Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

It Only Takes 8 Seconds for a Hacker to Open Your Garage Door


b2ap3_thumbnail_garage_hackers_400.jpgHackers have proven to be a crafty and suspicious lot, and can take advantage of even the most benign technology to infiltrate networks. However, we don’t often associate them with objects in the physical world. Now, even something as simple as a decade-old communications device can be used to open the right garage doors.

The device in question was built from a discontinued toy from 2007 called the IM ME. Manufactured by Mattel, it’s a device that was advertised as a secure wireless instant messaging system, sort of like an archaic mobile phone that allows for texting. It stores an address book of other users of the IM ME system, and allows for communications between devices so long as the device had an Internet connection. Looking at it now, you wouldn’t be surprised to hear that it’s no longer supported or even remotely useful these days, especially since smartphones are so much more dynamic and effective for communication.

Last year, it was discovered that this toy could be altered to hack into any garage door that’s equipped with an insecure fixed code transmitted from a remote, rather than one that uses a “rolling code” that’s constantly changing with every button press. The flaw was discovered and exploited by Samy Kamkar, who works as an independant developer and technology consultant. He reportedly built the device out of the IM ME, adding only an antennae and a simple open-source hardware attachment.

Kamkar explains that his device, which he dubs the OpenSesame, works in a different fashion from what are known as “code grabbers.” Ordinarily, code grabbers are devices that capture the code from the garage door button when it’s pressed, and can then reuse the code at a later time. This requires the presence of the hacker when the button is pressed. OpenSesame can accomplish this without being anywhere near the user, which makes it significantly more versatile and dangerous.

The most dangerous part of this hacking experiment is the fact that any hacker can walk up to a vulnerable garage door and have it open in around eight seconds. As reported by WIRED:

Using a straightforward cracking technique, it still would have taken Kamkar’s program 29 minutes to try every possible code. But Kamkar improved his attack by taking out wait periods between code guesses, removing redundant transmissions, and finally using a clever optimization that transmitted overlapped codes, what’s known as a De Bruijn sequence. With all those tweaks, he was able to reduce the attack time from 1,771 seconds to a mere eight seconds.

If you want to know how OpenSesame works, you can watch this video. If you’re unsure of whether or not your garage door is vulnerable to this particular issue, you can watch this video released by Kamkar:

This just goes to show how dangerous and unpredictable some of the things on the Internet of Things can be. With so many devices capable of communicating with each other through near-field and Bluetooth communications, in a worst-case scenario, it becomes a liability that can quickly spiral out of control. Concepts like these should make your business question if it’s prepared to handle the dangers that are approaching in the form of unregulated Internet of Things devices. Considering how much your business stands to lose, you shouldn’t be putting your organization at this kind of risk.

We can give your business’s network a quality assessment to ensure that it’s not vulnerable to other Internet of Things devices and emerging technologies. To learn more, give us a call at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Network Security Business Google Microsoft Internet Email Malware Workplace Tips Backup Innovation Data User Tips Computer Mobile Devices IT Services Hardware Android VoIP Disaster Recovery communications Smartphones Communication IT Support Business Continuity Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Cybersecurity Quick Tips Users Business Management Upgrade Phishing Managed IT Services Windows Outsourced IT Ransomware Data Backup Windows 10 Server Save Money Cloud Computing Data Recovery Office Passwords Windows 10 Tech Term Chrome Social Media Virtualization Saving Money Holiday Gadgets Managed Service Microsoft Office Automation Managed IT Services Artificial Intelligence Operating System Facebook Computers Cybercrime Wi-Fi IT Support Hacking Health BYOD Internet of Things Mobile Device Management Networking Information Office 365 Managed Service Provider Telephone Systems Information Technology Remote Covid-19 Spam Alert Social Engineering Mobility Recovery Employer-Employee Relationship Router BDR Bandwidth Password Money App Big Data History Encryption Applications Data Breach Mobile Computing Human Resources Law Enforcement Application Remote Monitoring Apps Office Tips Data Storage Training Patch Management VPN Government Remote Computing Private Cloud Blockchain Mobile Office Paperless Office How To Managed IT Bring Your Own Device Data Management Work/Life Balance Infrastructure Voice over Internet Protocol Wireless Vulnerability Gmail Windows 7 Google Drive Word Flexibility Settings Marketing WiFi Servers IT solutions Two-factor Authentication Avoiding Downtime Entertainment Website Budget Mouse Data Security HaaS Connectivity Remote Work Cleaning Risk Management Hacker End of Support The Internet of Things Conferencing Education Physical Security Lithium-ion battery Scam Safety Sports HIPAA Data Protection Redundancy Firewall Keyboard Vendor Management Vendor Virtual Reality Managed Services Apple Display USB Social User Error Save Time Software as a Service Telephone System Staff Employee/Employer Relationship Meetings Machine Learning RMM Update Hard Drives Computing Retail Spam Blocking Electronic Medical Records Instant Messaging Robot Computing Infrastructure Excel Google Docs Going Green Hiring/Firing Identity Theft Biometrics Virtual Desktop Digital Signage Battery DDoS Shadow IT Legal Augmented Reality SharePoint Fraud Internet Exlporer Virus Business Intelligence Procurement Net Neutrality Workplace Strategy Remote Worker Unified Threat Management Audit Worker Computer Accessories IT Management Cryptocurrency Help Desk Customer Service PDF Environment Printing Botnet Proactive IT IT Plan Fax Server Comparison Managed Services Provider Best Practice YouTube Printer Unsupported Software SaaS CES Database Black Market Bluetooth Charger Business Technology Remote Workers Content Management Access Control Network Congestion Compliance OneNote Processor eWaste Document Management Computer Care Wireless Technology Virtual Assistant Current Events Solid State Drive Authentication How to Downtime IT Consultant Telephony Hard Drive Samsung Data storage Humor Wearable Technology Automobile Value Troubleshooting Ergonomics Outlook Leadership Digital Signature Smartwatch OLED Monitor Start Menu Warranty Development Consultant PCI DSS Screen Mirroring HVAC Virtual Machine Running Cable Loyalty Google Apps Books Memory 2FA Analytics Frequently Asked Questions Fiber Optics Analysis Employee Windows 10s Devices Cabling Reputation Streaming Media Mobile Administrator Messaging Best Available Policy Cast Enterprise Content Management Hypervisor Content Tech Support Emergency Laptop WIndows 7 Dark mode Tip of the week MSP Trend Micro webinar Accountants Techology Public Cloud Thought Leadership Default App Employer Employee Relationship Credit Cards Customers Professional Services Microchip SMS Procedure Password Management Saving Time Audiobook Assessment Password Manager Science Multi-Factor Security Touchpad dark theme Windows Server 2008 Shopping Google Search AI Twitter IT Infrastructure Tools Search Engine FinTech NIST Distributed Denial of Service Politics Television Business Mangement Bing Customer Relationship Management Advertising Trending Analyitcs User PowerPoint Social Network Windows Media Player Smart Tech Addiction Investment Amazon Programming Notifications Employees Employee/Employer Relationships Public Computer Recycling ISP Transportation Managing Stress Windows 365 Regulations Wiring Practices Video Conferencing Computer Fan Cache ROI Antivirus Rootkit Amazon Web Services Relocation Windows 8 Sales Cameras Safe Mode Bitcoin Criminal Shortcuts Cryptomining IT service Video Games Benefits Point of Sale GDPR Personal Workers Hosted Computing Supply Chain Management FENG Wireless Internet Worker Commute Online Shopping Tablet Monitoring File Sharing Batteries Experience IBM Inventory Domains Scalability Smart Technology Specifications Windows 8.1 Flash Camera Digitize Wire Windows Server 2008 R2 Business Owner Evernote Travel NarrowBand Customer relationships Printer Server Software Tips IaaS Supercomputer Maintenance Emails Manufacturing Search Millennials Bloatware Email Best Practices Sync Printers IT Assessment Smart Office Wireless Charging iPhone Tablets Computer Tips Managed IT Service Security Cameras Netflix Biometric Security Two Factor Authentication Workforce Entrepreneur Virtual CIO Virtual Private Network OneDrive Peripheral Root Cause Analysis Cables Files Music Chromecast Digital Security Cameras HBO Using Data Knowledge Shortcut Nanotechnology 5G Telecommuting Cost Management Skype Project Management Copiers Quick Tip Data loss Cortana Social Networking Colocation Uninterrupted Power Supply

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code