cybergibbons

A few days late to this. The state of security on the wireless side is really quite poor for a lot of systems. The big issue is that most of them aren't two way, it causes so many issues. At this time, I'd only recommended Texecom Ricochet and Pyronix Enforcer. However, the RF side of things isn't my big worry anymore, it's the signalling and IP side. So many companies are doing this wrong, and badly wrong. You can divide the manufacturers cleanly down the middle. There's those burying their head in the sand and those that are seeking out best practices.

Thanks for the link to my site. I still stand by those recommendations.

I've got a stack of used CSL Dualcom boards ranging from software version 2.02 to 3.53 (which is the latest version you could download from CSL). I've seen a lot of videos showing 1.25. What versions of the board do you see in the wild?

The Texecom panels come with the software on CD, and if you contact support they will send you new versions. The COM ports use a fairly simple protocol which is documented but you need to sign an NDA to get hold of. You could use this to integrate to other systems. I suspect Texecom are going to make moves to appeal to the advanced home users at some point in the future.

Fairly sure as someone said, you use these to alert security/customer services if someone is shoplifting and you need assistance.

Didn't know they existed!

Anyone else?

Surprised that there are the even older white ones out there. Thanks.

The CSL boards I've been looking at are nearly all CS2300 Dualcom GPRS units. It looks like there are now other boards available: CS2121 Dualcom DigiPlus CS2300-R Dualcom Gradeshift (which outwardly looks like the CS2300) CS5600 Dualcom DigiAir And at some point there have been: CS5300 Dualcom Calibre (black box)I'm being told that any issues I find on the CS2300 units aren't going to be problems because there are very few of the units out there. I don't think this is true - I think the CS2300-R is just a minor revision and the CS5600 DigiAir is too new to have already replaced however many units there are out there. What units do you see in use?

Yeah, it's been an interesting few days. Met a lot of people from a lot of companies. Texecom are a really good bunch, as are the Webway team. So much CCTV **** being touted. No idea how you could tell one camera from another. A million DVRs that are probably totally insecure. A lot of alarm manufacturers from Eastern Europe. Not sure how serious they are about the UK market, but interesting times. Still got all my kneecaps as well.

I'll be heading back this afternoon, got work to do but need to meet a few more people. Good to put some faces to names!

Right, I should be there at around lunchtime.

I could do Wednesday afternoon maybe.

Are any of you going to IFSEC this year? Which days? I'm planning on going on Thursday.

Sounds like it's going to go full circle and end up semi-monitored again. A bit odd they don't have an external siren to start out with. Tempted to order one, but it sounds like you need a US phone number to register. Might just wait until they are released in the UK.

It seems to meet a need. People want to take paid-for traditional monitoring out of the equation. I don't understand why that has to mean the alarm is missing a load of functionality though. It's no better than a Friedland Response in these terms.

Just noticed this Internet connected alarm posted over on DIYnot. Looks better than Piper and Canary, but still sorely lacking in serious features. https://www.ismartalarm.com It's got FCC docs online, so I did a quick virtual teardown of it: http://cybergibbons.com/alarms-2/ismartalarm-quick-teardown/

Wow, that was what was in our house when we moved in. Very surprised the keypad still works - several of the digits needed some serious force to work. I couldn't find an engineers manual for it, but that was three years ago.

Yep, sealed lead acids are not very tolerant of deep discharge at all.

I had to deal with one very similar to this a while back, though it had a jog dial to the right of the direction buttons. There were hundreds of models using the same firmware (google "01p-2358-001008-ar01"). Lots of people not sure which one it was. This looks like it: http://www.ntic.com.tw/specification/J2000S-16T1.htm This was the manual that was close enough for the one I worked with: http://www.scorpion-group.co.uk/baselinepro-manual.pdf "JPEG 2000 DVR" is also a good search term. It ended up getting ditched as it was just not very good and more work than a new one.

Reprogram the NVM so it connects to my server and examine the traffic it generates and expects to receive. Disassembled code is a bit heavy going without being able to observe something actually working.

Right - I'm sorted for one of these now. Thanks!

The CDS connection goes to the little light sensor down at the bottom. How do you know that the fault is with the illuminator board and not the driver?

Yes, some signalling products appear to have to message authentication - it appears to be trivial to spoof responses. MITM is unlikely currently. But then if one product can be MITMed and another can't, which one is better? With respect to path priority, if you can act as MITM on the secondary LAN interface and then respond with a message saying "Reconfigure all inputs to not trigger on changes", then it doesn't matter that the other path is untouched.

If you just take out the LAN interface, then a dual path device is going to cause an alarm, yes. But if you can change the gateway, you can act as a man-in-the-middle. If the protocol has no message authentication, sequencing etc. then you can just act as if everything is OK. It's just a nasty hole to leave open.