Direct Technology Group Blog

Direct Technology Group provides professional IT Support and Network Services for Businesses around Deerfield Beach. Computer Services, Tech Support, IT Solutions and more!

It Only Takes 8 Seconds for a Hacker to Open Your Garage Door

It Only Takes 8 Seconds for a Hacker to Open Your Garage Door

Hackers have proven to be a crafty and suspicious lot, and can take advantage of even the most benign technology to infiltrate networks. However, we don’t often associate them with objects in the physical world. Now, even something as simple as a decade-old communications device can be used to open the right garage doors.

The device in question was built from a discontinued toy from 2007 called the IM ME. Manufactured by Mattel, it’s a device that was advertised as a secure wireless instant messaging system, sort of like an archaic mobile phone that allows for texting. It stores an address book of other users of the IM ME system, and allows for communications between devices so long as the device had an Internet connection. Looking at it now, you wouldn’t be surprised to hear that it’s no longer supported or even remotely useful these days, especially since smartphones are so much more dynamic and effective for communication.

Last year, it was discovered that this toy could be altered to hack into any garage door that’s equipped with an insecure fixed code transmitted from a remote, rather than one that uses a “rolling code” that’s constantly changing with every button press. The flaw was discovered and exploited by Samy Kamkar, who works as an independant developer and technology consultant. He reportedly built the device out of the IM ME, adding only an antennae and a simple open-source hardware attachment.

Kamkar explains that his device, which he dubs the OpenSesame, works in a different fashion from what are known as “code grabbers.” Ordinarily, code grabbers are devices that capture the code from the garage door button when it’s pressed, and can then reuse the code at a later time. This requires the presence of the hacker when the button is pressed. OpenSesame can accomplish this without being anywhere near the user, which makes it significantly more versatile and dangerous.

The most dangerous part of this hacking experiment is the fact that any hacker can walk up to a vulnerable garage door and have it open in around eight seconds. As reported by WIRED:

Using a straightforward cracking technique, it still would have taken Kamkar’s program 29 minutes to try every possible code. But Kamkar improved his attack by taking out wait periods between code guesses, removing redundant transmissions, and finally using a clever optimization that transmitted overlapped codes, what’s known as a De Bruijn sequence. With all those tweaks, he was able to reduce the attack time from 1,771 seconds to a mere eight seconds.

If you want to know how OpenSesame works, you can watch this video. If you’re unsure of whether or not your garage door is vulnerable to this particular issue, you can watch this video released by Kamkar:

This just goes to show how dangerous and unpredictable some of the things on the Internet of Things can be. With so many devices capable of communicating with each other through near-field and Bluetooth communications, in a worst-case scenario, it becomes a liability that can quickly spiral out of control. Concepts like these should make your business question if it’s prepared to handle the dangers that are approaching in the form of unregulated Internet of Things devices. Considering how much your business stands to lose, you shouldn’t be putting your organization at this kind of risk.

We can give your business’s network a quality assessment to ensure that it’s not vulnerable to other Internet of Things devices and emerging technologies. To learn more, give us a call at (954) 739-4700.

Some Microsoft Users are Getting Windows 10 Upgrad...
Tip of the Week: You Need to Manage Your Company’s...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 07 November 2024

Captcha Image

Blog Archive

2014
January
February
March
April
May
June
July
August
September
October
November

Mobile? Grab this Article

QR Code
Request a Consultation

Direct Technology Group strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Direct Technology Group can do for your business.

1358 W Newport Center Dr
Deerfield Beach, Florida 33442

Call us: (954) 739-4700

News & Updates
Direct Technology Group is proud to announce the launch of our new website at www.directtechnologygroup.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...