In 2016 my colleague, Matthias Deeg, and I have looked into the security of wireless alarm systems. At this time, the ABUS Secvest alarm system did not sign and/or encryption its packets, allowing an attacker to disarm it. Some time later they introduced rolling codes to their protocol. But as Thomas Detert found found out, they were still not secure. The used algorithm for generating the next valid code is predictable, just by looking at the communication. Read more

Together with my colleague Matthias Deeg I’ve done some research on several (cheap) wireless alarm systems. We found that it is possible to disarm all systems by a simple replay attack. Such an attack can be easily carried out using a Software Defined Radio (SDR). The results of our research have been documented by “Plusminus”, a German TV show. Read more