Some customers of “smart lock” manufacturer Lockstate recently came in for an unpleasant surprise: A software update from the company permanently broke the locks on their properties.
The incident is a reminder of the risks that come with the “internet of things” (IoT) — when your home’s appliances and features are reliant on the services of other companies, things can go wrong fast.
Lockstate is an IoT company that builds internet-connected smart locks. They’re designed to help people rent out their homes on platforms like Airbnb — but in an emailed message last week, CEO Nolan Mondrow informed some customers that the company had accidentally rendered their locks useless. (You can read the full email here, and we first heard about the incident via Gizmodo.)
“We are sorry to inform you about some unfortunate news. Your lock is among a small subset of locks that had a fatal error rendering it inoperable,” the chief executive wrote. “After a software update was sent to your lock, it failed to reconnect to our web service making a remote fix impossible.”
It’s easy to see how if you don’t have a functioning lock (or locks) for a week — or perhaps longer — it could have a massive impact on your rental business, costing you significant sums of money.
So what can customers do about it? Lockstate can manually update the lock if they have physical access to it, requiring the customer to send it back to them — taking up to a week. Or Lockstate can “ship a replacement interior lock for [the customer] to replace,” which will take between 14 to 18 days, the company said.
“We realise the impact that this issue may have on you and your business and we are deeply sorry,” Mondrow wrote. “Every employee and resource at LockState is focused on resolving this for you as quickly as possible.”
Lockstate told Threatpost that more than 500 customers were affected, around 200 of which were Airbnb hosts. They were apparently customers who had bought the first-generation 6000i lock.
Internet of things appliances have caused headaches for homeowners before. After Google-owned smart home company bought Revolv, another smart-home business, it took the decision to shut down support — permanently disabling Revolv customers’ devices.
One Revolv customer Arlo Gilbert, suggested the incident raised broader questions about the extent of ownership in the digital age, writing: “When software and hardware are intertwined, does a warranty mean you stop supporting the hardware or does it mean that the manufacturer can intentionally disable it without consequence? [Then-CEO of Nest] Tony Fadell seems to believe the latter. Tony believes he has the right to reach into your home and pull the plug on your Nest products.”