Originally published at: https://boingboing.net/2017/11/16/dont-use-amazon-key.html
…
Neat! Looks like it uses a tool from the aircrack-ng project.
http://www.aircrack-ng.org/doku.php?id=aireplay-ng
This will put at risk the eleven people in the country who are sufficiently stupid to enable “Amazon Key”.
I don’t understand the point of the Amazon key. The oft-quoted physical manifestation of public key cryptography should be used here; specifically, a padlock.
You leave a box outside with an open padlock. The delivery person puts stuff in the box and snaps the padlock shut. You have the padlock key nice and safe. How is this not the perfect solution? Probably because all it needs is a sturdy box and a decent padlock and uses centuries old technology.
Moreover, it’s compatible with every delivery company (with a minor delivery person skill update).
What? You mean it fails open? Jesus Jumping Jack Christ that’s stupid.
More dangerously, a thief who trailed a delivery person could take advantage of the situation by timing their attack to coincide with the unlock, while simultaneously disabling the camera – though they would have to trick the delivery person into leaving the door unlocked behind them.
A thief does not have to disable any camera.
They can follow a Delivery person and then just walk in. Do you think the Delivery person is going to stop them?
The Delivery person has zero incentive to stop someone else from entering the house once it is unlocked.
case in point- look at all the stories about employees that got fired for trying to stop a robbery because they violated some clause in their employment contract that prohibited them from doing so.
I have exactly the same setup and it works reasonably well – for me. It is not perfect, because it is not as sturdy as a door and could be easily vanadalized. Those are two things I do not have to worry about in our peaceful suburb and 30 meters away from the street, out of sight, even.
Wouldn’t risk in in others parts of the town.
though the audit trail left behind by the system would make it easy to tell which credentials were used to authorize, though they could be stolen.
There, fixed for you.
"How is this not the perfect solution? "
OK, it’s trivially “hackable”
1: Bad Guy swipes your padlock and puts his own on. Comes back later and takes stuff, replaces your padlock.
2. Local hooligans lock the padlock on the open hasp. Steal packages at leisure.
3. Fun-loving local hooligans put extra padlock on box after package is delivered. You go ballistic trying to get it
open.
4. Bolt cutters.
-
That’s a good one. I’ll have to find a solution for that one. (Though I don’t really need it)
-
If there’s no usable lock, the delivery person should not leave the package, no?
-
See 4
-
Yep.
Re:
#1. Attach the padlock to the box with a cable or chain that is difficult to separate from the padlock without bolt-cutters. Any attempt to steal the padlock would involve damage to the cable or padlock.
- If padlock is stolen, then presence of cable only indicates tampering.
- If cable is stolen, then presence of padlock indicates tampering.
- If a padlock and cable are separated but both still present (padlock is spoofed, original padlock stolen), then separation indicates tampering.
- If somehow padlock is tampered with and replaced onto existing cable, then a siren-device or security camera activated by tampering may alert neighbors and limit time available to thief (slide protective rubber tube over cable or chain in order to provide visual inspection of nicks or small cuts).
- If thief bothers with bolt cutters, it wouldn’t even matter if your house was insecure or not (useful deterrence not perfect protection, but it would keep obvious valuables outside of house thus reducing chances of home break-in unless they got greedy … but use additional security as above).
Note: some welding or DIY required.
ADDENDUM:
There is no reason Amazon couldn’t utilize simple physical multi-factor identification such as this. In fact, there could be a dual-key system whereby a device (like an extra padlock-body) is clipped into the end of the open U-bolt of the lock, preventing it from being falsely closed without an Amazon employee using a master-key to remove it and relock the cabled padlock onto the secured box with delivery packages and device dropped inside the box, ready for reuse.
They could even use fancy box data from when the box is locked or unlocked to indicate customer availability for package pickup. Items larger than the box would require at-home verification. The only reason not to use this would be cost of unit rental and associated setup.
(I’m guessing they are offloading the cost of secure delivery with a customer’s willingness to risk home burglary … but who would be stupid enough and have enough money to buy lots of stuff and trust a security vulnerability unless they are wealthy enough to afford limited-access building security, which would mean it’s already a highly-limited market for such a thing. Unless, of course, money and intelligence don’t directly relate). I think Amazon is just doing market surveys and advertising with dumb ideas that will never see realistic implementation unless they are scaled (like drone deliveries).
Weird! This is precisely what I envisioned when I first heard about the Amazon Key.
/s
Yeah, that was my first idea, too. But padlocks usually have nothing to secure them, being the lock. So welding, but I’d have to find a place first. Or industrial adhesive.
All this implies that you have a UPS/FedEx/USPS driver who inspects the box and susses out the signs and causes of tampering, rather than just pitching the package onto the porch and hitting the road.
Back when I lived in Northern Virginia, I swear one of our regular UPS drivers missed his calling as an Olympic shot putter.
I have to say that our local delivery persons – even the transient one from Hermes, a delivery service I avoid these days – are pretty good at using our box. Which does have instructions.
They like it a lot, because it allows them to drop of the package without having to walk around corners or to take it back (which is a non-delivery) to try again. Makes their job easier.
Every time this shit comes up, I say how eBay has this problem solved with click to collect, and nobody seems to notice.
Hmm. The alternative is that it fails closed, locking the person out of their house. (Or inside.)
It’s stupid coming and going.
I’m not fond of the product’s function, would never buy one,… but the camera-freeze part is pretty easy to defeat by placing a clock with a second hand in the video-frame. Just make sure it isn’t also internet connected and hackable.
Or… even better (totally non-electric): a drinking bird!