cybergibbons Posted November 30, 2015 Share Posted November 30, 2015 As per the subject, I found multiple serious vulnerabilities in RSI Videofied's protocol: http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/ This means it is trivially easy to spoof alarms from other panels. RSI Videofied have not been communicative. Supposedly they have deployed a fix, but I have not been shown what this fix is. They have had 4.5 months to respond so far. I would strongly recommend if you use their panels to ask what they are doing to fix this. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
PeterJames Posted November 30, 2015 Share Posted November 30, 2015 Oh dear does Matt know? Quote Link to comment Share on other sites More sharing options...
cybergibbons Posted November 30, 2015 Author Share Posted November 30, 2015 Oh dear does Matt know? I believe so. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
Dick Posted November 30, 2015 Share Posted November 30, 2015 "In summary, the protocol is so broken that it provides no security, allowing an attacker to easily spoof or intercept alarms." Diabolical. Quote Link to comment Share on other sites More sharing options...
james.wilson Posted November 30, 2015 Share Posted November 30, 2015 How much other gear is insecure? Quote securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount. Link to comment Share on other sites More sharing options...
datadiffusion Posted November 30, 2015 Share Posted November 30, 2015 SD1 dialler As per the subject, I found multiple serious vulnerabilities in RSI Videofied's protocol: http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/ This means it is trivially easy to spoof alarms from other panels. RSI Videofied have not been communicative. Supposedly they have deployed a fix, but I have not been shown what this fix is. They have had 4.5 months to respond so far. I would strongly recommend if you use their panels to ask what they are doing to fix this. My impression of RSI is that they have a team of about 2 people in the UK Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands Link to comment Share on other sites More sharing options...
cybergibbons Posted November 30, 2015 Author Share Posted November 30, 2015 How much other gear is insecure? Who knows. As you all told me, who cares about the RF side. Look at the signalling side. I started and it's not good. Risco, Visonic, CSL and Videofied have all attempted to go further than SIA etc. and they have made massive errors. What I don't get is how badly broken it is. These are not subtle issues - the Videofied work took me less than 3 hours from start to finish. I spent more time trying to contact them and writing the blog post than actually doing the work. I gave up on the UK side and tried the French and US contacts, still nothing. It took CERT to get them talking. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/ Link to comment Share on other sites More sharing options...
Dick Posted November 30, 2015 Share Posted November 30, 2015 SD1 dialler Are you saying the SD1 dialler is insecure in reply to James? Quote Link to comment Share on other sites More sharing options...
skywalker Posted December 1, 2015 Share Posted December 1, 2015 As per the subject, I found multiple serious vulnerabilities in RSI Videofied's protocol: http://cybergibbons.com/alarms-2/multiple-serious-vulnerabilities-in-rsi-videofieds-alarm-protocol/ This means it is trivially easy to spoof alarms from other panels. RSI Videofied have not been communicative. Supposedly they have deployed a fix, but I have not been shown what this fix is. They have had 4.5 months to respond so far. I would strongly recommend if you use their panels to ask what they are doing to fix this. you should plan a high profile heist... Quote Link to comment Share on other sites More sharing options...
petrolhead Posted December 2, 2015 Share Posted December 2, 2015 (edited) Ooooooh ooooooooh i'm incontinent! Edited December 2, 2015 by norman Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.