Smartlocks secure?

Since I noticed some latency and had apps not responding lately and that it was due to some ST issues, it got me thinking.

Is it really a good idea to migrate to a smartlock that would depend on ST?

What’s the purpose if I need to double check that my door is correctly locked just in case ST is having some issues?

I’m curious to hear what others think on that matter.

Same reason I have not gotten one. My ST gadgets are limited to lighting control and window/door sensors. Still can’t get mobile presence to work reliably and I don’t want to carry another presence sensor if I already have my phone.

In my case, the presence tag is pretty reliable but what I’m concerned is when it happens that apps are slow as hell to respond. For example, it currently takes a couple minutes for apps to trigger. That would mean that if I had a smart lock, my house would be left unsecure for a good amount of time.

This concerns me as well, as not only do I have my door set to automatically lock when I leave, but I also have a siren that is hooked to my system.

If one of my doors open while I’m away / sleeping, the siren should go off and send me a text message. If there’s a delay, that could be the difference between me being able to handle the situation when there’s an intruder or not.

I know SmartThings isn’t designed as a security system, but I’m using it as one, and I’d hope for it to be a bit more reliable in that aspect.

I’m aware that SmartThings is still relatively young, so I’m hoping that there will be tremendous improvements in latency and reliability.

It’s a very valid concern. Just after I posted my reply earlier I checked on my smart app and I see that the porch light (sunrise/sunset dependent) is still on and a living room lamp that is on a fixed time on/off.

Not sure where the hiccup is on that one. If I had a smart lock, the door could have been left unlocked for who knows how long.

Also a big concern in regards to my garage door. I plan on putting in a relay to close the garage door, but if SmartThings isn’t reporting the status of the garage door as open / closed, or if it isn’t closing it when I tell it to, that would be a major problem.

Not to mention I already have a multi on the door right now to tell me if it’s open or closed, so this is a problem.

My $.02: There is no way that anyone should be relying on ST as a security system. It will never be 100% reliable–even the big boys of the 'net have problems once in a while, and no matter how much work ST does on reliability, uptime will never be perfect. For instance, I plan to install a water valve and flood sensors, but will still turn off the water manually before I go on vacation and I’ll still have a neighbor stop by once in a while to check up on the house. It’s better than what I had before, but only as an additional check.

One problem I could see with increased reliability: as it goes up, the less we’ll pay attention to the system, and the more we’ll be caught off-guard when problems do occur.

Right I am going to install a smartlock as a backup in case I forget to lock the door on my way out. I would never rely on it as my primary security method. Not right now. Seems reckless.

+1 on using the smart lock as a backup, or the times when you forget to turn off something that’s not ST controlled and you have to let someone in the house to turn it off for you.

Same here. I have one of the Schlage deadbolts. It’s an upgrade to a traditional deadbolt, even as a standalone piece of equipment. It’s motorized and I can use a code on top of a physical key, which is nice. As an added benefit, it can speak to SmartThings, so I can check whether the door is locked or unlock it remotely when someone needs to get into the house. It’s really a win-win in that it is no less reliable than a traditional deadbolt, if you use it like one.

As for unlocking or locking based on some SmartApp logic or presence tags, I would never do that. As people have already pointed out, it’s simply to unreliable. Also, I would not rely on the status indicator alone to make sure my door is locked. You should still check the physical hardware, as you would do with a traditional deadbolt.

I guess the best way to use the smartlock then would be to lock it manually when going away and only use apps to unlock it automatically when coming home.

I guess I wasn’t clear in what I said. I don’t rely on SmartThings for security. I had no security system before SmartThings, so this is a step in a better direction for me.

I do, however, expect a certain level of reliability from my system that I purchased. I think the system is great!

I just want the peace of mind knowing that when I’m sleeping, what I have the system set to do will happen every time, and if I do happen to forget to do something, it will be done for me if I set it to.

I have a Kwikset. It has a built in ability to auto lock after unlocking 30 second later.

This gives me a lot of piece of mind that even if an ‘unlock’ command was sent in the middle of the day the door would still lock again in 30 seconds. So it would have to be quite the coincidence that someone happens to try my door in the 30 seconds a delayed unlock command is sent.

The downside to this is that I have to get into the house in that 30 second time frame. Makes for some interesting coding problems. When I come home I send an unlock code 30 seconds after the tag is seen, then 60 seconds. Usually I make it in my then.

Every smartlock I’ve seen can be locked with a single button on the exterior as you leave. If you are concerned I would suggest doing that, and just rely on ST to unlock your door for you. I have had commands to lock or unlock the door fail dozens of times, It is the biggest issue I’ve had with ST. I am not a big security person, so it doesn’t bother me as much as it may others.

As far as smartlocks being secure I would highly recommend staying away from kwikset and going with a schlage or possibly a yale. Also grade 1 is the best rating a lock can get. Kwikset locks now use their patented smartkey feature which is not secure at all. See bypass video: (http://www.youtube.com/watch?v=sR-h64WwfW8). I have been a locksmith since 2007 and always tell my customers to stay away from kwikset smartkey locks.

I hate to rain on everyone’s parade, but anyone who still have illusions about Z-Wave security should watch this video http://youtu.be/KYaEQhvodc8

Any ZWave device, including door locks, can be hacked with $50 worth of equipment. Relying on ZWave door lock is as secure as leaving your key under the door mat.

I’m thinking to buy a Schlage camelot BE469NXCAM716 deadbolt and use it the way you suggested. I suppose there is a small concern that hooking it to smartthings or any hub will allow some theoretical hacker to open up your door by hacking into your home network. But it’s much more likely a burglar will simply smash a window or kick in the door while people are away. Any problems with battery life? I see some amazon reviews mention that. I am looking at August and other startups but not sure they understand the mechanical part of locks the way established companies do. Like Schlage or Yale. I was disappointed by Kwikset and its mechanical failings as reported. I suppose if I’m really worried then I can get the cheaper BE369NX which doesn’t have a motorized bolt so no hacker can force it to open. But it still gives you status and has a keypad so we can’t lose keys. Decisions decisions.

I watched the video. I often have figured that the clear text portion of z wave could be compromised as demonstrated. However this ability would be of limited value. They theorize that the motion sensor could be disabled, but I’ve never seen a system work that way. Usually the control panel ignores motion sensing not disables the sensor. As for the locks with the encryption, during the Q&A portion they said the lock manufacture confirmed the vulnerability and has put a fix in place. Furthermore, they had a gentleman who works for the z-wave alliance in the video state that they had done testing after discovery of the vulnerability and that limited numbers of locks are affected. Since this conference occurred in 2013 I would assume they’ve fixed the mentioned vulnerability.
That being said is a z-wave lock as big of a risked putting your key under the mat like mentioned earlier in this post? I disagree for the simple reason that someone with the intelligence of a circus animal can look under the mat for a key. It takes more intelligence and equipment to carry off the attack demonstrated. Usually an individual with enough intelligence to hack the lock is not interested in your home furnishings or the $50 in your dresser drawer. There are a lot easier ways to make money with hacking skills than burglary. Would I trust Z wave locks to protect a bank or a business? Not so much, but I feel they are Ok for residential use.

Batteries lasted for just over one year. This is with two people in my household, arriving and leaving separately - so around 4 lock/unlock cycles per day. Pretty happy with the battery life.