Lockitron Bolt is BLE-only (although we require an intermittent connection through your handset to transmit encrypted key & log data) unless paired with Bridge. We've thought a lot about an option to use Lockitron entirely offline - is this what you're looking for?
I'm a bit confused by this comment. It sounds like you need to buy an extra thing for $49 to get it to work over the internet at all. Assuming you use the base model, what needs to go online, and who is the key and log data being transmitted to?
I'm not interested in this product at the moment because of how my house is set up, but as a security and privacy-conscious person, I'd much prefer something that requires zero internet connection, even if that means using a version that has fewer features.
Bolt works locally over Bluetooth with no Internet connection. The optional extra thing (Bridge) is if you would like to enable Internet connectivity.
A $15 dollar SDR wouldn't do it either. Most electronic locks aren't susceptible to replay attacks unless they're using KeeLoq and it's out of range. You might be able to do another kind of attack with three Ubertooth One's though. We got something like this working in our lab and I talked about it at DefCon 21 in the Wireless Village track - the basic patch is to use corroborate with other data (geo, time, etc.)
So there's a one time password sent over BLE? Or is it just the fact that a successful pairing was made? The former would be great, the later not so much.
