Jump to content
Security Installer Community

Vulnerabilities In Ip Alarm Signalling Protocols


Recommended Posts

Posted

Yeah. I got told to walk off a short plank with the chains of a big lawsuit around my ankles. 

 

I'll take up the offer of signalling equipment once my plate is clear, I have a lot on at the moment.

Customer service at it's best :proud:

I'm not Honeywell fan. Their kit malfunctioning and their subsiquent lack of response to address it has cost us dearly in 2 big customers and a lawsuit that followed.

 

I thought you could publish this info as long as it was in journalistic interest :proud:

www.securitywarehouse.co.uk/catalog/

Posted

I'm not sure I want to test it unfortunately. I do have someone willing to help with publishing stuff, I just need to make sure anything that is fact is presented as fact, and anything opinion is opinion....

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Posted

I'm not sure I want to test it unfortunately. I do have someone willing to help with publishing stuff, I just need to make sure anything that is fact is presented as fact, and anything opinion is opinion....

I can understand that, especially with the deep pockets some of these companies have (which is what I think they rely on to mask some of their 'issues'. If it was me personally I'd do it but can understand why many wouldn't.

www.securitywarehouse.co.uk/catalog/

Posted

Honeywell are entirely unwelcoming to reports of vulnerabilities. What has been their take on issues with their protocol?

 

Their take is that they are right and everyone else is wrong.  At least initially it is - they only change their mind when they realise that nobody is buying product.

btn_myprofile_160x33.png


 

Posted

You would have thought by now that Honeywell were used to handling vulnerabilities

 

To date they have been lucky as vulnerabilities have been disclosed ethically to them.  Though in some cases they had over 3 months from disclosure to publishing and yet still haven't fixed the issue over 6 months later.

btn_myprofile_160x33.png


 

Posted

You would have thought by now that Honeywell were used to handling vulnerabilities

 

To date they have been lucky as vulnerabilities have been disclosed ethically to them.  Though in some cases they had over 3 months from disclosure to publishing and yet still haven't fixed the issue over 6 months later.

You think they will ever bother? My issue list didn't get resolved in 2 years, not even the critical ones.

www.securitywarehouse.co.uk/catalog/

Posted

We were given a workaround followed by more unsuitable workarounds.   It is only fair for me to point out that they did finally realise and fixed an issue we flagged properly within the firmware rather than through a workaround.

btn_myprofile_160x33.png


 

Posted

We were given a workaround followed by more unsuitable workarounds.   It is only fair for me to point out that they did finally realise and fixed an issue we flagged properly within the firmware rather than through a workaround.

Lucky you . . .

www.securitywarehouse.co.uk/catalog/

Posted

We are happy to discuss our encryption and substitution protection with interested parties and have been independently tested not only by the BRE/LPCB, but also customers own IT and external penetration test houses. This has enabled us to sell our systems into banks and retailers. As encryption is part of our software protocol we see no reason not to offer this level of protection to any connection.

 

 

Just picking up on what Chris has said here. The 3rd party penetration testing we carried out has been under non-disclosure and included sensitive information on how the system operates. They attempted attacks on both the SPT and the MCT, all unsuccessful. To truly meet Grade 4 levels of alarm transmission both substitution and encryption protection is mandatory on ALL communication paths. You cannot claim to meet Grade 4 if you do not adhere to these requirements and these are questions that should be asked of the the ATS provider. As Chris mentions, once these techniques are in place they may as well be deployed across all grades if system, it makes no sense not to. 

Jim Carter

WebWayOne Ltd

www.webwayone.co.uk

Posted

Jim,

 

Two things I pick up from that:

1. "sensitive information on how the system operates" is under NDA. If that information was disclosed, would it have material impact on the security of the system? I've seen NDAs breached before, and you've always got to think about what happens if you piss off an employee.

 

2. "once these techniques are in place they may as well be deployed across all grades if system, it makes no sense not to" - this is a brilliant attitude to have. I really don't think product differentiation should be the reasoning behind a grade 2 product being worse than a grade 4.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.