Security Issue

hub
security
motionsensor

(Arashi) #1

Hello,

So I came across this article today:


This is interesting stuff. in the middle of this article you find another links which bring my questions

and

Did anyone look into this?
Can someone jam the signals and easily bypass the alarm on Smartthings?
Does Smart hub has ability to encrypt the wireless connection?


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #2
  1. Yes. But you’re a 100x more likely to experience much less sophisticated service attacks like cutting your power, or Internet cable, or smash-and-grab fast enough to make the alarm useless.

  2. Yes there is encryption with certain vulnerabilities, but newer protocol versions are addressing this. In the meantime, see #1.


(Arashi) #3
  1. I have a backup power and cellular Internet.
    Every alarm system has issue with smash and grab so I have cameras recording for the police to follow up. (better than nothing). My concern is why smart hub doesn’t have the anti-jam functionally. I understand this product is mainly for home automation but it has security feature that needs improvement. Jamming the signals are easy, easier than smash and grab.
  2. well, this is good news. do you have any source that I can get more information?

(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #4
  1. Anti-jam functionality is a pretty sophisticated feature to expect from an $80 Hub. I’d suggest looking elsewhere if you believe you are at significant risk to jamming. Or, ideally, use a hardwired security system.

  2. Z-Wave and ZigBee both use reasonably strong encryption, but the ZigBee flaw has been publicized and affect ANY ZigBee HA based system (high-end Control 4 correction: not affected):, Hue, Wink, Iris,… It is addressed in ZigBee 3.0 (But I think SmartThings also added “secure rejoin” as a platform update to help reduce the risk). re: ZigBee 3.0 … http://processors.wiki.ti.com/index.php/What’s_New_in_ZigBee_3.0#Enhanced_security_for_Centralized_Networks_.28Networks_with_a_Coordinator.2FTrust_Center.29


(Arashi) #5

Thanks for the info!


(Lee Florack) #6

If you’re talking about smashing the door/window and grabbing stuff and escaping, that’s certainly true. However, if you’re talking about smashing the security system console to avoid the alarm from reaching the monitoring service, that’s a different story.

I’m with FrontPoint and their system works like this. If a door or window or motion alarm is activated with the system armed, it will immediately notify the monitoring station. If it’s me or anyone else that’s authorized, they’ll disarm the system within the appropriate time and no action will be taken by the monitoring service. If however, it’s not an authorized person - even if they smash the security console completely destroying it , no disarm command will be received at the monitoring station and the response calls will go out. So, in a nutshell, an initial alarm signal immediately goes out upon sensor activation. If a second disarm signal is not received, response is notified. The system is cellular based so there’s nothing to cut.

This doesn’t make it’s foolproof and someone who is quick can out-run the response, but there will be a response no matter what happens to the console.

Also, this is why I don’t use SmartThings as part of my security system. It’s missing too much of this functionality and SmartThings just isn’t reliable enough for me.

Slightly off topic but just clarifying a bit.
Please return to your previous discussion :wink:


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #7

My point about “smash and grab” is that petty burglars can quite likely break into a house with an alarm and have stolen somethings of value before the police will arrive.

I wonder what the statistics are for actual intruder arrests due to monitored alarm systems vs. cases where the system did not help, or cases where the sound of the alarm (as opposed to silent alarm) prevented theft.

Statistically, the risk of being burgled is low. Adding even a “vulnerable” security system reduces that by a non-trivial amount. The incremental value of a “less vulnerable” security system, really helps determine whether it is worth the cost.


(Lee Florack) #8

I agree.

[quote=“tgauchat, post:7, topic:78889, full:true”] I wonder what the statistics are for actual intruder arrests due to monitored alarm systems vs. cases where the system did not help, or cases where the sound of the alarm (as opposed to silent alarm) prevented theft.
[/quote]

To further that last idea, I’d say that the fact that there’s security system signage outside and on the windows is a big help to avoid a robbery in the first place. I believe I’ve read many articles confirming this.

Agree again.


(Patrick Stuart [@pstuart]) #9

Control4 does not use the ZigBee ha protocol. It uses a proprietary security model and not vulnerable to this type of attack. St is.


(Mark) #10

Really?

I’m neither a burglar nor a security system installer, but it seems to me smashing a window or taking a crowbar to a door takes far less sophistication, time and effort than reliably jamming any kind of wireless signal.

Do you know of any sources that cite #s of smash and grab home invasions vs. robberies that involved jamming the security system?

Totally agree with @tgauchat, if your situation is such that jamming of your security system is a significant risk, then you probably need a far more comprehensive security solution than that provided by a low-end home automation platform.


(Robin) #11

I own a small handheld jamming device about the size of a typical walkie talkie, it is intended to jam the following:

  • Bluetooth
  • Wifi
  • Celular
  • 3G

I purchased it to get some peace on my morning commutes as as I got fed up with others talking loudly on their phones when I was still half alsleep. And it’s just fun :smiling_imp:

It can kill wifi CCTV 100% and also plays havoc (unintentionally) with Zwave and Zigbee with an 80%ish success rate of jamming the signals from my contact and motion sensors!! With the device turned on I can normally enter my home without tripping the alarm!! Even if the hub gets tripped and sends the SMS, it rarely manages to trigger the Zwave siren.

The device cost me £150 and has a single on / off switch, so it’s hardly a sophisticated hack… I’m afraid that as the newer generation of burglars come into our homes, methods like this may become commonplace!


(ActionTiles.com co-founder Terry @ActionTiles; GitHub: @cosmicpuppy) #12

Don’t tell the FCC!

But you raise an interesting point: If “bad guys” decide to use jammers to block ZigBee or Z-Wave signals from your sensors, then they likely are also jamming 2G, 3G, 4G signals which a cellular-based alarm system would use to inform central monitoring, and they likely would cut your internet cable to remove the physical connection.

I suppose the physical cable cut is the hardest in most situations; but around here, the cable comes down from a telegraph poll and enters through the wall, accessible easily from the street.


(Robin) #13

My wired internet cable comes in underground, but the wire comes out of the ground and runs up the external wall of my house 20cm into a small junction box. That leaves 20cm of wire fully exposed right next to my front door :triumph:

This is standard for most U.K. homes!!

One day I’ll cover it with a metal cable guard!!

Also, in the U.K. our main electrical meter boxes and master fuses are located in GRP housings on the external walls to facilitate easy meter readings by the utility company… pulling a fuse would take 5 seconds!!

Guess I’m screwed!!