Bad news: Popular home security system can be disarmed remotely

Keeping your family safe is the most important thing you can do. There are several options available to help, with the smartest being a home security system. Some systems have Wi-Fi-enabled cameras so that you can see what is going on, even when you’re not home. Tap or click here to see how to install cameras that upload right to the cloud.

But a security system is of no use if strangers can remotely turn it off. Unfortunately, that is what’s happening with a popular home security system.

Security researchers recently found a flaw in its Wi-Fi-connected cameras and managed to disable them without much effort. Keep reading for details on how this happened and a better home security solution.

Here’s the backstory

Rapid7 researcher Arvind Vishwakarma found several critical security flaws in the Fortress S03 Wi-Fi Home Security System, which could have devastating consequences for customers.

He found that the system could be controlled or modified through unauthorized access. With a little know-how, attackers would also be able to view unencrypted information stored in the system.

The S03 Wi-Fi Home Security System is described as a DIY option, where its primarily used to track movement inside a house and monitor the opening of windows and doors. It uses WiFi and radio frequency (RF) communications to set up and operate.

Vishwakarma found that anybody within the RF signal range could “capture and replay RF signals to alter the system’s behavior.” Access to the system is granted through an unsecured cloud API deployment setup.

To disarm the security system, a key fob or remote button is used. When an attacker captures the RF signal from the key fob or remote, they can replay that signal later to control the system. This is possible with cameras and sensors where the encryption or rotating key protection hasn’t been set up properly.

What you can do about it

Rapid7 tried for three months to get a response from Fortress. This period is what researchers and analysts call responsible disclosure before alerting the public and making their findings known.

Because Fortress hasn’t responded, the company felt obligated to release the report. As of the time of writing, the flaw is still active in the S03 WiFi Home Security System, and Fortress hasn’t acknowledged when it will be patched.

Continue reading

Are you a caretaker facing false accusations? Security cameras can prove your innocence

Taking care of unwell family members can be grueling on its own. You have to take care of someone else’s food, medical appointments, restroom usage and more. This applies to any caretaker, whether you’re looking after young kids, animals or even older adults. 

Continue reading

Security tip: How to choose and install cameras that upload right to the cloud

Picture this: You’re sleeping soundly in your bed one night. Suddenly, shattering glass jerks you awake. If a burglar’s combing through your home and snatching up your valuables, your mind’s probably racing 100 miles per hour.

Continue reading