tr-24-107-001 (1)

12428378480?profile=RESIZE_400xSome smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability.  This remote exploitation is possible due to passwords and private keys being hard-coded in Chirp's Android app. Anyone who knows or finds these credentials can use them with an API maintained by smart lock supplier August to remotely open someone's Chirp-powered lock and thus unlock whatever door it is supposed to be protecting.  Chirp has claimed its system