Submitted via IRC for SoyCow1984
Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised
The item in question is the SimpliSafe alarm system, a fully wireless, install-it-yourself system available online and from various big-box retailers. We’ve covered the system’s deeply flawed security model before, whereby SDRs can be used to execute a low-effort replay attack. As simple as that exploit is, it looks positively elegant next to [LockPickingLawyer]’s brute-force attack, which uses a $2 RF remote as a jammer for the 433-MHz wireless signal between sensors and the base unit.
With the remote in close proximity to the system, he demonstrates how easy it would be to open a door or window and enter a property guarded by SimpliSafe without leaving a trace. Yes, a little remote probably won’t jam the system from a distance, but a cheap programmable dual-band transceiver like those offered by Baofeng would certainly do the trick. Not being a licensed amateur operator, [LockPickingLawyer] didn’t test this, but we doubt thieves would have the respect for the law that an officer of the court does.
(Score: 3, Insightful) by pvanhoof on Monday August 26 2019, @01:28PM (2 children)
But but, it is IoT! IoT is new! IoT is AI. IoT is! It must be better. It must be secure. Because it has the word Safe in its product name. But but! My IoT religion disallows this device to be worse than just leaving the door open! But but but!
(Score: 0) by Anonymous Coward on Monday August 26 2019, @01:33PM
There's no security on the InTernet. You know, the Information Superhighway.
(Score: 0) by Anonymous Coward on Monday August 26 2019, @04:06PM
It's not an Iot hack. It's jamming the signal from the sensor to the base with RF. Many years ago CB radios with (now illegal) linear amplifiers would set off burglar alarms too.
(Score: 1, Interesting) by Anonymous Coward on Monday August 26 2019, @02:06PM (1 child)
When you are detecting the bad, then you are jammed. What should have happened is the lock should be detecting the good (closed position) and fail if it can no longer detect that. Then you get alarm in case of no batteries, jammed, malfunction, whatever.
Like with all alarm systems, what can you live with? False positives or false negatives? Pick your poison. And before you jump to conclusion here, maybe think about it and average IQ of some crook and how much you want to be arsed around because your neighbor operates an arc welder for an hour.
(Score: 3, Insightful) by sjames on Monday August 26 2019, @06:20PM
The honeymoon period may be ending for that sort of alarm system. The average crook isn't that bright. The smart ones don't break into houses and cars, they develop tools and techniques that they sell to the dumb ones. It doesn't take a high IQ to use a jammer once the knowledge is out there.
Just like the keyless entry situation for cars. It takes actual knowledge and creative thinking to figure out the keyfob relay attack, but once done, any idiot can buy the transceiver pair and use it.
(Score: 3, Interesting) by All Your Lawn Are Belong To Us on Monday August 26 2019, @02:24PM
Always.
How expensive are these easy to crack systems? Are you willing to have that level of vulnerability / are you willing to pay for a higher level of security? Are you willing to pay for bars on your windows and 9/11-airplane-door-quality framing and locking systems that are difficult to pick and hire a private bodyguard / security firm to boot? Or do you try your hand at rolling your own with a Raspberry Pi? [raspberrypi.org] Even then, expect Daniel Ocean to take you to school.... or DannyB, his snarks are high-quality level that makes me think he'd be a master burrahobbit.
At least we have reports like this that show us the balances on the systems and show when something is overrepresenting its capabilities.
This sig for rent.
(Score: 5, Interesting) by SemperOSS on Monday August 26 2019, @04:25PM (2 children)
The trifecta of price vs. convenience vs utility is difficult. People often want a cheap, convenient system that works just right, which, unfortunately, is rarely achievable in real life. Many modern-day alarm systems are not well designed and only (barely?) do the job they say on the box.
Since all wireless systems can be jammed, every wireless detector in a well-designed system must regularly check in with the central server/control box, that should raise a warning (if not the alarm) whenever a couple of pings have been missed from any sensor. This way the system would react to being jammed, albeit slightly slower than to a direct alarm. The downside of pinging regularly would be shorter battery life for non-mains-based detectors. This simple measure would actually work in a wired system as well.
Oh, and it would obviously enable the system to detect a run-down battery as well.
The problem with convenience in systems like these are that few people are able to assemble their own, despite the possibility to create a very sophisticated system for under £50. I have a Raspberry Pi with a couple of PIR sensors and time-of-flight sensors as virtual tripwires plus a HD web-cam for surveillance. It has a simple battery backup for the few times the power goes. Voilà.
I don't need a signature to draw attention to myself.
Maybe I should add a sarcasm warning now and again?
(Score: 2) by FatPhil on Tuesday August 27 2019, @07:46AM (1 child)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 3, Interesting) by SemperOSS on Tuesday August 27 2019, @02:51PM
I bought a little board off of eBay. This board is essentially the innards of a powerbank for your own Li-Ion batteries (I use one 18650). The board has one micro-USB input and two USB A outputs (5V, up to 2A). So far, this board has not had any problems.
I would have given you a link to the listing, only the seller has apparently stopped on eBay.
I don't need a signature to draw attention to myself.
Maybe I should add a sarcasm warning now and again?
(Score: 3, Interesting) by bradley13 on Monday August 26 2019, @07:29PM (2 children)
If you have a house without an existing system, and you don't want to pull cables to every window and door, you go wireless. However, wireless systems are fundamentally unreliable.
If contact is lost to a sensor, the controller must make a decision: trigger the alarm, or not. If it does not, then the system can be bypassed as described in TFS. If it does trigger an alarm, you will go nuts from false-positives: every time you have a thunderstorm, and every time that someone with a strong emitter (intentional, or maybe just defective) drives by your house.
In the end, for most people it's really more about deterrence than anything else. If you have a system, and your neighbor doesn't, it's easier to break into the neighbor's house. With this in mind, the most cost-effective security system you can buy is probably just a fake sign [safewise.com].
Everyone is somebody else's weirdo.
(Score: 0) by Anonymous Coward on Monday August 26 2019, @07:55PM (1 child)
A lot of that could be mitigated by having a short delay before triggering for lack of response. How long are those transient problems anyways? What's more things like cameras are mostly a privacy problem if they fire too often.
I considered getting one of these systems, but it became obvious within minutes of researching them that they're simply no good. They may deter the seriously interrupt burglars, but most will just bypass it or ignore it as they're often in and out in minutes for specific items.
When my brother's place was broken into, they were looking for something very specific and didn't even touch the cash sitting in plain sight in a table. I'm guessing they wanted guns or medicine as none of his valuables were stolen.
(Score: 2) by c0lo on Tuesday August 27 2019, @02:29AM
How long your neighbour runs a brushed electrical motor at high RPM? (something like a cheap Chinese equiv of a Dremel)
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 1, Informative) by Anonymous Coward on Monday August 26 2019, @07:51PM (1 child)
On the one hand, it's a bit silly it's so trivial to defeat. On the other hand:
"Door deadbolt lock defeated by a $10 common tool [amazon.com], nobody surprised."
A lot of security in place is there just to keep honest men honest, and any criminal who really didn't care would trivially bypass it.
On the other other hand, I'm not sure if an Alarm system should be more or less secure than a Lock system. Moreover, calling out security theater snake oil salesmen should be encouraged, so maybe my comments are out of place.
(Score: 0) by Anonymous Coward on Monday August 26 2019, @07:58PM
The point is to raise the profile of the attack and to increase the skill level required to break in. There isn't much you can do to prevent a skilled burglar from breaking in, but you can make the task not worth doing with things like security systems.
(Score: 2, Interesting) by Anonymous Coward on Tuesday August 27 2019, @12:02AM
One company after another has refused to talk to me about doing anything other than installing wireless. That's even though I have the wiring run already.