Vivint branded 2GIG GoControl panel hacked, compromised and disabled

rive · August 14, 2014, 3:53pm

“The z-wave alliance requires locks and security devices to use the optional z-wave security protocols – the early Kwikset did not do that and shouldn’t have been certified. The z-wave vulnerability in Kwikset locks is not present in anything marketed today. They resolved the issue and stopped selling the vulnerable version. I still wouldn’t buy it.”

Yes. My point is twofold:

Kwikset deadbolt/locks are crap irregardless of whether it is ANSI 1 or ANSI 2 or zwave. Most of the ANSI 1 Kwikset deadbolts/locks shouldn’t even be certified as ANSI 1. (See 2013 article link posted above)
Even though they stopped selling those vulnerable zwave locks, many are still in use and installed on homes, and the homeowners haven’t a clue how vulnerable they are to the flawed zwave protocol they use. (Approx 20 million Kwikset locks are sold a year, and if you bought your zwave Kwikset deadbolt/lock in 2013 or earlier, then yours is probably vulnerable)

I wouldn’t buy them either, and a sauvy, informed homeowner/DIY’er would be smart to steer clear of such deadbolts/locks (and those who recommend them).

Make sure also, irregardless of the type of deadbolt (whether it is zwave of not) you use, that at a very minimum, you replace the latch plate screws with 3"- 4" screws, and that the bolts are no less than 1" long.

carter.brian.c · August 21, 2014, 10:54am

This will get forgotten and won’t ever get fixed.

Unless their channel partners demand it. I’m sure they couldn’t care less what customers have to say but channel partners probably have a lot of influence.

skelzer · August 25, 2014, 7:04pm

So now I’m confused… is my pre-2013 Kwikset z-wave deadbolt vulnerable or not?

Here’s a response from Troy, Sr Electronic Systems Engineer at Kwikset (fyi, he’s actually been very responsive to my emails/questions… nice guy):

Well, I did some more research and believe I have good news for you. According to the researchers of that bug (see link and cut-paste from researchers below), only a certain European Zwave door lock was affected. There was mass speculation that others could be susceptible to this attack, but it appears this was only speculation, as most major brands used proper implementation, and were asked to validate their products with independent labs.

As for Kwikset, this bug was tested and none of our deadbolts were among those affected, prior to 2013 or after. This was verified by multiple parties, including independent Zwave labs. Their data confirms that your locks are not affected by this bug and no patch is necessary. Let me know if you have any further questions, and I’d be glad to address them.

The official Kwikset statement for this bug was:

“At the 2013 Black Hat USA security conference, there were successful efforts shown to hack into another manufacturer’s Z Wave door lock that allowed the ability to gain access and control the lock. These hacking efforts were found to be due to an incorrect security implementation by that single, specific door lock manufacturer and was confirmed by 3rd parties that it was not applicable to any/all Kwikset Z Wave locks.”

Researchers Link with Further Info:

http://forum.micasaverde.com/index.php?topic=15424.15

“We discovered this issue in a European Z-Wave door lock , but as there was an strong evidence that the root cause of the vulnerability (a protocol implementation error) could be present in other door lock brands, we decided to report the vulnerability directly to the Z-Wave vendor (Sigma Designs) and they should have communicated it to the device manufacturers to make sure their products are not affected.”

Hope this addresses your concerns. Let me know if you have any further questions.

Thanks again,

rive · August 26, 2014, 6:16am

Take it with an grain of salt. Kwikset will never admit their locks were ever defective, or hackable, etc

Kwikset has the worst locks on the market, they offer the homeowner as much protection as a toy lock. Keep them, or replace them, whatever. Your house, your security.

Read this article, watch video, see just how easy the kwikset’s are to defeat. Remember also that Smartkey and Smartcode deadbolts/locks are the same (as evidenced by little notch to left of keyway)

AUG, 2013 DefCon “Millions of Kwikset Smartkey Locks Vulnerable to Hacking, Say Researchers” (using a screwdriver and paperclip):

adamlbell83 · August 27, 2014, 11:55am

Lambs talk was canceled at Blackhat:

http://uk.reuters.com/article/2014/08/04/us-cybersecurity-hackers-talks-idUKKBN0G419O20140804

rive · August 27, 2014, 12:00pm

“Lambs talk was canceled at Blackhat”

We know that. It has already been discussed. Here is the summary of the discussion…

Here is why:

And here is his research from DEFCON:

And here is the budget friendly $299 SDR (Hackrf One) to facilitate the attack/exploit:

http://greatscottgadgets.com/hackrf/

“Security by Obscurity” is no security at all…

adamlbell83 · August 27, 2014, 12:38pm

Sorry I am new to the forum and did not see the page numbers down at the bottom. Thanks for the info.

carter.brian.c · September 8, 2014, 10:28pm

Looking forward to sharing more information with everyone.

$ /opt/local/bin/hackrf_info
Found HackRF board.
Board ID Number: 2 (HackRF One)
Firmware Version: git-44df9d1
Part ID Number: 0xa000cb3c 0x004e474c