Behold The Smart Lock! In case anyone would doubt its smartness, it is literally imprinted.
Fitted with an enormously loud speaker - advertised as a feature to raise a solid anti-thief alarm. Using the same speaker for a normal unlock notification, thus enforcing you to cover your ears while opening, was not the smartest idea though.
Security? Smart my shiny metal (…)!
Enough smart for the introduction. Give me the meat! TLDR exploit.
One of my smart locks, Okidokeys, unexpectedly just turned into a brick, and this time for a change I had nothing to do with it ;) The mobile application barked at me: “Login request has failed. Please try again”. And the more I tried again, the more the login request failed. I finally discovered the vendor’s application server was shut down. And suddenly recalled shutting down their official website, Twitter and Facebook accounts a while before, but did not consider it important back then. Now as it turns out, also the phone number and e-mail server is dead. Following a quick investigation I found out they have been acquired in the meantime. By translating French forum I also realized some locks are undergoing a migration procedure to a new system, and the users are supposedly being notified. I did not get any notification - maybe because based on the serial number my lock was apparently destined for ‘American market’. That market was not covered by the acquisition, and therefore my device is not eligible for migration, as many others also just found out. I guess we can’t count on support any more. I wonder how many of the > 5000 customers (approximation based only on Android mobile application installs) have the same problem. And as of today there is still plenty of offers on US Amazon and Ebay.
Bluetooth Smart locks did not have a good press recently regarding their security.
One of the reasons may be lack of knowledge, as well as insufficient number of professionals to assess and secure such devices. This project helps to develop relevant skills and allows to practice BLE hacking without the need of having the physical vulnerable hardware.