matthew.brough

Yes, RF portal is done via the keypads. 6.5

It's easy enough on a GD. Each RF portal is seen as RIO's and you can tell it how many rio addresses you want to take up. It's a case of putting the panel into learn and tampering the device and all is well. Program everything else as a normal zone.

He gets moody occasionally.

Absolutely

You can't choose the code you quote to the arc, the remote reset unit decides that but most seasoned end users are clued up on the things to say to get a remote reset so you could generate some alarms, call the arc and get the resets for 'valid' reasons and you would have enough code and anticodes to do your maths.

Indeed it does. All return anticode 18003

I was referring to the list of manufacturers cg that you did where texecom was on the top end. What I found interesting is the order you put the manufacturers in based on the tests you had done is the same order thereabouts that I'd have expected most experienced engineers to write without any of your knowledge just based on gut feel from having to support the products in the wild.

Good question, but technistore are using it to imply their stuff is very secure. Not at all.

You make a good point, technistore brag on their website of military grade encryption. If the technistore decoder is military grade and it took you 5 mins to work it out, doesn't say much for military grade! I can see that. Hopefully cg will have the time to take a look at all the common gear we use. Especially signalling devices. (Not sure if I mentioned before I'm looking forward to that?)

I've no doubt you check your activation reports, I'm sure 90% of the industry doesn't bother. The worry for me is the fact you could reset a tamper with remote reset so someone could have a tinker with the system (as you say a lot on Redcare still and other pin driven signalling) so you could tamper the panel, mess around with a few wires and system not talking. Fail to operate. That's my concern more with customers having access to rr.

The seed codes are reasonably common knowledge. I think most engineers know a few just by where they have worked and engineers they know in other companies. If cg had bad intentions, he could simply write a list of them and generate a little web page for customers to reset their own alarms and the fact he can is the frightening bit, exposing a system that isn't very secure which I believe was the whole point of his blog in the first place. We have all seen websites appear to assist the consumer getting around things such as sayno20870 etc, why should we be immune from customers trying to save a few quid and reset their own alarms and avoid the engineer call out fee? We should have a better system that stops them being able to.

Such as?

It's our duty to assist him with his work. Adrian is a good example. From what cg says their radio kit is a 1st class job, secure and all round a great product. Compared with other kit that is the polar opposite but no one knows the difference. By cg trying to hack Adrian's product and not being able to is a huge selling point for Texecom. If I were texecom, I'd point people towards the blog. I can't wait until signalling products are done as finally he will reveal to the world, with evidence that all is not the same. If all the kit the industry used was as good as the alarm companies tell the end user it is, cgs work wouldn't worry anyone. The only reason people are nervous is he is starting to expose the truth about some of the sub standard kit in use. I am sat with every confidence that the equipment we use will stand up 100% to any test and I'm happy to assist him with his investigations so that the faith I've placed in Aritech and webway is based on some hard facts.

+1

Especially the signalling. Lead the way

Show some enthusiasm h. All this high tech cyber stuff not press your buttons?

Be rude not to

That does annoy me a little. Although it seemed a bit heavy handed, technistores more restrictive nature was a preferred option to including the reset tool with UDL software as why does the alarm co really need it? If they are udling to the panel the engineer code will reset anyway so don't see why they need it.

I'm surprised the old Redcare remote reset idea where the arc sends a reset command wasn't more popular.

Just a loose urn risk if mr end user can gain access to reset the alarm.

Got it in one

But you have to call them activate it? We did with ours.

Generically the ones in use have been around for years. Technistore is a popular one as this is in galaxy and a few other popular panels but prior to that the did a stand alone unit that you could connect to panels that didn't have remote reset. How it worked was you wired a 24 hour circuit through the unit which opened when a reset was required so you couldn't set the alarm. I don't ok now exactly when that came out but it was a long long time ago. I don't think there are any standards around anti code reset, it was introduced due to police policy requiring that the users couldn't reset the alarms themselves so the engineer had to go out and do it all the time. Anti code reset was introduced so that the arc could issue a reset code if the cause of the alarm was obvious and didn't need an engineer such as user error door left insecure. Again one of those things we have never questioned, until now.

This depends a lot on the manufacturer. Technistore and Aritech for example use seed codes so you would need to know what seed a particular arc uses which in fairness wouldn't be so hard to find out but then any reset would be possible if you had the software. Certain decoders don't even have a seed so one you get the software, you can anticode reset any panel using it. What worried me most was if the algorithm was worked out, what would stop someone putting it on a website for the end users to reset their own alarms with the arcs seeds being made public knowledge. Seems from your investigations, not a lot.