Comcast Xfinity Home Security System Service Not Secure Due to Vulnerabilities

Posted on January 05, 2016 by .

Share and Enjoy:
Follow Me on Pinterest More More

Having a trusted home security system is one thing. Connecting your home security system to the internet or relying on radio frequency transmissions is another, as it opens it up to an onslaught of potential security issues, which Comcast’s Xfinity service is found to have several security bugs.

Comcast has offered their Xfinity home security service for several years now. One of the many aspects of their home security system that sets them apart from some of their competition is that the Xfinity service connects to the internet. As we know all so well, anything connected to the internet is susceptible to having any known security flaws exploited or allow attacks due to poor security measures. As it turns out, discovered by security researchers from Rapid7, the Comcast Xfinity home security system is plagued by a series of flaws leading to possible attacks that fail to be reported.

What is happening in the case of Comcast Xfinity home security systems is that alarm systems fails to an open state. Basically, when the system is attempting to communicate from the base station to its sensors, the sensors report that they are closed even if they are opened. Such a case may falsely indicate opening a window or door, which may never cause an alarm event to take place.

The failure in communication stems from its ZigBee-based protocol used by the system, which is vulnerable to several attacks that cause interference or deauthentication of the protocol. Addition to the Zig-Bee-based protocol, the system’s software as a whole is at fault for failing to initiate the proper communication from the sensors to its base.

Through the use of the 2.4 GHz radio frequency band, the Comcast Xfinity home security system has an apparent vulnerability. Moreover, such an issue could present issues that arise for the homeowners or occupants where in the event of a break-in the system fail to alert anyone, and an intruder may be free to commit whatever crime he or she has set out to do.

Comcast has been alerted to the vulnerability but has since failed to respond to Rapid7 who first made the issue public. It should also be noted that other similar security systems may have the same security flaws.

Popularity: 3%


Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word