Submitted via IRC for SoyCow1984
Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised
The item in question is the SimpliSafe alarm system, a fully wireless, install-it-yourself system available online and from various big-box retailers. We’ve covered the system’s deeply flawed security model before, whereby SDRs can be used to execute a low-effort replay attack. As simple as that exploit is, it looks positively elegant next to [LockPickingLawyer]’s brute-force attack, which uses a $2 RF remote as a jammer for the 433-MHz wireless signal between sensors and the base unit.
With the remote in close proximity to the system, he demonstrates how easy it would be to open a door or window and enter a property guarded by SimpliSafe without leaving a trace. Yes, a little remote probably won’t jam the system from a distance, but a cheap programmable dual-band transceiver like those offered by Baofeng would certainly do the trick. Not being a licensed amateur operator, [LockPickingLawyer] didn’t test this, but we doubt thieves would have the respect for the law that an officer of the court does.
(Score: 3, Insightful) by pvanhoof on Monday August 26 2019, @01:28PM (2 children)
But but, it is IoT! IoT is new! IoT is AI. IoT is! It must be better. It must be secure. Because it has the word Safe in its product name. But but! My IoT religion disallows this device to be worse than just leaving the door open! But but but!
(Score: 0) by Anonymous Coward on Monday August 26 2019, @01:33PM
There's no security on the InTernet. You know, the Information Superhighway.
(Score: 0) by Anonymous Coward on Monday August 26 2019, @04:06PM
It's not an Iot hack. It's jamming the signal from the sensor to the base with RF. Many years ago CB radios with (now illegal) linear amplifiers would set off burglar alarms too.