Smart doorbells on business premises make your property more attractive to burglars, warns researcher

Spend your cash on real locks, advises Cranfield University


Installing a smart doorbell on your abode could actually increase your home's attractiveness to burglars, researchers from Britain's Cranfield University have said.

The defence 'n' security-focused institution's findings fly in the face of heavy marketing from companies such as Amazon's Ring, whose video-enabled doorbell product has been touted around the world as a security-enhancing gadget.

It's an 'affluence' clue...

Worse, for vendors, Cranfield University's Dr Duncan Hodges reckoned the presence of a smart doorbell was "unlikely" to have "any significant effect on residential burglary" rates. Instead, he said in a summary of a research paper published on the Centre for Research and Evidence on Security Threats' website, smart doorbells and smart locks could actually make things worse.

"These are devices that are particularly noticeable due to their deployment on the exterior of properties and can thus increase the salience of affluence cues – experienced burglars use these cues to identify properties with potentially more high-value items, during the target selection phase," he wrote.

Smart locks have long been a plaything for security consultants who enjoy contrasting vendors' claims about the tech-enabled gadgets with their actual efficacy. Back in 2016, before Amazon bought out Ring, we reported how the device leaked home Wi-Fi credentials and was vulnerable to a physical denial-of-service attack (you could remove it from the door by unscrewing two Torx screws).

outage

Ring, Ring, why don't you give me a call? Amazon-owned doorbells aren’t answering after large-scale outage

READ MORE

Relying on internet-connected gadgets to secure one's home or to remotely view footage of folk knocking at the door leads to other failure modes not experienced with a physical lock and key; to wit, service provider outages KO'ing your smart security gadget.

Worryingly, the use of smart home security gadgets could, or so Cranfield said, lead to "an increase in group-performed planned burglary" with smart crooks exploiting "unintended information leakage in the cyber domain" to gain access to unsuspecting businesses' premises. Mildly reassuringly, this trend is "rare in residential settings at the moment."

A product called the KeyWe smart lock, which combined a traditional metal key with smartphone-based authentication, was rendered useless in late 2019 after Finnish infosec firm F-Secure looked closely at it.

The smartphone key could be sniffed in transit by a $10 Bluetooth Low Energy device, letting anyone overcome the device's technological unique selling point. Similarly, a startup called Tapplock produced a lock whose body consisted of cast zamak (a notoriously low-grade zinc-aluminium alloy normally used for door handles) and whose API merely checked for a valid token from any registered user before opening the lock, and not the unique valid token that the lock's purchaser might reasonably expect it to.

Cranfield's Dr Hodges told The Register: "If you are interested in securing your home, the best way is to take the £90 you would spend on a [smart] doorbell and upgrade the locks at your property's rear and install window locks.

"It's not cool or trendy, but it'll make a real difference. As with everything in security, it's no good securing the property's front but having the rear of the property being vulnerable." ®

Similar topics


Other stories you might like

  • Tesla driver charged with vehicular manslaughter after deadly Autopilot crash

    Prosecution seems to be first of its kind in America

    A Tesla driver has seemingly become the first person in the US to be charged with vehicular manslaughter for a deadly crash in which the vehicle's Autopilot mode was engaged.

    According to the cops, the driver exited a highway in his Tesla Model S, ran a red light, and smashed into a Honda Civic at an intersection in Gardena, Los Angeles County, in late 2019. A man and woman in the second car were killed. The Tesla driver and a passenger survived and were taken to hospital.

    Prosecutors in California charged Kevin George Aziz Riad, 27, in October last year though details of the case are only just emerging, according to AP on Tuesday. Riad, a limousine service driver, is facing two counts of vehicular manslaughter, and is free on bail after pleading not guilty.

    Continue reading
  • AMD returns to smartphone graphics with new Samsung chip for your pocket computer

    We're back in black

    AMD's GPU technology is returning to mobile handsets with Samsung's Exynos 2200 system-on-chip, which was announced on Tuesday.

    The Exynos 2200 processor, fabricated using a 4nm process, has Armv9 CPU cores and the oddly named Xclipse GPU, which is an adaptation of AMD's RDNA 2 mainstream GPU architecture.

    AMD was in the handheld GPU market until 2009, when it sold the Imageon GPU and handheld business for $65m to Qualcomm, which turned the tech into the Adreno GPU for its Snapdragon family. AMD's Imageon processors were used in devices from Motorola, Panasonic, Palm and others making Windows Mobile handsets.

    Continue reading
  • Big shock: Guy who fled political violence and became rich in tech now struggles to care about political violence

    'I recognize that I come across as lacking empathy,' billionaire VC admits

    Billionaire tech investor and ex-Facebook senior executive Chamath Palihapitiya was publicly blasted after he said nobody really cares about the reported human rights abuse of Uyghur Muslims in China.

    The blunt comments were made during the latest episode of All-In, a podcast in which Palihapitiya chats to investors and entrepreneurs Jason Calacanis, David Sacks, and David Friedberg about technology.

    The group were debating the Biden administration’s response to what's said to be China's crackdown of Uyghur Muslims when Palihapitiya interrupted and said: “Nobody cares about what’s happening to the Uyghurs, okay? ... I’m telling you a very hard ugly truth, okay? Of all the things that I care about … yes, it is below my line.”

    Continue reading

Biting the hand that feeds IT © 1998–2022