Three security flaws were found by Dardaman and Wheeler, which can be used to open a front door with a smart lock, when they are hitch together. They published this research on Tuesday. In the past year, the study on Smart home technology has increased. It is convenient to many people out there. But in the same time, their are some security experts that are warning people out there about these smart hubs. According to them, adding an internet connection to a device increases the attack risks. It makes the devices less secure than their traditional counterparts.
All the smart home devices like water meters and even the front door lock, can easily be controlled by these hubs. But these devices can also be easily used by the landlords to enter their house without the permission of the residents. Many renters and tenants have faced pressure from their landlords to install these smart hubs without their permission, resulting them to move from their homes.
Dardaman and Wheeler carried their research on a popular smart home hub developed by Croatian firm Zipato, some months ago, which is ZipaMicro. They released their finding after all the flaws were covered. According to Wheeler, the password is not always necessary to open the lock, the person having a personal key can access the device. The hub’s private SSH key for “root” which is the user account with the highest level of access, can be extracted by the researchers from the memory card on the device. From this research they find out every hub has private SSH key hardcoded on it, and this increases the risk for every customer.
A file was downloaded by the researchers from the device, using that private key, that contained the scrambled passwords which is used to access the hub. Their findings say that a “pass-the-hash” authentication system is used by the smart hub, and it doesn’t require the user’s plaintext password, but only the scrambled version. And using this scrambled version the researchers could trick the device. Researchers locked and unlocked a smart lock connected to a vulnerable smart hub by only building a script, by using few lines of code.
And this could get even worse, because any building which is registered to one main account can open any door of any apartment from that same password hash, according to Dardaman. Researchers also told that these flaws are only exploitable, if an attacker is connected to the same WiFi, the hub is connected. Moreover, any hub connected directly to the internet would be remotely exploitable.
Dardaman said: We want to show that there is a risk to this kind of tech, and apartment buildings or even individual consumers need to know that these are not necessarily safer than a traditional door lock,”
A few weeks of receiving the researchers’ disclosure, all the vulnerabilities were fixed by Zipato. So they played their part. These smart hub now comes with a unique private SSH key and other security improvements, as Zipato’s chief executive, Sebastian Popovic told techcrunch.
This doesn’t mean that the smart hub will go away from the market, they are surely staying. IDC, a research firm, estimate more than 832 million smart home devices will be sold in 2019.