Vulnerabilities In Ip Alarm Signalling Protocols

[cybergibbons]

Not my work this time, but a guy from the Netherlands. He started reverse engineering the IP signalling protocol on an alarm so that he could act on events. Turns out the SIA-HS protocol is totally rotten

 

Here are the slides from his most recent talk, where he goes over some of the flaws in SIA-HS.

 

http://conference.hitb.org/hitbsecconf2013ams/materials/D1T2%20-%20Wilco%20Baan%20Hofman%20-%20Bringing%20Dutch%20Alarm%20Systems%20to%20Their%20Knees.pdf

 

 

I can't find a video of the presentation, but he did one last year on the same topic:

 

He also found problems in the Vebon SecIP protocol, although they are more subtle. Superficially it sounded good, but the details of the implementation led to it being quite insecure.

 

 

 

 

[Ronnie]

don't you people have better things to do with your time??  

[matthew.brough]

don't you people have better things to do with your time??

That's what geeks do, geek things?

[Ronnie]

That's what geeks do, geek things?

 

i'd rather have a beer and get laid...

[goncall]

That's what geeks do, geek things?

i wont even ask what the dummy is for...tho real girlfriends are probably out of the question for those lads....

[matthew.brough]

i wont even ask what the dummy is for...tho real girlfriends are probably out of the question for those lads....

I use wireshark all the time and I have a (human) wife?

i'd rather have a beer and get laid...

Hmm, I know I should too, but this stuffs more interesting.

[PeterJames]

Greeks are getting quite popular here recently wasnt there a Greek here the other week?

[Scotmod]

i'd rather have a beer and get laid...

 

Yet here we all are posting on TSI...

[Oxo]

Not If I win the Euromillions !!

[Ronnie]

Yet here we all are posting on tsi...

but i have a beer next to me now and at least 2-3 spare minutes later..