cybergibbons Posted May 9, 2013 Share Posted May 9, 2013 You found something you can't break Well You can't read the code out... but you can still sniff the RF using the same chips on a cheap dev kit. The Texecom gear has the same issue (from my perspective!) - the RF SoC has integrated flash and pretty good protection of the flash if you set the lockbit. There is almost certainly a way round it, likely by power and clock glitching, but I've never had to bother before... I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
Joe Harris Posted May 9, 2013 Share Posted May 9, 2013 Ahh come on Matt,, you know everything can be broken Link to comment Share on other sites More sharing options...
matthew.brough Posted May 9, 2013 Share Posted May 9, 2013 Ahh come on Matt,, you know everything can be broken My engineers prove that on a weekly basis. www.securitywarehouse.co.uk/catalog/ Link to comment Share on other sites More sharing options...
chief Posted May 9, 2013 Author Share Posted May 9, 2013 Love the conversation here. Of course everything can be beaten eventually, we like to learn from people pounding our system. I promise it will be harder than spraying hairspray on a PIR. CyberGibbons - lock bit is set, packets are encrypted. I'm sure there's a way in, but it won't be easy... chief Link to comment Share on other sites More sharing options...
cybergibbons Posted May 9, 2013 Share Posted May 9, 2013 I'd love to take a look, I just haven't got the time at the moment. I still have two alarms to finish with, then it looks like signalling devices are the next thing. You'd be surprised how many things don't have the lock bits set, or there are just gaping holes (like on the PIC18F series...) I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
matthew.brough Posted May 10, 2013 Share Posted May 10, 2013 I'd love to take a look, I just haven't got the time at the moment. I still have two alarms to finish with, then it looks like signalling devices are the next thing.You'd be surprised how many things don't have the lock bits set, or there are just gaping holes (like on the PIC18F series...) I look forward to signalling devices www.securitywarehouse.co.uk/catalog/ Link to comment Share on other sites More sharing options...
cybergibbons Posted May 10, 2013 Share Posted May 10, 2013 Me too! At least it's almost guaranteed that I can read the flash memory in these devices and normal network tools will work (wireless normally needs something custom). It opens up a lot of opportunities for holes. I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
matthew.brough Posted May 10, 2013 Share Posted May 10, 2013 Me too! At least it's almost guaranteed that I can read the flash memory in these devices and normal network tools will work (wireless normally needs something custom). It opens up a lot of opportunities for holes. I'm sure certain ones will make the grade and others won't make their (self certified) grade. You need any units to test or any help, just ask. www.securitywarehouse.co.uk/catalog/ Link to comment Share on other sites More sharing options...
AdrianMealing Posted May 10, 2013 Share Posted May 10, 2013 I'm sure certain ones will make the grade and others won't make their (self certified) grade. You need any units to test or any help, just ask. Nail, head, third party cert is the only way to be amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
cybergibbons Posted May 11, 2013 Share Posted May 11, 2013 I'm going to be a fourth party into this game I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.