Hello From A Security Researcher

[cybergibbons]

There is a mechanism. Here at tsi. Redcare is one of the better system ie gsm not secure. But there are better from a security point of view. Signalling the issue is seperate to detection. By the sounds of things i thought your concentration was detection and defeating at the lower grades?

I'm not limiting myself to any particular facet, but at the moment I am finding the wireless side particularly interesting. My goal is simply to stop the alarms working as intended, sometimes this results in a practical attack, other times it is just quirks of the system. I found the recent SIA-HS protocol research absolutely astounding - the catalogue of errors made is huge - but at the moment, I am not looking at IP signalling.

[Scotmod]

Again, I agree that the typical burglary doesn't involve alarm bypass. But look back 10 years, and the typical BMW theft didn't use some pretty advanced techniques to bypass the immobiliser. The playing field and players change all of the time.

 

Indeed, now they just steal the keys rather than trying to jimmy the window. However you're talking about surveillance, premeditation and thought.  Something that the grading of system Grade 2 isn't designed to withstand.

 

 

Grade 1 – Low risk

Intruders are expected to have little knowledge of the alarm system and may be restricted to a limited range of easily available tools.

Grade 2 – Low to medium risk

Intruders are expected to have a little more knowledge of the alarm system and use a general range of tools and some specialist equipment.

Grade 3 – Medium to high risk

Intruders are expected to be conversant with the alarm system and have a comprehensive range of tools and portable electronic equipment.  

Grade 4 – High risk

To be used when security takes precedence over all other factors. Intruders are expected to have the resources to plan an intrusion in detail and have a full range of equipment, including the means to substitute vial components in the alarm system.

 

You're actually attacking the system in a way that Grade 4 kit is designed to withstand. On a property that the risk assessment has been deemed for a grade 2 system. Not saying it would be useless as some clients have nicer T.V's than me and i'd quite like one.

 

I will commend you on testing these systems for limitations and I agree it is needed and manufacturers should take note. But the idea behind the thesis should be reworded. 

[Oxo]

+1 for Scotmod

[cybergibbons]

Well which one?

I'm not willing to disclose it unfortunately. Adrian's response of "we'll see you in court" seems typical of manufacturers, and I don't want to open myself up to that.

Friedland and Yale have been totally fine with me documenting issues with their systems, as long as they are honest. No other company has been.

[matthew.brough]

I'm not willing to disclose it unfortunately. Adrian's response of "we'll sue" seems typical of manufacturers, and I don't want to open myself up to that.Friedland and Yale have been totally fine with me documenting issues with their systems, as long as they are honest. No other company has been.

So if your finding out all this data, but keeping quiet about it the point is . . .?

[Oxo]

ROFL the whole world knows about Yale and Friedland.

 

If you are not willing to name the others, what is the point?

Touche Matt, we posted the same at the same time!!

[cybergibbons]

Indeed, now they just steal the keys rather than trying to jimmy the window. However you're talking about surveillance, premeditation and thought.  Something that the grading of system Grade 2 isn't designed to withstand.

This is the BMW attack I am talking about:

http://jalopnik.com/5923802/watch-hackers-steal-a-bmw-in-three-minutes

It's a genuine issue. BMW took a long time to take notice of this, probably because they thought thieves were not sophisticated enough.

I think many are missing a key point here - a single device, literally the size and shape of a wrist watch - can cause significant problems with many alarms available on the market. It requires no skill to operate. It doesn't require my skill or knowledge to use. It costs £30. Would this not be an attractive proposal to a burglar?

[Oxo]

We know the point, what are the affected?

[Scotmod]

So if your finding out all this data, but keeping quiet about it the point is . . .?

 

To be fair to the guy the manufacturers can afford better legal representation than some engineer buying off the shelf. A cease a desist letter would probably halt the guy. I think a few are taking this a little bit too much to heart. 

 

Kevin Finisterre admits that he likes to hew close to the ethical line separating the "white hat" hackers from the bad guys, but little did he know that his company's actions would draw threats of a lawsuit from Hewlett-Packard.

 

http://news.cnet.com/2009-1001_3-958129.html

 

Plenty of stories like this from the IT profession. "Hey, I found this glaring loophole on your software. You may want to patch it up before someone really makes you have a bad day" "You broke in to our software, say hello to a lawsuit"

[cybergibbons]

So if your finding out all this data, but keeping quiet about it the point is . . .?

I'm telling the manufacturers. As you can see, Adrian responded with "We'll see you in court". Why would I want to disclose it on a public forum and open myself up to that?