Smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can open them remotely.

https://web.archive.org/web/20240415235929/https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/

The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

P.S. never give cybersecurity spooks clicks even after they go “freelance” or whatever

#realestate #landlords #latestagecapitalism #security #enshittification #cybersecurity @latestagecapitalism@lemmygrad.ml

  • multitotal
    22·
    2 months ago

    the critical weakness

    It’s not a bug, it’s a feature.

    • Halasham@dormi.zone
      7·
      2 months ago

      Yeah, you don’t get ‘hard-coded credentials’ from some bug. This had to be intentional.