Leave a comment

Comcast's home security system has a serious flaw

Comcast's home security system has a serious flaw
Photo courtesy of Shutterstock

A home security system is a good way to keep burglars from stealing your valuables while you're away or threatening your family when you're home. In days past, there weren't that many security system vendors, but cheap technology has brought a lot more companies on board.

On the most unusual new entries to the market is Comcast. Yes, the same Comcast that provides cable Internet with questionable tactics and historically lousy customer service. If you've dealt with Comcast before, it might not surprise you to learn that its security system isn't all it's cracked up to be.

Comcast's security, which falls under the Xfinity brand, uses wireless signals to connect its sensors with a central base station. There's nothing wrong with that; plenty of security systems do it to make installing sensors easier.

However, security researchers at Rapid7 decided to see what would happen if they jammed the Wi-Fi signal so the sensors couldn't talk to the base station. It turns out the answer is: nothing.

If the base station can't communicate with the sensors, it assumes that everything is OK. So, a thief can jam the Wi-Fi, open a window, move around the house, and then leave and the system never triggers. In fact, there isn't even a note that it lost the signal at all.

To make matters worse, once the jamming stops, it can take anywhere from minutes to hours for the sensors to reconnect. That's not exactly how you want your security system to work, especially when jamming equipment is freely available online or easy to make for around $130 in parts.

When Rapid7 tried to contact Comcast about this flaw it got no response. Neither did CERT, the security research division of Carnegie-Mellon University. Only when Wired published a story about the flaw did Comcast respond.

Even then, Comcast only said that its system works the same as any other security system, and if there is a "fix" it will be a long while in coming. When you're paying $40 to $50 a month on a two-year contract for a security system, that's not exactly what you want to hear.

 

Hackers cause a power blackout for the first known time
Previous Happening Now

Hackers cause a power blackout for the first known time

This new TV is so flexible you can roll it up into a tube
Next Happening Now

This new TV is so flexible you can roll it up into a tube

View Comments ()