January 07, 2016
A cybersecurity firm has uncovered a serious flaw in Comcast's Xfinity Home Security system that could allow burglars to break in without setting off alarms — and all it took to find the flaw was some tech knowledge and tinfoil.
"The researcher placed a paired window/door sensor in tinfoil shielding while the system is in an ARMED state," the report said. In real life, of course, an intruder would not use tinfoil, as that would require access to the sensors, but would instead use an illegal radio jammer to block the signals.
"While (the system was) armed, the researcher removed the magnet from the sensor, simulating a radio jamming attack and opening the monitored door or window," the report continued.
When the sensors failed and Bosco opened the door, the security system continued to report, "All sensors are intact and all doors are closed. No motion is detected."
Not only that, but it took anywhere from a few minutes up to three hours for the sensor to re-connect with the main hub. And even then, the system didn't leave an indication that anything had gone wrong.
“There’s no indicator to the user that something bad happened or something unusual — that it was being jammed for 20 minutes or whatever,” security research manager Tod Beardsley told Wired. “The sensor says ‘everything is cool, everything is cool,’ and then it stops talking, and the base station says ‘I guess everything is [still] cool.’”
Comcast defended itself by saying that this vulnerability affects all wireless security systems, not just Xfinity. When Wired asked if the company planned to issue a security patch, spokesperson Charlie Douglas said the following:
“This is an industry issue, and we will work with the industry and other partners to address it. If there are ways that can be designed to address this then it is in everyone’s interest to work collaboratively to do that. But we have to look at the research carefully, talk with others and learn about whether or not that simple patch truly fundamentally addresses the baseline issue or if there are other things that could be done in addition to that.”
Read the report Rapid7 here.