00:00:00.234,00:00:04.705
>>Afternoon. How is everyone’s
Defcon going? [whooping]

00:00:06.773,00:00:10.043
[applause] So this talk is on
backdooring the front door um

00:00:10.043,00:00:12.946
and got a lot of slides so I’m
just gonna get right into it. So

00:00:12.946,00:00:17.751
to start off I’m Jay Max, I work
as a software engineer um hacker

00:00:17.751,00:00:21.154
for fun. I like doing things
with locks and the thing I

00:00:21.154,00:00:23.390
always like to tell people is
the best puzzles are the ones

00:00:23.390,00:00:26.126
that were never meant to be
solved and I think that explains

00:00:26.126,00:00:31.798
a lot about the hacker attitude.
Um now all opinions expressed in

00:00:31.798,00:00:34.668
this talk are my own. They
aren’t my past, present, or

00:00:34.668,00:00:38.272
future employers opinions and if
you see something you like and

00:00:38.272,00:00:41.875
you wanna reach out later um you
can find me on Twitter um at

00:00:41.875,00:00:46.880
Jaymax. So obviously this talk
is gonna be about the internet

00:00:49.249,00:00:54.254
of things. Oh and we just lost
video. There we go, internet of

00:00:56.390,00:00:58.859
things. Um so are homes are
getting smarter and we’re

00:00:58.859,00:01:01.728
bringing more technology into
our homes to replace

00:01:01.728,00:01:06.133
traditionally dumber mechanical
um objects and for this talk

00:01:06.133,00:01:08.735
we’re gonna be looking at the
August lock. Particularly the

00:01:08.735,00:01:14.174
August smart lock uh that I have
up state on stage here. This is

00:01:14.174,00:01:17.544
what an August lock looks like
when you put it on your door. Um

00:01:17.544,00:01:20.047
I don’t know if you can see it
on the screens up there but

00:01:20.047,00:01:23.383
replaces the thumb turn on your
deadbolt. So if you live in an

00:01:23.383,00:01:25.819
apartment like me this is a
great option because you don’t

00:01:25.819,00:01:29.089
actually have to replace the
outside of your your lock and

00:01:29.089,00:01:34.895
that would annoy your landlord.
Um and the device itself is just

00:01:34.895,00:01:38.899
bluetooth low energy um and it
give you smart lock features

00:01:38.899,00:01:41.868
like auto unlocking, unlocking
when you approach the door, uh

00:01:41.868,00:01:44.538
those type of things. But why
the, what got me interested in

00:01:44.538,00:01:47.140
this lock was actually August’s
marketing team. One of the

00:01:47.140,00:01:50.744
things I like to do when I’m
looking at a technology is see

00:01:50.744,00:01:56.350
what claims the company
distributing it is making. Now

00:01:56.350,00:02:01.288
on August’s website it puts up
them showing you up here um

00:02:01.288,00:02:03.357
they’re actually no longer on
their website you can find em on

00:02:03.357,00:02:08.395
the way back machine um but they
said such things as uh their

00:02:08.395,00:02:11.331
lock is unlike physical keys
which can be duplicated and

00:02:11.331,00:02:14.901
distributed without your
knowledge. It also said, it’s

00:02:14.901,00:02:18.205
safer than codes that can be
copied. And so we get this

00:02:18.205,00:02:20.741
reoccurring theme that it’s not
like a traditional key, it’s

00:02:20.741,00:02:25.746
somehow safer. And their most um
aggressive claim, I’m gonna let

00:02:28.215,00:02:31.084
them explain it to you because I
don’t think you’d believe me if

00:02:31.084,00:02:36.023
I told you. [music playing]
>>August is the lock that

00:02:36.023,00:02:39.760
requires no key, only an
invitation. [panting] [jingling]

00:02:39.760,00:02:42.462
An invitation that you can give
and take away whenever [beeps]

00:02:42.462,00:02:46.133
you please. [background noises]
Keyless, codeless, and

00:02:51.671,00:02:58.278
completely secure. [laughter]
and completely secure [laughter]

00:02:58.278,00:03:01.815
and completely secure and
completely secure and completely

00:03:01.815,00:03:04.785
secure. >>So I didn’t just loop
that video for the hell of it,

00:03:04.785,00:03:07.454
um that’s actually what I did
when I first heard this piece of

00:03:07.454,00:03:10.090
marketing material. I went back
to that Youtube video and I just

00:03:10.090,00:03:12.993
played that section over and
over again thinking I must’ve

00:03:12.993,00:03:18.665
misunderstood something um
because I’m sure what they’re

00:03:18.665,00:03:21.701
trying to is comfort people and
say oh we know it’s technology

00:03:21.701,00:03:25.472
but it’s safe technology and
their thought was this will make

00:03:25.472,00:03:27.374
people feel comfortable with
their lock and think it’s

00:03:27.374,00:03:30.544
secure. However that’s not
really how I took it at all. I

00:03:30.544,00:03:33.613
kind of took this as well, you
have a completely secure lock.

00:03:33.613,00:03:37.250
Sure it would be worth looking
into I suppose, I don’t think

00:03:37.250,00:03:41.988
I’ve ever seen a completely
secure lock. So putting together

00:03:41.988,00:03:44.858
this security claims. Obviously
they claim perfect security

00:03:44.858,00:03:48.161
which is a little morphic uh but
they also claim things like

00:03:48.161,00:03:51.965
guest access can be revoked at
any time, guest have permissions

00:03:51.965,00:03:55.168
can be limited to a schedule,
guests can’t use the auto unlock

00:03:55.168,00:03:58.004
feature. They can’t access lock
settings. The can’t see who’s

00:03:58.004,00:04:02.409
using the lock. Um and the keys
can’t be duplicated. We saw that

00:04:02.409,00:04:05.178
claim twice in 2 different
forms. They said co their codes

00:04:05.178,00:04:07.380
can’t be de they don’t have
codes that can be copied and

00:04:07.380,00:04:10.450
they don’t have keys that can be
duplicated. Um they also say

00:04:10.450,00:04:14.821
that you can track who enters
and exits your home, that should

00:04:14.821,00:04:19.359
say home not phone. So to start
looking at the lock set I’m

00:04:19.359,00:04:23.163
gonna map out the API. I work as
a software engineer um ju let’s

00:04:23.163,00:04:25.899
just look at the boundaries of
this application. Let’s approach

00:04:25.899,00:04:29.369
it black box. But the problem is
which API? There’s actually 2

00:04:29.369,00:04:31.571
API’s in the August lock.
There’s the one between your

00:04:31.571,00:04:34.808
phone and the lock, and the one
between your phone and the

00:04:34.808,00:04:39.513
cloud, or if you read XKCD
someone else’s computer. Um and

00:04:39.513,00:04:42.415
working as a software engineer
mostly on web applications, I

00:04:42.415,00:04:46.019
wanted to look at that HTP one
first, the rest side. So what I

00:04:46.019,00:04:48.855
did is I downloaded MTM proxy
and if you’re not familiar with

00:04:48.855,00:04:51.158
this tool you really should get
familiar with it. It’s an

00:04:51.158,00:04:53.827
awesome tool, super easy to use
to get in the middle of any

00:04:53.827,00:04:57.664
application, particularly if
they’re using SSL. Um so I

00:04:57.664,00:05:01.234
installed the certificates on my
phone, fire up MTM proxy and

00:05:01.234,00:05:04.237
launch the application and it
get’s something that looks like

00:05:04.237,00:05:08.909
this. And what this is
indicating is that the August

00:05:08.909,00:05:11.745
application is using certificate
pending. Now if you’re a

00:05:11.745,00:05:14.648
developer and you develop mobile
apps certificate pending is a

00:05:14.648,00:05:18.018
really good idea and you should
absolutely have it on on your

00:05:18.018,00:05:20.754
applications. However, if you’re
a hacker and you’re trying to

00:05:20.754,00:05:25.292
figure out how something works,
it’s real pain in the ass. So we

00:05:25.292,00:05:28.895
need a way around this. One
solution is to use IOS kill

00:05:28.895,00:05:33.867
switch. Um it's originally
developed by iSEC partners. Um

00:05:33.867,00:05:37.237
there’s a new version, IOS kill
switch 2. Basically what it does

00:05:37.237,00:05:40.607
is shut off certificate
validation on your iphone. Now

00:05:40.607,00:05:45.111
th this being a Defcon talk, I
really didn’t wanna walk in and

00:05:45.111,00:05:49.182
shut off SSL on my phone and
then connect to the Defcon wifi

00:05:49.182,00:05:52.185
and see what happened. I don’t
think that would work out well

00:05:52.185,00:05:57.224
for me so I needed a better
solution. Fortunately August

00:05:57.224,00:05:59.859
built one into their
application. If you just tap on

00:05:59.859,00:06:03.129
the hamburger, press and hold on
the version number, and then you

00:06:03.129,00:06:06.867
type the super secret phrase
dreadful dow. Casing matters,

00:06:06.867,00:06:10.270
make sure your D’s are capital.
You’ll get access to their debug

00:06:10.270,00:06:14.908
menu. On their debug menu at the
very top you’ll see a URL. That

00:06:14.908,00:06:18.745
URL is the end point that their
application's talking to when it

00:06:18.745,00:06:21.815
reaches out to the cloud. If you
just tap on that, it pulls up

00:06:21.815,00:06:25.218
this menu. Now I obviously don’t
wanna look at staging and their

00:06:25.218,00:06:28.288
development environments cause
well that’s probably outside of

00:06:28.288,00:06:30.690
scope and I don’t really want
any nasty letters from from

00:06:30.690,00:06:33.994
August but this other option
looks pretty cool. So if you

00:06:33.994,00:06:36.329
just tap on it it opens another
dialogue where you can specify

00:06:36.329,00:06:39.466
any end point you want. Now
obviously if you can specify any

00:06:39.466,00:06:42.269
endpoint you want. They can’t
have ss pinned the certificate

00:06:42.269,00:06:45.805
for every endpoint in the world,
so I just enter an end point I

00:06:45.805,00:06:49.409
control and it can be HTP or HPS
so you can choose not to deal

00:06:49.409,00:06:53.913
with HTPS at all if you want to.
Enter in URL you control, hit

00:06:53.913,00:06:57.384
custom, the application will
crash and when it relaunches,

00:06:57.384,00:07:00.186
boom. You’re in the middle. So
now we have access to all the

00:07:00.186,00:07:02.255
traffic back and forth and we
can start looking at how the

00:07:02.255,00:07:07.460
application works. And one key
thing I’d like to point out here

00:07:07.460,00:07:12.032
is unlike IOS kill switch, SS or
sorry, SSL kill switch uh this

00:07:12.032,00:07:15.268
didn’t require a jailbreak.
There’s no jailbreak required.

00:07:15.268,00:07:18.738
This could be a stock phone and
this would work. And being a

00:07:18.738,00:07:22.042
developer um a thought occurred
to me, there’s probably a Sprint

00:07:22.042,00:07:24.778
review where some developer
walked in the room and was just

00:07:24.778,00:07:29.182
like I didn’t plan certificate
pending, we’re good. Ship the

00:07:29.182,00:07:36.189
perfect security claim. So we’re
gonna cross that out. Now

00:07:36.189,00:07:38.692
obviously after we map out the
API we can build up a

00:07:38.692,00:07:41.594
collection. I used postman put
together a collection of all the

00:07:41.594,00:07:44.097
endpoints that it talks to uh
this collection will be

00:07:44.097,00:07:47.967
available in the gift hub
repository after this talk. Now

00:07:47.967,00:07:50.937
looking through all the API’s
that the August application

00:07:50.937,00:07:54.607
uses, one of em caught my
interest and that was this one.

00:07:54.607,00:07:57.243
And for those who can’t see
what’s on the screen it’s the

00:07:57.243,00:08:01.147
mobile application telling
August’s servers that you just

00:08:01.147,00:08:04.484
unlocked your lock and this is
the owner of the lock doing it.

00:08:04.484,00:08:08.021
And what’s interesting here is
it’s not anonymous. This is tied

00:08:08.021,00:08:11.391
to your account. So what August
is doing is they’re building up

00:08:11.391,00:08:14.194
a collection of every time
you’ve entered or exited your

00:08:14.194,00:08:18.331
house if you’re the owner of the
lock. This is something your

00:08:18.331,00:08:22.635
shlag and your dumb locks are
not going to do. Um it’s a

00:08:22.635,00:08:25.271
little creepy. I’m not sure I
wanna company that makes a lock

00:08:25.271,00:08:28.908
that they can open. Also being
heh also being able to build a

00:08:28.908,00:08:32.512
profile of when I am home and
when I’m not home. Those 2 sets

00:08:32.512,00:08:35.215
of data together would be
incredibly valuable on the black

00:08:35.215,00:08:39.619
market. So let’s fix this. MTM
proxy can actually modify

00:08:39.619,00:08:42.689
traffic as well as just
listening to it. So with a

00:08:42.689,00:08:47.093
little script we just intercept
all the API’s that log data

00:08:47.093,00:08:51.064
about locking and unlocking and
we tell the application ya 200

00:08:51.064,00:08:55.435
everything’s good and we don’t
tell the web servers anything.

00:08:55.435,00:08:59.272
And the nice thing about this is
it gives us privacy but if we

00:08:59.272,00:09:01.141
remember they made the claim
that you’ll know when your

00:09:01.141,00:09:04.744
guests open your door. Well the
way they know that guests open

00:09:04.744,00:09:07.947
your door is the mobile
application logs their server

00:09:07.947,00:09:11.618
hey I just opened this door and
then they notify you um Jimmy

00:09:11.618,00:09:14.687
opened your door. Um obviously
if you can just say I’m not

00:09:14.687,00:09:17.657
going to tell you when I open a
door, that kind of defeats that

00:09:17.657,00:09:23.897
feature. But they also said um
guests can’t be notified or know

00:09:23.897,00:09:26.866
the see the activity feed of a
lock. Well it turns out if we

00:09:26.866,00:09:30.370
look at this this API, there’s
an API to set up notifications.

00:09:30.370,00:09:33.406
So when someone opens your door,
it’s supposed to notify you and

00:09:33.406,00:09:37.310
say um someone opened your door,
someone locked your door, um and

00:09:37.310,00:09:41.581
if we just specify any lock it
could be a lock you don’t own,

00:09:41.581,00:09:46.319
um and any user identified by
their phone number or their

00:09:46.319,00:09:49.956
email address and we say notify
me when this user opens this

00:09:49.956,00:09:53.059
lock. It doesn’t matter what the
lock is or what the user is,

00:09:53.059,00:09:56.896
August will dutifully notify you
that that user opened the lock.

00:09:56.896,00:10:00.400
Even if you don’t own that lock.
Even if you’re not a guest on

00:10:00.400,00:10:06.139
that lock, any lock in the
world. But what else can we do?

00:10:06.139,00:10:09.476
Well August has this idea of
owners and guests, or as they

00:10:09.476,00:10:12.645
like to call em users and super
users. But guests are supposed

00:10:12.645,00:10:15.315
to be limited in what they can
do. Specifically they’re not

00:10:15.315,00:10:17.117
supposed to be able to use
things like the auto unlock

00:10:17.117,00:10:19.118
feature and they’re not supposed
to be able to change lock

00:10:19.118,00:10:23.223
settings. But how does the
mobile application know when

00:10:23.223,00:10:27.260
you’re an owner and when you’re
a guest? Well it’s actually this

00:10:27.260,00:10:31.264
message right here. They say
user type, user. And if it’s

00:10:31.264,00:10:35.502
user type user, you’re a guest.
If it’s super user, you’re an

00:10:35.502,00:10:38.571
admin. So let’s just use MTM
proxy again and we’ll just

00:10:38.571,00:10:44.911
replace user with super user and
we get access to the menu as a

00:10:44.911,00:10:49.916
guest. [inaudible sound]
[applause]. So this is the first

00:10:54.554,00:10:57.624
big, interesting discovery we
have here which is the lock

00:10:57.624,00:11:00.894
itself has no concept of owner
and guest, it only knows about

00:11:00.894,00:11:03.796
users. The entirety of the
access control model is

00:11:03.796,00:11:07.800
implement server sited in the
application and since they’re

00:11:07.800,00:11:11.004
relying on you to talk to the
server, well we can just cut

00:11:11.004,00:11:15.875
that out eventually. So to the
claim that guests can’t do these

00:11:15.875,00:11:18.545
things, I’d just have to say
that’s wrong. Guest can

00:11:18.545,00:11:21.080
absolutely do them. They may not
not be able to do em through

00:11:21.080,00:11:25.585
your application, but they can
do them. So now the list of

00:11:25.585,00:11:30.523
claims looks something like
this. Less grey and more red but

00:11:30.523,00:11:34.694
I think we can do more. We only
looked at one side of the API

00:11:34.694,00:11:38.698
right now. What about that
bluetooth side? Now, incase you

00:11:38.698,00:11:41.634
forgot, it’s structured like
this. The lock itself has no

00:11:41.634,00:11:46.639
wifi, it relies on your phone to
talk to the cloud. So if you

00:11:46.639,00:11:49.242
wanna play with bluetooth low
energy, a good app to start with

00:11:49.242,00:11:52.111
is light blue. It’s great for
enumerating services and just

00:11:52.111,00:11:55.782
seeing what um bluetooth low
energy looks like. Um and you’ll

00:11:55.782,00:11:58.551
get something like this. This is
an August lock and because we

00:11:58.551,00:12:01.254
are able to connect to it and
pull services from the thing, we

00:12:01.254,00:12:03.756
know that we’re able to pair it
with it which means it must just

00:12:03.756,00:12:06.859
be using it just works pairing
because I never have had to

00:12:06.859,00:12:10.129
enter a pin. Um but August
relies on a second layer of

00:12:10.129,00:12:14.834
encryption so that’s not too big
of a deal but, I would like to

00:12:14.834,00:12:18.304
intercept some traffic and if
you look at bluetoo bluetooth

00:12:18.304,00:12:20.273
low energy long enough you’re
eventually gonna run across the

00:12:20.273,00:12:23.509
ubertooth which is supposed to
make this really easy.

00:12:23.509,00:12:26.846
Unfortunately, I didn’t think it
was that easy and after about a

00:12:26.846,00:12:29.616
week I said well this is too
hard I need I need to find

00:12:29.616,00:12:34.053
something else. But again
there’s a better solution. It’s

00:12:34.053,00:12:37.590
built into the August
application again. [laughter]

00:12:37.590,00:12:40.026
[applause] If we go back to the
previous menu there’s this send

00:12:40.026,00:12:43.529
logs button. If we just tap
that, it’ll pull up a screen

00:12:43.529,00:12:46.032
that looks like this and for
those who can’t read it in the

00:12:46.032,00:12:50.203
back of the room it's 2 auto
unlock at august dot com. Now if

00:12:50.203,00:12:52.839
like me you look at that title
and say I wonder if this will

00:12:52.839,00:12:57.110
auto unlock my lock um I hate to
disappoint you, it won’t. What

00:12:57.110,00:12:59.779
it will do is get you an email
from their VP of engineering

00:12:59.779,00:13:06.552
asking why you just sent this to
them. [laughter] But what I am

00:13:06.552,00:13:09.188
going to do is just replace that
with my email address to avoid

00:13:09.188,00:13:13.960
those emails. Then once I get on
my computer I open up a Notepad

00:13:13.960,00:13:17.697
plus plus and I search for
ciphertext. And what do you know

00:13:17.697,00:13:20.400
on the left side of the screen
is the ciphertext for the

00:13:20.400,00:13:22.869
communication between the phone
and the lock and on the right

00:13:22.869,00:13:27.607
side of the screen is the plain
text. So man in the middle

00:13:27.607,00:13:30.209
attack built into the
application. [laughter] So that

00:13:30.209,00:13:32.679
ubertooth I bought completely
useless, throw it out, I just

00:13:32.679,00:13:38.418
need their mobile app. And again
no jailbreak is required to do

00:13:38.418,00:13:42.355
any of this. Um in particular
for the bluetooth logs if you

00:13:42.355,00:13:45.458
just use August support instead
of directal dial you’ll just get

00:13:45.458,00:13:51.330
the send the send logs button
and it’ll work just as well. So

00:13:51.330,00:13:53.032
now that we have the bluetooth
how does how did they

00:13:53.032,00:13:59.872
authenticate with the lock?
Hello. It’s fairly simple um

00:13:59.872,00:14:02.442
again all access control is on
the web server so when your

00:14:02.442,00:14:05.578
phone connects to the lock, eh
your phone then generates 64

00:14:05.578,00:14:09.415
bits of random data. They send
that 64 bits to the web server,

00:14:09.415,00:14:13.019
the web server encrypts it to a
packet to be sent to the lock,

00:14:13.019,00:14:15.922
your phone gets it from the web
server and then hands it off to

00:14:15.922,00:14:19.859
the lock. The lock is able to
decrypt it and then hand

00:14:19.859,00:14:22.762
generate it’s own 64 bits hand
it back to your your phone, your

00:14:22.762,00:14:25.531
phone can’t decrypt it so it
hands it to their server and

00:14:25.531,00:14:29.035
then their server hands it back
to you decrypted and you take

00:14:29.035,00:14:31.471
those 2 things, you glue em
together and that gives you a

00:14:31.471,00:14:35.708
session key, and then you just
use AES and that session key and

00:14:35.708,00:14:39.912
now you can talk to the lock.
Now what’s interesting here is

00:14:39.912,00:14:43.449
you’ll notice this is all
symmetric encryption. Which

00:14:43.449,00:14:47.954
means the web server and the
lock must have the same key. So

00:14:47.954,00:14:51.824
how did they get that key onto
the lock? One option is it’s

00:14:51.824,00:14:53.860
burnt in at their factory and
there’s absolutely no way to

00:14:53.860,00:14:56.829
pull it out. Another option
would be maybe it’s flashed in

00:14:56.829,00:15:02.168
with the firmware. So let’s
request firmware as a guest. So

00:15:02.168,00:15:05.204
as a guest user I request access
to I request a copy of the

00:15:05.204,00:15:07.807
firmware and to make it
interesting I’ll request

00:15:07.807,00:15:10.743
firmware that doesn’t exist and
I get a response that looks like

00:15:10.743,00:15:15.782
this. And at the bottom of that
request, just a normal 4 0 4 for

00:15:15.782,00:15:17.650
a piece of firmware that doesn’t
exist, I see the serial number

00:15:17.650,00:15:21.587
of my lock and then a bunch of
garbage. That garbage looks

00:15:21.587,00:15:25.691
awful suspicious. Why is there
garbage in HTML? So if we open

00:15:25.691,00:15:29.695
that up in a hex editor and we
just start walking through this

00:15:29.695,00:15:32.899
and trying random series of bits
and just skip the obviously

00:15:32.899,00:15:36.202
wrong ones like the all zero
sections, we’ll come across the

00:15:36.202,00:15:41.007
one the highlighted one and that
decrypts the packets that were

00:15:41.007,00:15:44.343
sent to the web server. So now
we know that must be the key

00:15:44.343,00:15:48.314
that’s being used. This key I’ll
call the firmware key. I think

00:15:48.314,00:15:51.317
August internally calls it the
online key but, I think firmware

00:15:51.317,00:15:54.821
key’s more accurate in this
case. Um so this key appears to

00:15:54.821,00:15:57.190
be unique for every lock but
with this key we’re actually

00:15:57.190,00:16:00.860
able to emulate the web server.
Now the way August works is

00:16:00.860,00:16:04.564
there’s actually 256 key slots
in each of these locks, uh key

00:16:04.564,00:16:08.901
slot zero is this key, the
firmware key. Now if we go back

00:16:08.901,00:16:11.537
to their claims they said it’s
safer than codes that can be

00:16:11.537,00:16:14.774
copied and it’s unlike physical
keys that can be duplicated or

00:16:14.774,00:16:19.879
distributed without your
knowledge. Well, I didn’t have

00:16:19.879,00:16:23.382
any problems copying and pasting
it. [laughter] So duplication

00:16:23.382,00:16:28.387
seems to work. [laughter]
[applause] I also didn’t have

00:16:31.591,00:16:34.460
any problems distributing it
because you all have it now.

00:16:37.096,00:16:39.265
[laughter] So this silver lock
if anyone tries to sell this to

00:16:39.265,00:16:44.804
you on Ebay, it is worth
nothing. But it actually goes

00:16:44.804,00:16:46.138
further, if we stick those log
files we got earlier. I need to

00:16:46.138,00:16:47.473
stop touching this HDMI cable.
If we take those log files we

00:16:47.473,00:16:52.478
got earlier and we just run grap
on em, um looking for some

00:16:55.615,00:16:58.551
interesting stuff we can pull a
lot outta there. We can actually

00:16:58.551,00:17:00.620
pull all the offline keys, we
can pull the usernames

00:17:00.620,00:17:04.557
passwords, um the firmware key,
the JWT tokens that’re used to

00:17:04.557,00:17:08.361
talk to the web server, so
basically all the secrets. So

00:17:08.361,00:17:11.163
that log file not only contains
all the bluetooth traffic but it

00:17:11.163,00:17:13.766
also contains everything you
need to talk to the web server.

00:17:13.766,00:17:16.936
Now I think most of these are
fixed at this point um but

00:17:16.936,00:17:19.038
you’ll probably still be able to
pull offline keys from from

00:17:19.038,00:17:22.975
those logs. So now the list
looks a little bit more like

00:17:22.975,00:17:27.980
this, not so hot. So the moral
of the story here is with a

00:17:30.016,00:17:32.718
smart lock don’t give access to
someone you wouldn’t give a key

00:17:32.718,00:17:36.756
to because, in spite of what the
vendor claims it behaves much

00:17:36.756,00:17:39.158
more like a traditional pin and
tumbler system where when you

00:17:39.158,00:17:42.695
hand someone a key they can do
anything with that lock. Then it

00:17:42.695,00:17:47.099
behaves like your g an email you
sent through Gmail or something

00:17:47.099,00:17:50.036
like that. Um it behaves like a
physical key. If you give

00:17:50.036,00:17:52.672
someone guest access to one of
these locks assume they they can

00:17:52.672,00:17:58.878
get permanent access. So all the
code after um this talk will be

00:17:58.878,00:18:01.747
published on get hub. There’s
the address, um I’ll Tweet it

00:18:01.747,00:18:08.254
out after this as well. So I
think we’re, we’re doing good on

00:18:08.254,00:18:12.024
time actually, much faster live.
Um so I’m going to do um a

00:18:12.024,00:18:15.227
couple demos here. So obviously
I have 2 locks here, there’s a

00:18:15.227,00:18:17.363
bunch of wires coming out of em
so you probably won’t trust

00:18:17.363,00:18:21.434
anything I do with them. Um so
we’re going to be using a new

00:18:21.434,00:18:25.171
lock that’s never been
associated with an account and

00:18:25.171,00:18:28.140
but before I switch em out, I
wanna show you something. So if

00:18:28.140,00:18:34.547
we look at this silver lock here
and we just go to settings, and

00:18:34.547,00:18:38.351
we go down to the bottom, I
dunno if everyone can see the

00:18:38.351,00:18:40.486
version of software that lock
happens to be running.

00:18:44.323,00:18:48.194
[inaudible voices] It’s safe to
say this is not factory firmware

00:18:48.194,00:18:51.397
which means that the codes being
pushed to these locks is

00:18:51.397,00:18:55.735
unsigned. So the lock itself
could be running any code

00:18:55.735,00:18:58.571
because it doesn’t have any
signature checking um to make

00:18:58.571,00:19:02.708
sure that the code came from
August. But now let’s uh swi

00:19:02.708,00:19:06.045
we’re I’m gonna switch that lock
out and uh we’re gonna do a

00:19:06.045,00:19:11.050
demo. [background noise] I’m
just gonna unpower this one so

00:19:18.691,00:19:24.030
that I don’t pick it up in the
demo. [shuffling] So this is a

00:19:24.030,00:19:27.366
brand new lock that’s never been
associated with any user’s

00:19:27.366,00:19:32.371
account and hopefully it’s not
DOA. Pull off the battery tab.

00:19:39.578,00:19:44.583
[shuffling] There we go.
[shuffling] Okay. So we have a

00:20:04.403,00:20:09.442
new lock on our door now [click]
fresh from the factory and right

00:20:09.442,00:20:14.447
outta the box [clicking] in it’s
perfectly secure state. [click]

00:20:19.185,00:20:21.854
[laughter] [clicking] Okay,
let’s add this to our account.

00:20:21.854,00:20:25.391
So we’re just gonna go in here
and set up a new lock. If you

00:20:25.391,00:20:27.626
have the August application
don’t try to beat me to this.

00:20:44.243,00:20:47.079
[heavy breathing] There we go.
We’ll name it Front Door since

00:20:47.079,00:20:51.450
that’s the name of this talk and
we’ll put in our Defcon house

00:20:51.450,00:20:56.455
and we’ll go ahead and configure
it. So to calibrate the lock we

00:20:59.458,00:21:04.396
just put it on our door, lock
it, unlock it, it sets up the

00:21:09.168,00:21:13.205
lock. Kay now we have a lock on
our door and it opens and closes

00:21:13.205,00:21:18.210
as you can see. Let’s make sure
it still connects here, there we

00:21:20.446,00:21:26.919
go. So there’s our lock um,
let’s invite a guest user to

00:21:26.919,00:21:33.759
this lock. So I’m just gonna
invite myself another account um

00:21:33.759,00:21:37.429
and we can see on the front door
the access level is none, let’s

00:21:37.429,00:21:40.666
just change that. We’re just
going to change that to guest

00:21:40.666,00:21:43.202
and it just reminds us that
guests can’t use the auto

00:21:43.202,00:21:45.838
unlock, they can’t invite other
guests, they can’t control lock

00:21:45.838,00:21:51.410
settings um a bunch of stuff we
know probably isn’t true. We’ll

00:21:51.410,00:21:55.881
just update that. Kay, so now we
have a guest user and you know

00:21:55.881,00:21:58.851
what, let’s go back and let’s
make sure we have notifications

00:21:58.851,00:22:01.687
turned on and we do. Great so we
should be notified then every

00:22:01.687,00:22:06.692
time uh this user attempts to
use this lock. Okay let me just

00:22:09.128,00:22:14.133
shut down the flashing lights
demo here, there we go and we’re

00:22:21.974,00:22:26.979
just going to run backdoor dot
JS. Can’t see? Okay. Let me um

00:22:28.981,00:22:33.986
font size this. Um does anyone
know where the font size is?

00:22:37.356,00:22:42.361
Thank you. The obvious answer is
answer. Okay so Atwood’s Law is

00:22:45.331,00:22:48.033
in play here. Anything that can
be written in javascript, will

00:22:48.033,00:22:50.736
eventually be written in
javascript, so. I figure if

00:22:50.736,00:22:52.771
we’re going to attack hardware
we might as well write the

00:22:52.771,00:22:58.010
exploits in javascript. Um so we
can see the results here. It

00:22:58.010,00:23:01.180
connected to the lock, added a
back door, and then disconnected

00:23:01.180,00:23:06.585
from the lock. Um and if we go
go back to other screen, we

00:23:06.585,00:23:10.522
still haven’t been notified that
anything has happened. So we

00:23:10.522,00:23:13.525
know we’re connected to the
lock, let’s. We we know we

00:23:13.525,00:23:16.862
backdoored the lock, let’s see
if we can just cycle the lock.

00:23:16.862,00:23:19.031
So i’m just gonna try to open
and close the lock as that guest

00:23:19.031,00:23:24.036
user. Thank you. So we’re
connected to the lock and it

00:23:27.673,00:23:32.678
should. There we go. Start
opening and closing. So we just

00:23:35.881,00:23:39.551
made from a guest user, we added
a backdoor lock and now we’re

00:23:39.551,00:23:44.023
using that backdoor to open and
close the that lock. And if we

00:23:44.023,00:23:46.358
go back and we look at the
owner’s phone, they still have

00:23:46.358,00:23:51.363
been notified we used that lock.
But, what happens when we revoke

00:23:55.267,00:24:00.205
access from that guest? So I go
to the guest and I, I’ll just

00:24:04.476,00:24:06.945
delete him all together. I don’t
want him accessing any of my

00:24:06.945,00:24:11.951
locks, he’s gone. And we cycle
the lock again, it should still

00:24:18.357,00:24:24.830
work. For those in the back room
if you can see the lights on the

00:24:24.830,00:24:27.299
lock, uh they’ll tell you when
it’s opening and closing. Green

00:24:27.299,00:24:32.304
is open, red is closed. So there
we go, the lock is opening and

00:24:35.507,00:24:40.512
closing. [applause] And that’ll
actually just keep going on

00:24:47.586,00:24:54.226
forever. Um we’ll just
disconnect from that. Still

00:24:54.226,00:24:57.963
plenty of time so let’s just try
the high risk demo here. What

00:24:57.963,00:25:00.432
I’m going to do is I’m actually
just going to factory reset this

00:25:00.432,00:25:05.437
lock. So if I go back to the
iphone here there’s our lock.

00:25:08.073,00:25:13.078
We’ll issue a factory reset. So
now that lock has been reset to

00:25:15.114,00:25:20.886
factory state and if we go back
to our demo, let’s do something

00:25:20.886,00:25:25.891
else maybe. Let’s go back to the
lights. It should still connect

00:25:31.463,00:25:35.534
up and still work. There we go.
We we established a connection

00:25:35.534,00:25:41.573
and now it’s sending um the
light up and the screen is.

00:25:41.573,00:25:46.578
There we go, that’ll make it
better. [applause] But there’s

00:25:54.520,00:25:57.489
still the possibility that maybe
August clears the keys when you

00:25:57.489,00:26:00.793
add it back to your account. So
let’s just add it back to a

00:26:00.793,00:26:05.798
user’s account. [inaudible
sound] Start setup, scan for

00:26:12.604,00:26:17.609
locks. This part takes a while
apparently. There we go front

00:26:27.753,00:26:32.458
door. We’ll actually add it to a
different house. We’ll just skip

00:26:32.458,00:26:36.595
the calibration this time, not
too interested. Okay, so there’s

00:26:36.595,00:26:41.600
our lock again and it still
works. Um but if we. Let me se

00:26:44.436,00:26:50.108
close outta this, disconnect
from it okay. If we go back to

00:26:50.108,00:26:52.544
our guest user who was once a
guest to this lock. The lock’s

00:26:52.544,00:26:56.915
been factory reset and it’s been
added to a new house and we eh,

00:26:56.915,00:27:00.352
we see if it still works using
the backdoor we previously

00:27:00.352,00:27:06.558
inserted. And again what should
happen here is it’ll scan for

00:27:06.558,00:27:09.828
the lock, it’s gonna find the
lock, connect to the lock and

00:27:09.828,00:27:11.830
then it’s going to open and
close it indefinitely.

00:27:19.671,00:27:21.540
[applause] So the interesting
thing here is if you bought one

00:27:21.540,00:27:24.643
of these locks used off of Ebay
and you put it on your front

00:27:24.643,00:27:28.013
door, the previous owner had
access to it. The previous owner

00:27:28.013,00:27:30.816
had the ability to insert an
offline key and the previous

00:27:30.816,00:27:35.821
owner now knows where you live.
So again it mallows much like a

00:27:38.524,00:27:41.760
physical lock. Just like buying
a used pin and tumbler lock

00:27:41.760,00:27:44.263
means that you have a key that
someone else could have a copy

00:27:44.263,00:27:47.766
of. Buying a used August lock
means you have a lock that

00:27:47.766,00:27:51.169
someone else could have the key
for. So there’s a bunch of

00:27:51.169,00:27:56.775
mistakes made obviously um in
the aw August application. Um

00:27:56.775,00:28:00.379
there’s it logs sensitive data,
it doesn’t differentiate between

00:28:00.379,00:28:03.415
guests and owners at the lock.
It does that all remotely and at

00:28:03.415,00:28:07.419
the application lever level. The
firmware’s not signed. There’s

00:28:07.419,00:28:10.389
no apparent way for a user to
discover if their lock has been

00:28:10.389,00:28:13.392
backdoored. Um but you actually
don’t even need to backdoor the

00:28:13.392,00:28:17.062
lock because that firmware key
is so so central to the locks uh

00:28:17.062,00:28:21.633
operations. Um the the system
relies on guests reporting when

00:28:21.633,00:28:26.171
they open and close the lock and
the vendor makes claims that

00:28:26.171,00:28:28.273
they have 2 factor
authentication when really they

00:28:28.273,00:28:31.143
only have 2 step authentication.
There’s a couple things that

00:28:31.143,00:28:35.581
they fixed and um the final one,
this one’s really entertaining

00:28:35.581,00:28:38.850
is all the key material for the
lock is not actually stored on

00:28:38.850,00:28:42.254
the apple keychain so it’s all
just in a preference file. Um so

00:28:42.254,00:28:45.090
if you just look at your IOS
backups you can just pull keys

00:28:45.090,00:28:49.494
for these things if you want. Um
but they’ve done a couple things

00:28:49.494,00:28:52.130
correctly. For the most part
they’ve been fairly responsive.

00:28:52.130,00:28:55.434
Um their application does use
certificate pending which is

00:28:55.434,00:28:57.035
pretty good. Um and their
protocol makes use of nuances

00:28:57.035,00:28:58.403
and this is important because
they use CBC in the mode for

00:28:58.403,00:29:00.339
their encryption and if you know
um cryptography and AES, you’ll

00:29:00.339,00:29:01.673
know that um with CBC if you’re
using an all IV like they are,

00:29:01.673,00:29:03.008
you can’t repeat messages that
can disclose what someone’s

00:29:03.008,00:29:05.010
doing. So the use of nuances eh
is important. Traditionally they

00:29:05.010,00:29:07.012
don’t just rely on the bluetooth
low energies security mechanisms

00:29:07.012,00:29:08.347
uh they built in there own. So
this brings me to my real point

00:29:08.347,00:29:09.681
which is why we need hackers,
why we need security

00:29:09.681,00:29:11.049
researchers. Because the
security claims that vendors are

00:29:11.049,00:29:12.384
making can’t be validated by
consumers. Consumers lack the

00:29:12.384,00:29:13.719
expertise necessary to determine
if these claims are valid, so

00:29:13.719,00:29:15.053
they have to the manufacturer's
word for it. And what can

00:29:15.053,00:29:17.055
asserted without proof, can also
be dismissed without proof. And

00:29:17.055,00:29:18.390
if a vendor isn’t providing
evidence of the claims of the

00:29:18.390,00:29:21.260
security of their device, then
we should assume that there is

00:29:21.260,00:29:26.264
no security in that device. So
that’s eh got through that

00:30:08.607,00:30:14.012
pretty quick so uh I will
actually take questions. Um

00:30:14.012,00:30:19.184
there’s a microphone in the
front if anyone has any. [cough]

00:30:19.184,00:30:24.189
[applause] >>That was really
amazing, thank you. [inaudible

00:30:26.324,00:30:31.329
sound] Uh I do have one burning
question. >>Yes? >>How did you

00:30:34.099,00:30:38.103
get the password that allowed
you to uh get into the debug

00:30:38.103,00:30:42.674
mode of uh the application?
>>Sure, um. So there’s a couple

00:30:42.674,00:30:46.244
ways you could do it. You could
look at the IOS application and

00:30:46.244,00:30:50.782
try to get the IPK off the off
the phone. Um initially try

00:30:50.782,00:30:55.087
doing that and reversing IOS
apps is a little difficult so I

00:30:55.087,00:31:00.025
just download the Android app
and then it’s obvious [laughs]

00:31:02.761,00:31:04.596
[crowd laughter] [applause] >>Uh
hi uh my name’s David Rogers,

00:31:04.596,00:31:09.568
I’m from the IOT security
foundation. Uh so fantastic work

00:31:09.568,00:31:13.038
and we’ve seen this all over the
place. In particularly in

00:31:13.038,00:31:16.241
consumer products that are going
out and since this is an open

00:31:16.241,00:31:19.778
invitation really to yourself
and to everyone in this room and

00:31:19.778,00:31:23.248
we’ve reached out to people to
come and help us because this

00:31:23.248,00:31:25.917
stuff is absolutely shocking.
You know we’ve been through this

00:31:25.917,00:31:30.055
in the mobile industry uh, we’ve
fixed it time and again uh as

00:31:30.055,00:31:33.391
you as you mentioned all the
stuff for the I IOS apps. You

00:31:33.391,00:31:37.429
know some of these consumer
products companies have never uh

00:31:37.429,00:31:40.832
done anything like this before.
Or they they’re creating minimal

00:31:40.832,00:31:44.936
viable products and selling this
stuff for crazy prices. So uh

00:31:44.936,00:31:50.275
let’s just kind of stop it now
and uh come and help us. IOT

00:31:50.275,00:31:56.515
security foundation. >>Thank
you. [applause] >>How much were

00:31:56.515,00:31:59.184
these and can I get some?
[laughter] >>Uh bef >>Cause I

00:31:59.184,00:32:02.487
wanna play with them. >>Uh the
smart locks? >>Yes. >>Um you can

00:32:02.487,00:32:06.792
pick so you can pick em up on
Ebay for maybe 150 [laughter]

00:32:06.792,00:32:10.362
the original version. [laughter]
>>Outstanding. >>Um if you want

00:32:10.362,00:32:13.498
their latest revision, which
most of this stuff still works

00:32:13.498,00:32:18.303
on, um you can get those for
about 200 220 eh now and

00:32:18.303,00:32:21.439
obviously again look at Ebay if
you’re researching security a

00:32:21.439,00:32:23.375
block doesn’t really matter so
buy it off of Ebay. [laughs]

00:32:23.375,00:32:27.813
>>Ya um the other question was
did they fix anything in the app

00:32:27.813,00:32:33.018
or have you know if I go buy or
download the app right now did

00:32:33.018,00:32:36.321
they fix anything in it or can
you provide the uncached version

00:32:36.321,00:32:41.493
so we can play with it? >>Um if
you just um if you just download

00:32:41.493,00:32:45.330
the IOS app today you can still
unlock that debug menu and so

00:32:45.330,00:32:47.532
the question was whether it was
patched or not. So one of the

00:32:47.532,00:32:50.468
key things here is the firmware
side of it right? Because we’re

00:32:50.468,00:32:53.939
using uh we’re inter interacting
with the lock directly from the

00:32:53.939,00:33:00.145
computer here. Um so one of the
important things since on the

00:33:00.145,00:33:05.317
debug menu there, let me show
you it. >>Oh, and thank you.

00:33:05.317,00:33:09.588
>>Is this disable over the air
updates. Um this is uh really

00:33:09.588,00:33:11.890
good feature if you wanna look
at these and I recommend if you

00:33:11.890,00:33:15.727
buy one get it with factory
firmware and check that box

00:33:15.727,00:33:18.363
immediately. Um you can also
check it by modifying your IOS’

00:33:18.363,00:33:21.700
back backups. Um but the reason
you wanna check that is there’s

00:33:21.700,00:33:26.905
a york on the device and the
factory firmware logs to UR and

00:33:26.905,00:33:31.676
every division thereafter
doesn’t. Um so keeping it at the

00:33:31.676,00:33:34.813
stock firmware we’ll give you a
way in. Additionally I’ll be

00:33:34.813,00:33:39.885
publishing um all the code for
this um so that you can uh work

00:33:39.885,00:33:42.153
with that as a face and that’ll
get you connected to the lock.

00:33:42.153,00:33:43.889
It’ll take care of these
security mechanisms and it

00:33:43.889,00:33:47.859
should let you uh do some of the
basic stuff yourself. Um you can

00:33:47.859,00:33:50.362
also use that to write an
application that doesn’t have

00:33:50.362,00:33:53.732
the the logging of when you open
and close your lock if if you

00:33:53.732,00:33:58.169
care about your privacy. >>Hi.
Uh I dunno if I missed it but

00:33:58.169,00:34:00.839
was your future access to it
because you rested that key

00:34:00.839,00:34:04.075
zero, that firmware key from the
from the lock and you said that

00:34:04.075,00:34:07.746
was per lock and have you seen
an ability to change? >>So

00:34:07.746,00:34:11.416
>>that easier at all? >>I have
the ability to change it, I

00:34:11.416,00:34:14.452
don’t recommend people change it
because it’s high risk. You can

00:34:14.452,00:34:17.188
break a device by changing that
that key if you change it to

00:34:17.188,00:34:22.127
something and you change it um
to a value you forget or you

00:34:22.127,00:34:24.195
mess up while you're changing it
and it ends up in some

00:34:24.195,00:34:27.432
intermediate state, you end up
in a world of hurt because that

00:34:27.432,00:34:31.002
firmware key is the only one
that can enroll new keys. Um so

00:34:31.002,00:34:34.205
it’s a fairly high risk key to
change so the cut I’ll be

00:34:34.205,00:34:37.242
publishing has a safety check in
it. Um so by default it’s not

00:34:37.242,00:34:39.844
gonna let you do that but it
also has the ability to bypass

00:34:39.844,00:34:42.580
that safety check so you can
replace it. If you do replace

00:34:42.580,00:34:47.118
that key, their application will
stop to work on your device. Um

00:34:47.118,00:34:52.123
for what was involved in um the
backdoor I was showing. What’s

00:34:57.596,00:35:00.131
actually happening is I’m
inserting this key, the one up

00:35:00.131,00:35:05.136
on the screen which no one can
read um into key slot 200. And

00:35:08.473,00:35:11.142
the reason I’m putting it into
key slot 200 is because the

00:35:11.142,00:35:15.080
mobile application starts
putting offline keys at key slot

00:35:15.080,00:35:18.583
1 and if you get there key pad
device it starts putting offline

00:35:18.583,00:35:23.688
keys at key slot 255 so any
number in the middle is going to

00:35:23.688,00:35:26.758
survive for quite some time. So
this is actually using a

00:35:26.758,00:35:29.594
different mechanism to maintain
access so even if they rotate

00:35:29.594,00:35:34.299
firmware keys on reset, unless
they clear all offline keys uh

00:35:34.299,00:35:39.571
this would still work. >>Thank
you. >>I have 2 questions. So

00:35:39.571,00:35:43.208
the first one, you showed that
you had a modified firmware

00:35:43.208,00:35:45.643
loaded on the thing. Did you do
anything with that or was it

00:35:45.643,00:35:49.080
just to show that they weren’t
signing in? >>Um so in that one

00:35:49.080,00:35:51.416
the only modification act is
actually the changing of the

00:35:51.416,00:35:55.286
version number um because the
goal was just to show that you

00:35:55.286,00:35:59.691
can put custom firmware on it.
Um I didn’t write a custom

00:35:59.691,00:36:01.960
firmware or do anything
interesting uh but obviously you

00:36:01.960,00:36:05.897
could. >>Right. Uh so the other
question is as far as I could

00:36:05.897,00:36:08.867
tell from following your kind of
narrative of the whole thing, if

00:36:08.867,00:36:11.803
I were just walking around with
light blue and I saw an August

00:36:11.803,00:36:15.273
smart lock none of the phones
that you had would be able to

00:36:15.273,00:36:17.509
open it. I would’ve had to
already either bought it from

00:36:17.509,00:36:19.878
somebody else and and all that
stuff or given it to somebody

00:36:19.878,00:36:23.214
else or I’d have to already have
guest access and then upgrade.

00:36:23.214,00:36:25.917
>>Right. So everything I I’ve
shown here will get your from

00:36:25.917,00:36:30.622
guest um to permanent access or
near permanent access. The only

00:36:30.622,00:36:33.058
one that didn’t require any
authorization was notification

00:36:33.058,00:36:36.161
of when the lock is unlocked or
locked but in that scenario you

00:36:36.161,00:36:40.398
do need to know the owner’s
phone number or their email

00:36:40.398,00:36:44.969
address. Um and if you see the
lock on their door, uh it

00:36:44.969,00:36:49.040
broadcasts the ID in the um
light blue application you can

00:36:49.040,00:36:52.343
pull the lock ID um off of it
and that’s how it’s identified

00:36:52.343,00:36:55.547
in the system and that remains
the same no matter how many

00:36:55.547,00:37:00.485
times it’s reset. >>Cool. Thank
you. [coughing] >>So that’s my

00:37:02.721,00:37:05.957
talk um the final I’ll I’ll give
you is if you wanna play with

00:37:05.957,00:37:09.160
the locks at all, Best Buy’s a,
a great place. Most of the locks

00:37:09.160,00:37:11.896
at Best Buy add up aren’t
actually paired with an account.

00:37:11.896,00:37:14.466
If you walk in they have an
August demo booth. Just fire up

00:37:14.466,00:37:16.935
the August application and
associate with your account and

00:37:16.935,00:37:21.506
it’ll give you um something you
can play with on their API’s.

00:37:21.506,00:37:25.443
>>One last question. Was there
any indication that maybe the

00:37:25.443,00:37:30.115
AES key was actually derived
from the serial number? >>I

00:37:30.115,00:37:33.451
don’t have any evidence of that.
Um I don’t know how it’s

00:37:33.451,00:37:36.721
generated. I’m assuming it’s
random and it’s probably using

00:37:36.721,00:37:41.359
the same mechanism they used to
generate offline keys. Um I also

00:37:41.359,00:37:43.862
don’t think it’s generated from
the serial number because you

00:37:43.862,00:37:49.434
used to be able to enroll non
existent locks in their API’s um

00:37:49.434,00:37:53.671
and for those ones it wouldn’t
hand you a key back so there’s

00:37:53.671,00:37:59.377
probably a database somewhere uh
that has a table joining the

00:37:59.377,00:38:04.315
lock ID and then the um the
offline key that’s the- the

00:38:06.818,00:38:11.456
firmware key. Ready? Um if you
wanna play with this the IOT

00:38:11.456,00:38:14.659
village has a lock um a smart
lock there. Uh I’ll be

00:38:14.659,00:38:19.197
publishing on this immediately
here after and get providing a

00:38:19.197,00:38:22.500
leak, a link on Twitter um so
you can take it over there and

00:38:22.500,00:38:27.505
uh mess with their lock.
[applause]