to assist? in what way?

 

Dualcom are a BSIA member and the BSIA have a lot to do the the standards dont they? so they could explain the standards to them.

 

The next thing you will be telling me is grading of CCTV is coming in http://www.bsia.co.uk/Portals/4/Publications/218-CCTV-graded-requirements.pdf 

Edited November 23, 201510 yr by Nova-Security

They haven't communicated with me at all since they tried getting my home address 6 weeks ago.

 

 

If they spent 10mins i think they could have your address quite easy.

 

I believe it can, yes. Certainly the ones that use the IP path can be sniffed and spoofed with little trouble. The problem is that I can't push the boundaries any further to prove it.

 

why cant you test it further?

Dualcom are a BSIA member and the BSIA have a lot to do the the standards dont they? so they could explain the standards to them.

 

The next thing you will be telling me is grading of CCTV is coming in http://www.bsia.co.uk/Portals/4/Publications/218-CCTV-graded-requirements.pdf 

self certed i believe

Who did they try to get your address from? I hear if you boil the horses head it makes quite a pleasant soup.

Me. For "formal communications". Seems odd, as I am a business.

why cant you test it further?

The law.

the law?

the law?

I can't actually do anything except passive observation. If I connect to CSL's servers, or actually interfere with the operation of another device, I have broken the law. Computer Misuse Act.

ah i see

shame be interested in the tests on that side too

The ball is in CSL's court with that. They could let any pentesting company take a look at their systems and publish the report.

probably a good idea now?

Really depends on what they want to do. They can keep on with the smoke and mirrors, pitching themselves as "IoT poster boys", or they could actually start developing secure products.