Odd, you keep on replying though, so you obviously have some interest.
Alarm insecurity - jamming, replaying and brute-forcing on the Yale HSA6400
- Thread starter cybergibbons
- Start date
Sponsored Links
So, John, where is your line for something being too insecure for it to be installed in yur house?
Is there a reason you wilfully ignored the clear statement in the blog of "If you already have a wireless alarm, don’t panic. We are not seeing these attacks carried out in the wild"
Is there a reason you wilfully ignored the clear statement in the blog of "If you already have a wireless alarm, don’t panic. We are not seeing these attacks carried out in the wild"
Sponsored Links
cybergibbons, don't waste your time trying to introduce diversions from the thread's topic of hypothetical attacks on Yale alarms with improbable methods.
If you want to chat about internet-enabled cameras, don't expect me to feed you.
Drone update:
Number of drones observed since last report: Zero
Estimate of risk of domestic jamming due to drones: Imperceptible
If you want to chat about internet-enabled cameras, don't expect me to feed you.
Drone update:
Number of drones observed since last report: Zero
Estimate of risk of domestic jamming due to drones: Imperceptible
They are ever so complicated aren't they? All those hot pipes and cogs. Oh wait. I've just been told that's the heating boiler...
The cat doesn't either...
Last edited:
I had to read this twice to make sure you had actually written it. I'm hoping that you didn't mean it and just had trouble with your double negatives.
I think that this is a worrying comment for you to make. It clearly marks your initial post as simple FUD, trying to scare casual readers into believing that high tech criminals are lurking around every street corner with their powerful laptops and directional antennas. "Linux isn't a barrier to entry" - really? Not even for those burglars who can't read? And there will be "huge fines if you don’t comply?" (Actually, the FUD's starting to work and I'm getting scared
)This comment also calls into doubt your professionalism, if you as a spokesperson suggest homeowners should guard against (virtually impossible) fringe cyber attacks instead of locking their gates. You've finally shown your true colours as just a simple salesman selling fear on behalf of an alarm company of questionable integrity. They sometimes call that aggressive selling, or even a protection racket. Perhaps we should call time on this thread before more FUD & disinformation lets fly. Or before my lovely gran is scared into buying one of your anti-jamming jammers for only £75 /month. Plus VAT. Plus maintenance contract. Plus VAT.
Free advice for all readers here, from all police forces and crime prevention officers in the world: lock your garden gate!
And ensure the gate and the adjacent fence is high enough that a criminal cannot simply climb over the locked gate.
- Joined
- 23 Sep 2015
- Messages
- 169
- Reaction score
- 7
- Country
Ensure too that the garden gate is wired in as a zone, with tamper.
Not forgetting putting it on chime also.
Not forgetting putting it on chime also.
Paul - what's most disturbing is that you've taken to fabricating things to make your point.
Most people would be best to install a proper lock on their gate, rather than a padlock.
It's pointless for most people to buy a big padlock for their garden gate, as it will cost a lot more than a normal padlock and provide no benefit.
You have a strange definition of impossible. Buying a £50 jammer from China does the job.
Why do you keep on raising this?
This is pure fabrication by yourself, which is odd.
Wow, big accusations with no evidence.
Which don't exist.
Informing people isn't FUD. It's only FUD if you do not have the mental capacity to assess the risks yourself. An alarm is installed for a number of years. If these attacks do start happening, then you have no way of fixing it.
Most people would be best to install a proper lock on their gate, rather than a padlock.
It's pointless for most people to buy a big padlock for their garden gate, as it will cost a lot more than a normal padlock and provide no benefit.
You have a strange definition of impossible. Buying a £50 jammer from China does the job.
Why do you keep on raising this?
This is pure fabrication by yourself, which is odd.
Wow, big accusations with no evidence.
Which don't exist.
Informing people isn't FUD. It's only FUD if you do not have the mental capacity to assess the risks yourself. An alarm is installed for a number of years. If these attacks do start happening, then you have no way of fixing it.
Last edited:
Okay, I may have laid it on thick so I apologise. I'm not sure if you're just pulling my chain, or if you're having difficulty producing a coherent and consistent argument. However, final time around in detail:-
Virtually impossible: This is from your blog as one of the types of jamming that can be carried out:
which you have done with an ARF development board that requires additional hardware and custom software which you ran on a Linux computer:
As a security company, you deal with the balance of probabilities. Linux is no barrier to entry-how many people reading this have installed Ubuntu? And they're professional alarm engineers. What is the percentage of the criminal fraternity capable of assembling this kit that you needed for reactive bit jamming? You have not given a single example of an arrest of a suspect carrying reactive bit jamming hardware. Or even the report of a crime using such kit. The probability of this attack in the field is effectively zero.
Directional antennas: The paper you link to in your blog required directional transmissions in order for this reactive bit jamming to be possible. Have you read it?:
huge fines if you don’t comply:This is a screen grab from PenTestPartners, the company you're promoting:
I didn't fabricate this, your company did.
Simple salesman selling fear:It's a common tactic to make people afraid of an imaginary danger, then offer to sell us a solution. That tactic will haunt Tony Blair for the rest of his life. This blog entry is on a par with that advert for special bleach to kill all those horrible monsters that thrive under your toilet seat and laugh at the home owner.
one of your anti-jamming jammers: Pithy satire. Sorry that you didn't get it.
Perhaps I've misinterpreted your blog, but it seems to me that you're deliberately re purposing cutting edge research as something that might happen to everyone. If the police told me this, I'd take notice and worry. If you tell me this, working for a security company selling high tech research you'll excuse me for being sceptical. I don't mind this kind of marketing as I'm immune, but please at least caveat it clearly before you do real harm.
Virtually impossible: This is from your blog as one of the types of jamming that can be carried out:
which you have done with an ARF development board that requires additional hardware and custom software which you ran on a Linux computer:
As a security company, you deal with the balance of probabilities. Linux is no barrier to entry-how many people reading this have installed Ubuntu? And they're professional alarm engineers. What is the percentage of the criminal fraternity capable of assembling this kit that you needed for reactive bit jamming? You have not given a single example of an arrest of a suspect carrying reactive bit jamming hardware. Or even the report of a crime using such kit. The probability of this attack in the field is effectively zero.
Directional antennas: The paper you link to in your blog required directional transmissions in order for this reactive bit jamming to be possible. Have you read it?:
huge fines if you don’t comply:This is a screen grab from PenTestPartners, the company you're promoting:
I didn't fabricate this, your company did.
Simple salesman selling fear:It's a common tactic to make people afraid of an imaginary danger, then offer to sell us a solution. That tactic will haunt Tony Blair for the rest of his life. This blog entry is on a par with that advert for special bleach to kill all those horrible monsters that thrive under your toilet seat and laugh at the home owner.
one of your anti-jamming jammers: Pithy satire. Sorry that you didn't get it.
Perhaps I've misinterpreted your blog, but it seems to me that you're deliberately re purposing cutting edge research as something that might happen to everyone. If the police told me this, I'd take notice and worry. If you tell me this, working for a security company selling high tech research you'll excuse me for being sceptical. I don't mind this kind of marketing as I'm immune, but please at least caveat it clearly before you do real harm.
Genera Data Protection Regulation has nothing to do with a jammer blocking the wireless channel to defeat a system operating with one way communication on a licence exempt frequency. No data is involved
You choose to decide it is imaginary.
Have you spoken to your local crime prevention officer ?
The high tech "research" is intended to help protect high end data and property from being stolen. It is orders of magnitude more complex than protecting the average domestic house from a burglar with a jammer purchased on the internet,
What is you opinion of marketing that sells insecure alarm systems to the general public by claiming wireless is the best option. It is the best for the sales person as quick and easy stick 'em on the wall installation will not deter the general public from buying them. People would be far less likely to impulse buy an alarm if they had to hard wire it.
I haven't seen this marketing. Where did you find it?
Still no sign of your burglary drones.
How many have you seen in Befordshire this week?
"A simple OOK transmitter, modulated using a 555 timer would do the job for proactive jamming."
That's not impossible.
"It sounds like alarms should be triggered by proactive jamming, doesn’t it?
Strangely enough, a lot aren’t. This goes from cheap consumer alarms all the way up to graded alarms."
There is no requirement for reactive jamming, as clearly stated.
I don't think you've read it, have you? It's about detecting attacks, not making attacks. They are looking at the scenario where an attacker uses directional antennas. It's not a requirement when making the attack - the standard chip antennas work fine.
However, as clearly stated, this isn't the attack being carried out against the Yale.
But again, as clearly stated, the paper is linked to because it is the source of the image.
Yes, but you've quoted it as a rebuttal concerning alarm jamming. That's fabrication.
Which cutting edge research? You know the paper is about detecting jamming?
"We are not seeing these attacks carried out in the wild."
When you say "attack" you mean test? Or do you mean properly documented attacks by criminals targeting an ordinary domestic house in an ordinary residential street?
DIYnot Local
Staff member
If you need to find a tradesperson to get your job done, please try our local search below, or if you are doing it yourself you can find suppliers local to you.
Select the supplier or trade you require, enter your location to begin your search.
Are you a trade or supplier? You can create your listing free at DIYnot Local
Sponsored Links
