Jump to content
Security Installer Community

How secure is the texecom?


Recommended Posts

Hi everyone,

 

I was just looking up some information on texecom, when I came up with this website:-

 

http://www.theregister.co.uk/2015/12/31/iot_alarm_crypto/

 

It states the a security expert believes the alarm is open to hack attacks when you leave the port open for your router.  But this is what texecom advise the owner to do:-

 

"To be able to remote control the alarm system remotely, you open a firewall port in the router and do a port forwarding to the internet. But this allows the mobile app to directly connect to the ComIP module over an unencrypted connection, Lo Castro discovered.

Using WireShark, he said he had discovered that data traffic between the mobile app and the control panel is done in clear text or encoded to BASE64. That means potentially confidential information like the alarm control panel (UDL) password, device name and location are exposed"

 

What can you guys advise?

 

Thanks

Link to post
Share on other sites

I was also surprised by texecom's reply.  With criminals always looking for different ways of making money, what's to say that your average burglar won't have some knowledge of network hacking?

 

I just hope that there is a way of securing it as this is a worrying article.

Link to post
Share on other sites

This only affects systems with the COM-IP or COM-WiFi and therefore ONLY customers who use the Texecom app.

There is an Encrypted UDL option but it is not compulsory.

 

I would advise not using any app to set your alarm system or alternatively use a VPN connection if you wish to use the app.

Link to post
Share on other sites
23 minutes ago, sixwheeledbeast said:

This only affects systems with the COM-IP or COM-WiFi and therefore ONLY customers who use the Texecom app.

There is an Encrypted UDL option but it is not compulsory.

 

I would advise not using any app to set your alarm system or alternatively use a VPN connection if you wish to use the app.

 

Thanks.  I have a com ip and do want to use a mobile app.  But I've got to say that I'm baffled that texecom, an advanced international company, rather than fixing the problem,  is advising customers to simply ignore the vulnerability the alarm has. 

Link to post
Share on other sites

It's all dependent on the risk, it's unlikely that IP is an attack point for a domestic system at the moment.

While I agree security should be at it's best it's likely any burglar will storm in smash stuff to bits and take what they want before you even know what's happened.

I would never recommend setting a system via an app but it's what customers want and that's why it's provided as an option.

Link to post
Share on other sites

Opening a port on your router can be a risky, but firstly the burglar would need to know that you have a texecom alrm system, secondly he would need to know a fair bit about hacking, I do know someone who can do it, but he makes enough money not to have to turn to crime. At the end of the day it is all about risk, if your house is full of valuables and is well known for it, then dont use a Texecom panel with the app. If your house is average domestic with the average stuff inside, then I would not worry too much most average burglars wont be hacking your network for drug money. But if you are that bothered there are panels with apps that do not require you to open ports on your router 

Link to post
Share on other sites

Opening ports is not the issue IMO it's allowing unencrypted connections within the setup of the app.

The COM-IP is very basic so I doubt it's possible to use to pivot attack.

 

When you open a port you increase your attack surface but it doesn't necessarily make you more vulnerable.

I recall a similar discussion a while back and layers were mentioned, all security should be in layers and not just on the web.

Link to post
Share on other sites

@homesecure you generate the encryption key (128bit AES) in the app, and then enable it and enter it into an engineers menu on the keypad. It can only be done via the keypad and not through Wintex.

 

The documentation that came with the panel details the procedure for doing this.

 

In our next version of the app, and with V4 panel firmware all of this will be automated, and enabled as standard. It will also not be necessary to open ports on the router as we have another method now for establishing the connection. It will also be possible to flash the panel to V4 to enable the new methods. The security for the communications in V4 are more than just the encryption key used in V3.

 

Regarding the initial article, the use of wireshark to sniff data on the network only actually works IF you are on the same network. So our point in our response about network security is certainly valid, and unless the hacker is already on your network wireshark is not going to show anything.

amealing@texe.com

Head of Industry Affairs

Visit Our Website
Texecom

Link to post
Share on other sites

V4 is undergoing extensive testing as we speak. I cannot put a firm date on release as we may need to fix anything found to be broken during testing. I would anticipate sometime in September looking at the current test schedule.

amealing@texe.com

Head of Industry Affairs

Visit Our Website
Texecom

Link to post
Share on other sites
6 hours ago, AdrianMealing said:

Regarding the initial article, the use of wireshark to sniff data on the network only actually works IF you are on the same network. So our point in our response about network security is certainly valid, and unless the hacker is already on your network wireshark is not going to show anything.

 

This is a really valid point but good that the changes in V4 are being made, as I was wondering today how long it will be before WPA/WPA2 is compromised just like WEP was, especially on consumer grade routers (i.e the easiest route onto said network).

 

However, whilst a home / domestic network is possibly the easiest to bust, it's probably the least likely to be of interest to serious tealeaves I suppose.

 

What would be interesting are sites with poorly setup guest access via wifi, commercial type places, that use such IoT products. Once access to the network is gained via friendly means (i.e daytime) it would be no trouble to return at night with wifi access from outside the premises...

So, I've decided to take my work back underground.... to stop it falling into the wrong hands

 

Link to post
Share on other sites
40 minutes ago, datadiffusion said:

 

I was wondering today how long it will be before WPA/WPA2 is compromised just like WEP was

 

All encryption can be compromised with enough computing power, having strong passwords is the key to stop attacks. A 128 bit AES key would take billions of years to brute force.

WEP and some WPA can be exploited much easier than a WPA2 connection, WEP was flawed in many ways and WPA was a backwards compatible plaster for WEP.

All WiFi should be WPA2 which uses AES 256 bit encryption for maximum security.

 

Any site that would share guest access with the rest of the network is asking for trouble.

Link to post
Share on other sites

The setup though is long winded for everything, although getting quicker at doing al the individual steps.

 

its encrypted now, previously it was displayed as plain text as the article explains.

 

The app currently giving my customers more grief with the current android parsing issue.

Link to post
Share on other sites
1 hour ago, secureiam said:

The setup though is long winded for everything, although getting quicker at doing al the individual steps.

 

its encrypted now, previously it was displayed as plain text as the article explains.

 

The app currently giving my customers more grief with the current android parsing issue.

All this will change with V4, and to be fair the Android issue has nothing to do with this thread and is being looked at.

amealing@texe.com

Head of Industry Affairs

Visit Our Website
Texecom

Link to post
Share on other sites
3 hours ago, sixwheeledbeast said:

Any site that would share guest access with the rest of the network is asking for trouble.

 

Plenty do though, esp. pubs etc...

So, I've decided to take my work back underground.... to stop it falling into the wrong hands

 

Link to post
Share on other sites

Hi Adrian,

 

cant comment on the future, cant see it now, but improvements are always welcome, as would be the reliability of notifications but I digress.

 

Security can always be bypassed and hacked by someone that is a geek(knowledgeable person)if they have the will and the time to spend.

 

I certainly welcome the steps made to make things more secure has to be a good thing and the lesser geek isn't likely to give it a go in a hurry.

 

Link to post
Share on other sites
  • 8 months later...
On 7/29/2016 at 4:50 PM, sixwheeledbeast said:

 

All encryption can be compromised with enough computing power, having strong passwords is the key to stop attacks. A 128 bit AES key would take billions of years to brute force.

WEP and some WPA can be exploited much easier than a WPA2 connection, WEP was flawed in many ways and WPA was a backwards compatible plaster for WEP.

All WiFi should be WPA2 which uses AES 256 bit encryption for maximum security.

 

Any site that would share guest access with the rest of the network is asking for trouble.

 

For me on top of the above quote get a router flash DDWRT / openwrt / tomato onto it (to replace stock router firmware) and you can then run a RADUIS server on the router itself to authenticate WiFi - the rest of the custom firmware functions (QOS anyone?) are a bonus plus those custom firmware's are constantly updated so holes in the underlying Linux that runs most routers gets fixed pretty fast - compared to a lot of "prosumer" (HaHa!) routers that are lucky to be updated only annually by the manufacturer then after 2-3 years zero updates from manufacturer who tell you to buy a new router to plug a security hole the manufacturer won't fix - but with custom firmware there are so many updates if you actually want to take them all up you could wear out a flash memory chip!

Link to post
Share on other sites

You can run RADIUS and QoS on many higher end routers, most have good support you get what you pay for.

While WPA2 Enterprise offers another layer of security, you could argue the risk in a domestic situation doesn't warrant that.

 

In essence the cryptography between Personal and Enterprise is the same, for example AES.

The benefit of Enterprise is if the private key is cracked only that session is compromised whereas in Personal all connections would be compromised at that point.

This is due to the way each session is authenticated individually upon connection using a username and password.

This authentication can be an issue with internet enabled consumer gear, hence why it's deployed mostly for commercial applications.

 

I agree routers are often overlooked when it comes to firmware upgrades, but equally the security kit we are fitting is likely to be just as vulnerable; more so for CCTV.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.