the attack surface, making the devices less secure than their traditional counterparts. The smart home hubs that control a home’s smart devices, like water meters and even the front door lock, can be abused to allow landlords entry to a tenant’s home whenever they like.

In January, security expert Lesley Carhart wrote about her landlord’s decision to install smart locks — forcing her to look for a new home. Other renters and tenants have faced similar pressure from their landlords and even sued to retain the right to use a physical key.

Dardaman and Wheeler began looking into the ZipaMicro, a popular smart home hub developed by Croatian firm Zipato, some months ago, but only released their findings once the flaws had been fixed.

The researchers found they could extract the hub’s private SSH key for “root” — the user account with the highest level of access — from the memory card on the device. Anyone with the private key could access a device without needing a password, said Wheeler.

They later discovered that the private SSH key was hardcoded in every hub sold to customers — putting at risk every home with the same hub installed.

Using that private key, the researchers downloaded a file from the device containing scrambled passwords used to access the hub. They found that the smart hub uses a “pass-the-hash” authentication system, which doesn’t require knowing the user’s plaintext password, only the scrambled version. By taking the scrambled password and passing it to the smart hub, the researchers could trick the device into thinking they were the homeowner.

All an attacker had to do was send a command to tell the lock to open or close. With just a few lines of code, the researchers built a script that locked and unlocked a smart lock connected to a vulnerable smart hub.

The proof-of-concept code letting the hackers unlock a smart lock (Image: Chase Dardaman, Jason Wheeler)

Worse, Dardaman said that any apartment building that registered one main account for all the apartments in their building would allow them to “open any door” from that same password hash.

The researchers conceded that their findings weren’t a perfect skeleton key into everyone’s homes. In order to exploit the flaws, an attacker would need to be on the same Wi-Fi network as the vulnerable smart hub. Dardaman said any hub connected directly to the internet would be remotely exploitable. The researchers found five such vulnerable devices using Shodan, a search engine for publicly available devices and databases.

Zipato says it has 112,000 devices in 20,000 households, but the exact number of vulnerable hubs isn’t known.

We asked SmartRent, a Zipato customer and one of the largest smart home automation providers, which said fewer than 5% of its apartment-owning customers were affected by the vulnerable technology. A spokesperson wouldn’t quantify the figure further. SmartRent said it had more than 20,000 installations in mid-February, just weeks before the researchers’ disclosure.

For its part, Zipato fixed the vulnerabilities within a few weeks of receiving the researchers’ disclosure.

Zipato’s chief executive Sebastian Popovic told TechCrunch that each smart hub now comes with a unique private SSH key and other security improvements. Zipato has also since discontinued the ZipaMicro hub in favor of one of its newer products.

Smart home tech isn’t likely to go away any time soon. Figures from research firm IDC estimate more than 832 million smart home devices will be sold in 2019, just as states and countries crack down on poor security in internet-connected devices.

That’s also likely to bring more scrutiny to smart home tech by hackers and security researchers alike.

“We want to show that there is a risk to this kind of tech, and apartment buildings or even individual consumers need to know that these are not necessarily safer than a traditional door lock,” said Dardaman.



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Gadgets

Still can’t buy a Raspberry Pi board? Things aren’t getting better anytime soon

Published

on

Raspberry Pi Foundation

Shortages for lots of tech components, including things like DDR5 and GPUs, have eased quite a bit since the beginning of 2022, and prices have managed to go down as availability improves. But that reprieve hasn’t come for hobbyists hoping to get a Raspberry Pi, which remains as hard to buy today as it was a year ago.

The most recent update on the situation comes from Raspberry Pi founder Eben Upton via YouTuber Jeff Geerling—Upton told Geerling that Pi boards are subject to the same supply constraints since the last time he wrote a post about the situation in April. Around 400,000 Pi boards are still produced per month, and some of these are being earmarked to be sent out to consumer retail sites. But Upton says that most of these are still being reserved for and sold to commercial customers who rely on Pi boards to run their businesses.

In short, the update is that there is no update. Upton said in April (and nearly a year ago, when the company raised the price for a Pi board for the first time) that the Broadcom processors at the heart of older Pi boards have been particularly difficult to source, but that high demand had been just as big an issue. Demand for Pi boards increased during the pandemic, and there was no more manufacturing capacity available to meet this demand. Upton said a year ago that there were “early signs that the supply chain situation is starting to ease,” but backed-up demand could still explain the short supply even if the Pi’s components have gotten easier to buy.

If you’re trying to buy a Raspberry Pi in the US or other regions, the rpilocator spreadsheet can be a valuable resource, letting you know when various models are in stock for ordering at most common Pi retailers. According to the tracker, few Pi 4 boards of any stripe were available to buy through September, though, and if you’re looking for a specific RAM capacity, you will be stuck waiting even longer. Businesses that want to inquire about buying Pis are still encouraged to contact the business@raspberrypi.com email address to make their case.

Continue Reading

Gadgets

Google prototypes, open sources an extra-long keyboard with one row of keys

Published

on

Enlarge / Google Japan jokes that you can increase productivity by having two people type on the keyboard simultaneously.

Google Japan has a history of joke keyboard concepts that challenge common notions of computing input. The latest concept, the Gboard Stick Version, places every key in the same row, so hunting and pecking can take a more linear approach.

As shown in Google Japan’s YouTube video below, it appears Google Japan actually prototyped the lengthy keyboard. Google will not be mass-producing or selling it, but there are GitHub files available with open source firmware, circuit diagrams, and design drawings to build the keyboard yourself. The GitHub page is careful to note that “this is not an officially supported Google product.” Google Japan’s blog post from Saturday said you could make the Gboard Stick Version with a 3D printer.

Google Japan’s video for the Gboard Stick Version.

As designed, the keyboard is an extraordinary 5.25 feet (1,600 mm) longIf you think that’s lengthy, the company said the original prototype was 7.87 feet (2,400 mm) long. The keyboard uses 17 boards total, including 16 for mounting the keys and a control board.

Google Japan jestingly argues that this design is more convenient for cluttered desks, storage, and finding the right keys when typing. Google Japan’s video shows the keyboard with an alphabetical layout, as a user initiates touch typing by memorizing the distance of individual keys from the left border. Alternatively, it’s ‘easy’ to find P, for example, knowing that it’s the 17th key in from the left (the first key from the left is a search button, not A). Surely, this is all simpler than hunting and pecking up, down, left, and right on a traditional keyboard layout.

Google Japan’s page for the keyboard also suggests you can use it with a QWERTY or ASCII code layout.

Google Japan also pointed to the keyboard's single row simplifying cleaning.
Enlarge / Google Japan also pointed to the keyboard’s single row simplifying cleaning.

Many detailed use cases for this one-row keyboard are clearly jokes, from using it to measure your kid’s height and get items dropped behind the couch, to using it as a walking stick, or the “bug-fixing module,” aka net, that turns the keyboard into a bug catcher in case you encounter bugs when coding (get it?).

But one purported benefit we could actually get behind is how much personal space the keyboard naturally enforces in the office and beyond:

The keyboard looks to be a natural safe-distance buffer for those who have to return to the office.
Enlarge / The keyboard looks to be a natural safe-distance buffer for those who have to return to the office.

Google Japan’s outlandish keyboard concepts have been going on for years as a way to promote Google’s Gboard keyboard app. Past iterations have included the Gboard Teacup Version and Gboard Spoon Bending Version.

Continue Reading

Gadgets

The Pixel 6a for $350 ($100 off) makes for an incredible deal

Published

on

The Pixel 7 might be arriving this week, but if you’re not interested in any of that newfangled flagship stuff, have we got a deal for you! The Pixel 6a, Google’s cheaper, simpler smartphone, is on sale at Amazon and Best Buy for $100 off. That makes for a pretty incredible $349 price tag instead of the normal $449. If you don’t count bundling deals that require signing up for a new phone line, this is the lowest price we’ve seen the phone at.

The Pixel 6a is a dead simple 6.1-inch phone that covers all the basics. It has a 6.1-inch 1080p, 60 Hz display, 6GB of RAM, 128GB of storage, and a 4410 mAh battery. The phone has nearly every feature you could want, including an in-screen fingerprint reader, IP67 dust and water resistance, NFC, and Wi-Fi 6e compatibility. The biggest downside is that there’s no wireless charging. The headline feature is the flagship-class SoC, the same Google Tensor chip you get in the Pixel 6, but for a low (and now even lower) price. The Tensor won’t win any benchmark wars, but at this price, the only other comparable device is the iPhone SE.

As for why you might hold out a bit and get the Pixel 7 instead, you’d be getting a major screen upgrade if you buy the (probably $900) Pixel 7 Pro, which will pack a 6.7-inch 120 Hz display. You’d also be doubling the RAM (12GB) and upgrading the camera setup from the ancient IMX 363 sensor that powers the Pixel 6a. That would be more than double the price of this phone. though. Like we said in our review, if you’re not a phone snob (guilty), the Pixel 6a is the perfect phone for normal people.

Ars Technica may earn compensation for sales from links on this post through affiliate programs.

Listing image by Ron Amadeo

Continue Reading

Trending