Latch Keyless Entry Security Vulnerability
Latch keyless entry systems have had a security vulnerability which can allow individuals to gain "master key" access to properties and enter units secretly without logging the entry or notifying to the tenant, according to two former employees familiar with the issue and documents seen by IPVM.
In this report, IPVM examines evidence supporting the existence of a vulnerability, the public safety concerns it raises, a federal case in Washington, DC, which may involve this issue, and Latch’s response to the matter.
**********
*********** ** *** ******* **** ****** knowledge ** *** ************* ******* ** may **** **** ****** ** *** men ****** ** ******* ****** ****** **** ********* ******* ******** **, ***** ******* ****** ******* ****** lived.
*** ***, *** **** ********** ******* in ***** **** **** ************* ******* agents***** ** *** **** ** *** building, ************ ** ***** ******* **** they *** ****** ** ********** ********** the ******** ** ***** ** ******** them **** **** *** **** ****** of ******** *********,********* ** ***** ******* ********* ** investigators******** *******. ******** ** **** ***** ****** control,********* ** *** *******.
Evidence ** *************
*** ****** ****** ***** ******** *** one ****** ******** *** ****** ** a **** **** ******* **** *** problem ********* ******* ***** *** ************* to ****.*** ******* ******** **** *********** ** the ********* ** ********* ******* ** fears ** ******** ***********.
********* ** ****, *** ************* ****** when ******** ***** ***** ***********' ****** for ***** **** ** * ***** building ** *********. ** *** ********** is *** ********** ** *** ****** as ** “*****”—***** *** ****** ***** in *****'* **, *** ******* ****—**** can *** *** ****** ****** ** enter *** ********* ******* ******** ****. Users *** *** ******** ** *** entry, *** ** **** *** **** up ** ** *****, ********* ** the *******.
**** *********** *** ******* ****** ****** and ********** ** "******," ********* ******* are ******, ********* ** *** *******.
** ******** ******* ************** ******** ** IPVM, ***** ********* ********* *** *************. One ********* ** ** ********* * “master ***,” *** ******* ********** *** vulnerability ***** **** ** ********.
*** ******** ********* ********** *** ***** with * ******** *** ********* ***********, including ****** **** ****** **** ****** key-type ****** *** ** “*** ****** in *** **** ** ***-** ** a ********* ** ******** ******* ** well.” ** *** ***** ******** ****:
** ***** ** * *** **** if ******** ******* *** ***** ** no ***** ***** ******* ** ****** but **** ******.
* "****** ***" ******, ***** *** be **** ** **** ******** ********, maintenance *******, ***** ******** *** ***** personnel ****** ** **********, ** *** a *************. *** *** ****** ******* to ************* ***** *** *** ****** codes *** **** **** *** **** is * ************* ****** ******* ******** concerns.
'Do *** *** **** ** **** *****'
* ***-********* **** ********** **** ******* several ***** ********* ********** *** ***** was **** ******** ** ****. ** the ****, *** ********* ********* ********* from **** ***** *** "****** ***" problem *** * ********* ****** ********* strategy ** ******* **** "****** ****" exist.
*** ******** ***** ****** *** ****: "Are **** ***** ** **** *** tack **** ** ***'* **** ****** keys?"
******* ******** *******: "******* ***** ******* [from] ******** * *** **** *** access ** ***** ****, ***** ** essentially *** **** *****."
** ******* ***** ****** *** ****, an ******** ********* ** *** ********* and ********** ** **** *************: "****** can **** **** **** ********* *** you ***'* **** ***** **...**'* * matter ** **** ****** **** [****] piece ****** ********."
"* **** ** ***'* *** ** looking **** ******," ******* ******** ****.
*** ***** ******** **** ****** ***** being ****** ** ***** ******* ** Latch ** ***** ****** ***** ******* installed ** ***** *** ********** ******* of *** *************, ***** ***** ******** technical ********. "** *** *** **** in **** *****," *** ** *** employees ****.
Mystery **** *******
********* ** *** ** *** ****** employees ** *****, *** ******* ******** a ********* ***** ******* **** **** a **** *** ** ** ********* at * ********** **** ** ******. IPVM ******** **** *** ****, ***** identity ** *** *********** *** ******* reasons, ******* ** * ******** **** a ***** ******. (*********** *** ******** below **** *** ****'* **** *** identification *********** ******** ** ****.)
*** ****** ***** ******** ********* **** a ********** ** ** ***** *** user **** ** ***** ** **** as * ********** ** *** ****'* November **** ***** ** * ******** post ******* *** **** ***************** *** ******* ******** "*** ******* annual *******." *** ****** **** **** that **** *********** **** *********** ****** to ***** ********* ** ************.
** *** ******** *******, *** **** wrote:
*** **** ******* **** ******* *** included ** **** *** ******* **** your ******* **********-****** ******** *********** ****** to *** (******* **** ******* ****** promise ** ******* *** ****** *** security ** ***** *********)?
**** ** **** * ***** **** being *********** *** ******* ***** ****** or ***** ****** *** ****?
*** ******* *** ***** **** *******.
** *** ***** ** ***** ****** with ****, *** **** **** ******* described *** ********** ***** *** ****** and **** ***** *** *** ******* was ******** *** ********* ***** *** issue. ** ***** **** ******* ********* either **** *** ***** *** "******** in *** **** **** * '*******' security ***, ** ****'** **** ****** to ****** ** ** *****," **** no ********* ********* **** *** ******.
** *********: "** *** **** ***'* give ** * **** *********** *** why ** ***** ** ******** ******* two **** ** ****** *******, *'* removing *** **** **** ** ****, posting ******* ********** *** ********" *** alerting *** ******** ********** ****, *** Federal ***** **********, *** *** ****** Attorney *******, ***** ***** *********.
****** **** *** ***** * ******* lock **** ** ********** ***** *****. If ****'* ********, ********** **** ****** your ****'* '********' ** ***** ***********, and ********* *** ****** ******'* ** higher *** ******'* ******.
User's ********
**** ********* ** ****, *** ******-***** user ****** ******* *** ***** *** posting *** ******** *******.
**** ******* *** ***********, *** **** said **** **** *********** *** ********* they **** **** ** * "*********** effort ** ******* ** ***** *** public ******* **** * ***** *********" and ****** ** ******** ***** *****. He **** ***** ** **** *** "knowingly ************* ** * ****** ** affect *** ***** ***** ** * publicly-traded *******."
**** ********* ****** ********* ** **** *** ********* interest ** ********* ********** ************ ******** *********, ********* *****.
*** **** **** **** ** *** not "**** ******** **** *****," *** said ** **** "** ****** **** at **** *** **** *** *****." IPVM ******* ******** ********** ********* ******** for * ****** ********* ******** **** a ***** ****** *** ********** **** the **** ** ****** ** * resident ** *** ********. * ******* investigator **** ********* *** ****'* ******* to ****.
*** **** *** *** ***** ** IPVM ***** ***** ******** ** ********* this.
Latch **** ******
***** **** ******** **** **** ******* * **** merger, ******** * **** ** $**.** per ***** ** ********* ****. ***** then, *** ***** *** **** ****** 95% ** *** ***** ** *** company ******** **** ******** **** ******* ***********,********** "********" ********** ********** **** ****** *** *********** ** financials, *** *** ****** ** **** second *** ***** ******* **** ********* reports ** *** *** ** ******** deadlines.
*** ******* **** *** *** ******** in **** ******* ****** ** ******* ** *** summer ** ****,*** ** ***** ****** ** ***** delisted **** *** ******. *** ***** price *** ******* ****** $* ***** the ******.
Crossing ** ********
** *** ********* **** ********** ****, the ********* **** ********** * ******** relationship ******* *** "****** ***"-******* ******** vulnerability *** ** ******** ** ****** apartment ******* ******** ** ** ********** D.C. "*'* ******** ****'* ***** *******," an ******** **** ****** *** ****.
*** ******* *** * ***** ***** Access ****** *** ******* ********** *****, according ***** *******.
*** *** ****** ** *** ********, Arian ********** *** ****** ***, **** criminally ******* ** ***** **** **** impersonating ******* ******. ********* ** *** FBI, *** **** **** ********* ** be ********** ** ******** ******** ********* since ******** **** ** ***** ** get ***** ** "******* ** ******* law *********** *** *** ******* *********."
*** *** *** ******* ** **** kept ******* *** ******** ********* ** the ********. ************* ***** **** ******* "rent-free **********" ** *** ******** ** a *** ******** *** ** ******* of *** ****** *******,*** ********. *** ********** *** ******* ** have ******** * ********* ****, ********* to *** **** ************.
*** ** *** ***, **********, **** witnesses **** ** **** ******** ****** codes ******** *** ** ***** ********** areas ** *** ********, ********* ** an************** **** *** ***** ** *************.
********** ***** **** ************* ***** *** arrest ** ***** **** **** *** "had ******** *** ********** ****** ***** and * **** ** *** ** the ******* ** *** ********."
******* **** **** **** ***** ******** a ******** **** ******* ************* ** connection **** *** **** ******* ********** and ***. *** ******* *** *** specify **** *********** *** ********* ** the ********, ***** *** *** **** made ******.
Latch’s ********
**** ******* *** ******* ***** *** vulnerability ** ** *** ********* ** the ****** *********, ** ******* ************ for *****, ***** **********, *** *** confirm ** **** **** *** ***** exists. *** **** **** **** "******* in *** ***** ****** ** ******* comes '*** ** *** ***' **** default '****** ******' ** *** ** all ******* ** ********," *** *****:
***** **** *** ***** ** ****** access ** *** ****** ** ******** properties *** ** **** *** ***** lock ********* ** **** *****. ** sell *** ****** ******* ****** *** our ********* ********* *** ** **** access **.
********** **** ***** ** "****** ** comment ** ******* ** ******** * subpoena" ** ********** **** *** ******** DC ********, *** **** **** *** company *** **** *********** **** *** FBI's *************. "** ******* ** **** matter **** *** ******** ******* ** to *** *********, ******* *** **********," she ****.
** **** ** ** ******* ** it, ** ********* ********* *** ********* evidence **** ***** ** ******* *** notified *** *** ***********. [*** ******* has] *** ******** *** ********** **** federal *********** **** **** ****** *** products ** ********* ** ***** ***** crimes ** *** ***. *** *** internal ************* ********* ****. ***** ** no ******** **** ***** ******** ** security ******** ****** ****. ***** ** our *************, ** **** **** ** evidence ** ***** ********* ****** * master **** ** ****** ** ***** door ** *** ********.
User **********
********** ***** *** ******* ******* ***** has ******** **** ********** ***** *********** gaining ****** ** ********** ******* ******* their ***** ** ********* *** ******, and ******* *** ******* *** ***** of *** ********** ***** **** *****, with ** ******* ** ********** ******* "master ***" ******. *** **** ******** to *** ******* *** ***** *** been ********* ** ********.
** ******* *************** ***** *** **** user *** *********, ** *** *** providing *******.
*** **** ******** ** ******* ** whether *** ******* *** ***** ** the ***** *** ******** ******* **** the ****** ******** ******** ********* *** had ***** ***** ** ****** *** problem.
***** ***** *************** **** ********* *** addresses **** ** ***********.
********** **** *** *** ******* ** deny ******* *** ******* *** ***** in ******* ** *** ********** ***** able ** **** ****** ** ********** without ***** ***** ***** ******* ** logged ** *** ******. *** ****:
***** *** ****** ******* ******** *** terms ** ******* **** *** ******** to ******* *** ******* ** ********* using *** ****** (*.*., ******** ******** cannot **** ******** ****** **** ** their ******* *****) *** ** ******* property ******** **** ******** *** ****** to ****** *********, ****** *** ******* of *********, ** ** ******* *** applicable ****-**** ****** ***.
** * **** ******** ****** ** our ****** ** * ******** *******, they *** ****** * ********* ** Latch ******** ******* ** *** ****, and ** **** **** **** ***** complaints *** ****** **** *************. ************, local **** ********* ******** ******** ******** from ******** ** ********* ******* ****** proper ****** ** *** ******** ** such ****.
*** **** **** **** **** *********** and ********* **** **** **** ** a "*********** ****** ** ******* ** alter *** ****** ******* **** * false *********" *** ****** ** ******** Latch *****.
** ****** ***** ****** ******* ******* 95% ***** **** *** ********* ******* at ** *****?
*****'* ***** *** **** ** *** as ** ***** * *** ***** ago ** ** *** **** * bit ** * ***** ********.
**** *** ******** ******-*** (********) ****** ** ***** ********
*** *****'* ********. *** ***** ***** go **** ** *****. *******, *** stock ***** ** ** $*.** *** still ** ******* ** **** **** what ** *** **** ** ****** less **** * ***** ***.
* **** ***** ***** **** *** stocks *** **** ***** ** * real ******* **** ** ************* ** I ***.
**'* * ********* ***** ** * stock ** ******* ** *** **** highs.
**** ** ***** ***** ** ***** sales *** **** *** **** ***** periods ** ****. **'* **** ****** trading. ***** * ******* ******, **** for * $.** ********, *** **** buy ****. **** ** **** ** the ******* ** ******** *** *******, several **** ** ******** ** ****** trading. ***** *** *** ****** ***** DCA, ***.
* ***** **** **** *** ******. Even **
** ******* ** ** ***** * pretty *********** ***** ** **** *** admin ** ********** ******* ***'* *** the ****** ****.
****, **** ** *** **** **** that ******-***** ****? ********* ********* ***** off ***** ** ****.