Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

It Only Takes 8 Seconds for a Hacker to Open Your Garage Door


b2ap3_thumbnail_garage_hackers_400.jpgHackers have proven to be a crafty and suspicious lot, and can take advantage of even the most benign technology to infiltrate networks. However, we don’t often associate them with objects in the physical world. Now, even something as simple as a decade-old communications device can be used to open the right garage doors.

The device in question was built from a discontinued toy from 2007 called the IM ME. Manufactured by Mattel, it’s a device that was advertised as a secure wireless instant messaging system, sort of like an archaic mobile phone that allows for texting. It stores an address book of other users of the IM ME system, and allows for communications between devices so long as the device had an Internet connection. Looking at it now, you wouldn’t be surprised to hear that it’s no longer supported or even remotely useful these days, especially since smartphones are so much more dynamic and effective for communication.

Last year, it was discovered that this toy could be altered to hack into any garage door that’s equipped with an insecure fixed code transmitted from a remote, rather than one that uses a “rolling code” that’s constantly changing with every button press. The flaw was discovered and exploited by Samy Kamkar, who works as an independant developer and technology consultant. He reportedly built the device out of the IM ME, adding only an antennae and a simple open-source hardware attachment.

Kamkar explains that his device, which he dubs the OpenSesame, works in a different fashion from what are known as “code grabbers.” Ordinarily, code grabbers are devices that capture the code from the garage door button when it’s pressed, and can then reuse the code at a later time. This requires the presence of the hacker when the button is pressed. OpenSesame can accomplish this without being anywhere near the user, which makes it significantly more versatile and dangerous.

The most dangerous part of this hacking experiment is the fact that any hacker can walk up to a vulnerable garage door and have it open in around eight seconds. As reported by WIRED:

Using a straightforward cracking technique, it still would have taken Kamkar’s program 29 minutes to try every possible code. But Kamkar improved his attack by taking out wait periods between code guesses, removing redundant transmissions, and finally using a clever optimization that transmitted overlapped codes, what’s known as a De Bruijn sequence. With all those tweaks, he was able to reduce the attack time from 1,771 seconds to a mere eight seconds.

If you want to know how OpenSesame works, you can watch this video. If you’re unsure of whether or not your garage door is vulnerable to this particular issue, you can watch this video released by Kamkar:

This just goes to show how dangerous and unpredictable some of the things on the Internet of Things can be. With so many devices capable of communicating with each other through near-field and Bluetooth communications, in a worst-case scenario, it becomes a liability that can quickly spiral out of control. Concepts like these should make your business question if it’s prepared to handle the dangers that are approaching in the form of unregulated Internet of Things devices. Considering how much your business stands to lose, you shouldn’t be putting your organization at this kind of risk.

We can give your business’s network a quality assessment to ensure that it’s not vulnerable to other Internet of Things devices and emerging technologies. To learn more, give us a call at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 24 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Business Google Network Security Microsoft Internet Email Malware Backup Workplace Tips Innovation Data User Tips Computer Mobile Devices IT Services Hardware Disaster Recovery Android VoIP communications Business Continuity IT Support Smartphones Communication Smartphone Miscellaneous Mobile Device Small Business Network Browser Collaboration Productivity Cybersecurity Quick Tips Business Management Users Phishing Upgrade Windows Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Office Cloud Computing Data Recovery Server Save Money Passwords Windows 10 Social Media Saving Money Holiday Chrome Gadgets Tech Term Virtualization Automation Managed IT Services Managed Service Microsoft Office Facebook Cybercrime Operating System Artificial Intelligence Computers BYOD Mobile Device Management Health Networking IT Support Hacking Internet of Things Wi-Fi Information Technology Managed Service Provider Information Remote Spam Office 365 Alert Telephone Systems Covid-19 Recovery Employer-Employee Relationship Bandwidth Router Social Engineering BDR Mobility Password Money Application Encryption Human Resources Applications Big Data Data Breach Remote Monitoring Law Enforcement App History Mobile Computing Training How To Apps VPN Data Storage Patch Management Blockchain Remote Computing Paperless Office Government Mobile Office Private Cloud Managed IT Office Tips Work/Life Balance IT solutions Entertainment Website Budget Gmail Settings Google Drive Two-factor Authentication Vulnerability Windows 7 Word Mouse Avoiding Downtime HaaS Servers Infrastructure Voice over Internet Protocol Flexibility Data Security Marketing WiFi Bring Your Own Device Wireless Data Management Cleaning Data Protection The Internet of Things Lithium-ion battery Employee/Employer Relationship USB RMM End of Support Education Physical Security Firewall Safety Conferencing Sports HIPAA Redundancy Virtual Reality Scam Apple Telephone System Staff Software as a Service Keyboard Social Machine Learning Connectivity Remote Work User Error Vendor Management Meetings Vendor Save Time Managed Services Risk Management Display Hacker DDoS Printer Computing Infrastructure Cryptocurrency Bluetooth Going Green Value SharePoint Hard Drive Spam Blocking Electronic Medical Records Comparison Battery Shadow IT CES Computing Customer Service Hiring/Firing IT Consultant Legal Environment Business Technology Internet Exlporer Content Management Fax Server Humor Access Control PDF Virtual Assistant SaaS Digital Signage Authentication Business Intelligence Proactive IT Audit Worker Network Congestion IT Management Best Practice Procurement eWaste Workplace Strategy Botnet YouTube Update Net Neutrality Black Market IT Plan Help Desk Printing Google Docs Unsupported Software Identity Theft Wearable Technology Virus Document Management Solid State Drive Wireless Technology Retail Hard Drives Charger Instant Messaging How to Downtime Unified Threat Management Managed Services Provider Computer Accessories Robot Excel Compliance Augmented Reality OneNote Database Computer Care Biometrics Current Events Data storage Fraud Telephony Remote Workers Virtual Desktop Automobile Remote Worker Samsung Processor Skype Recycling Managed IT Service Security Cameras Science Computer Tips Wiring Virtual CIO Practices OneDrive Data loss Biometric Security Leadership Troubleshooting Reputation Cache Peripheral Outlook Streaming Media Amazon Web Services Safe Mode Digital Security Cameras Distributed Denial of Service Start Menu Printer Server Tech Support Criminal Using Data Customer Relationship Management Content Techology GDPR Laptop Hosted Computing Copiers Screen Mirroring 5G Analyitcs Loyalty Online Shopping Programming Books Customers Wireless Internet Quick Tip Frequently Asked Questions File Sharing Ergonomics Mobile Windows 10s Smartwatch Audiobook Camera Touchpad Inventory Development Cast Specifications OLED Evernote Virtual Machine webinar Emergency Wire PCI DSS Antivirus Tip of the week Advertising 2FA Professional Services Fiber Optics Public Cloud Travel Employee Windows 8 Employer Employee Relationship Politics Printers Messaging IT service Millennials Cabling Assessment Notifications Wireless Charging Hypervisor Smart Office Policy Windows Server 2008 Dark mode Tools Trend Micro Tablet Virtual Private Network SMS Domains Workforce Default App Television Cables Saving Time Consultant Relocation Procedure dark theme IaaS Analytics Shopping Maintenance Google Search Public Computer Video Games Project Management Nanotechnology AI Telecommuting IT Infrastructure Bloatware Regulations Cortana Bing Transportation Worker Commute Best Available FinTech WIndows 7 Digital Signature Social Network Computer Fan Tablets Rootkit Experience Scalability Warranty Investment Entrepreneur Google Apps Employee/Employer Relationships Workers Benefits Business Owner HVAC Employees Windows 365 NarrowBand Analysis Shortcut FENG ISP IBM Search Administrator Devices Video Conferencing ROI Cost Management Flash Bitcoin Social Networking Shortcuts Smart Technology iPhone Enterprise Content Management Sales User MSP Point of Sale PowerPoint Accountants Personal Windows Media Player Cryptomining Supercomputer Microchip Thought Leadership Supply Chain Management Software Tips Credit Cards Running Cable Sync Password Manager Batteries Emails Files Password Management Monitoring Managing Stress Windows 8.1 Chromecast Digitize Multi-Factor Security Memory Search Engine Twitter Windows Server 2008 R2 Cameras Uninterrupted Power Supply Business Mangement Netflix Two Factor Authentication Colocation NIST Customer relationships Email Best Practices Smart Tech IT Assessment Root Cause Analysis Trending Manufacturing Knowledge Music Monitor Addiction HBO Amazon

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code