(Finally) We've published the issues with the Yale alarms

[cybergibbons]

Last week I presented at IFSEC on the issues with wireless alarms, especially the cheap ones. It was received quite well, but we weren't allowed to name names.

We've published a blog post about it now:

https://www.pentestpartners.com/blog/alarm-systems-alarmingly-insecure-oh-the-irony/

 

The short of it - easy to jam, easy to replay disarm signals, you can sniff the PIN over-the-air if you use a remote keypad, you can brute-force the PIN as well. I reported these issues to Yale 4 years ago.

However, they seem to be getting more and more popular as time goes on.

[norman]

Because less and less people give a hoot I reckon, and why would a crim go to the trouble of jamming or even capturing a PIN on someone who has a YALE system.

 

I'd be interested to know the true figures for any radio system circumnavigated in a similar way. 

 

I also wish I has a pound for every YALE system sold, people buy it through brand trust and recognition.

[MrHappy]

The only recent Yale alarm I seen had a on / off switch in side the outside box,

 

Rather than hackers, any spacker with a ladder could have silenced it

[PeterJames]

2 hours ago, norman said:

Because less and less people give a hoot I reckon, and why would a crim go to the trouble of jamming or even capturing a PIN on someone who has a YALE system.

 

I'd be interested to know the true figures for any radio system circumnavigated in a similar way. 

 

I also wish I has a pound for every YALE system sold, people buy it through brand trust and recognition.

I have to admit the same thought went through my mind, along with its a good job that banks dont use them 

[norman]

Banks are scarily lapse with alarms, they rely on the vault in any event of it not working rather than wait out of hours for an engineer.

 

In fact thinking about it, I've never been to a bank ooh.

[james.wilson]

dont carry anything like they used too

[MrHappy]

ain't there upto 100k in an ATM ?

 

In fact I fancy mending ATMs or traffic lights rather than alarms (no chin rubbing smiley anymore )

[cybergibbons]

3 hours ago, norman said:

Because less and less people give a hoot I reckon, and why would a crim go to the trouble of jamming or even capturing a PIN on someone who has a YALE system.

 

I'd be interested to know the true figures for any radio system circumnavigated in a similar way. 

 

I also wish I has a pound for every YALE system sold, people buy it through brand trust and recognition.

 

I dunno, the houses with them on are getting bigger and bigger, and some of the amazon reviews talk of big installs.

The PIN etc, yeah, not likley. The jamming though, really easy, reliable and cheap. I'd love to say much more expensive alarms can't be jammed, but a fair few can.

So far in the last 4 years, I've had 8 people approach me about break-ins without alarms going off. One of them I would definitely put down to mental health issues, one was a wired alarm, but the other 6 look credible. Hard to say really.

Just think manufacturers should all be pulling their weight here, and now stuff is getting Internet connected, even more so. Videofied was terrible, as was Risco.

[cybergibbons]

18 minutes ago, MrHappy said:

ain't there upto 100k in an ATM ?

 

In fact I fancy mending ATMs or traffic lights rather than alarms (no chin rubbing smiley anymore )

 

That's about the upper limit, but with a mix of £20s and £10s, normally a lot less. The ones in banks tend to be filled with more.

Look at these muppets though - spent months digging a tunnel to net a couple of thousand:
http://www.manchestereveningnews.co.uk/news/greater-manchester-news/mole-gang-dig-100ft-tunnel-679754

[norman]

1 hour ago, MrHappy said:

ain't there upto 100k in an ATM ?

 

In fact I fancy mending ATMs or traffic lights rather than alarms (no chin rubbing smiley anymore )

A friend has just left ADT to go back servicing ATM's