An average house lock is pretty easy to pick. An average picker of locks could get through in minutes. Someone who trained for years could get through in a few seconds if they’re lucky. Someone using a pick gun, willing to risk damaging the lock, can often get through in seconds. But, each individual lock is different, so you never know how long it will take to get through. Taking any more than 10 seconds to get through a door looks suspicious, so it’s very risky to try to pick a lock if you’re not willing to take a chance at looking suspicious, even if you’re a master lock picker.
With electronic locks, if there’s an exploit for that lock and the person going up to the lock has access to it, they could get through instantly and not look at all suspicious. If there’s no exploit, the person is out of luck. The person trying to break in also doesn’t have to have any expertise. They just need access to the exploits. Also, because people are constantly trying to find exploits, there’s almost guaranteed to be a time when your lock is vulnerable. Making it worse, with an electronic lock, someone can inspect the lock one time, and then just wait for a vulnerability for that particular lock to be available.
I think CGP Grey has a video about this concept. It’s not so much that a mechanic lock is better or more secure.
It’s more that it takes one person
$xseconds to break into one lock.That’s very different than allowing a million people the opportunity to break your digital lock millions of times.
It’s a different threat model.
An average house lock is pretty easy to pick. An average picker of locks could get through in minutes. Someone who trained for years could get through in a few seconds if they’re lucky. Someone using a pick gun, willing to risk damaging the lock, can often get through in seconds. But, each individual lock is different, so you never know how long it will take to get through. Taking any more than 10 seconds to get through a door looks suspicious, so it’s very risky to try to pick a lock if you’re not willing to take a chance at looking suspicious, even if you’re a master lock picker.
With electronic locks, if there’s an exploit for that lock and the person going up to the lock has access to it, they could get through instantly and not look at all suspicious. If there’s no exploit, the person is out of luck. The person trying to break in also doesn’t have to have any expertise. They just need access to the exploits. Also, because people are constantly trying to find exploits, there’s almost guaranteed to be a time when your lock is vulnerable. Making it worse, with an electronic lock, someone can inspect the lock one time, and then just wait for a vulnerability for that particular lock to be available.