Security

Wyze launches its $50 wire-free outdoor camera

Posted by | Gadgets, hardware, Security, security camera, TC, wyze | No Comments

In recent years, Seattle-based Wyze made a name for itself thanks to making a lot of smart home gadgets affordable. These days, the company sells everything from smart plugs and locks to scales and fitness bands, but what started it all was the $20 Wyze indoor security camera. Today, the company is following that up with its newest camera, the Wyze Cam Outdoor, which is launching in early access today.

It’ll cost $50 for the starter bundle with a base station and once the camera is out of early access, you’ll be able to add additional cameras for $40 each. As usual, Wyze is undercutting many of its direct competitors in this space for basic outdoor security cameras on price.

For the most part, the name tells you everything you need. It’s a 20 fps 1080p camera for live streaming and recording and features IP65 water resistance that keeps the overall blocky aesthetics of the original Wyze camera. It also offers a night vision mode and two-way audio through the Wyze app, which also offers a rolling 14 days of free cloud storage, in addition to on-device storage. And, of course, it also uses some onboard smarts to do motion detection, using a standard PIR sensor.

Image Credits: Wyze /

Like similar products, it runs purely on battery power, so you don’t have to string any cables across your yard. The company says the battery should last three to six months.

It mounts to its base with magnets, but you still need to do a bit of DIY to screw that base into your walls, ceilings or garden fences.

The base station itself is obviously cabled (and that includes the option to plug in an Ethernet cable, in addition to Wi-Fi support). One nice feature here is that the base station also includes an SD card slot, so you can store videos on there, too.

Given that it’s pretty small, at 2.3×2.3×2.8 inches, Wyze also built another nifty feature into the software: offline travel mode. With this, the company says, you can watch your hotel room or campsite while you’re away from home.

Image Credits: Wyze

Based on the samples, this looks to be a pretty capable outdoor camera, but hardware is only one piece of the puzzle here. A lot depends on how well the app and on-camera motion detection work, too. We’ll take a closer look at those once we get a review sample in the next couple of weeks.

If you don’t want to wait until then, the starter pack is now available in Wyze’s shop and in the Wyze app.

Powered by WPeMatico

Apple’s iOS 14 will give users the option to decline app ad tracking

Posted by | Android, app-store, Apple, apple inc, computing, events, Google, iPads, iPhone, iTunes, mach, operating systems, privacy, Security, smartphones, Software, wwdc 2020 | No Comments

A new version of iOS wouldn’t be the same without a bunch of security and privacy updates. Apple on Monday announced a ton of new features it’ll bake into iOS 14, expected out later this year with the release of new iPhones and iPads.

Apple said it will allow users to share your approximate location with apps, instead of your precise location. It’ll allow apps to take your rough location without identifying precisely where you are. It’s another option that users have when they give over their location. Last year, Apple allowed users to give over their location once so that apps can’t track a person as they go about their day.

iPhones with iOS 14 will also get a camera and microphone recording indicator in the status bar. It’s a similar feature to the camera light that comes with Macs and MacBooks. The recording indicator will sit in the top bar of your iPhone’s display when your front or rear camera is in use, or if a microphone is active.

But the biggest changes are for app developers themselves, Apple said. In iOS 14, users will be asked if they want to be tracked by the app. That’s a major change that will likely have a ripple effect: By allowing users to reject tracking, it’ll reduce the amount of data that’s collected, preserving user privacy.

Apple also said it will also require app developers to self-report the kinds of permissions that their apps request. This will improve transparency, allowing the user to know what kind of data they may have to give over in order to use the app. It also will explain how that collected data could be tracked outside of the app.

Android users have been able to see app permissions for years on the Google Play app store.

The move is Apple’s latest assault against the ad industry as part of the tech giant’s privacy-conscious mantra.

The ad industry has frequently been the target of Apple’s barbs, amid a string of controversies that have embroiled both advertisers and data-hungry tech giants, like Facebook and Google, which make the bulk of their profits from targeted advertising. As far back as 2015, Apple CEO Tim Cook said its Silicon Valley rivals are “gobbling up everything they can learn about you and trying to monetize it.” Apple, which makes its money selling hardware, “elected not to do that,” said Cook.

As targeted advertising became more invasive, Apple countered by baking in new privacy features to its software, like its intelligence tracking prevention technology and allowing Safari users to install content blockers that prevent ads and trackers from loading.

Just last year Apple told developers to stop using third-party trackers in apps for children or face rejection from the App Store.

Powered by WPeMatico

Nintendo now says 300,000 accounts breached by hackers

Posted by | Gaming, Nintendo, Security, security breaches | No Comments

Nintendo has almost doubled the number of user accounts compromised by hackers in the past few months.

The Japanese gaming giant originally said that 160,000 Nintendo accounts were compromised, exposing personal information like the account owner’s name, email address, date-of-birth and their country of residence. In an updated statement, the company said another 140,000 Nintendo accounts had been compromised.

Nintendo said the number increased as a result of its continuing investigation.

The company said it reset those passwords and contacted customers. The statement reiterated that fewer than 1% of all accounts were impacted by the breach.

News of account compromises came as early as March when users complained that their accounts were charged for digital items without their permission. Nintendo said in a tweet in April that users should enable two-factor authentication on their accounts but without saying why.

It took another two weeks before Nintendo admitted that accounts had been improperly accessed.

But Nintendo still hasn’t said how the accounts were accessed, beyond claiming that hackers got access to accounts by obtaining account passwords “by some means other than our company’s service.” Its implication is that users may have used weak passwords that hackers cracked, or reused passwords that were breached from other services and used by hackers to break into their Nintendo accounts.

If you haven’t enabled two-factor authentication on your Nintendo account yet, now would probably be a good time.

Powered by WPeMatico

Signal now has built-in face blurring for photos

Posted by | Apps, Mobile, privacy, Security, signal | No Comments

Apps like Signal are proving invaluable in these days of unrest, and anything we can do to simplify and secure the way we share sensitive information is welcome. To that end Signal has added the ability to blur faces in photos sent via the app, making it easy to protect someone’s identity without leaving any trace on other, less secure apps.

After noting Signal’s support of the protests occurring all over the world right now against police brutality, the company’s founder Moxie Marlinspike writes in a blog post that “We’ve also been working to figure out additional ways we can support everyone in the street right now. One immediate thing seems clear: 2020 is a pretty good year to cover your face.”

Fortunately there are perfectly good tools out there both to find faces in photographs and to blur imagery (presumably irreversibly, given Signal’s past attention to detail in these matters, but the company has not returned a request for comment). Put them together and boom, a new feature that lets you blur all the faces in a photo with a single tap.

Image Credits: Signal

This is helpful for the many users of Signal who use it to send sensitive information, including photos where someone might rather not be identifiable. Normally one would blur the face in another photo editor app, which is simple enough but not necessarily secure. Some editing apps, for instance, host computation-intensive processes on cloud infrastructure and may retain a copy of a photo being edited there — and who knows what their privacy or law enforcement policy may be?

If it’s sensitive at all, it’s better to keep everything on your phone and in apps you trust. And Signal is among the few apps trusted by the justifiably paranoid.

All face detection and blurring takes place on your phone, Marlinspike wrote. But he warned that the face detection isn’t 100% reliable, so be ready to manually draw or expand blur regions in case someone isn’t detected.

The new feature should appear in the latest versions of the app as soon as those are approved by Google and Apple.

Lastly Marlinspike wrote that the company is planning on “distributing versatile face coverings to the community free of charge.” The picture shows a neck gaiter like those sold for warmth and face protection. Something to look forward to then.

Powered by WPeMatico

Decrypted: iOS 13.5 jailbreak, FBI slams Apple, VCs talk cybersecurity

Posted by | Android, apple-app-store, Cisco, civil liberties, computer security, cryptography, cybercrime, Cyberwarfare, dark web, data breach, encryption, Extra Crunch, iPhone, Market Analysis, Mobile, privacy, Security, smartphones, Startups, Troy Hunt, video conferencing, WebEX | No Comments

It was a busy week in security.

Newly released documents shown exclusively to TechCrunch show that U.S. immigration authorities used a controversial cell phone snooping technology known as a “stingray” hundreds of times in the past three years. Also, if you haven’t updated your Android phone in a while, now would be a good time to check. That’s because a brand-new security vulnerability was found — and patched. The bug, if exploited, could let a malicious app trick a user into thinking they’re using a legitimate app that can be used to steal passwords.

Here’s more from the week.


THE BIG PICTURE

Every iPhone now has a working jailbreak

Powered by WPeMatico

Apple has just patched the recent iOS 13.5 jailbreak

Posted by | Android, Apple, iPhone, iTunes, jailbreak, operating system, operating systems, Security, smartphones | No Comments

Well that didn’t last long.

Apple has patched a security vulnerability that allowed hackers to build a jailbreak tool allowing deep access to the iPhone software.

In a security advisory, Apple acknowledged that it had fixed the vulnerability in iOS 13.5.1, posted Monday. The technology giant credited the unc0ver team, which released the jailbreak just last week, for finding the vulnerability.

Although details of the vulnerability are not yet public, Apple typically works quickly to patch vulnerabilities that allow jailbreaks, fearing that the same vulnerability could also be abused by malicious hackers.

In a tweet, one of the lead jailbreakers confirmed that updating to iOS 13.5.1 will close the vulnerability and render the jailbreak useless.

I can confirm the new *OS updates have patched the kernel vulnerability used by the #unc0ver jailbreak.

If you are on iOS 13.5, stay and save blobs.

If you are not on iOS 13.5, update to it with the IPSW using a computer while it is still being signed and save blobs.

— @Pwn20wnd (@Pwn20wnd) June 1, 2020

Jailbreaking is a popular way to allow users to break free from Apple’s “jail” — hence the term — that prevents deep access to an iPhone’s operating system. Apple has does this to improve device security and to reduce the surface area in which hackers can attack the software. But jailbreakers say breaking through those restrictions allows them greater customization over their iPhones in a way that most Android users are already used to.

Security experts typically advise against jailbreaking as it can expose a device owner to a greater range of attacks, while advising users to install their devices and software as soon as updates become available.

Apple said iOS 13.5.1 also comes with new Memoji stickers and other bug fixes and improvements.

Update today. If security isn’t your thing, at least do it for the Memoji stickers.

Powered by WPeMatico

A new Android bug, Strandhogg 2.0, lets malware pose as real apps and steal user data

Posted by | Android, computing, Google, Google Play, malware, mobile security, operating systems, Security, smartphones, spokesperson, vulnerability | No Comments

Security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data.

The vulnerability, dubbed Strandhogg 2.0 (named after the Norse term for a hostile takeover) affects all devices running Android 9.0 and earlier. It’s the “evil twin” to an earlier bug of the same name, according to Norwegian security firm Promon, which discovered both vulnerabilities six months apart. Strandhogg 2.0 works by tricking a victim into thinking they’re entering their passwords on a legitimate app while instead interacting with a malicious overlay. Strandhogg 2.0 can also hijack other app permissions to siphon off sensitive user data, like contacts, photos, and track a victim’s real-time location.

The bug is said to be more dangerous than its predecessor because it’s “nearly undetectable,” Tom Lysemose Hansen, founder and chief technology officer at Promon, told TechCrunch.

The good news is that Promon said it has no evidence that hackers have used the bug in active hacking campaigns. The caveat is that there are “no good ways” to detect an attack. Fearing the bug could still be abused by hackers, Promon delayed releasing details of the bug until Google could fix the “critical”-rated vulnerability.

A spokesperson for Google told TechCrunch that the company also saw no evidence of active exploitation. “We appreciate the work of the researchers, and have released a fix for the issue they identified.” The spokesperson said Google Play Protect, an app screening service built-in to Android devices, blocks apps that exploit the Strandhogg 2.0 vulnerability.

Standhogg 2.0 works by abusing Android’s multitasking system, which keeps tabs on every recently opened app so that the user can quickly switch back and forth. A victim would have to download a malicious app — disguised as a normal app — that can exploit the Strandhogg 2.0 vulnerability. Once installed and when a victim opens a legitimate app, the malicious app quickly hijacks the app and injects malicious content in its place, such as a fake login window.

When a victim enters their password on the fake overlay, their passwords are siphoned off to the hacker’s servers. The real app then appears as though the login was real.

Strandhogg 2.0 doesn’t need any Android permissions to run, but it can also hijack the permissions of other apps that have access to a victim’s contacts, photos, and messages by triggering a permissions request.

“If the permission is granted, then the malware now has this dangerous permission,” said Hansen.

Once that permission is granted, the malicious app can upload data from a user’s phone. The malware can upload entire text message conversations, said Hansen, allowing the hackers to defeat two-factor authentication protections.

The risk to users is likely low, but not zero. Promon said updating Android devices with the latest security updates — out now — will fix the vulnerability. Users are advised to update their Android devices as soon as possible.

Powered by WPeMatico

The FBI is mad because it keeps getting into locked iPhones without Apple’s help

Posted by | Apple, Cellebrite, Column, encryption, Federal Bureau of Investigation, Gadgets, iCloud, iOS, iPhone, NSO Group, Opinion, Policy, privacy, Security, smartphone, surveillance, William Barr | No Comments
Riana Pfefferkorn
Contributor

Riana Pfefferkorn is the associate director of Surveillance and Cybersecurity at the Stanford Center for Internet and Society.

The debate over encryption continues to drag on without end.

In recent months, the discourse has largely swung away from encrypted smartphones to focus instead on end-to-end encrypted messaging. But a recent press conference by the heads of the Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) showed that the debate over device encryption isn’t dead, it was merely resting. And it just won’t go away.

At the presser, Attorney General William Barr and FBI Director Chris Wray announced that after months of work, FBI technicians had succeeded in unlocking the two iPhones used by the Saudi military officer who carried out a terrorist shooting at the Pensacola Naval Air Station in Florida in December 2019. The shooter died in the attack, which was quickly claimed by Al Qaeda in the Arabian Peninsula.

Early this year — a solid month after the shooting — Barr had asked Apple to help unlock the phones (one of which was damaged by a bullet), which were older iPhone 5 and 7 models. Apple provided “gigabytes of information” to investigators, including “iCloud backups, account information and transactional data for multiple accounts,” but drew the line at assisting with the devices. The situation threatened to revive the 2016 “Apple versus FBI” showdown over another locked iPhone following the San Bernardino terror attack.

After the government went to federal court to try to dragoon Apple into doing investigators’ job for them, the dispute ended anticlimactically when the government got into the phone itself after purchasing an exploit from an outside vendor the government refused to identify. The Pensacola case culminated much the same way, except that the FBI apparently used an in-house solution instead of a third party’s exploit.

You’d think the FBI’s success at a tricky task (remember, one of the phones had been shot) would be good news for the Bureau. Yet an unmistakable note of bitterness tinged the laudatory remarks at the press conference for the technicians who made it happen. Despite the Bureau’s impressive achievement, and despite the gobs of data Apple had provided, Barr and Wray devoted much of their remarks to maligning Apple, with Wray going so far as to say the government “received effectively no help” from the company.

This diversion tactic worked: in news stories covering the press conference, headline after headline after headline highlighted the FBI’s slam against Apple instead of focusing on what the press conference was nominally about: the fact that federal law enforcement agencies can get into locked iPhones without Apple’s assistance.

That should be the headline news, because it’s important. That inconvenient truth undercuts the agencies’ longstanding claim that they’re helpless in the face of Apple’s encryption and thus the company should be legally forced to weaken its device encryption for law enforcement access. No wonder Wray and Barr are so mad that their employees keep being good at their jobs.

By reviving the old blame-Apple routine, the two officials managed to evade a number of questions that their press conference left unanswered. What exactly are the FBI’s capabilities when it comes to accessing locked, encrypted smartphones? Wray claimed the technique developed by FBI technicians is “of pretty limited application” beyond the Pensacola iPhones. How limited? What other phone-cracking techniques does the FBI have, and which handset models and which mobile OS versions do those techniques reliably work on? In what kinds of cases, for what kinds of crimes, are these tools being used?

We also don’t know what’s changed internally at the Bureau since that damning 2018 Inspector General postmortem on the San Bernardino affair. Whatever happened with the FBI’s plans, announced in the IG report, to lower the barrier within the agency to using national security tools and techniques in criminal cases? Did that change come to pass, and did it play a role in the Pensacola success? Is the FBI cracking into criminal suspects’ phones using classified techniques from the national security context that might not pass muster in a court proceeding (were their use to be acknowledged at all)?

Further, how do the FBI’s in-house capabilities complement the larger ecosystem of tools and techniques for law enforcement to access locked phones? Those include third-party vendors GrayShift and Cellebrite’s devices, which, in addition to the FBI, count numerous U.S. state and local police departments and federal immigration authorities among their clients. When plugged into a locked phone, these devices can bypass the phone’s encryption to yield up its contents, and (in the case of GrayShift) can plant spyware on an iPhone to log its passcode when police trick a phone’s owner into entering it. These devices work on very recent iPhone models: Cellebrite claims it can unlock any iPhone for law enforcement, and the FBI has unlocked an iPhone 11 Pro Max using GrayShift’s GrayKey device.

In addition to Cellebrite and GrayShift, which have a well-established U.S. customer base, the ecosystem of third-party phone-hacking companies includes entities that market remote-access phone-hacking software to governments around the world. Perhaps the most notorious example is the Israel-based NSO Group, whose Pegasus software has been used by foreign governments against dissidents, journalists, lawyers and human rights activists. The company’s U.S. arm has attempted to market Pegasus domestically to American police departments under another name. Which third-party vendors are supplying phone-hacking solutions to the FBI, and at what price?

Finally, who else besides the FBI will be the beneficiary of the technique that worked on the Pensacola phones? Does the FBI share the vendor tools it purchases, or its own home-rolled ones, with other agencies (federal, state, tribal or local)? Which tools, which agencies and for what kinds of cases? Even if it doesn’t share the techniques directly, will it use them to unlock phones for other agencies, as it did for a state prosecutor soon after purchasing the exploit for the San Bernardino iPhone?

We have little idea of the answers to any of these questions, because the FBI’s capabilities are a closely held secret. What advances and breakthroughs it has achieved, and which vendors it has paid, we (who provide the taxpayer dollars to fund this work) aren’t allowed to know. And the agency refuses to answer questions about encryption’s impact on its investigations even from members of Congress, who can be privy to confidential information denied to the general public.

The only public information coming out of the FBI’s phone-hacking black box is nothingburgers like the recent press conference. At an event all about the FBI’s phone-hacking capabilities, Director Wray and AG Barr cunningly managed to deflect the press’s attention onto Apple, dodging any difficult questions, such as what the FBI’s abilities mean for Americans’ privacy, civil liberties and data security, or even basic questions like how much the Pensacola phone-cracking operation cost.

As the recent PR spectacle demonstrated, a press conference isn’t oversight. And instead of exerting its oversight power, mandating more transparency, or requiring an accounting and cost/benefit analysis of the FBI’s phone-hacking expenditures — instead of demanding a straight and conclusive answer to the eternal question of whether, in light of the agency’s continually-evolving capabilities, there’s really any need to force smartphone makers to weaken their device encryption — Congress is instead coming up with dangerous legislation such as the EARN IT Act, which risks undermining encryption right when a population forced by COVID-19 to do everything online from home can least afford it.

The bestcase scenario now is that the federal agency that proved its untrustworthiness by lying to the Foreign Intelligence Surveillance Court can crack into our smartphones, but maybe not all of them; that maybe it isn’t sharing its toys with state and local police departments (which are rife with domestic abusers who’d love to get access to their victims’ phones); that unlike third-party vendor devices, maybe the FBI’s tools won’t end up on eBay where criminals can buy them; and that hopefully it hasn’t paid taxpayer money to the spyware company whose best-known government customer murdered and dismembered a journalist.

The worst-case scenario would be that, between in-house and third-party tools, pretty much any law enforcement agency can now reliably crack into everybody’s phones, and yet nevertheless this turns out to be the year they finally get their legislative victory over encryption anyway. I can’t wait to see what else 2020 has in store.

Powered by WPeMatico

Decrypted: No warrants for web data, UK grid cyberattack, CyberArk buys Idaptive

Posted by | california, cryptography, cyberattacks, cybercrime, Decrypted, electricity, Exit, Extra Crunch, iPhone, Market Analysis, Mobile, north america, ransomware, Recent Funding, Security, senate, Startups, U.S. government | No Comments

One vote.

That’s all it needed for a bipartisan Senate amendment to pass that would have stopped federal authorities from further accessing millions of Americans’ browsing records. But it didn’t. One Republican was in quarantine, another was AWOL. Two Democratic senators — including former presidential hopeful Bernie Sanders — were nowhere to be seen and neither returned a request for comment.

It was one of several amendments offered up in the effort to reform and reauthorize the Foreign Intelligence Surveillance Act, the basis of U.S. spying laws. The law, signed in 1978, put restrictions on who intelligence agencies could target with their vast listening and collection stations. But after the Edward Snowden revelations in 2013, lawmakers champed at the bit to change the system to better protect Americans, who are largely protected from the spies within its borders.

One privacy-focused amendment, brought by Sens. Mike Lee and Patrick Leahy, passed — permits for more independent oversight to the secretive and typically one-sided Washington, D.C. court that authorizes government surveillance programs, the Foreign Intelligence Surveillance Court. That amendment all but guarantees the bill will bounce back to the House for further scrutiny.

Here’s more from the week.


THE BIG PICTURE

Three years after WannaCry, U.S. still on North Korea’s tail

A feature-length profile in Wired magazine looks at the life of Marcus Hutchins, one of the heroes who helped stop the world’s biggest cyberattack three years to the day.

The profile — a 14,000-word cover story — examines his part in halting the spread of the global WannaCry ransomware attack and how his early days led him into a criminal world that prompted him to plead guilty to felony hacking charges. Thanks in part to his efforts in saving the internet, he was sentenced to time served and walked free.

Powered by WPeMatico

The new August Wi-Fi Smart Lock is now available, and it’s the connected smart lock to beat

Posted by | Airbnb, Alexa, Assa Abloy, August Home, Best-Buy, Bluetooth, Gadgets, Google, hardware, lock, Reviews, Security, smart lock, smartphone, TC, technology, wi-fi, yale, yves behar | No Comments

It’s been a few years since August introduced any new hardware, but its August Wi-Fi Smart Lock, which it debuted at CES this year, is now available. This is the new flagship in the August lineup, replacing the August Smart Lock Pro as the latest and greatest feature-packed connected lock from the company, and it brings an improved design along with built-in Wi-Fi. August’s existing locks are the market leaders in easy conversion kits for existing thumbturn deadbolts, and the August Wi-Fi Smart Lock improves upon that reputation in every way.

Design

The August Wi-Fi Smart Lock has a great design pedigree already, since the company was originally co-founded by Yves Béhar. Béhar spearheaded the design of this generation as well, and the result is a look that is recognizably August, but with upgraded looks and tactile improvements, too. The satin nickel finish on my review hardware looked great and premium (it also comes in black), and the textured outer edge feels great when turning the lock to manually lock/unlock. There’s now a slightly raised “pointer” to provide a quick visual indicator of whether the door is locked or unlocked, as well.

The biggest design change versus the August Smart Lock Pro, however, is that it’s quite a bit smaller. August says it’s 45% smaller by volume, in fact, and 20% slimmer front to back, and the size savings definitely show. The rather large dimensions of the Smart Lock Pro meant that it wasn’t able to be installed on some doors, so there’s a practical, functional benefit to the change, but it also just looks a lot nicer and is less likely to stick out among the rest of your home decor.

The smaller design was made possible despite the inclusion of Wi-Fi built-in, partly because of the switch to CR2 batteries, which are a lot less common than the AAs used by the Smart Lock Pro, but which you should still be able to find pretty easily at a drugstore or via Amazon.

Size aside, the design still provides a great, easy to use manual turn for physically unlocking and locking your door. The install process is also still very easy, even if you’re not particularly handy. August even provides paint-safe tape in the box for securing the other side of your lock while you remove the thumb plate, and its app gives you easy instructions for matching the right included size adapter depending on your deadbolt manufacturer. Replacing my own thumb turn took about five minutes start to finish.

Features

The whole point of August’s technology is that it provides a way to lock and unlock your door with your phone. With the August Wi-Fi Smart Lock, that’s a lot less complicated than it has been in the past, because it has Wi-Fi built-in. Previous August locks relied exclusively on Bluetooth, and required that you also purchase and own a separate Connect dongle, which plugs into a standard wall socket, to connect to the lock itself via Bluetooth and act as a bridge to your Wi-Fi network.

Doing away with the need for a Connect means you connect the Wi-Fi Smart Lock to your network during setup, and then it’s reachable anywhere using the August smartphone app. You can easily tap to lock and unlock the door so long as you have an active data connection, and you can do a lot more besides, including granting others access.

August allows you to provision virtual keys to friends via email (they’ll be asked to register for an account if they don’t have one). This is a popular feature for Airbnb hosts, because you can also revoke permission once you no longer want someone to have access. It’s also great for letting in neighbors to feed your pets (once travel is an option again, of course) and for giving family an easy way to check in. Plus, you can share it with other members of your households and make them owners for top-level access and controls, as well.

You can also set the August Wi-Fi Smart Lock to automatically lock once you close the door, either immediately or after a set time that you can customize. This works using DoorSense, which is facilitated by a magnetic sensor that August includes in the box and that you install in your door frame upon setup.

Auto-unlock for me has worked most of the time, though I have had a few occasions where upon returning, I get a “Welcome home” notification from the August app, but the door doesn’t actually unlock and I have to do so by opening the app and pressing the button. In general, however, it works well, and is a great benefit when you return home with your arms full of groceries, for instance.

Performance

The August Wi-Fi Smart Lock brings an updated design and integrated Wi-Fi, but it doesn’t change much in terms of the core functionality of August’s previous locks, and it also seems to be at least a match for prior generations when it comes to reliability. Using the app, I was consistently able to both lock and unlock the door, both within and outside of the home.

August also offers integration with voice assistants, including Alexa, Google Home and HomeKit. These I found a bit more unreliable, with at least one actual failed unlock attempt via HomeKit. But overall they also performed mostly well, with a bit more lag than doing things via the August app directly. You’re also able to unlock via voice command, though the app wisely forces you to register an authorization code to protect against manipulation, like someone trying to yell at Alexa through your door to unlock the unit.

August also offers the option to receive push notification about lock and unlock events, and stores a whole history of the lock’s usage, including door open and closed status, manual/automatic/remote locking and unlocking events and more. It’s a great way to maintain peace of mind about who’s accessing your home, when and how.

Bottom line

August has a long history of building connected locks, and its reputation has earned it both accolades and a 2017 acquisition by leading international lock maker Assa Abloy, which operates a number of brands, including Yale. This is the first lock that it has launched since that acquisition, and it’s a promising indicator that the deal hasn’t dulled their edge when it comes to August-branded product development. This is a great smart lock, with fast and easy installation and ergonomic, visually pleasing design and broad compatibility. Its auto-lock and unlock features really change the way you go about everything from running errands to walking the dog — it’s surprising how much a little convenience can make even the most mundane tasks more pleasant.

The August Wi-Fi Smart Lock is available for $249.99 via August.com and Best Buy, and will expand availability to additional retailers beginning May 17.

Powered by WPeMatico