captain11's profile
Captain

Captain

 • 

4.6K Messages

Wed, Feb 23, 2022 7:35 PM

Consumer Reports: DYI Security Systems Hack with RF Jamming

A few years back a YouTuber reported SS, and other DYI wireless systems, could be hacked with a garage door key fob for under $3.  I did my own testing and found, as others, this was true but the intruder had to know the exact location of the sensor and the position of the base and put the key fob in direct line with it. For higher powered RF devices, however, it would work in larger areas, however SS would report the jamming activity.

Fast forward to today, and Consumer Reports has come out with the results of a recent study showing SS3, while vulnerable to this type of attack, will report the jamming to the owner. That's good, but here is what got me: ADT's wireless system prevented the jamming! For those that have been around in the forums for awhile know my dislike of ADT is very strong. Here's my question to Simplisafe: While you notify me of a jamming incident, why can't you stop the attempt in the first place like ADT? To be fair, SS was one of the few systems that could even detect and report the jamming, but c'mon, ADT can prevent it from being successful in the first place? Gauntlet thrown down SS, you have to address this. 

Below is the link to a local TV station's report but I encourage you, if you have an account with Consumers Reports, read the original referenced article. In it they have a full response from SS:

"

Glenn Gomes-Casseres, vice president of product and design at SimpliSafe, points out that these attacks are difficult to pull off in the first place.

“In order to jam a device, one would have to perfectly execute a highly nuanced protocol with devices specifically tuned and configured for this purpose,” says Gomes-Casseres. “And even if successful, thanks to SimpliSafe’s built-in detection, customers are alerted, and cameras are queued to record and capture evidence, during jamming attempts.”

Mr. Gomes-Casseres, congrats on the detection feature, now how about matching or exceeding ADT and the other systems that resist this type of attack?

https://www.ky3.com/2022/02/22/consumer-reports-hackable-home-security-systems/

Accepted Solution

Official Solution

Community Admin

 • 

2.9K Messages

6 m ago

Hi Captain,

Thanks for sharing. For everyone else tuning in, here’s the full article from Consumer Reports with a more thorough comparison between different wireless systems. In their test, we were given a “Very Good” rating, and overall we continue to be ranked #1 for DIY Home Security Systems.

First, this goes without saying (and criminals may not care), but using a device to jam electronic communication is an FCC violation, and therefore against the law. 

Secondly, given the sophistication involved, intruders are unlikely to use a targeted jamming attack. That being said, as Consumer Reports notes, all wireless security systems are susceptible to highly advanced  jamming - but the intruder would have to target the right frequencies and have enough power. If Consumer Reports had used different equipment and test procedures, ADT’s system could have been jammed as well. And as you mention, SimpliSafe features intelligent jam detection, so you’ll get a warning by Push Notification,  as soon as an attempt is made. Right now, ADT Blue (ADT's newer wireless system) does not!

Of course, we are not content to rest here. We’re committed to your security from all manner of threats, and that includes developing solutions to even the most unlikely attack vectors - like jamming. We are continuing to evaluate potential vulnerabilities and update our security measures and technology to keep you safe.

(edited)

Captain

 • 

4.6K Messages

@davey_d​ Thank you for the comprehensive reply and the means for non CR subscribers to read the report. I do recommend you have this information added to the Help Center with a new article, and, this be part of an expanded subject matter in a soon to be released online webinar here in the community.  (Yes, a not so subtle hint it's time to expand the capabilities of the new community site and get SS associates in front of your customers. :-) 

35 Messages

@davey_d​ Would be good to offer an option in the control setting to have a jamming detection trigger the alarm automatically.  If it only sends you that detection notice if there is a real jamming attempt this should be optional automated.

Community Admin

 • 

2.9K Messages

That's a fair suggestion. The reasoning for the current state is that it's not easy to tell the difference between general interference and a targeted jamming attack. Since interference is less uncommon, having the Wireless Interference signal trigger a full alarm could generate more false alarms than real ones.

 

Of course, there's no harm in asking for more options! I'm sending this up.

2 Messages

6 m ago

Fix it fast, or lose business. Mr. Gomes-Casseres' words are NOT sufficient when the world is full of tech hackers who WILL read the CR article and immediately begin using their devices. Better to remove the SimpliSafe sign from the yard and windows and doors than invite that into our homes.

.Business now will go to:

"Blue by ADT, Ecobee, Honeywell Home, Kangaroo, and Ooma—successfully resisted jamming"

Captain

 • 

4.6K Messages

@richard78​ I am not familiar with Kangaroo or Ooma, but very familiar with ADT, Honeywell and, to a bit less extent, Ecobee. Family members who had Honeywell systems did not fare well for various reasons, mostly including support and connectivity. ADT, well, let's just say that I wouldn't trust them at any time for any reason, after being a customer for 11 years. Overall, SS is still my company and solution of choice, but yes, they have to have plans to address this.

Advocate

 • 

2.8K Messages

5 m ago

So, SS is still putting lipstick on a pig.

"...And as you mention, SimpliSafe features intelligent jam detection, so you’ll get a warning by Push Notification,  as soon as an attempt is made."...

And such notification states what? "Wireless interference detected."?  If it says something different, please provide that info.

Have asked a million times since 2018, how does the customer know when a jamming event occurs vs wireless interference or some other interference?   SS has been incredibly vague about this for years (and let's not forget, SS2 users still have the code capture problem that will never be fixed, which was also downplayed).

For that matter, why does SS always downplay this stuff?  ("but everyone else can be hacked too!" and "you'd have to have super-duper sophisticated equipment to pull this off!"). SS shouldn't be concerned with everyone else.  SS should be concerned with your own customers.  You did it with SS2, you're doing it with SS3.  It's not "sophisticated", stop pretending it is.  It's been tested and determined to be a known flaw by pros, by laypersons, and by SS customers alike.  

If SS KNOWS a jamming event has occurred, send a push notification (and SMS/txt to those who don't have the phone app) to the user stating so, and not 'interference" which means absolutely nothing to the user.  Know what else is a problem?  Users becoming complacent with "interference detected" messages and just assuming it's some random, phantom occurrence in the home, even though they cannot determine what caused the occurrence.

Community Admin

 • 

2.9K Messages

@coltmaster1​ the only difference between wireless interference and jamming is intent. That is, jamming is just interference that someone is doing on purpose. Otherwise, as @Jim also notes, it's not really possible to distinguish between them.

And that's why the notification comes through to our users as "Wireless Interference Detected". It's mostly likely just general interference, but we're letting you know just in case.

35 Messages

5 m ago

As a EE I can tell you that trying to differentiate between a deliberate jamming signal versus other interference on the 433.92 MHz channel is pretty much impossible. You can detect that you are getting a strong signal that is not correctly encoded for that system but that’s all. You don’t have any way to know if it’s deliberate jamming unless the received power level is off the chart. For example above the FCC limits. If it’s within allowed transmit power levels you can’t determine intent. 

Advocate

 • 

2.8K Messages

@Jim​ 

Thanks for that.

So, SS, if you detect jamming, what exactly do you do to alert the customer?  Send a push/text msg with "interference detected"?  How many times do I have to ask before we get a real answer? 

Community Admin

 • 

2.9K Messages

I have mentioned it before but yes. You'll get both a Push Notification through the app, and a Smart Alert through email/SMS for "Wireless Interference Detected". It of course also shows up on your Timeline event log.