News and Reviews....

    Home Automation HACKED   August  2011

 By Bob Lieto

    In trying to accommodate all our customers requests, grow within the industry's direction, stay current and in business, Custom Audio-Video Systems has been swept into the convergence of AV (Audio - Video)  and IT (Information Technology) like all other businesses and elements of today's world. We remember back when AV had its' niche and IT had its' niche and the two were very separate. It was not to long ago. 

    The Internet changes all that and it has not been the same since or will it ever go back again. But I remember my first ping of wheeziness when I connected my first AV component to the Network. That sense of "uncontrolled" release of design, codes of logic and command into the great unknown.....The Internet. My fears were that the orderly commands and macros to allow precise control of our systems now became susceptible to a different facet of logic... the non-logic of a HACKER. My fears have been met, when I read an industry article today

    It seems that two researchers at DefCon in Las Vegas showed how they could hack into an automation system that took advantage of power line carrier technology. Not the Internet access per se, as suspected, but I will get to that a little farther down in the text. Power line carrier is the format of X10 and Z-wave systems. The hackers showed how using a sniffer device connected to the broadband network via an electrical outlet, they could manipulate 15 different neighbor's lights, HVAC and SECURITY systems. All communicated via the power line and those signals are NOT encrypted. Keep in mind that this was not accomplished within the facility hacked,  but from another home located within the area. Although, it could have been as close as from an outdoor AC outlet at the premises.

    The hackers also showed how they were able to track the MOVEMENTS of 15 neighbor's with automation systems inside their homes via their motion sensors and cameras, as well as jam signals for lights and alarms. Whoa !!  The hackers spent two months researching and designing their open source tools to conduct the hacks. They focused on X10 because the protocol "does not support encryption" and able to hack Z-Wave because the devices they looked at did not have the encryption incorporated properly.

    The hacking tools are being released to the public as the x10 Sniffer and the x10 Blackout, which jams signals to interfere with the operation of lights, alarms, security cameras and other devices.

    On another note, a German computer engineer has claimed to have decipher the code used to encrypt most of the world's Internet traffic and that he plans to publish a guide to prompt global operators to improve their signals. Karsten Nohl published the algorithms used by mobile operators to encrypt voice conversations on DIGITAL phone networks. he and a colleague intercepted and decrypted wireless data using an inexpensive, modified 7 year old Motorola cell phone and several free software applications. They intercepted and decrypted data traffic in a five-kilometer, or 3.1 mile radius. This puts the APP (application) generation at risk and all that they yearn to control.

Comment .....  My first "old school" fears seem to have surfaced. Custom Audio-Video will always try to keep as much control information, hardwired. It is a better way of control, and using wireless is kept to a minimum, unless the wireless is an RF encoded signal. This does not mean that your system is immune after reading the hacking articles, I have concluded that all systems that transfer any data via network whether that is by the front door or back door of the system, which are the folks that love their iPads and iPhone access could be held captive by forces well outside their home and control. This could make for an Intermittent Problem that could take a long time to correct and only after a serious and clever trouble-shooter spends a large amount of time to solve the cause. Even though the trouble-shooter might not, at that time be able to correct the cause without great changes to system software and hardware.

Back to Square One.

Update ..... August 12, 2011

    As reported by CEPro: Home Automation pioneer X10 will no longer make powerline-based products for controlling lights, thermostats and other devices with the company stating it had nothing to do with Black Hat hacking scandal. X10 is shutting down and it appears the company is headed into receivership. The protocol created in the 1070s interestingly coincides with the high-profile report from Black Hat that it could be hacked but the company insisted that it had nothing to do with its closure. More likely, the company faced competition from newer home control technologies such as Z-Wave (RF) and Universal Powerline Bus. being the low cost provider, X10 became hobbled from higher wages in China, where it is manufactured.

 

If you liked this article, or would like more information, please let us know by filling in a comment on our email page.

Past Articles on Subject:

Go Faster With WiFi   June  2011

Moca Saves The Day   March 2011

Cable Biz  November 2007

Digital Cable, See It Now or Not   May 2007

Cable in Reverse  April 2004

 

Copyright © 2011 Custom Audio-Video Systems, Inc.  |  All Rights Reserved