Smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can open them remotely.

https://web.archive.org/web/20240415235929/https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/

The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

P.S. never give cybersecurity spooks clicks even after they go “freelance” or whatever

#realestate #landlords #latestagecapitalism #security #enshittification #cybersecurity @latestagecapitalism@lemmygrad.ml

  • multitotal
    link
    fedilink
    arrow-up
    22
    ·
    2 months ago

    the critical weakness

    It’s not a bug, it’s a feature.

    • Halasham@dormi.zone
      link
      fedilink
      arrow-up
      7
      ·
      2 months ago

      Yeah, you don’t get ‘hard-coded credentials’ from some bug. This had to be intentional.