On Tuesday, August 8, smart locks manufacturer LockState botched an over-the-air firmware update for its WiFi enabled smart locks, causing the devices to lose connectivity to the vendor's servers and the ability to open doors for its users.
Only one LockState product was affected, which is the LockState RemoteLock 6i (also known as 6000i).
The device costs $469 and is sold mainly to Airbnb hosts via an official partnership LockState has signed with the company. Hosts use the smart locks to configure custom access codes for each Airbnb renter without needing to give out a physical key to each one.
Firmware update dumbs down smart locks
The botched firmware bricked the device's smart code access mode. Physical keys continued to work. The botched firmware was a nuisance for private home owners, but it was a disaster for Airbnb hosts, who had to scramble to get customers physical keys so they could enter their rents.
@lockstate Your firmware update bricked at least 500 locks. Very costly. Replacement in 14-18 days? Email response over 12 hours? Not OK.
— Coffee Review (@coffeereview) August 8, 2017
Lockstate smart locks - may have been bricked by update https://t.co/YQ8KhY0b7I
— Charles R. Smith (@softwarnet) August 11, 2017
Apparently remotelock/lockistate bricked thousands of locks in the last 48 hours with a firmware upgrade. Any proof of this? #internetofshit
— John Adams (@netik) August 11, 2017
@jongaze - Saw your YouTube video about Lockstate failure. Company has admitted they killed many 6i locks, "working" on a fix. Infuriating!
— 1word Retweets (@1WordRetweets) August 7, 2017
Our lock suddenly stopped working. How did you determine this? Any news about it anywhere?
— Garrett Kelly (@boontdustie) August 8, 2017
Are you a stranded @Airbnb guest? @LockState just BRICKED a bunch of 6i locks. But they won't tweet updates. Trying to hide their screw-up?
— Juniper (@JuniperWyoming) August 7, 2017
On Twitter, LockState said that only 500 devices were affected. The company immediately sent out a letter to all affected customers.
According to this letter, the smart locks lost the ability to connect back to LockState's servers. The full letter is available below.
The company is asking customers to send in their affected locks so engineers could update the device with the proper software. LockState estimates that the total time to fix and return the product will be around 5 to 7 days. Customers can also choose to have the product replaced altogether, but LockState says this will take between 14 to 18 days.
Earlier today, the company said its engineers already fixed 60% of all affected locks.
Comments
Occasional - 6 years ago
Rumor has it that LockState has now scrapped its plans to launch a line of digital chastity belts.
PorkMuffins - 6 years ago
LockState just announced that it's H9 model (also known as HAL9000) SmartLock series with Optical and Voice recognition capabilities has also been compromised. In some situations, it may refuse to open pod bay doors when the user's name is Dave. LockState is going to extend it's repair / replace option to affected users, but due to the remote applications of this particular device, it may take up to 8 years before the replacement lock will arrive, depending on the amount of gravitational whip available at time of shipment.