If you saw the news about Amazon's Key smart-lock service debuting and thought, "I don't know if letting a total stranger into my house to deliver a package is such a great idea," congratulations: You may have been right.
The problem is that Amazon's Cloud Cam, which is supposed to keep Key-adjacent deliverymen honest, is vulnerable to a simple attack. Because the smart lock depends on the Cloud Cam to connect to the internet, the entire Key system is compromised, which could let rogue deliverymen stay inside your home, or even let in total strangers. Although a fix is forthcoming, it just goes to show you that there's always a payoff between convenience and security, even in meatspace.
Amazon Key users don't need to do anything except not use Amazon Key while they wait for a security update, which Amazon expects to push out within a week. The Cloud Cam will update automatically.
How Amazon Key Works
Wired looked into the story and spoke with Ben Caudill, founder of Rhino Security Labs, the firm that discovered the vulnerabilities. But to understand how these attacks work, you first have to know how Amazon Key works.
Briefly, the Amazon Cloud Cam is a $120 security camera that functions alongside other Amazon protocols, such as Alexa and Key. It can be bought on its own or as part of a $250 Amazon Key kit that also includes a compatible smart lock made by Kwikset or Yale. The Cloud Cam communicates directly with the smart lock. Simple — and also exploitable.
If a customer chooses to let deliverymen (and, in the future, dog walkers and house cleaners as well) in and out via Key, then each "trusted" deliveryman will use a mobile device to communicate with Amazon when he or she arrives at the house.
Following a perfunctory knock on the door, Amazon will then activate the Cloud Cam's recording and remotely unlock the customer's smart lock. The homeowner will be notified via the Amazon Key smartphone app and can watch the entire delivery procedure live.
Once the deliveryman has placed the item inside the door, he or she leaves and requests that Amazon remotely lock the door. Amazon sends a remote lock signal and the door locks. The customer's smartphone app indicates that the door is locked again.
How Amazon Key Gets Hacked
A hacker — and not even a particularly creative one — could use either a laptop or a Raspberry Pi device with an antenna to send a deauthorization script to the Cloud Cam. (In one of the demonstration videos provided by Rhino, the attacker uses a laptop running the freely available Kali Linux, which comes loaded with common attack tools.)
Deauthorization simply and temporarily disconnects a targeted device from a Wi-Fi network. It's a known flaw that abuses a feature of the Wi-Fi protocol, but the Cloud Cam does not presently have any countermeasures against it.
Even worse, it turns out that disconnecting the Cloud Cam from the local Wi-Fi network causes the Amazon Key smartphone app to freeze on the last transmitted frame — which in most scenarios would simply be a still image of a closed, locked door. This permits two different but related attacks, one involving a malicious delivery person, the other a stranger.
The first attack is the more likely of the two. A deliveryman opens the door, drops a package, then closes the door. He (or an accomplice) then sends the deauthorization script before the deliveryman has sent a request to Amazon to lock the door. This leaves the door unlocked and the Amazon Key smartphone app frozen on the image of the closed door.
The deliveryman can then wander right back into the house while the camera is frozen, get out of camera range, stop the deauthorization script and request that Amazon remotely lock the door. The door locks, the camera resumes its live feed and the homeowner sees that the door is locked and closed. It's unlikely that any user would notice a door staying unlocked for a few seconds longer than it's supposed to.
The second exploit is a little more esoteric, but still potentially dangerous. The Yale or Kwikset smart locks compatible with Amazon Key connect to the Amazon Cloud Cam via Zigbee, a popular smart-home wireless protocol. The smart locks have no Wi-Fi connections of their own, and depend on the Cloud Cam.
After a deliveryman closes a door to leave a home, there's a brief window of time in which an attacker, perhaps someone lurking in the bushes or in a nearby car, can send out his own deauthorization script, similar to the first attack. Even if the trusted deliveryman sends a locking request to Amazon, the lock command from Amazon will not be delivered to the smart lock while the Cloud Cam is offline.
The smartphone app still freezes on an image of the closed door, but the door remains unlocked until the deauthorization script stops transmitting. During that window, an attacker can walk in, only to have the door lock behind him once the Cloud Cam comes back online.
Both attacks are dangerous, no doubt, but they may not be as catastrophic as they seem. First and foremost, if stuff goes missing from a house within a few hours of a stranger entering and leaving it, it's not hard to tell who the prime suspect would be. Furthermore, the door does eventually lock behind the attacker, meaning he or she would have to find another way out, out of view of a camera.
The second attack in particular relies on an unusually implacable criminal, since the attacker would probably not be a deliveryman himself, but rather someone following him around. You would have to have a house in mind to burgle, then know that the person was receiving a delivery, then follow the deliveryman around, then slip in, undetected, very soon after the deliveryman left. It's a lot of moving pieces — and in broad daylight, too.
While these particular scenarios may not be dealbreakers for Amazon Key enthusiasts, they do demonstrate that the service is far from flawless. For now, keep your smart-home devices patched, set up another security camera, or just do what Caudill recommended: "Don't use Amazon Key."
We've reached out to Amazon for comment, and will update this story when we receive a reply.