Skip to main content
  1. Home
  2. Smart Home
  3. News

SimpliSafe burglar alarms may not be keeping you safe at all

Lulu Chang
By

simplisafe burglar alarm screen shot 2016 02 19 at 2 17 08 pm
Image used with permission by copyright holder
A burglar alarm system has one job, and one job only — to sound an alarm when intruders venture into your property. Unfortunately, SimpliSafe has failed its singular task in rather epic proportions. According to reports, the home alarm setup is riddled with an “unfixable flaw” that renders it practically useless when it comes to actually protecting you and your valuables from an intruder who is familiar with the flaw. The security system, used in over 200,000 homes, is cheaper than many on the market, but this is a real case in point of getting what you pay for. So when it comes to safety, please don’t be cheap — or at the very least, stay away from SimpliSafe.

According to a blog post published Wednesday by IOActive researcher Andrew Zonenberg, a clever and digitally savvy thief would be able to disable a SimpliSafe alarm relatively easily, and from quite a distance away. In fact, intruders could be up to 100 feet removed from your home and still be able to deactivate your security system, creating an in for themselves. More frightening still, Zonenberg writes, “This attack is very inexpensive to implement — it requires a one-time investment of about $250 for a commodity microcontroller board, SimpliSafe keypad, and SimpliSafe base station to build the attack device.” So basically, the intruder would be able to use the security system to … disarm itself.

Recommended Videos

So is there any solution to this massive flaw? Apparently not, the security expert writes.

“Unfortunately, there is no easy workaround for the issue since the keypad happily sends unencrypted PINs out to anyone listening,” Zonenberg says. “Normally, the vendor would fix the vulnerability in a new firmware version by adding cryptography to the protocol. However, this is not an option for the affected SimpliSafe products because the microcontrollers in currently shipped hardware are one-time programmable. This means that field upgrades of existing systems are not possible; all existing keypads and base stations will need to be replaced.”

Related

Yikes.

SimpliSafe has responded to IOActive’s criticisms by noting, “While any wireless system is susceptible to this type of attack from a sufficiently savvy and motivated intruder, our systems can be backed up with a land line or an Internet connection for no additional cost.” The company also claims that the sort of attack described by the blog “represents such a small percentage of total break-ins that the FBI does not even keep a count.”

SimpliSafe continues, “This is because the majority of break-ins are a quick forced entry and not the sophisticated type of attack that requires diligent planning as well as highly illegal and cost-prohibitive equipment. Assuming an intruder has the requisite technology, he would need to know the frequency ranges he needs to jam, and also know the layout of your home beforehand, as he would have to avoid motion detectors even in the unlikely event that he bypassed a door sensor.”

So better hope your burglars aren’t so tech savvy, or replace your alarm system.

Editors' Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Simplisafe claims a faster police response and releases a new Entryway Kit
simplisafe claims a 350 percent faster police response and releases new entryway kit

Home safety now comes in a kit. Simplisafe, a company known for home security system innovation and one of our top picks for the best home security systems in 2019, announced the release of its latest product. The Entryway Kit features everything you need to create a smart home security system, including an interactive video doorbell, keypad and entry sensor. It can also be used remotely with Alexa, Google Home and App Control and still has the sleek, stylish design that is part of the company's aesthetic.

With the Entryway Kit, when an intruder enters the home, the system sets off a 95-decibel siren while alerting the 24/7 SimpliSafe monitoring center and the police. The company claims using its systems provides a 350% faster police response based on data gathered from 40 different law enforcement agencies from January 2015 to December 2016 and published in a 2018 paper called "Police Response Times to Calls for Service" by Stanford University.

Read more
Simplisafe adds to its security repertoire with much-anticipated smart home lock
simplisafe smart home security lock launch

Simplisafe has been around for over a decade, founded by a pair of Harvard Business School students with good intentions, but their bread and butter has always been basic home security, although the company added functionality for the popular Nest thermostat a few years ago.

Now it looks like the company is jumping more fully into the smart home security market with a long-rumored new smart lock to complement its current home security products, and the company claims it is offering the world’s thinnest smart home lock. It’s going to sell at retail for $100 or so and for those who are hot for it, it will go on sale first at Simplisafe's website on September 15 before becoming an exclusive product on the physical retail market at Best Buy, where pre-orders will start on October 1 and the product is expected to land on store shelves by the middle of the month.

Read more
Get a deduction on SimpliSafe prices for Tax Day, free camera on security systems
SimpliSafe review

SimpliSafe took big deductions off SimpliSafe home security systems for Tax Day, April 15. For today only, SimpliSafe will deduct 15% off the usual price with all pre-configured or build-your-own SimpliSafe security systems and add a $99 SimpliCam HD video security camera with built-in motion and sound detection for free. The sale ends at midnight tonight ET.

When we tested the third-generation SimpliSafe Home Security System, Digital Trends' reviewer praised its easy set-and-forget installation process and the base station's beautiful design. SimpliSafe's no-contract professional monitoring service costs just $15 a month, about half the cost of conventional security monitoring companies. The monitoring service isn't required for local alerts and camera monitoring, but the service adds police and fire department notification, remote alerts, and compatibility with Amazon Alexa and Google Home.

Read more