Jump to content
Security Installer Community

Csl Dualcom Cs2300-R Vulnerabilities

cybergibbons

By cybergibbons
in Members Lounge (Public)

 Share

Recommended Posts

cybergibbons Newbie

cybergibbons

Posted
  • Author
Posted

No doubt it's serious

But nothing is being proven that it will fall over or could be compromised except on particular units

I'd say they staying quiet while they perform there own tests and find a way to patch it if it's at all true

They've had all of the detail since April 2015, and the bulk of it since June 2014. That's a very long time to apparently do nothing.

But nothing will be fool proof , all software and ip connections will have weaknesses

Exactly. To assume your system is free from problems is reckless. That's why having a system to update firmware is vital. It's probably their biggest failing in this whole thing.

CG this is right up your street should have given them heads up!

http://www.bbc.co.uk/news/technology-34944140

Yeah, this is terrible. I'm not sure if you've read the details on it, but this was negligence again. Literally 10 minutes looking at their site after the breach had been announced showed issues.

I report between 5 and 10 issues to various vendors each week. At least half of big sites have issues. It's scary - software "engineers" have no requirement to actually know what they are doing.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Link to comment
Share on other sites
PeterJames Experienced

PeterJames

Posted
Posted

 

Rob Evans, when he called me to ask me to take down the initial reverse engineering posts, specifically mentioned a case where a Dualcom unit had failed to send a panic alarm, and the shop owner had been injured. I wouldn't want that to happen if I released my research?

 

Andy can you clarify exactly what Rob Evans said? Its just that the above statement could be interpreted one of two ways. 

Link to comment
Share on other sites
cybergibbons Newbie

cybergibbons

Posted
  • Author
Posted

Any time you begin to communicate and you have sensitive data to transmit there is a requirement for encryption.

 

It does not matter whether its the written word, the wireless radio (the Enigma machines from WW2), encrypted telephone links between governments or your bank transactions, and yes, Alarm Transmission. 

 

You may argue "well they broke the Enigma code" but you have to remember the hours, weeks, years that went into that and part of the key to cracking this was the fact that the Germans were transmitting a set pattern of data with every transmission (the weather reports). In basic terms, they gave away the key to their encryption through predictable messaging. What is equally if not more important, was keeping the fact that the code was broken from them, so that they could be fed miss-information.

 

So no, PSTN, (or back to Pigeons if you like!), is not the answer.

 

Getting the encryption technique right is, and its a basic requirement.

 

If communications security is compromised, then everything that is current or went before is at risk until a new form of encryption is deployed, and in modern communications that means a software update.

You have hit the nail on the head here.

 

I think what has happened is that Dycon is a small company, possibly 2-3 developers/engineers. They've used a esoteric processor - the NEC 78K0R. It's not easy to work with, there are scant tools, it's low in capacity, it's expensive, it's end-of-life. There's really little to recommend it, even 10 years ago. I suspect the are the kind of developer who has reached that stage in life where they don't want to (or can't) learn anything new. The DigiAir is fundamentally the same hardwear as the earliest boards I have - nothing is moving on.

I think these people have also assumed that the communications channel of GPRS is secure. This was true 15 years ago - only nation state attackers were capable of attacking it. Now for <£2000, you can build a viable fake cell site. They designed their protocol assuming the communications channel was secure.

When they had to expand to IP, they didn't have enough head-room to add a new protocol so stuck with the same thing.

Andy can you clarify exactly what Rob Evans said? Its just that the above statement could be interpreted one of two ways. 

 

Unfortunately I didn't record the call, but during the call in May 2014 when Rob Evans called me to ask me to take down the blog posts, the following (paraphrased) conversation happened:

RE: We have a case recently where a shop was robbed. The owner pressed the panic button and the signal didn't get to the ARC. The owner got hurt.

AT: Ok.

RE: If you release your research, this kind of thing could happen more often.

AT: So it's my fault for finding these issues, and not CSL's for developing the system?

RE: Well, we wouldn't want anything bad to happen if it is released.

 

Clear?

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Link to comment
Share on other sites
Dick Newbie

Dick

Posted
Posted

I didn't record the call, but during the call in May 2014 when Rob Evans called me to ask me to take down the blog posts, the following (paraphrased) conversation happened:

RE: We have a case recently where a shop was robbed. The owner pressed the panic button and the signal didn't get to the ARC. The owner got hurt.

AT: Ok.

RE: If you release your research, this kind of thing could happen more often.

AT: So it's my fault for finding these issues, and not CSL's for developing the system?

RE: Well, we wouldn't want anything bad to happen if it is released.

 

Clear?

Oh dear! It makes an utter mockery of monitored security, it really does.
  • Downvote 1
Link to comment
Share on other sites
Dick Newbie

Dick

Posted
Posted

Utter mockery? Not really monitoring has its place , as those who use diallers which overall not as good , just depends what your willing to pay for

Grade 3 would be worrying eh?

Yes, utter mockery as far as the more supposedly secure (G3) monitoring is concerned in the cases CG has exposed.
  • Downvote 1
Link to comment
Share on other sites
Dick Newbie

Dick

Posted
Posted

Depends what kit you're using. Even in it's insecure state, it still beats anything relying soley on a telephone line.

When you have to revert to saying "even in its insecure state" as a reference to G3 security just highlights the state of the industry in some areas and the thinking therein.

Maybe the companies could use it as a tagline.

  • Downvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept