cross-posted from: https://slrpnk.net/post/28482551
I’m looking into installing a door lock w/ key pad at home for two use cases:
- I’m out of town and need to allow someone to enter my home, in an emergency or for any reason.
- Nice to have - “oh shit, did I lock the door” - ability to lock the door remotely from my phone, would also solve use case #1 by unlocking remotely.
If there are no privacy respecting / self hosted apps for remote control (use case #2), then a “dumb” electronic lock w/ key pad that enables me to set a PIN that I can give to a friend or neighbor in a pinch and then reset the PIN after I get home, that would be good enough. If no such keypad/electronic locks exist, then my backup plan is to just make a few copies of my key for trusted friends & family and/or hide a key, but I’d like to explore the keypad route.
Two words then: Flipper Zero
You’re behind the times on this one. This is a common tool used to defeat all kinds of locks. The Z-Wave exploits have been around for a LOOOONG time now. There’s also BT and RFID exploits as well, hence the CVE is posted above.
Mind sharing a link to something showing that the Flipper Zero can actually do anything with Z-wave? Cause all I found are pages that talk about how hard it would be to implement zigbee, let alone*Z-wave:
https://forum.flipper.net/t/zigbee-z-wave-capacity/771
https://old.reddit.com/r/flipperzero/comments/zx05x4/why_cant_we_have_zigbee_support/
I found those two when searching for flipper zero “z-wave” and look what I found right after them, a video dismissing your whole argument about Z-wave devices/locks not being secure:
https://youtu.be/6JK-jrLd1yc
And why are you bringing up the CVE again? I already said that my locks don’t use RFID and they also don’t use Bluetooth. You’re verging into Straw Man fallacy territory… I knew there was a reason I had you tagged as a “very upset person”.
Lol, classic deflection of someone who insecure in their knowledge about a subject and trying to change the subject. Personal attacks. Weak sauce, guy. Have a time with yourself.
You’ve shared nothing to make me think anything other than this accusation being projection.