We use Lockitron on our offices and it has saved us a lot of trouble. Empirically people are a lot less likely to forget their phone than to forget keys, presumably because you use your phone for so many other things whereas most keys do nothing but get you into a single building.
My problem with solution like this is the centralization. I dont want to give power over my door to any one commercial entity. I am sure people behind this project are all nice and likable. And it looks like really neat solution feature-wise. But I dont like the principle. Centralization is never good. You dont know the future of the companny, but your doors depend on it to certain degree. Plus it is a single point of failure and added security risk.
But then again, I dont use facebook, dropbox or gmail for the same reason. (Instead I use selfhosted solutions.) So I am an unimportant minority. Its a pity that the trend with new solutions is towards use of centralization instead of decetralization, which gave us Internet, email and even parlament democracy. As I sad before, if email were to be invented today it would be single company's project backed by YC that would rule us all.
From their FAQ: "if you would like to access Lockitron only via your local network, then we welcome you to flash your base-station with a new image that gives you full access to develop as you see fit"
So you can still use the hardware even if you don't like their software.
While I have seen people walking around and trying doors, it's rare and it attracts a lot of attention. There's something of a herd immunity effect from door locking. As long as most doors are locked, a couple unlocked doors don't matter.
While a trained locksmith could probably get past my deadbolt, a random hacker from $current_unpopular_country can't. (Note: this isn't counting non-locksmiths that can also pick a lock). So, using something like this does carry a bigger (if slight) risk. I'm not sure if I'd necessarily trust a relatively new company with controlling my deadbolt.
Then again, I also have a similar setup using an HID tag reader/arduino/relay to control access to my garage door, so it's not like I'm against the technology. It's more that I'm worried about outsourcing the security of my house.
Honestly, the threat profile to me personally is pretty low, but it's still not something I'm 100% comfortable with.
I understand the point you are making. But I think the perception here is important as well. And even though the probability of someone opening the door is quite slim people still lock doors anyway. Irrationality plays into this. People lock bathroom doors even though only part of the time they are exposed in any way shape or form. Most of the time they are only sitting down on the toilet seat (or if a many perhaps standing for a brief period).
Personally on the one hand I agree with you and rationally it isn't a credible threat. But what if I am away on vacation and the door is unlocked during that week that I am away and I don't know about it? How comfortable do I feel with my office door being unlocked for a week? It's a small chance of a big thing happening. (Even if 99.99%).
There are some people even who carry lockpicks and locks and practice picking for sport and they are all over, like on /r/lockpicking and on places like HN....
I don't know who these people might be - but I know they are out there.
I have been thinking about how to move self-hosted solutions more into the mainstream. Nearly every company already has some form of hosting that can be utilized for this. Every household has a router that can serve as a miniature data center. The problem seems to be the heavy maintenance but I don't see how this cannot be proliferated the same way it has been done for applications on mobile platforms.
Did you build your current lock by hand? Did you at least disassemble it and figure out that there isn't a master key that would grant entry? How far do you take this?
Maybe having your locks NAT out or phone home to a third party is a bit much for a lot of people, as it opens new vectors, but you know, bricks and windows and such.
"Empirically people are a lot less likely to forget their phone than to forget keys,"
That also varies on whether you drive a car or take public transportation.
If you drive, leaving your house requires taking your keys and it becomes a habit. Same with leaving work. If you drove there you need your keys to leave.
A good way around forgetting keys also is a realtor style lockbox either on the door or hidden with a spare key.
Yeah, I forget my phone way more than I forget keys, because I need the keys to open (NFC/HID) the door to the garage and to use the car. I use a deadbolt so I can't lock myself out of the apartment, but also can't go into the garage without keys, and I ~never go out the front door. I end up leaving my phone docked in my car about 10% of the time by accident, though.
The key (heh) to not forgetting anything, though, is to have a consistent set of pockets for things -- I always keep keys+knife, flashlight, wallet+cash, iphone in specific pockets. The only times I get screwed up is when I wear clothing without the right layout of pockets.
Ever since I discovered the keep-things-in-the-same-pocket trick a few years back, the number of times I forget stuff at home got to virtually zero. When it's time to leave, all I have to do is slap all of my pockets to get a feel for what's in them, and that's it I'm done.
Regarding the different pocket layout, I've also limited myself to just using the main ones for my day to day stuff, so two front and two back. Though when i wear cargo pants or shorts I do put my wallet on the pocket halfway my leg as it's more comfortable with sitting.
I have panicked several times after I put my MIFI device in my pants pocket instead of its specific pocket in my backpack. And the same when I place my wallet in my front pocket instead of the back after a transaction.
Yeah -- I was even more OCD with my tactical vest, pants, etc. Basically every square inch of MOLLE had a purpose, and needed to work when standing or when prone on the floor (during incoming), etc. And you do weird things like put a first aid kit with standard layout in a standard location (to be used on YOU if injured), and I had my real medical kit in a different position (which I'd use on anyone else, or on myself).
My car's trunk is similarly organized with a trauma bag, fire extinguisher, crowbar, etc.
Heh, I am constantly fretting over the pacticality of the location and contents of my Go Gear...
I am checking and practicing grabbing [defensive item] often, worried that I am testing it wrong, i.e. that if it happens where I need that [defensive item] that I have placed it in a non-practical place.
I'd love to have a security consultant review my go plans and assist.
My moms house was broken into last night, and she awoke to someone stealing her laptop. She was just diagnosed with cancer and has a trach in right now - so it was super scary for her - because even in that instance, she cant even yell for help. The ADP alarm system failed her and my brother was MIA.
PROTIP: I go to the DAISO Japan store and buy little cargo zipper bags to organize all my tech work gear. Console cables, dsiplay adapters, USB charges etc in one - zip ties velcro, sticky-velcro etc in another. laptop chargers in others...
The DAISO store in SF Japan town is amazing for just this sort of thing.
If [defensive item] is a CCW, you might want to try to cut back on reaching for it. One of the biggest tells for someone carrying concealed is how they constantly feel for their weapon...
I use a gunvault by the bed (I don't have kids in the house, but would feel bad about leaving a loaded handgun out anyway, just in case someone broke in when unattended, shot himself by accident, and I got sued, among other risks like a houseguest or maid or repairman) http://www.amazon.com/Gunvault-GV2000S-Multi-Vault-Standard/...
I'm not sure if I'd trust it to resist serious attack, but chording it a few times gives a reasonably large keyspace, opens quickly, and presents the weapon (loaded and chambered, no external manual safety on the glock 19) in a consistent position for drawing, so it's faster than just leaving it loose in a drawer.
In my trailer or tent in Iraq/Afghanistan, I just put a spare holster between the mattress and bedframe and slept with it there, which worked well, but was a higher risk environment and zero legal risk.
Ha, the locations of all our equipment was boiled down to a science in my unit. For example, the tourniquet was in the left side because the left was more difficult to access in prone because we cant remove our right hands from the gun and we need the left elbow for stability. (For non-military people, the tourniquet that a person carries is used on him in case of emergency so he himself should rarely need to access it).
Yeah, I saw a wide variety of unit effort put into things like that. At one level, standardization is good, but at another level, treating a 6'7 300# Samoan guy the same as a 5'3" female might not make sense for layout of equipment...
The ultra-badass thing to do was to pre-apply CAT tourniquets (loose) to all 4 limbs, so the operator could then tighten them when hit and continue in the fight. An 18D would then periodically loosen them, keeping the limb from being lost, and monitoring/timing for sepsis (which is the risk of leaving a tourniquet tight, letting tissue die, and then loosening outside of a hospital setting -- I think it's hyperkalemia and some other stuff too. I think the rule is 30 minutes of blood flow per 2 hours for up to 24h, but this was evolving at the time. It worked better for immediate response than relying just on direct pressure (israeli bandage, etc.), since it could be accomplished in 5 seconds directly by the operator (it's hard to even FIND where entrance and exit wounds are under a uniform, and sometimes there are multiple per patient per incident, although usually on the same limb).
It was fine when OCF-I, etc. people did it, but then utterly hilarious when random people copied them without understanding (not even infantry, but supply guys going on outside the wire road trips between bases returning from R&R...).
It was a lot like startups -- people learning as they went, in a rapidly evolving environment. The big fail, IMO, was rotating whole units out ever 4, 7, 12, or 15 months to have to re-learn everything again, and then sending them to an entirely different place when they returned. The British Empire system of rotating individual battalions or brigades through a unit which was permanently stationed in the occupied territory made a lot more sense I think.
> treating a 6'7 300# Samoan guy the same as a 5'3" female might not make sense for layout of equipment...
Well, my situation was a bit different as I was in a special forces unit. For one, we had no women.
>The ultra-badass thing to do was to pre-apply CAT tourniquets (loose) to all 4 limbs, so the operator could then tighten them when hit and continue in the fight.
We've had this practice, but when you have a tourniquet(properly tied, cutting off all flow) on a limb, you have little to no control over it (to test this, tie a tourniquet just above your bicep and try to open and close your hand when it has no pulse). The only thing you can do is use other limbs to make up for the lost one. Furthermore, if that limb is a leg (the thigh in particular), in order to fully cut off the flow, it is necessary to apply so much pressure so as to break the bone (which sucks, but is better than dying). Lastly, even if the situation were dire enough to warrant these measures, where would you place the tourniquet on the limb? This is a problem for a few reasons. For example, I dont know about your unit but in mine, anything on us gets beaten up a lot for various reasons; damage to the tourniquet would be likely and problematic. Furthermore, during an exercise, the amount of blood that flows through your muscles increases thereby expanding the size of the limb. This would cut off blood flow and inhibit performance if you had a loosely tied tourniquet on it. If you resize it to be larger, then it would slip and fall in times of inactivity. Lastly, and this might also be a difference between units, we arent allowed to wear any bright colors, reflective mattes, sharp contracting colores, or have anything on us which identifiably changes our shape so as to mitigate detection. As I said, when it comes to the equipment (especially the medical equipment) everything is boiled down to a science.
>It worked better for immediate response than relying just on direct pressure
This is true, but the problem is the loss of use of the limb. If you are in a situation where you absolutely need to move quickly, a direct pressure solution to slow the bleeding until you are in a relatively safe area where you can then apply a tourniquet is better. A lot of the decisions you have to make are a balancing act of speed versus safety.
>but then utterly hilarious when random people copied them without understanding
This is very true. The number one mistake I see people who havent been trained to use a tourniquet make is they tie it (however poorly) on the injury. You are supposed to tie it 4 fingers above the injury because veins are elastic and when severed they jump back into the body, so you need to account for that and tie it higher.
Sorry if I went on too much, I just really like that so much thought has been put into every decision that we take for granted; if only we knew.
(I was just a contractor for a few tiny companies, but got to work closely with people from various units ranging from "other" people to line infantry/MPs to CS/CSS to medical to allies to host nation, so I got to see a wide spectrum of great to defective for everything and then try to do whatever the people I was with did, or what made the most sense for me. I confess to having been one of the "empty plate carrier" wearers on some big bases, but I think it was an educated decision...)
The most interesting thing I saw in 8 years was working with the guys from the Institute for Surgical Research (ISR), making sure they got x-rays and CTs of all injuries, so they could have a team of doctors go through and figure out which equipment and weapons worked, which didn't, and how various pre and in-hospital interventions ended up over a statistically significant number of patients. I'd still rather have USA/USN/USAF trauma surgeons than anything I've seen in the civilian world)
Except for a year in a dorm where I couldn't disable my dorm room door's automatically-lock-when-shut behavior, I've developed a simple habit that's kept me from ever locking myself out of my car or home since: never lock the place/vehicle from the inside, or let it lock itself. I can't lock the deadbolt on my apartment when I leave without the key. And I can't lock my car from outside without the key. It's a way of forcing me to always have my keys.
So while I love the convenience this idea provides for shared access to places, and for frictionless don't-even-have-to-get-out-my-keys access, locking oneself out is a solved problem in my book. (Sure, I could lose my keys, but I could also lose my phone—and the redundancy here is another nice and fun thing provided by this system.)
(This habit was largely inspired by getting a car which refused to let me lock myself out: if I pushed the lock button down on the driver's door while the door was open, and then shut the door, it unlocked itself. Previously I'd had one where you held the handle out to override this behavior, but this one insisted on being locked from the outside. And then I noticed that this was keeping my from locking myself out like I had a few times with the old one.)
The automatically-lock-when-shut behavior of doors is an extremely weak protection anyway, so one should always lock the door with a key anyway (this at least prevents the most trivial circumvention, i.e., open the door with a plastic card).
Interestingly I seem to use more or less the converse of your method, also with great success: Always lock the apartment door from the inside. Whenever I leave the apartment, I therefore am forced to take the keys.
I suppose the most important thing is to be consistent with ones behavior, so that a subconscious habit can develop.
Since all the YC partners are using boosted boards to longboard to the office, I bet this comes in handy. I know I wouldn't want a giant key chain in my pocket while riding.
If your phone is iPhone-ish in size, you may try what I did. After getting a stiff-rubberized phone case (you stretch it around the phone), tape the cards to the case. If you cut a notch in an old card, you can have that be the card against the tape -- the rest of the cards can slide in and out against that card or the phone, and are held in by the force of the tape.
I call it the PhoneWallet. I made one for my droid Incredible.
I'm really interested in seeing a car lock like Lockitron.
"Empirically people are a lot less likely to forget their phone than to forget keys..."
Especially with the PhoneWallet. I have my keycard, ID, and ORCA all conveniently on the back of my phone. The same tap gets me into work and pays bus fares. If I didn't have to carry a car key, I would just carry that 1 item.
You should check out Mavia (mavizon.com). I have worked with these guys as a contractor in the past, and they've got a really cool product for cars. The first version is coming out in the next few months, and doesn't have "car control" yet. It has all kinds of neat location and OBDII diagnostics features right now. Car control (unlock doors, start the car, etc.) is the next big feature.
I've seen and used these as well. They are OK, but you need to still remember to bring the key-fob. Because it does not come out of the pocket/purse nearly as much, makes it (oddly) somewhat of a PITA to keep an eye on. Example: I read one time of a guy having this on his (Ducati?) Moto and after filling up at the petrol, drove back into his hometown to the Local pub. Later, Bike no longer works, has to have the tow truck come to take him home. What happened? He left the fob on top of the petrol dispenser. He was close enough to start and take off, but as he left, he "lost" the key. But never noticed, as bike worked fine (and it was not visible normally unlike a regular key, etc). Ergo, him stranded. Expensive mistake. Moral of the story is if you don't use it, you lose it. =]
My car (a Hyundai) is keyless like that so you just need the key to be on your person. There's no technical reason why this couldn't be done with NFC on a mobile phone, but I think the excuse would be about car thefts. Modern cars all use chipped keys that are really stringently tied to dealers and car thefts have plummeted during recent years.
It's a lot more convenient than I would have guessed though, one of the nice bits that I noticed is my car lights up when I walk up to it at night. Not bright, but the LED under the mirror illuminates the ground around the driver side door. Very neat.
I think all the new Dodge models (even base trim) have keyless these days as well. Hopefully it it catches on for all makes, it's a pretty nice feature.
"Empirically" still implies more formality than the purely anecdotal evidence presented here, unless there's more to it that pg is not sharing with us.
Wow, I'm amazed that they got wifi to work in the lock itself, vs. using a low-power thing like Zigbee to a base station with AC power.
Also, BT 4.0 LE is perfect for this -- since there's no NFC in the iPhone 5, I suspect BT 4.0 LE will end up taking the place of NFC for a lot of "heavier duty" NFC applications -- not that the Bluetooth protocol is great or elegant, but it's a lot easier to work with than NFC, and now BT 4.0 LE exists on both major smartphone platforms.
All my earlier criticism of not having a local ACL and local RF communication to the lock, vs. going to/from the Internet, is now resolved.
The only thing they're missing is a BT 4.0 LE dongle (which I've seen on Kickstarter called "hone" http://www.kickstarter.com/projects/690528216/hone-for-iphon... -- you could put that on your keyring and use it as an expensive HID proxcard replacement. Same thing works for electronic leash.
Now all they need to do is support 5-10 locksets in some kind of private/small business network (vs. putting in a HID access control system), for 0-99 users, and they'll be really innovative. Managing a single door with 0-5 people is comparatively easy; managing an office with turnover is a lot harder, and businesses would happily pay $1-2k for a system to cover their doors and employees with a nice LDAP/AD/FB/etc. interface.
Since you can upload your own firmware, it would be entirely possible for a customer to build this.
Gas to run
You making sure everything is well maintained
Expensive vs biking
Auto mechanics needed if your car breaks down
Anyone in your area could easily steal your car or explode it rendering it useless.
Doesn't seem like a very good risk/reward ratio to me.
Kidding aside, you must not have read very carefully, since it has NFC and Bluetooth as backups. The DDOS scenario would require a targeted attack, and wouldn't render it useless anyways as per the above. The device works for renters who can't change their lock, but still want some convenience.
Yes, it has some drawbacks. But I think it is an incredibly well thought out device that I'm jumping on.
The device offers many features current lock-and-key models don't, and can be used by a wide variety of people (whereas you cant use custom locks for apartments). Your analogy above really makes no sense.
But going back to your original post, at least two of your drawbacks were wrong, and the others seemed to be nay saying for simply the joy of doing so. A DDOS attack on someones wireless to stop them from getting in?
A) Something that wouldn't have affected the lock since Bluetooth and NFC works
B) A targeted scenario that might as well be "well locks don't protect against rocks thrown through windows!
Why use a laptop to write notes (that requires your laptop to have power/working correctly) when a simple pen and paper will do? We can trivialize anything using that methodology.
I don't understand why you're so negative. It's a new product that has new benefits, and new drawbacks. The same could be said about the calculator when it first came out. You couldn't even compute logarithms on the first calculator model, but the slide rule had no problems. Most people were faster using the slide rule so it felt like the calculator was a backwards technological progression.
Should we try to innovate on the calculator or go back to using slide rules?
Great example. While the calculator is a great invention, it's also caused many people over two generations of not being able to perform simple arithmetic in their head. Of course, we're hackers and we try to keep our minds fresh by doing simple tricks such as calculating the total value on the receipt before checkout (or the ubiquitous 35% off stickers a certain Dutch supermarket has)--don't we ;) And almost nobody knows how to use a slide rule any more.
And while that's sad, it doesn't make the calculator less great.
There are more advantages to this than you realize. For instance, my father is a quadriplegic and has limited dexterity so it is extremely difficult for him to handle keys. If he wanted the ability to lock a door on his way out, it would be much easier for him to make a few taps on his iPad and be on his way.
Yes, but what are ways it is possible to break into a car?
Break a window (drawback: sets off a car alarm)
Duplicate or steal the a key (drawback: requires original key)
Steal car when open (drawback: not many people leave there car open)
How could you break in a Lockitron (or prevent someone from using it)?
Steal a persons phone (much easier than stealing a key. A phone is taken out more often than a set of keys)
Cut telephone wires for wi-fi (a little extreme, but possible)
Hack there password.
Besides, how much motion does it require to open a lock with a key? I guess it makes sense to use it to unlock or lock your house remotely, but when have you been in that kind of situation? If someone needs a key, just give them a copy.
This is a thing I find increasingly bewildering/disturbing about new hacks like that. Why do we route signals around the whole world to communicate two devices that are few meters apart? Also, having to go through third party's computer infrastructure sounds like a huge waste of resources. Bluetooth, NFC or WLANs are the tools we should be using.
Personally I'd feel more in control if I could text him a special code to get in, than by remotely locking or unlocking my doors.
Remotely unlocking my doors? I feel unsafe already from the mere idea :) :) It'd be different for an office but there's an emotional thing with my home, I'd just be worried. If I lock it again, maybe the door was ajar and it couldn't lock? But I can't see because I'm not there!
You are giving Bob the ability to unlock it himself. You temporarily add him to "the group that can enter my house" and then, without you being involved, Bob can get in or, more importantly, lock the door if he leaves when you aren't there.
My dad has a casita on his house that he frequently lets people use. Dealing with the key is always annoying, though. With this, he could say "My son will be here on the 10th-14th, my nephew will be here the 21st and 22nd, etc" and never have to worry that the key gets lost or copied.
Now they just need to tie in with alarm systems so it will deactivate the alarm at the same time it unlocks it (or at least provide a temporary code that the guest can use).
(I think the traditional wording of the phrase is a tad harsh, but..) I think it is a case of "When you really love your hammer, everything looks like a nail."
I like analogies that aren't necessarily dismissive.
How about If you're a carpenter, you tend to make things out of wood."
You can make a lot of stuff out of wood, if you're good. You need relatively few general purpose tools. It's not always the best, but in many cases it's good enough. The first Apple had a wooden body. Early cars too.
Technology is giving us a lot of stuff which we call "tools" but we might also call "materials." Like physical tools and materials, they all take time to learn and much longer to understand well. Sometimes we use chisels & planks when welding pipes or casting iron would be better because we have a woodworking setup in the garage.
I like analogies that aren't necessarily dismissive.
How about If you're a carpenter, you tend to make things out of wood."
You can make a lot of stuff out of wood, if you're good. You need relatively few general purpose tools. It's not always the best, but in many cases it's good enough. The first Apple had a wooden body. Early cars too.
Strangely routing things around the world like this often works better. You get to use an already established communication path that probably already works and is switched on. It also reduces the number of new protocols that would need to be designed and secured.
yeah, I missed that the first time around and that definitely nullifies pretty much all of my issues - i had a visceral reaction when i read phone...website...lock... and managed to bring up a bunch of non-issues
To be fair (I share some of your hesitance), the old-fashioned key still works, so if for some reason one of these dependencies was unmet, then you're not totally out of luck.
Probably not NFC though. You need a much smaller distance to read NFC (or a much bigger antenna). I doubt it could read a NFC keycard through the thickness of the door. I'm sure all that metal in the lock would act as a great RF shield too. It uses more power than BT4, and all devices that have NFC also have BT4 so it probably wouldn't make sense to power both.
The advantage for me is that I don't have to get my keys out if I'm carrying groceries or one of my kids. The bluetooth receiver means it will open the door automatically for me.
I've been using a MiCasa Verde[1], alongside the compatible KwikSet Deadbolts[2], an android app called Automator to accomplish the same thing. It's actually a little pricier but you get:
a. Remote entry -- unlock your door from afar.
b. A nice home automation system (mine's expanded to control lights and thermostat now)
c. Keypad and key-entry as backups
I love it. Being able to remotely lock and unlock your doors is super handy, whether it be for guests, contractors or what not. But what's really handy? Never worrying about locking yourself out of your house again.
If I could just get rid of my car key, I'd be thrilled.
The integration with other things is a big deal fwiw. I'm currently playing with NFC and doing things like "when I tap my phone on my night stand, make sure all the doors are locked and turn off all the lights except for the bedroom"
We're headed towards the Internet of Things but right now they're all sort of talking with their own software. A house with the Nest thermometer and the Lockitron lock won't be able to execute on the scenario I described above -- and if you're a homeowner you may want to think more long term than investing in one-off solutions for every latest thing a chip goes in to.
Regarding your first point, the video for Lockitron mentioned that you'd be able to remotely open your door from anywhere.
I'm really excited about this -- I've always wanted to do this for my door, but as a renter I can't exactly just change the locks without my landlord being pretty disapproving.
Unikey[1] on Shark Tank last season blew me away, I couldn't wait to see it in action, and be available. This looks like an easier installation process than that, but Unikey has some big names attached to it (Black & Decker).
Can't wait to see this tech take off, good luck guys!
For me, it'd be about guest access. Sure, you could give out your codes, and then change them later, but that's a pain (with the Schlage products at least).
I think the main benefit here is that it works with your existing lock, so it could work on apartments, dorm rooms, office doors, etc. Those key code deadlocks have always existed, but never very popular.
The user codes for these products are 4 digits, and 4 digit codes do not offer much security.
I had a 4 digit Master lock in 7th grade, and an 8th grader spent a little bit of time with the lock, determined the passcode (chosen at random), and then changed the combination.
I wouldn't put one of these locks on my home, or on anything that I wanted to actually "lock"
The keycodes are pretty easy to guess. Regular users will only ever enter the correct codes so if you look carefully at the keypad you can see which digits have been pressed. Most likely there will only be 4 of the 10 possible digits used. I've actually encountered keypads where the order didn't actually matter so you could get in in seconds.
Combine that with the assumption that the average consumer probably used a date of some significance for their 4-digit code and in the US you can guess that 0 or 1 was first, 0, 1, 2 or 3 was the third position, leaving you only to guess the second and fourth position.
There are only 24 possible combinations of a 4 digit code anyway (assuming 4 different digits). I doubt the devices do a lockout on the wrong code, so it wouldn't take that long to hack.
>I've actually encountered keypads where the order didn't actually matter
If the order really doesn't matter, then that counts combinations twice (1234, 1243..). There are 10000 possible 4-digit codes, 5040 permutations, and actually 210 combinations.
So, do people who use something like this just never lock your bottom handle lock? I live in a busy city and lock both to keep my place secure. I'm not sure I would like just being able to lock the deadbolt but not the handle lock.
Having taken a lock picking course, I can say that one lock is approximately the same security as two - even after 15 minutes of instruction, with the right tools I could unlock most any standard house lock in moments.
Home door locks are a deterrent more than anything else, so I'd opt for convenience.
This is not true everywhere. For example here in Sweden the second lock is usually a lever tumbler lock or some variant thereof. Way harder to pick than pin tumbler locks. What matters is the type of lock, not the number of locks.
Yeah, that's not too bad but I would still be a bit worried since my place has a door that is accessible from outside. You are lucky with that sort of "double secure" entrance! Haha
Looks like a really cool product, but as a note to the marketing department: the product itself looks just a little bit too much like an iPhone. I got confused for a moment, and thought the device was an iPhone with a picture of the deadbolt on it. There's probably a way to make the materials somewhat clearer that the Lockitron is the big square bit, and not the C-shaped mounting adapter.
Right now, the website is down or perhaps cloudflare is having issues.
I did get a look and was going to make a comment (which I wanted to verify) that the site in no way shows that the company had built another product (at least not from a quick look).
Now I can't even get a look at the site. This isn't 1996. Why are people having so many issues with delivering simple reliability to a 1 page website?
I installed a punch code deadbolt on our front door. It has been a life-changing experience. I need neither phone nor keys and never worry about being locked out. I just have to replace the batteries every couple years.
One of the biggest improvements, not offered by the Lockitron, is the lack of needing to fumble in your pockets for anything. If you've got a handful of groceries, it's much easier to shift a bag or two to get a hand free and punch the code than it is to go digging in your pockets.
> One of the biggest improvements, not offered by the Lockitron, is the lack of needing to fumble in your pockets for anything
Did you watch the full video? This version of Lockitron has proximity-based keyless entry like some cars do. No need to reach into your pockets or punch in a code.
Near the end of the video they demonstrate their newest feature: automatic proximity unlocking via BT 4.0. So in the "hands occupied by groceries" scenario you described, using the Lockitron would be even easier than a punch code.
Cool and interesting idea, but for obvious reasons* I have some slight reluctance with using a service like this for my home. For less valuable targets though -- like a conference room or shared workspace -- this is a really clever solution to sharing keys.
*I hate it when people say that so I'll expand. Simply put, I'm worried about it getting hacked. For instance, could you gain access to someone's wifi and then flash a new image (which includes a rogue key) onto the device?
Basically no commercial locks provide a perfect (or even very good) audit trail facility -- guaranteeing the device isn't tampered with. Even the government/military X09 standard lock (from Kaba-Mas; it's a pretty awesome self-powered combination lock) can be forced, then replaced with a new lock with a faked serial number and internally trojaned electronics. You could detect this on internal destructive inspection later, but you might even be able to hack the electronics with self-deleting firmware.
The standard for secure facilities is 24x7 monitoring and roving patrols which are frequent enough to prevent defeating the lock/door initially. If it takes 1h to cut through a vault door, and you do patrols every 15 minutes, it doesn't matter as much that once you compromise the door, you can subvert the lock for future access.
That said, there's more potential to make an electronic locking system (and seal/tamper evidence) really secure than there is to make a mechanical keylock secure -- keylocks are basically deprecated for even moderately high security, and mechanical combination locks for high security -- the future is all electronic systems with online checking of credentials. A system like lockitron has a lot of room to grow.
Not necessarily, but I see your point. The threat model you suggest seems to be for a "one and done" event (which is a perfectly valid scenario). But the initial threat model was geared towards repeated, quick, and relatively inconspicuous access to a secure facility.
Sadly, the lock on your front door is most likely so easy to break, a thief wouldn't waste time trying to hack anything but the keyhole. I learned how to make and use a bump key from YouTube, practiced on my own front door and after a couple of hours could consistently spring the lock with a few whacks (seconds).
The weaker component is the (still available as a backup entry method) keyhole. A year ago, my neighbor locked herself out. I found out that she also had a Schlage lock and figured I'd try to help. After finding my disused bump key, I had sprung her lock after about twenty whacks. My total experience was two hours of practice three years ago. I don't consider myself to be uniquely skilled here.
Personally, I'd prefer a mechanism that would allow me to eliminate the key entirely. I'd rather live with the risk of battery drain/malfunction/phone loss.
"However, if you would like to access Lockitron only via your local network, then we welcome you to flash your base-station with a new image that gives you full access to develop as you see fit"
Obviously I've done about as much research as you so far, so it's very possible the scenario that I describe is unlikely. The point of my initial post was simply to reflect on the fact that in some cases I'd love to use this, and in other cases, maybe not so much.
right. but it doesn't say how it is flashed -- perhaps it requires you to hook up via usb?
I can understand people's fear of technology when it is used for security purposes, but if someone wanted to break in, there are easier ways than flashing the base station. All someone would need to do is take a picture of your physical key and they'll be able to make an identical one.
Well, that one is only for the ethernet shield. I'm guessing you probably need more code for communicating over wifi or bluetooth and supporting wpa/wpa2.
> We won’t charge your card until your Lockitron is ready
Interesting.. so you don't even need the money for the first production run, pure crowd-hype marketing. Also very ballsy of YC to sidestep kickstarter like this.. although i suppose 1000 pre-sales isn't huge.
As for the product, some nice feature improvements over v1.0, although i'm not a fan of the new plasticy design-- i would not want to see that thing on my door unless I had to, for any price.
i think this is quite smart. it's not just the hype, but similar to app.net, it's guaranteeing there is a minimum threshold of demand.
what do you mean by 'ballsy to sidestep kickstarter.' has kickstarter become some kind of sole-arbiter of product development? FWIW, if this style of e-commerce continues, someone should develop the API for this/app.net type of sales instead of each building the billing system from scratch.
Kickstarter is definitely the existing sole-arbiter of crowd sourcing funding. They have brought massive crowds to YC companies so i think it is a significant move to walk away from that to save 5%.
We used Lockitron at the Cloudkick office. Super convenient, as it let anyone at the office buzz a guest/delivery through our outer door without leaving their desk. Also awesome: the ability to give visitors temporary access without having to keep track of making keys, ensuring they're returned, blah blah blah. Lockitron eliminated the dumb, day-to-day-headache-type-stuff involved in getting people in and out of our space.
Is this a neat idea? Sure. But it's nowhere near $150 worth of value. (And, based on their "limited time" copy, it's likely going to rise to a more egregious price in the future.) I'm actually dumbstruck that they've sold 2500 of these. Admittedly, not having leave your couch to lock up or being able to check the status of your locks remotely is by all means a nice offering, but for the price, it's just not worth it.
Incidentally, this is also just a workaround. It's a hack. It's likely not to work in all homes or with all locks.
Moreover, this thing will likely look out of place and fairly undesirable on most doors, especially on older buildings.
An actual installable lock would be incredibly more compelling due to the fact that it will be less bulky and intrusive.
I think this is a great idea, and would be really useful for any place where you need to give a lot of people access to the building. If you're renting your home out through Airbnb, being able to give people temp access to your home would be really convenient and also safer than giving them a physical key that they can copy. If you're renting out an apartment or office, lockitron will save the landlord from having to rekey the building after each tenant. The $150 cost is easily recouped if you consider the cost of getting new locks. When I'm expecting the maid to come over to my house, I would love to give them remote access if I'm not home.
I'd expect the look of the lock to change substantially with updates, but the conveniences it brings is pretty amazing.
Great idea. However, I can't help but think that if Lockitron gains meaningful adoption, the various organized-crime groups operating on the web will try to hack the company's backend retrieve lock usage and location data or even gain the ability remotely to open customer locks. (Criminals already pay for stolen credit card information on the web; they would readily pay for lock usage and location data too. How valuable would it be for thieves to know when other people in their own city leave their homes?)
I would want to understand how Lockitron might use and secure my lock-usage, location, and other personal information before using the device and service to lock anything important, like my office or my house.
Credit cards can be used by any thief, hacking tools cannot. A Lockitron hack tool would likely be more in the realm of Metasploit. I'm not saying there won't be hackers/thieves who could do it, just comparing to stolen credit cards is silly.
It's pretty obvious that more and more things are converging to the phone. We've already seen how modern smartphones have markets like the point-and-shoot camera and portable music player. It makes sense to carry around one device that does as much as possible. And I love the extension of the smartphone into these home automation areas (though I realize locks have a significantly greater market than just that). What troubles me right now is the fracturing, but that's inevitable in emerging markets. It would just be nice to have a really great product line that I could use to unlock deadbolts, open my garage door, automate my lights, control switches / outlets, program my thermostat, etc.
When I saw that this thing fits over my existing deadbolt two things came to mind and in this order:
1. Wow, that device must have a lot of torque as many deadbolts, mine for example, actually requires some effort to turn, either to lock or unlock. This resistance is caused mainly by the springiness of the weather stripping which pushes back against the door when it is closed.
2. Sometimes, when sunlight falls upon—and heats—the door I need to push or pull slightly on the door in order to turn the deadbolt at all. The door is not dimensionally stable and deadbolt alignment changes. This makes me think that the system would not be reliable. I know my door and deadbolt are not unique in this regard.
I cannot drive to work if I forget my keys.
However, I have following idea.
A cell phone case with an imbedded radio frequency chip that communicates with your key chain. The purpose of the device is to alert you if get too far away from your phone. This two way radio will not only help you locate your phone, but you can use it to locate your keys as well. You will be able to preset an approximate range boundary which will cause the case/keys to beep when they are too far apart. If you are close to the phone but can not see it, you can make the phone beep by pressing a button.
Really nice product can't wait to see it in production.
One insignificant caveat: I don't like the interface on the phone to lock unlock.
Why use two images, the lock and unlock padlock when one image would suffice.
It all sounded good until the "SMS" part. SMS messages are not encrypted and it is possible to sniff them (albeit it is not the simplest thing to do, but it is possible). Of course no one will have your actual house address, unless they cross reference your cell phone number with Facebook!
Granted the risk there seems small, basically limited to people without a smart phone who are also in the market for a smart gadget like this.
It is good to see that this is disabled by default, but it seems like a really unnecessary security hole.
We use lockitron at the Tigerlabs co-working space in Princeton. It's awesome! The provisioning, the ease of use, and the reliability are amazing. The team has done a great job of focusing on, and absolutely nailing the future-of-locks scenario. We've been happily using Lockitron 1 -- Lockitron 2 appears to eliminate the 'base station' and the custom lock, and now works with your existing lock. All Airbnb's and Co-working spaces need this. ;)
I just looked at wattvision.com (your company) after seeing your profile. It looks interesting.
However -
- Your website is much to slow.
- Remove the whois privacy from your domain. You're a business with a business address. No reason to hide your business location.
Does the 4-AA batteries actually last a full year? I'm not sure how those batteries can maintain a steady wifi connection and survive for a full year. The lowest power wifi chips I know still draw 40mA in RX mode.
Continuously connected? No. We'd last about two weeks.
We poll infrequently during off hours and more frequently when people are likely to be coming and going. Knocking also wakes it up.
Bluetooth 4.0 gets us the rest of the way. It's instant for iPhone 4s and 5 users and we should have rudimentary support for the Android devices with BT4 by March.
So what happens when a packet is sent when you're in sleep mode? Does the device have to renegotiate the connection when waking up?
What if you sold a separate device that plugged in the wall and had a constant wifi connection, then used BT4 for communicating with the lock powered by 4xAA? Then you wouldn't even need wifi on the lock.
Also, why an arduino mega? Are you using that many I/O pins or is it because your code needs the 256KB of flash?
I don't think they are using an Arduino Mega. They are using the same processor that an Arduino uses which is the Atmel ATmega, which is a very common processor for microcontrollers.
I'm guessing you're not accustomed to the arduino parlance. Everyone knows arduino uses an atmel atmega uC, but when you say "arduino mega" it means something specific. I have around 5 different models of atmega chips at home that I use with the arduino.
In the video they said they were using a mega, and you can tell from the picture that the atmel chip is a surface mount similar to the 2560. All the arduino chips use some kind of atmega variant, but the arduino mega refers to the atmega1280 or the atmega2560. The most common arduino chip is the atmega328p.
The atmega series is fairly broad. The arduinos only use a subset of the atmega series. "mega" is probably a bit confusing, but if you say "arduino mega" it only refers to one or two specific chips -- the old "arduino mega" used the atmega1280 while the newer model uses the atmega2560.
So what happens when your lock requires holding the door with pressure to have the bolt slide freely? Does it just not lock, or does it tell you it won't lock?
I made this point in another comment, but here it is again:
This product can be about much more than solving the problem of forgetting your keys. People with limited dexterity (such as my father, a quadriplegic) would love a product like this. When leaving the house, he would be able to make a few taps on an iPad to lock things up. Right now we don't use a lock because it's behind a garage door, but this would allow us much more flexibility.
Is this their official launch? The company I've worked for has had one for a while...
Regardless, I'm a fan. The fact that granting and revoking access is so trivial meant that when I was an intern I still had full ability to come and go regardless of the presence of a fulltimer (contrasting with other internships, where hesitance to give interns keys meant if I showed up too early I had to sit on my butt till someone arrived to let me in).
We use Lockitron at the 500startups offices. It worked well most of the time. The few times it didn't work was very annoying and I had to rely on someone else to open the door for me (from the inside). As long as you have a secondary option for opening the door, it's a great product.
We use it at Getaround and it works well all the time. We once had our internet line go out and couldn't lock our office until we found the spare key, though.
One issue with the video around 0:40...
Lockitron really needs to buy their hardware engineers some eye protection and magnification devices. You should never solder up close like that without eye protection. What they show in the video probably violates OSHA guidelines.
Kudos to the team. This is not a solution for everyone, but there are places (Airbnb, shared access, renter, maybe hotel) where this concept could be invaluable. Even if not for my main door I could use it on the side door to allow multiple access for my family and kids.
Lockitron guys: I would love a similar device for my garage door! Perhaps even integrated into one since most front door deadbolts are going to be within range of a garage door opener. It could support standard Genie/Liftmaster and get 80% of the market.
Lockitron even mentions that AirBnB is a great fit + they are both YC companies. Why isn't there a partnership already established between the two companies? Lockitron should be contacting all of AirBnB's most rented property owners to buy the lock.
This looks great. Would love to see a version that has a camera on the front of lockitron so I can see who is at my front door. It sounds incredibly lazy, but being able to open the app and see who is at my front door would prove useful.
Our company developed a product where you can enter a place just by calling a specific number. If your number is on the registered number's database it will unlock the door...
Don't know why they don't do it like that instead of having to send a text...
Looks great, but I'm reticent to replace my mortise-style door lock. Maybe future versions will support this type of lock? Other than sizing considerations, I don't see why not.
We use Lockitron on the Firebase office door. I highly recommend it. Giving access to new employees is a couple of clicks, rather than making & tracking a new physical key.
We used the alpha version of Lockitron for over a year at Blockboard's office. Once it was set up everything ran smoothly. We loved it. The final version looks even slicker.
We have one of these for our office too, and it works great :-). My only problem is that I want one for my apartment too, so I can stop carrying keys altogether.
I assume you could still use a key. Nothing seems to be covering the deadbolt lock on the outside of the door. I have the same problem with two-factor authentication though, I guess you'll just always need a backup.
If you've never lost your house keys twice ($75 per visit for a locksmith) then it's not worth it. However, you could give multiple people access to the door this way, which would be cheaper/easier than making copies of keys.
Also, with normal keys if you lose one you have to replace the cylinder and all the keys if you're worried about someone using the lost key. This would prevent that expense.
I will say, though: if $150 is the discount price, i'm afraid to learn what the regular price is. Businesses seem like the only place this becomes cost effective.
I hadn't thought about the multiple people access problem since I've never needed more than one set of guest keys at a time, and the offices I've worked in were all big enough to use keycards.
Come to think of it, the market for 'Needs to give multiple people rotating revocable access' is a great fit for AirBnB type services.
When I was 16, I was given a car without keyless entry and I was willing to pluck down $200 (that included installation) for the luxury.
I could see spending $150 to get similar functionality plus the ability to unlock my home remotely and check the state of the lock on the only door I enter/exit from.
My family shares a vacation home up north and I'm tempted to buy this for there as well. Because of its proximity to town (two blocks walk) we've already had plenty of trouble with people locking themselves out because they're not taking their car to the tavern in town and simply forgot their keys in the process. We'd have to get in the habit of only using the deadbolt, or replace the door handle with a non-locking door handle, but it might be worth it to me.
I certainly wouldn't pay $150 for that, and was asking myself the same ?. It's not going to appreciably increase the value of my home, so an argument that it's home improvement doesn't hold water for me. It doesn't seem to have that much hardware, which would help me understand the price point even if I still wouldn't pay for it.
It simply doesn't solve a problem I have, and at $150, I'm not likely to give it a shot to see if locking my doors manually is really that much of an inconvenience (I doubt it is). I might pay $50, but even then that's a stretch because, as I said, it doesn't solve a problem I've got.
Since no one is forcing you to buy it, I would simply suggest not buying it and going on with your life.
Perhaps that sounds harsh, but there are plenty of products out there that cost a lot of money (much more than $150) which won't bring you any additional value.
The new Lockitron will certainly bring value to a lot of people, including renters.
I'd seriously consider doing kickstarter too -- once you've got 250-500 preorders outside kickstarter, and popularity on HN, you should be in a great position to have an "overfunded" kickstarter. Yes, they take a cut, but the exposure from kickstarter is probably worth it -- just bump prices 10% if you must.
I know I buy a lot of gadgets I might not otherwise know about due to seeing them in my activity feed on kickstarter.
Those have become less popular in the US with rising fire-safety awareness, I think. (They are likely to trap inhabitants in the event of a fire.)
Given that the device claims to work with almost any deadbolt, and therefore can't be too picky about shape, my guess is it wouldn't be hard to adapt it for your lock. (Just permanently install a key with some handle attached to it for the device to grip.)
