Vulnerabilities In The Abus Secvest Wireless Alarm

[cybergibbons]

Once again, not my work, but a look at the Abus Secvest alarm system, which is at least partially made by Cooper.

 

The wireless protocol isn't significantly different to a Yale or Friedland DIY alarm - no rolling code, no encryption, no authentication. Vulnerable to replay attacks.

 

http://sitsec.net/files/secvest_analysis.pdf

 

This is a grade 2 alarm, but is a million miles behind something like a Pyronix Enforcer or Texecom Ricochet in terms of security.

[MrHappy]

F'ck me that's expensive... http://uk.rs-online.com/web/p/security-alarm-systems/0519359/

[james.wilson]

Very interesting cg please continue

[cybergibbons]

Yeah, the Abus kit is stupidly expensive - but I think if you are trade in the right country, it is probably a lot less? I know what I pay for alarms is a lot more than trade here.

 

What I found particularly interesting about this alarm is that it is very modern and forward thinking on the IP front, but it's like a system from 20 years ago on the RF front. It must be what the consumers want.

[Lwillis]

That is expensive, could fit a galaxy's hybrid wireless for less that that.

[cybergibbons]

Expensive and insecure. I know they aren't used here, but I hope it means people will vote with their cash.

[datadiffusion]

Rejigged Homelink 75? How similar are the devices to current cooper kit?