LockState Accidentally Breaks 500 Smart Locks Often Used By Airbnb Hosts

The manufacturer behind a smart lock commonly used by Airbnb hosts is apologizing to users after an update caused 500 locks to break and become unusable.

Last week, manufacturer LockState pushed a firmware update to the $469 LockState RemoteLock 6000i. Typically, the 6000i works by producing a unique one-time code that renters can use to access their building, but because of the failed update, the smart locks couldn’t contact LockState’s servers and weren’t able to be remotely opened.

Physical keys could still be used on the locks, but for many Airbnb hosts on social media who needed to get keys for their customers, they complained about the downtime and unexpected problems. The affected locks were available commercially and were also included in Airbnb’s partnership programs with hosts.

LockState told International Business Times it had been in regular touch with customers with affected locks and estimated that, as of Monday, it has fixed or will nearly be done fixing 85 percent of locks affected by the update. According to LockState via ThreatPost, the error occurred because an update for its 7000i series was mistakenly pushed to 6000i users.

In a letter to customers sent Aug. 8, LockState apologized to its customers and detailed how they could return or fix the broken locks:

Dear Lockstate Customer,

We notified you earlier today of a potential issue with your LS6i lock. We are sorry to inform you about some unfortunate news. Your lock is among a small subset of locks that had a fatal error rendering it inoperable. After a software update was sent to your lock, it failed to reconnect to our web service making a remote fix impossible. In order to fix your lock, there are two options:

Option 1
The back portion of the lock will need to be returned to LockState so that the software on the lock can be updated. Total time to fix and return: 5-7 days

Option 2
LockState can ship a replacement interior lock for you to replace. You can then send the faulty lock back to Lockstate. Total lead time: 14 – 18 days.

We realize the impact that this issue may have on you and your business and we are deeply sorry. Every employee and resource at LockState is focused on resolving this for you as quickly as possible.

The misstep also illustrates the downsides of home appliances and other devices that heavily rely on internet connectivity in order to function, which is referred to as the Internet of Things (IoT).

On the consumer end, incidents like LockState’s can be a cause for headaches and hassles. When devices need constant internet access in order to operate, disruptions in service can sometimes cause them to shut down. While that’s an inconvenience for situations like running software, it can be much more of an issue if you’re driving or trying to open your garage.

More significantly, the security standards for IoT devices are often well behind other consumer electronics. Researchers have found numerous instances of devices insecurely broadcasting personal information or security credentials and many products can be exploited by malicious users for applications like distributed denial of service attacks.

However, the IoT industry is widely expected to grow in scale within the next few years in spite of these concerns. According to a Pew Research Center study, many analysts predicted that as more consumers become comfortable with the idea of smart home devices that integrate with the internet, the industry will follow suit with more complex and internet-reliant devices.

Source

Posted in Uncategorized