
A One-Minute Attack Let Hackers Spoof Hotel Master Keys - makarhum
https://www.wired.com/story/one-minute-attack-let-hackers-spoof-hotel-master-keys/amp
======
Rjevski
Nothing surprising here. The "electronic lock" (and fire/burglar alarm) market
is full of snake-oil salesmen and incompetent people who sell the stuff
assuring you it's secure without actually having tested it.

With conventional locks a good locksmith can tell you which one is safe
because they know how locks work, how to crack them and could've even tried to
crack it themselves.

With new locks the "locksmiths" have zero idea how the lock even works and
only go from information the reseller or original manufacturer (often a shady
Chinese company) provides, without even any attempts at actually understanding
how the thing works.

There is also no concept of updates, even though an electronic lock is a
computer and is subject to the same vulnerabilities as their desktop
counterparts.

------
mariuolo
Do manufacturers ever account for these faults? Like paying for all of the
burglaries that have likely happened?

