information, yet the same attacks on platforms such as the Kevo iPhone app can compromise
the physical safety of our homes and offices.
Lock manufacturers need to be increasingly cognizant of these threats and implement
tighter controls. Given the physical nature of firmware within IoT devices, the situation is
complicated by the fact that, even when updates are offered using the application interface,
many users have the tendency to delay making the updates in the interest of time. Many peo-
ple don’t want to have to deal with waiting for their door locks to install security patches while
they are in the middle of leaving or entering their homes.
This means that manufacturers of IoT-based devices such as Kevo must strive to imple-
ment the right security features in the initial versions of their products. This is not easy,
because it is hard to perfect security, so users of these devices should be aware of potential
risks such as the ones outlined in this section.
Conclusion
Human beings have an understandable urge to protect our belongings, our privacy, and our
physical security. We invented door locks thousands of years ago and still depend upon the
concept of doors and locks to protect our spaces.
The potential for abuse of even the best of locks using lock-picking tools is not news to
most of us. However, with the advent of electronic door locks in the IoT space, we have to be
aware of the decisions we are making today from a security perspective and how our decisions
are likely to influence our future in an impactful way.
In the case of the Onity door lock, we’ve shown how a poor implementation of security
can put millions of physical spaces at risk and how this situation has been exploited in various
burglaries. This is also an example of how costly security fixes can be when people have to
manually go to millions of door locks and issue an update. Furthermore, the Onity example is
a lesson for door lock manufacturers to do a better job of being transparent to their customers
and working with independent security researchers.
The Z-Wave example demonstrated how the designer of a network protocol can inadver-
tently put a large number of door locks at risk, such that they can be arbitrarily opened by sim-
ple hardware and software tools. When we think of IoT security, we ought to include and
inspect the design principles being deployed by not just the ultimate physical manufacturers,
but also organizations that supply SDKs and protocols that enable these devices.
Finally, in the case of BLE, we looked at the important research from Mike Ryan that has
shown that many devices are at risk, given the ability to brute-force connections written using
the protocol. Additionally, we glanced at the design of the Kevo door lock, which includes
functionality to use iPhones to unlock doors—a feature that subjects it to traditional attack
vectors such as password guessing and phishing. We also looked at how the ability to repro-
gram the door lock can be viewed as a case of virtual lock picking: in this case, a malicious
CONCLUSION 57