Security threats to wireless alarms?

 - 
07/30/2014

Tech publication Wired magazine may not focus too closely on alarm monitoring or residential security, but it does devote a good deal of ink to assessing network security threats, no matter what the context.

Just last month a writer for the magazine, Mat Honan, painted a funny dystopian sketch of the connected home in revolt, commandeered by morally wayward hackers on some perverse quest for Internet notoriety. Identifiable only by screen names evoking bad cyberpunk films from the 90s, these lonesome code junkies are intent on doing everything from dousing homes by activating sprinkler systems to invading your privacy in all the imaginable ways in a home amply stocked with network cameras.

The piece, titled “The Nightmare on Connected Home Street,” is of course meant to be hysterical: The narrator is jarred awake at four a.m. by the blaring pulse of dub step music exploding from his connected pillow. The vignette ends, a few hours later, with a bare and awesomely memorable paragraph: “The skylights open up. The toaster switches on. I hear the shower kick in from the other room. It’s morning.”

It’s all just a thought experiment, but the piece is entertaining and well worth a read.

Interestingly enough, about a month later, Wired turned its attention to security again, this time focusing on concerns that, surprisingly, have nothing to do with Internet connected devices. This time, the article dealt with security vulnerabilities related to wireless home alarms, which, according to a pair of researchers cited in the article, could be comprised—the alarm being either suppressed (via “jamming”) or made to deliver false signals. The researchers found identical problems with a number of brands.

The issue, according to the report, has to do with radio frequency signals. While the conversation is understandable for a layman, it can seem a bit arcane. In sum, the researchers found that the systems “fail to encrypt or authenticate the signals being sent from sensors to control panels,” according to the report, “making it easy for someone to intercept the data, decipher the commands, and play them back to control panels at will.” Would-be malefactors, the report says, can do this relatively easily.

The researchers cited in the article—Logan Lamb and Silvio Cesare—plan to present their findings at the Black Hat security conference, a computer security conference held in Las Vegas next week. I’m eager to here more about their findings and to see what kind of impact the research could have.