homesecure Posted July 28, 2016 Share Posted July 28, 2016 Hi everyone, I was just looking up some information on texecom, when I came up with this website:- http://www.theregister.co.uk/2015/12/31/iot_alarm_crypto/ It states the a security expert believes the alarm is open to hack attacks when you leave the port open for your router. But this is what texecom advise the owner to do:- "To be able to remote control the alarm system remotely, you open a firewall port in the router and do a port forwarding to the internet. But this allows the mobile app to directly connect to the ComIP module over an unencrypted connection, Lo Castro discovered. Using WireShark, he said he had discovered that data traffic between the mobile app and the control panel is done in clear text or encoded to BASE64. That means potentially confidential information like the alarm control panel (UDL) password, device name and location are exposed" What can you guys advise? Thanks Quote Link to comment Share on other sites More sharing options...
al-yeti Posted July 28, 2016 Share Posted July 28, 2016 Hmmm, if that is really texecom reply looks ridiculous, that goes for any manufacturer Quote Link to comment Share on other sites More sharing options...
homesecure Posted July 28, 2016 Author Share Posted July 28, 2016 I was also surprised by texecom's reply. With criminals always looking for different ways of making money, what's to say that your average burglar won't have some knowledge of network hacking? I just hope that there is a way of securing it as this is a worrying article. Quote Link to comment Share on other sites More sharing options...
sixwheeledbeast Posted July 28, 2016 Share Posted July 28, 2016 This only affects systems with the COM-IP or COM-WiFi and therefore ONLY customers who use the Texecom app. There is an Encrypted UDL option but it is not compulsory. I would advise not using any app to set your alarm system or alternatively use a VPN connection if you wish to use the app. Quote Link to comment Share on other sites More sharing options...
homesecure Posted July 28, 2016 Author Share Posted July 28, 2016 23 minutes ago, sixwheeledbeast said: This only affects systems with the COM-IP or COM-WiFi and therefore ONLY customers who use the Texecom app. There is an Encrypted UDL option but it is not compulsory. I would advise not using any app to set your alarm system or alternatively use a VPN connection if you wish to use the app. Thanks. I have a com ip and do want to use a mobile app. But I've got to say that I'm baffled that texecom, an advanced international company, rather than fixing the problem, is advising customers to simply ignore the vulnerability the alarm has. Quote Link to comment Share on other sites More sharing options...
sixwheeledbeast Posted July 28, 2016 Share Posted July 28, 2016 It's all dependent on the risk, it's unlikely that IP is an attack point for a domestic system at the moment. While I agree security should be at it's best it's likely any burglar will storm in smash stuff to bits and take what they want before you even know what's happened. I would never recommend setting a system via an app but it's what customers want and that's why it's provided as an option. Quote Link to comment Share on other sites More sharing options...
james.wilson Posted July 28, 2016 Share Posted July 28, 2016 apps are very popular i use them on my system but I don't have a texecom but I would imagine it will be fixed Quote securitywarehouse Security Supplies from Security Warehouse Trade Members please contact us for your TSI vetted trade discount. Link to comment Share on other sites More sharing options...
PeterJames Posted July 28, 2016 Share Posted July 28, 2016 Opening a port on your router can be a risky, but firstly the burglar would need to know that you have a texecom alrm system, secondly he would need to know a fair bit about hacking, I do know someone who can do it, but he makes enough money not to have to turn to crime. At the end of the day it is all about risk, if your house is full of valuables and is well known for it, then dont use a Texecom panel with the app. If your house is average domestic with the average stuff inside, then I would not worry too much most average burglars wont be hacking your network for drug money. But if you are that bothered there are panels with apps that do not require you to open ports on your router Quote Link to comment Share on other sites More sharing options...
AdrianMealing Posted July 28, 2016 Share Posted July 28, 2016 Encryption was added to V3.01 firmware, released Feb 2016, which can be used on all Premier Elite panels. Please see the details of the release HERE Quote amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
sixwheeledbeast Posted July 28, 2016 Share Posted July 28, 2016 Opening ports is not the issue IMO it's allowing unencrypted connections within the setup of the app. The COM-IP is very basic so I doubt it's possible to use to pivot attack. When you open a port you increase your attack surface but it doesn't necessarily make you more vulnerable. I recall a similar discussion a while back and layers were mentioned, all security should be in layers and not just on the web. Quote Link to comment Share on other sites More sharing options...
homesecure Posted July 28, 2016 Author Share Posted July 28, 2016 Thank you everyone for your helpful replies. @AdrianMealing That's very useful as I believe my panel already has v3.01 firmware. If it's already got the encryption, do I need to enable it via wintex or other method? Thanks again Quote Link to comment Share on other sites More sharing options...
AdrianMealing Posted July 29, 2016 Share Posted July 29, 2016 @homesecure you generate the encryption key (128bit AES) in the app, and then enable it and enter it into an engineers menu on the keypad. It can only be done via the keypad and not through Wintex. The documentation that came with the panel details the procedure for doing this. In our next version of the app, and with V4 panel firmware all of this will be automated, and enabled as standard. It will also not be necessary to open ports on the router as we have another method now for establishing the connection. It will also be possible to flash the panel to V4 to enable the new methods. The security for the communications in V4 are more than just the encryption key used in V3. Regarding the initial article, the use of wireshark to sniff data on the network only actually works IF you are on the same network. So our point in our response about network security is certainly valid, and unless the hacker is already on your network wireshark is not going to show anything. Quote amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
homesecure Posted July 29, 2016 Author Share Posted July 29, 2016 Thanks very much for the information Adrian. May I ask when this v4 firmware will be released? I don't have the lead as yet to flash it, but may flash it once v4 update is available. Quote Link to comment Share on other sites More sharing options...
AdrianMealing Posted July 29, 2016 Share Posted July 29, 2016 V4 is undergoing extensive testing as we speak. I cannot put a firm date on release as we may need to fix anything found to be broken during testing. I would anticipate sometime in September looking at the current test schedule. Quote amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
datadiffusion Posted July 29, 2016 Share Posted July 29, 2016 6 hours ago, AdrianMealing said: Regarding the initial article, the use of wireshark to sniff data on the network only actually works IF you are on the same network. So our point in our response about network security is certainly valid, and unless the hacker is already on your network wireshark is not going to show anything. This is a really valid point but good that the changes in V4 are being made, as I was wondering today how long it will be before WPA/WPA2 is compromised just like WEP was, especially on consumer grade routers (i.e the easiest route onto said network). However, whilst a home / domestic network is possibly the easiest to bust, it's probably the least likely to be of interest to serious tealeaves I suppose. What would be interesting are sites with poorly setup guest access via wifi, commercial type places, that use such IoT products. Once access to the network is gained via friendly means (i.e daytime) it would be no trouble to return at night with wifi access from outside the premises... Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands Link to comment Share on other sites More sharing options...
sixwheeledbeast Posted July 29, 2016 Share Posted July 29, 2016 40 minutes ago, datadiffusion said: I was wondering today how long it will be before WPA/WPA2 is compromised just like WEP was All encryption can be compromised with enough computing power, having strong passwords is the key to stop attacks. A 128 bit AES key would take billions of years to brute force. WEP and some WPA can be exploited much easier than a WPA2 connection, WEP was flawed in many ways and WPA was a backwards compatible plaster for WEP. All WiFi should be WPA2 which uses AES 256 bit encryption for maximum security. Any site that would share guest access with the rest of the network is asking for trouble. Quote Link to comment Share on other sites More sharing options...
secureiam Posted July 29, 2016 Share Posted July 29, 2016 The setup though is long winded for everything, although getting quicker at doing al the individual steps. its encrypted now, previously it was displayed as plain text as the article explains. The app currently giving my customers more grief with the current android parsing issue. Quote Link to comment Share on other sites More sharing options...
AdrianMealing Posted July 29, 2016 Share Posted July 29, 2016 1 hour ago, secureiam said: The setup though is long winded for everything, although getting quicker at doing al the individual steps. its encrypted now, previously it was displayed as plain text as the article explains. The app currently giving my customers more grief with the current android parsing issue. All this will change with V4, and to be fair the Android issue has nothing to do with this thread and is being looked at. Quote amealing@texe.com Head of Industry Affairs Visit Our Website Texecom Link to comment Share on other sites More sharing options...
datadiffusion Posted July 29, 2016 Share Posted July 29, 2016 3 hours ago, sixwheeledbeast said: Any site that would share guest access with the rest of the network is asking for trouble. Plenty do though, esp. pubs etc... Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands Link to comment Share on other sites More sharing options...
secureiam Posted August 5, 2016 Share Posted August 5, 2016 Hi Adrian, cant comment on the future, cant see it now, but improvements are always welcome, as would be the reliability of notifications but I digress. Security can always be bypassed and hacked by someone that is a geek(knowledgeable person)if they have the will and the time to spend. I certainly welcome the steps made to make things more secure has to be a good thing and the lesser geek isn't likely to give it a go in a hurry. Quote Link to comment Share on other sites More sharing options...
Fred555 Posted April 12, 2017 Share Posted April 12, 2017 On 7/29/2016 at 4:50 PM, sixwheeledbeast said: All encryption can be compromised with enough computing power, having strong passwords is the key to stop attacks. A 128 bit AES key would take billions of years to brute force. WEP and some WPA can be exploited much easier than a WPA2 connection, WEP was flawed in many ways and WPA was a backwards compatible plaster for WEP. All WiFi should be WPA2 which uses AES 256 bit encryption for maximum security. Any site that would share guest access with the rest of the network is asking for trouble. For me on top of the above quote get a router flash DDWRT / openwrt / tomato onto it (to replace stock router firmware) and you can then run a RADUIS server on the router itself to authenticate WiFi - the rest of the custom firmware functions (QOS anyone?) are a bonus plus those custom firmware's are constantly updated so holes in the underlying Linux that runs most routers gets fixed pretty fast - compared to a lot of "prosumer" (HaHa!) routers that are lucky to be updated only annually by the manufacturer then after 2-3 years zero updates from manufacturer who tell you to buy a new router to plug a security hole the manufacturer won't fix - but with custom firmware there are so many updates if you actually want to take them all up you could wear out a flash memory chip! Quote Link to comment Share on other sites More sharing options...
sixwheeledbeast Posted April 12, 2017 Share Posted April 12, 2017 You can run RADIUS and QoS on many higher end routers, most have good support you get what you pay for. While WPA2 Enterprise offers another layer of security, you could the risk in a domestic situation doesn't warrant that. In essence the cryptography between Personal and Enterprise is the same, for example AES. The benefit of Enterprise is if the private key is cracked only that session is compromised whereas in Personal all connections would be compromised at that point. This is due to the way each session is authenticated individually upon connection using a username and password. This authentication can be an issue with internet enabled consumer gear, hence why it's deployed mostly for commercial applications. I agree routers are often overlooked when it comes to firmware upgrades, but equally the security kit we are fitting is likely to be just as vulnerable; more so for CCTV. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.