Vulnerabilities In Ip Alarm Signalling Protocols

[cybergibbons]

Not my work this time, but a guy from the Netherlands. He started reverse engineering the IP signalling protocol on an alarm so that he could act on events. Turns out the SIA-HS protocol is totally rotten

 

Here are the slides from his most recent talk, where he goes over some of the flaws in SIA-HS.

 

http://conference.hitb.org/hitbsecconf2013ams/materials/D1T2%20-%20Wilco%20Baan%20Hofman%20-%20Bringing%20Dutch%20Alarm%20Systems%20to%20Their%20Knees.pdf

 

 

I can't find a video of the presentation, but he did one last year on the same topic:

 

He also found problems in the Vebon SecIP protocol, although they are more subtle. Superficially it sounded good, but the details of the implementation led to it being quite insecure.

 

 

 

 

[Ronnie]

don't you people have better things to do with your time??  

[matthew.brough]

don't you people have better things to do with your time??

That's what geeks do, geek things?

[Ronnie]

That's what geeks do, geek things?

 

i'd rather have a beer and get laid...

[goncall]

That's what geeks do, geek things?

i wont even ask what the dummy is for...tho real girlfriends are probably out of the question for those lads....

[matthew.brough]

i wont even ask what the dummy is for...tho real girlfriends are probably out of the question for those lads....

I use wireshark all the time and I have a (human) wife?

i'd rather have a beer and get laid...

Hmm, I know I should too, but this stuffs more interesting.

[PeterJames]

Greeks are getting quite popular here recently wasnt there a Greek here the other week?

[Scotmod]

i'd rather have a beer and get laid...

 

Yet here we all are posting on TSI...

[Oxo]

Not If I win the Euromillions !!

[Ronnie]

Yet here we all are posting on tsi...

but i have a beer next to me now and at least 2-3 spare minutes later..

[Oxo]

LOL

[Scotmod]

Every mans ideal woman?

 

[goncall]

Every mans ideal woman?

 

maybe yours but with hands like that id hate to see her snatch..

[AdrianMealing]

but i have a beer next to me now and at least 2-3 spare minutes later..

 Twice, my wife would be jealous

[Oxo]

She was last night

[cybergibbons]

don't you people have better things to do with your time??  

 

You've got time on here to say that, but not do anything useful? Ok...

[Joe Harris]

Usual banter

 

I am glad that few if any UK ATS took on SIA HS - not sure how many panels support the protocol from the major brands but would be useful to know.

 

I need too fess up that I haven't yet watched the video (watching game of thrones with the missus atm) but will watch it later and give an ARC perspective.

[AdrianMealing]

She was last night

[Oxo]

 

 

Lol, just messin m8.

[AdrianMealing]

Lol, just messin m8.

 I know me too

[Ronnie]

You've got time on here to say that, but not do anything useful? Ok...

Alright love, keep your hair on..

[MrHappy]

creaky chairs & coughing FFS

[james.wilson]

What product that is serious in the signalling world uses this cb?

[Oxo]

Four times?

[james.wilson]

Four times?

?