Regalsafe Rs40 Factory Reset?

[Guest]

But what I am certain of is that you are not in a position to make a reasoned judgement about this while you know so little about my security intersts.

so your in better position

[Guest rjbsec]

This might or might not equate to my best interests.

But what I am certain of is that you are not in a position to make a reasoned judgement about this while you know so little about my security intersts.

with best regards,

Brian Gladman

I know more about you than you might think and I do not consider that your relying on an obsolete Regalsafe panel that you have been playing with is in the best interest of your security. However you have obviously made up your mind that you know better than everyone here so no doubt you will do whatever you want despite good advice.

[Guest G.J.M]

I think the security industry is wasting it's time based on what has been said.

The future is diy'ers buying sub standard equipment from B&Q and installing it on a bank holiday.

Then they can have all the access they want and sleep soundly when on their holidays,knowing that the effort they installed might work in the event of a break in.

give it a rest and go it alone.You obviously have a low opinion of engineers on here and if you are half as clever as you think you are what are you bothering them for????

I come across many "electricians" who think because they can install a secutity light automatically makes them experts at everything.

The biggest botches in Fire Systems i have seen al have been wired by sparks.

[Nova-Security]

So to get a professional alarm system installed AND retain full control over my own security I have no option but to install it myself

I would check with your insurance company that they will accept this.

PS I have now reset the RS40 to its factory state. I don't consider the way to do this needs to be secret but out of respect for those here who think it should be I won't post how to do this. It was pretty obvious once I saw the EEPROM

I would like to know have you have done this, but as you mentioned you wont post, thats fine but i only know a handfull of people who can read codes from control panels.

BTW the codes are not stored on the EEPROM, but iam glad you have sorted it out.

[Guest brian gladman]

I have not made any postings on this thread, but I have read the discussion and I would say that the engineers have given you good advise based on the info. you have provided

...but because the answers aren't the ones you wanted you have decided that their answers are wrong.

Not true.

I have had very useful advice on a number of aspects of the RS40 for which I am very grateful. I have also had good advice on the inadequacy of the RS40, advice that is in accord with my own experience given how easy it was to disable this system with no knowledge of its operation. I did not reject any of this advice and I hope I made it clear in my responses that I valued this input. If this is unclear then I willingly restate my gratitude here.

I did not get any advice on the specific question I asked but this proved trivial to solve so any thought that my security depends on keeping this information secret is risible.

And I did specifically reject the view that I should not be able to perform a factory reset on an alarm I own. And nothing that has been said here changes my view on this in any way.

You now say that they don't know all the facts .... but they have given answers based on all the facts you have provided.

I said this in response to one specific post in whiich someone claimed, in effect, to know better than I do myself what my security interests are. They might believe this but they are mistaken since they do not have the information that is necessary to reach such a conclusion.

If there is some other important points, disclose them..... if not, take the advise and act upon it in any way you decide.

I have been quite precise about my reasons for being here, which was to seek information about how to perform a factory reset on a Regalsafe RS40. Nothing more than this. And in respect of this I am not aware of anything more that needs to be revealed. I have now done a factory reset on an RS40 so I know how exactly how to do this. Any security professional who thinks this knowledge is security critical for an RS40 is just plain wrong.

..... but don't criticise the engineers who have volanteered FREE advise and information.

The majority of the comments made here have been of high quality and I respect those who have made the effort to contribute to the exchange of views. But I don't accept the security model that the alarm industry appears to be following so it seems that I will have to go my own way.

with best regards,

Brian Gladman

[Guest]

I did not get any advice on the specific question I asked

banghead where not allowed to give out defaulting info

but this proved trivial to solve so any thought that my security depends on keeping this information secret is risible.

it took you long enough & its lucky it had not defaulted its self in the middle of the night through lack of maintenance

And I did specifically reject the view that I should not be able to perform a factory reset on an alarm I own.

as most people here have said you can please your self with your alarm, see answer one

I have now done a factory reset on an RS40 so I know how exactly how to do this. Any security professional who thinks this knowledge is security critical for an RS40 is just plain wrong.

how about those people how are trusting enough to say, leave a tradesmans to get on with the job in their house / place of work, come close of business goes to put alarm on code won't work..... chances are they will go out leaving it unset

But I don't accept the security model that the alarm industry appears to be following so it seems that I will have to go my own way.

Suit your self, I hope you and your obsolete controls live happily ever after....

oh by the way your rs40 was pobaly the very last product I can think of which would default in this manner, hence why you where advised to replace it, even all those years back when it was fitted almost every other panel would not give in so easily

[cdosrun]

Wow,

a really reasoned discussion on the subject that hasn't resulted in the tape-measures being drawn, yet.

Firstly Brian, I will say that in principle I agree with you on many points (I have a Texecom Premier and a load of Grade 3 detectors in the garage waiting until we move). My friend and I installed a few systems when I was aged 15-18 and I was responsible for the maintenance for some time.

Additionally, in principle, I believe you are right in your desire to constrain both the level of information about you or your system divulged, and retain control over whom is informed.

However, I think that a salient point was raised with regard to other consumer electronics. For instance, almost any car with computer controlled injection (petrol or diesel) has a transponder immobiliser built into the key, with the engine management computer responsible for verification of that key.

There are devices in the motor trade that retain databases of all the transponder codes for (all) vehicles, and can, on command re-mobilise the engine. On the assumption you have a car with such an immobiliser, your code has already been divulged, neither are you able to change it without the manufacturers assistance. Therefore, any person with one of these devices (and they have their own security controls installed) can take your car without your specific delegation of permission.

As I said above, I agree that the principle of retaining a controlling interest over all of your assets is desireable, but with modern electronics as they are, almost impossible to achieve. I use open-source software (OSs) on security critical machines, but I don't have the time/ability to read through the entire code base to ensure there are no nasty surprised, I have trusted someone (in fact normally many people to do that for me) to do so for me.

Trust is a requirement throughout life, and most of it is obviously based on a qualified risk; I would submit that the level of trust required in the delegation of control for a home security system (to a fully vetted engineer) is not the highest one may encounter in life.

Andrew

Edit: Absent minded omission.

[Guest rjbsec]

In case any of you hadn't already realised, this type of subject, i.e. the use and availability of security information is a pet project of Mr Gladman so it is highly unlikely that any agreement would ever have been reached.

[Guest brian gladman]

I know more about you than you might think and I do not consider that your relying on an obsolete Regalsafe panel that you have been playing with is in the best interest of your security.

You are almost certainly right about this but it will have to do for the moment until I have decided what should go in its place.

However you have obviously made up your mind that you know better than everyone here so no doubt you will do whatever you want despite good advice.

Not in all respects. But I won't compromise on my security model and the attitude here among most seems to be "adopt our security model or we won't help you in meeting your security requirements"

Good security principles dictate that the security model is not set by the supplier but rather by the customer. True security professionals will certainly tell a customer if they think the customer's security model is wrong. But if the customer is resolute they won't simply walk away but will still do the very best they can within the model set by the customer. I am not saying that they don't have a right to walk away but rather that it will often be unprofessional to do so.

But if the comments here are correct, your industry business model appears to be "adopt our security model irrespective of whether it fits your needs or we won't help you in achieving the security which you believe you need". This may be right for most of your customers but it is not a model that suits my needs. But the fact that I reject your business model does not mean that I reject all the advice that you and others have given.

with best regards,

Brian Gladman

[Guest brian gladman]

However, I think that a salient point was raised with regard to other consumer electronics. For instance, almost any car with computer controlled injection (petrol or diesel) has a transponder immobiliser built into the key, with the engine management computer responsible for verification of that key.

There are devices in the motor trade that retain databases of all the transponder codes for (all) vehicles, and can, on command re-mobilise the engine. On the assumption you have a car with such an immobiliser, your code has already been divulged, neither are you able to change it without the manufacturers assistance. Therefore, any person with one of these devices (and they have their own security controls installed) can take your car without your specific delegation of permission.

I certainly agree that expediency and practicality will quite frequently dictate a pragmatic approach rather than one based on principles. But I don't see this as a reason to abandon the principles in areas where I can apply them with advantage. I don't fiddle with cars so I simply take the risks of adopting their security model. But I do build electronic and computer based systems so I can afford to apply my own security principles in these domains. And alarm systems these days are processor based systems with which I am very familiar so I don't have any qualms about applying my principles in this domain.

Thank you for your comments - although there are people here who understand where I am coming from, its nice to know that I am not alone

best regards,

Brian Gladman