Early bird prices are coming to an end soon... ⏰ Grab your tickets before January 17

This article was published on February 18, 2016

SimpliSafe security systems are highly vulnerable to simple attack by thieves


SimpliSafe security systems are highly vulnerable to simple attack by thieves

As security researchers turn their attention to the vulnerabilities in connected devices, they may have overlooked a simple ’90s-era attack that could make over 200,000 homeowners in the US vulnerable to thieves with a $250 gadget.

SimpliSafe was touted as a wireless alarm system that’s cheaper than a traditional system and easily installed, even by most consumers. It’s also claimed to be used in over 200,000 homes.

While looking for modern attacks, however, security experts overlooked a simple replay exploit that was common in the 1990s and used to cause havoc on garage doors.

The attack is a simple one that intercepts and records the unlock codes as they’re transmitted over the air. To thwart this, garage door openers started using a rolling code, which sends a different code each time it’s used.

The exploit, which was originally reported by Andrew Zoneberg, a security researcher with IOActive, takes advantage of this vulnerability with a readily-available device that “sniffs” the network for incoming 433 MHz radio traffic to capture the PIN packets from SimpliSafe key pads as they are used.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Recovering the actual PIN used to communicate between the keypad and base station isn’t necessary, as the intercepted packet can be replayed in whole because there’s no cryptographic authentication between the two SimpliSafe devices.

The attacker would then wait until the homeowner was away and send the packet to the base station, which disables the alarm.

Unfortunately for SimpliSafe, and its customers, there isn’t a fix for this.

The system would have to be removed and replaced with one that used authentication between the base and keypad in order to only accept trusted signals.

Popular home security system SimpliSafe can be easily disabled by burglars [MacWorld]

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Published
Back to top