cybergibbons Posted November 30, 2015 Author Posted November 30, 2015 No doubt it's serious But nothing is being proven that it will fall over or could be compromised except on particular units I'd say they staying quiet while they perform there own tests and find a way to patch it if it's at all true They've had all of the detail since April 2015, and the bulk of it since June 2014. That's a very long time to apparently do nothing. But nothing will be fool proof , all software and ip connections will have weaknesses Exactly. To assume your system is free from problems is reckless. That's why having a system to update firmware is vital. It's probably their biggest failing in this whole thing. CG this is right up your street should have given them heads up! http://www.bbc.co.uk/news/technology-34944140 Yeah, this is terrible. I'm not sure if you've read the details on it, but this was negligence again. Literally 10 minutes looking at their site after the breach had been announced showed issues. I report between 5 and 10 issues to various vendors each week. At least half of big sites have issues. It's scary - software "engineers" have no requirement to actually know what they are doing. Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
PeterJames Posted November 30, 2015 Posted November 30, 2015 Rob Evans, when he called me to ask me to take down the initial reverse engineering posts, specifically mentioned a case where a Dualcom unit had failed to send a panic alarm, and the shop owner had been injured. I wouldn't want that to happen if I released my research? Andy can you clarify exactly what Rob Evans said? Its just that the above statement could be interpreted one of two ways. Quote
cybergibbons Posted November 30, 2015 Author Posted November 30, 2015 Any time you begin to communicate and you have sensitive data to transmit there is a requirement for encryption. It does not matter whether its the written word, the wireless radio (the Enigma machines from WW2), encrypted telephone links between governments or your bank transactions, and yes, Alarm Transmission. You may "well they broke the Enigma code" but you have to remember the hours, weeks, years that went into that and part of the key to cracking this was the fact that the Germans were transmitting a set pattern of data with every transmission (the weather reports). In basic terms, they gave away the key to their encryption through predictable messaging. What is equally if not more important, was keeping the fact that the code was broken from them, so that they could be fed miss-information. So no, PSTN, (or back to Pigeons if you like!), is not the answer. Getting the encryption technique right is, and its a basic requirement. If communications security is compromised, then everything that is current or went before is at risk until a new form of encryption is deployed, and in modern communications that means a software update. You have hit the nail on the head here. I think what has happened is that Dycon is a small company, possibly 2-3 developers/engineers. They've used a esoteric processor - the NEC 78K0R. It's not easy to work with, there are scant tools, it's low in capacity, it's expensive, it's end-of-life. There's really little to recommend it, even 10 years ago. I suspect the are the kind of developer who has reached that stage in life where they don't want to (or can't) learn anything new. The DigiAir is fundamentally the same hardwear as the earliest boards I have - nothing is moving on. I think these people have also assumed that the communications channel of GPRS is secure. This was true 15 years ago - only nation state attackers were capable of attacking it. Now for <£2000, you can build a viable fake cell site. They designed their protocol assuming the communications channel was secure. When they had to expand to IP, they didn't have enough head-room to add a new protocol so stuck with the same thing. Andy can you clarify exactly what Rob Evans said? Its just that the above statement could be interpreted one of two ways. Unfortunately I didn't record the call, but during the call in May 2014 when Rob Evans called me to ask me to take down the blog posts, the following (paraphrased) conversation happened: RE: We have a case recently where a shop was robbed. The owner pressed the panic button and the signal didn't get to the ARC. The owner got hurt. AT: Ok. RE: If you release your research, this kind of thing could happen more often. AT: So it's my fault for finding these issues, and not CSL's for developing the system? RE: Well, we wouldn't want anything bad to happen if it is released. Clear? Quote I have a blog, some of which is about alarm security and reverse engineering:http://cybergibbons.com/
PeterJames Posted November 30, 2015 Posted November 30, 2015 Much clearer, I was reading it as it could have been Rob was proposing it an example of what may happen, rather than an admittance of failure. Quote
Dick Posted November 30, 2015 Posted November 30, 2015 I didn't record the call, but during the call in May 2014 when Rob Evans called me to ask me to take down the blog posts, the following (paraphrased) conversation happened: RE: We have a case recently where a shop was robbed. The owner pressed the panic button and the signal didn't get to the ARC. The owner got hurt. AT: Ok. RE: If you release your research, this kind of thing could happen more often. AT: So it's my fault for finding these issues, and not CSL's for developing the system? RE: Well, we wouldn't want anything bad to happen if it is released. Clear? Oh dear! It makes an utter mockery of monitored security, it really does. 1 Quote
al-yeti Posted November 30, 2015 Posted November 30, 2015 Utter mockery? Not really monitoring has its place , as those who use diallers which overall not as good , just depends what your willing to pay for Grade 3 would be worrying eh? Quote
Dick Posted November 30, 2015 Posted November 30, 2015 Utter mockery? Not really monitoring has its place , as those who use diallers which overall not as good , just depends what your willing to pay for Grade 3 would be worrying eh? Yes, utter mockery as far as the more supposedly secure (G3) monitoring is concerned in the cases CG has exposed. 1 Quote
datadiffusion Posted November 30, 2015 Posted November 30, 2015 Depends what kit you're using. Even in it's insecure state, it still beats anything relying soley on a telephone line. Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands
Dick Posted November 30, 2015 Posted November 30, 2015 Depends what kit you're using. Even in it's insecure state, it still beats anything relying soley on a telephone line.When you have to revert to saying "even in its insecure state" as a reference to G3 security just highlights the state of the industry in some areas and the thinking therein.Maybe the companies could use it as a tagline. 1 Quote
datadiffusion Posted November 30, 2015 Posted November 30, 2015 I don't have to revert to saying anything. I use webway, and purely telephone line based solutions are tat, simple as that. Quote So, I've decided to take my work back underground.... to stop it falling into the wrong hands
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.