CISA said Chirp Systems ignored the federal agency and the reporting security researcher.
Notified about the issue three years ago but still have not acknowledged or fixed the issue
Submitted 7 months ago by BrikoX@lemmy.zip to technology@lemmy.zip
https://techcrunch.com/2024/04/22/cisa-chirp-systems-remotely-unlock-smart-locks/
CISA said Chirp Systems ignored the federal agency and the reporting security researcher.
Notified about the issue three years ago but still have not acknowledged or fixed the issue
We need to start having both financial and criminal penalties for companies actively ignoring security issues like this.
Why I don’t trust that shit
remotelove@lemmy.ca 7 months ago
Never give anyone else control of systems that are directly responsible for your physical safety. Door locks are just a mild deterrent and breaking through a door at least leaves more evidence for the police never to follow up on.
And for fucks sake, stop putting “cloud” connected cameras in your fucking houses! (You are more likely to incriminate yourself in a crime anyway.)
jqubed@lemmy.world 7 months ago
Reading the article it sounds like these are largely used for rentals like apartments. One of the largest customers is Camden apartments, who did not respond to a request for comment (the manufacturer and the manufacturer’s parent company also did not respond to a request for comment, just as they continue to ignore the security researcher and federal agency).
The rental companies often force customers to use the locks as part of their lease terms. They also typically claim no responsibility in the event of loss due to burglary. It’s unclear how that would play out for renters whose property is stolen because the lessor forced them to use a lock with a major security flaw.