j.paul Posted February 14, 2006 Posted February 14, 2006 You trade guys do go on a bit about the need to suppress engineer There are no stupid questions, but there are a LOT of inquisitive idiots.
Zak Posted February 14, 2006 Posted February 14, 2006 Alarm companies have to fit to the European Standards PD6662:2004(EN50131) This is what it says about codes: 8.3.1 Access levels For each security grade of an alarm system there shall be four levels of access via the user interface to the functions of the alarm system. The four access levels are as follows: Level 1 Access by any person Functions required to be accessible at level 1 shall have no restriction on access. Level 2 User access EXAMPLE: by an Operator Functions affecting the operational status (without changing the Alarm system configuration). Level 3 User access EXAMPLE: by Alarm Company Personnel All functions affecting the Alarm system configuration (without changing equipment design). Level 4 User Access EXAMPLE: by the Manufacturer of the equipment Access to components to change equipment design. Yes, but in fairness what does it say in 4737, to which most of these posts will be probably come under? Zak Tankel - Managing Director - Security First (UK) - www.securityfirst.uk.com Disclaimer: Any comments or opinions expressed by me are my own as a member of the public and not of my employer or Company.
Zak Posted February 14, 2006 Posted February 14, 2006 There are 3 issues that seem to be muddied into the same common attack. 1. Installation manuals in general 2. Defaulting information 3. Engineer codes 1. Installation manuals for most professional systems are not available anywhere. They are not available on here because manufacturers do not supply them to end users, and do not sell their equipment to end users. They will not support end users. Many professional panels do not even come with complete installation manuals. 2. Defaulting information is a security risk pure and simple, as Pete has explained many times. If you can find a manual and sort it yourself then fantastic for you - but keep it to yourself because you are quite simply reducing the effectiveness of security systems by posting that information elsewhere. To spell it out for you, someone with a bit of gumption can break in and default the system with minimal fuss (depending on system design). 3. Engineer codes are proprietary information belonging to the alarm installation company. In fact, many company's lock their engineer codes so defaulting the system will not allow the user in to the programming anyway. Again, as people have taken the trouble to state politely many times, if a company's engineer code was made public they would have to go and change the codes of all their systems. This is also likely to be enforced by their inspectorate. I will give a very basic example. A gardiner, cleaner or untrustworthy member of staff of either a house or business, finds the engineering code on the net. One day, he or she turns off the detector(s) in an area protecting high value goods. Several days or weeks later they break in and clear out the property. The insurance company check the programming to see why the system didn't activate and holds the alarm company liable. If a system is not under contract then the engineering code can be changed back to the factory default for the customer. Some companies won't do this, some will. If the customer wants to potentially mess up their system when not under contract then that is their perogative. Zak Tankel - Managing Director - Security First (UK) - www.securityfirst.uk.com Disclaimer: Any comments or opinions expressed by me are my own as a member of the public and not of my employer or Company.
j.paul Posted February 14, 2006 Posted February 14, 2006 Yes, but in fairness what does it say in 4737, to which most of these posts will be probably come under? Probably right mate The USA freedom of information required that all vehicle distributors had to release their workshop manuals.....Great news for those of us owning European cars..... A quick search with google should give you all the Security Manufacturers web sites with contact numbers just give them a ring and ask them to supply you with engineer manuals and defaulting information. There are no stupid questions, but there are a LOT of inquisitive idiots.
Service Engineer Posted February 14, 2006 Posted February 14, 2006 Topic Closed: ........................................................ Dave Partridge (Romec Service Engineer)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.