Today, my wireless alarm hacking posts ended up on Hackaday, and I received this comment:
Your average suburban burglar is gonna be way to dumb to figure this stuff out. And if you’ve got millions of dollars worth of art or whatever that might attract a higher class of crook, you’re not gonna scrimp on security eh?
I’ve had more than a few people reply with the same sentiment over the last few months, so I thought I’d reply here rather than in a comment.
Burglars are too dumb
The burglar doesn’t need to be clever. He just needs to buy a device from someone who is clever and immoral. It’s possible to use a CC1110 RF SoC to jam, disarm, and otherwise disable many of these alarms. It wouldn’t need any skill to operate and it wouldn’t cost much.
Burglars won’t bother
This was exactly what people said about keyless ignition and entry on cars. That quickly changed once exploits were available.
Anyone with sense would have a better alarm system
They might have an alarm system that looks better on paper. But they have absolutely no way of actually knowing if the alarm has any exploitable vulnerabilities or not. There is no requirement for alarms to be independently tested. I can confidently say that much more expensive alarms are no better than the Friedland alarm detailed in my posts.
As an aside from this – the higher grade alarms are really only there to satisfy insurance requirements. As long as it the system meets the requirements of the insurers, it shouldn’t matter if there are any vulnerabilities. Unless, of course, it looks like the alarm wasn’t set in the first place…
Conclusion
This doesn’t mean that burglars are exploiting vulnerabilities in wireless alarms. It does mean two things:
- Consumers don’t have the means to tell if an alarm system is secure or not, due to poor standards and lack of third party testing.
- Alarm and signalling manufacturers are happy to sell insecure equipment because of this.
Myself
August 2, 2013 at 5:14pmSo if it’s possible to misbehave in such a way that the alarm looks like it’s not set, insurance won’t pay the claim. That gives a couple of really perverse incentives:
1: A crook out to steal things might not care, but someone bent on revenge or ruin might prefer this sort of attack. Or embarrassment — if it comes out that so-and-so-rich-person was burgled and “their alarm wasn’t even turned on”, it makes them look aloof or incompetent.
2: Insurance companies might now have incentive to prefer systems which are vulnerable in this way. They wouldn’t even need to realize why, simply notice that they pay fewer claims to people with Brand X. It would show up in statistics, and they might never go looking for a root cause. Sufficiently advanced incompetence is indistinguishable from malice.
3: Because of the above (which might be why the industry is satisfied with such pathetic standards in the first place), consumers need to think of the alarm as protecting them from the insurance company‘s desire to not pay claims.
4: Ergo, insurance companies are the last people whose advice you should take on which system to install.
Yikes. I think I just depressed myself.