Skip to main content
  1. Home
  2. Smart Home
  3. News

SimpliSafe burglar alarms may not be keeping you safe at all

By

simplisafe burglar alarm screen shot 2016 02 19 at 2 17 08 pm
Image used with permission by copyright holder
A burglar alarm system has one job, and one job only — to sound an alarm when intruders venture into your property. Unfortunately, SimpliSafe has failed its singular task in rather epic proportions. According to reports, the home alarm setup is riddled with an “unfixable flaw” that renders it practically useless when it comes to actually protecting you and your valuables from an intruder who is familiar with the flaw. The security system, used in over 200,000 homes, is cheaper than many on the market, but this is a real case in point of getting what you pay for. So when it comes to safety, please don’t be cheap — or at the very least, stay away from SimpliSafe.

According to a blog post published Wednesday by IOActive researcher Andrew Zonenberg, a clever and digitally savvy thief would be able to disable a SimpliSafe alarm relatively easily, and from quite a distance away. In fact, intruders could be up to 100 feet removed from your home and still be able to deactivate your security system, creating an in for themselves. More frightening still, Zonenberg writes, “This attack is very inexpensive to implement — it requires a one-time investment of about $250 for a commodity microcontroller board, SimpliSafe keypad, and SimpliSafe base station to build the attack device.” So basically, the intruder would be able to use the security system to … disarm itself.

Recommended Videos

So is there any solution to this massive flaw? Apparently not, the security expert writes.

Please enable Javascript to view this content

“Unfortunately, there is no easy workaround for the issue since the keypad happily sends unencrypted PINs out to anyone listening,” Zonenberg says. “Normally, the vendor would fix the vulnerability in a new firmware version by adding cryptography to the protocol. However, this is not an option for the affected SimpliSafe products because the microcontrollers in currently shipped hardware are one-time programmable. This means that field upgrades of existing systems are not possible; all existing keypads and base stations will need to be replaced.”

Yikes.

Related

SimpliSafe has responded to IOActive’s criticisms by noting, “While any wireless system is susceptible to this type of attack from a sufficiently savvy and motivated intruder, our systems can be backed up with a land line or an Internet connection for no additional cost.” The company also claims that the sort of attack described by the blog “represents such a small percentage of total break-ins that the FBI does not even keep a count.”

SimpliSafe continues, “This is because the majority of break-ins are a quick forced entry and not the sophisticated type of attack that requires diligent planning as well as highly illegal and cost-prohibitive equipment. Assuming an intruder has the requisite technology, he would need to know the frequency ranges he needs to jam, and also know the layout of your home beforehand, as he would have to avoid motion detectors even in the unlikely event that he bypassed a door sensor.”

So better hope your burglars aren’t so tech savvy, or replace your alarm system.

Editors’ Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Every smart home security camera should have a shutter. Here’s why.
SimpliSafe SimpliCam on wall

You’re sitting at home sipping on a freshly opened can of ice cold beer in your bathroom. Best of all, it’s a Saturday afternoon. Pure bliss.

Then, by chance, you lock your gaze squarely at the indoor security camera perched on top of a bookshelf. The more you stare at the camera, the more you feel like someone's watching. The news about Ring’s cameras being hacked doesn't help.

Read more
Hurry! The TP-Link Tapo MagCam is only $70 in this Cyber Week deal
The TP-Link Tapo MagCam C425 security camera on a white background.

You can never have too much home security. From security cameras to motion detectors and floodlights, there’s a way to keep tabs on just about every part of your home or business, both indoors and outdoors. A lot of this smart gear is getting a lot cheaper, too, though it’s always a good idea to stick with top-rated surveillance brands. Speaking of surveillance, a brand we like to recommend whenever we can is TP-Link, and we just came across a fantastic offer:

While this sale lasts, you’ll be able to purchase the TP-Link Tapo MagCam 2K Battery Outdoor Camera for only $70. At full price, this model sells for $120.

Read more
Want a cordless vacuum for under $100? This one’s just $65!
The PrettyCare W200 cordless vacuum on a white background.

If you're searching for the ultimate bargain from the available cordless vacuum deals, look no further than Walmart's offer for the PrettyCare W200. Originally sold at $400, you can get this cleaning machine for an unbelievably low price of only $65. That's $335 in savings! We're not sure how much time is remaining before this discount expires, so if you don't want to miss this opportunity, you're going to have to add this cordless vacuum to your cart and complete the checkout process immediately.

Why you should buy the PrettyCare W200 cordless vacuum
The PrettyCare W200 cordless vacuum offers two suction modes: it can run for about 20 minutes in the stronger power mode and for about 48 minutes in the normal power mode. It's capable of picking up different kinds of dirt, debris, and pet hair across all floor types, and it stores all of them in its 1.3-liter dust collection cup that's easy to empty once you're done. The cordless vacuum is also equipped with a stainless steel filter filtration system and a six-stage HEPA filtration system, so that it will capture pollutants and fine dust and only discharge clean air back into your home.

Read more