Submitted via IRC for SoyCow1984
Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised
The item in question is the SimpliSafe alarm system, a fully wireless, install-it-yourself system available online and from various big-box retailers. We’ve covered the system’s deeply flawed security model before, whereby SDRs can be used to execute a low-effort replay attack. As simple as that exploit is, it looks positively elegant next to [LockPickingLawyer]’s brute-force attack, which uses a $2 RF remote as a jammer for the 433-MHz wireless signal between sensors and the base unit.
With the remote in close proximity to the system, he demonstrates how easy it would be to open a door or window and enter a property guarded by SimpliSafe without leaving a trace. Yes, a little remote probably won’t jam the system from a distance, but a cheap programmable dual-band transceiver like those offered by Baofeng would certainly do the trick. Not being a licensed amateur operator, [LockPickingLawyer] didn’t test this, but we doubt thieves would have the respect for the law that an officer of the court does.
(Score: 3, Interesting) by All Your Lawn Are Belong To Us on Monday August 26 2019, @02:24PM
Always.
How expensive are these easy to crack systems? Are you willing to have that level of vulnerability / are you willing to pay for a higher level of security? Are you willing to pay for bars on your windows and 9/11-airplane-door-quality framing and locking systems that are difficult to pick and hire a private bodyguard / security firm to boot? Or do you try your hand at rolling your own with a Raspberry Pi? [raspberrypi.org] Even then, expect Daniel Ocean to take you to school.... or DannyB, his snarks are high-quality level that makes me think he'd be a master burrahobbit.
At least we have reports like this that show us the balances on the systems and show when something is overrepresenting its capabilities.
This sig for rent.