Wi-Fi jamming to knock out cameras suspected in nine Minnesota burglaries -- smart security systems vulnerable as tech becomes cheaper and easier to acquire
Wi-Fi jamming to knock out cameras suspected in nine Minnesota burglaries -- smart security systems vulnerable as tech becomes cheaper and easier to acquire
Police believe a string of nine robberies in Edina have used this tech.
If you have to run power to it, you might as well run some data as well. Never really the best idea to have mission critical equipment at the mercy of a congested wifi network.
Save some trouble and go with POE. A little more expense to setup, but you only have to run one wire and everything is permanently hardwired.
I'm hard pushing my family and friends to replace/install POE switches currently. Its a minor cost upgrade that will make my life so much easier
A lot of the new systems can use battery powered cameras that are motion activated - they can last for a month+ on battery because they only turn fully on when they detect motion.
You're right though - if it's mission critical don't rely on wireless.
Some of them even have solar panels as well. It's very useful if you want to DYI installation without having to run cables all over the place (data and/or power).
This Wi-Fi jamming stuff does seem like a huge issue. I was actually considering wireless down the line, but maybe a system with proper wired connections would be better.
Trash passive IR motion detection.
Electricity is already wired throughout, you just need to get to the closest plug. You have to run ethernet the whole length and it has length limitations. It's not trivial.
I mean ethernet has a range of 100 meters in one run (including with POE), which is probably going to be longer than the WiFi range assuming the WiFi access point is at the switch and it's a relatively straight run. If you need more range a small 4 port POE switch is hardly likely to break the bank if you have a property big enough to need over 100 meters of ethernet in one run.
Doorbell cameras are tricky there. They're designed for the lowest common denominator and expect you to use the existing wiring for power, but nothing else. No PoE connections for that.
My other cameras are PoE, though. Madness not to.
I use a reolink poe doorbell camera. It's a removed to replace your doorbell wire with Ethernet but it's really worth it for the zero lag and camera still working during a power outage because my server is on a UPS. plus the wires can be used for a traditional doorbell if I sell the house, I just pick a pair and power them.
Ring has a PoE doorbell. Expensive though
Just because they are popular and cheaper doesn't mean it's a good idea.
See also: Bathtub inserts, countertop veneers, cheap EIFS stucco, overlay roofing, etc.
Solar/battery cameras.
It's been echod several times in this thread already but:
Wireless and security are oil and water. They do not mix. This goes byond wifi. If your security system has wireless sensors (door, window, motion) - you aren't secure. Please do not buy smart locks.
Wireless cameras are not security - they are a convenience. A convenience for checking on the kids in the back or seeing if that package got delivered.
If it's not wired and powered it is at best a scarecrow and at worse an indicator that you have money and you feel secure.
Smart locks are fine. Your door isn't particularly secure with a regular lock. If they want in enough to bring tech, they are coming in anyway.
I don't disagree with that. If someone wants in they're coming in. 100% agreed. The trick is making your self less of an easy target and cutting down on easy ins.
My statement was pretty generic as there is a lot of nuance to locks and security. My concern lies mostly with the fact that you rarely have a suitable blending of the two technologies. Either a lock company buying a kit or an electronics company buying bulk locks. Or a company that does neither and is looking for another thing to peddle on Amazon.
Some of these locks have very poorly positioned relays. You can unlock them with a magnet. Others can be actuated using a simple emf generator. Ones with passcodes can be read with consumer grade ir sensors or determined by wear and fingerprints.
Reducing attack vectors is always preferred. But it is absolutely up to the end user where their balance between convenience and security lies.
A good deadbolt and key while average is still superior as it is only 3ish attack vectors: pick or impression, destruction of door/lock, and the trusty rock:
Most doors have poorly placed windows with standard glass in or next to them.
there was show hosted by reformed burglars. One of the things they look for was expensive things in the front yards, being in planned community with few roads going into or out of. To get past home camera they wore hats and kept looking down, and just showed up in a lawn care or pool cleaning van.
And if you look at police report and court cases, do these camera make catching thieves more likely? No they don't
I don't love somewhere where people dress up as Scooby Doo villains to break into houses, I live in a place where people go house to house at 1 am and try door handles on cars and garages. A motion light and a camera does more to stop those people than anything else.
If someone wants to stage an organized heist, then yea, my camera isn't doing shit, but neither are my door locks, or a bolted down safe. At that point it is just an insurance game.
Was it It Takes A Thief? I remember that show; it was actually pretty interesting
if they have a wifi jammer they have spray paint
Low tech solution sure - you need to walk up to the camera and would need the location of any cameras that would potentially catch you as you scooter around tagging the cameras. Advantage is you are 100 sure the cam can't see you.
Deauth attacks work very well and don't require you to nuke all of the wireless space.
There's a variety of different attacks. Admittedly destroying the camera is more or less a sure thing hah.
That is a true statement. You can't have both securtiy and wireless (convenience).
Every wirelessly transmitted signal, whether it is your network signal or bluetooth, can be intercepted from afar. It is even possible to encrypt the accoustic signal emitted from a needle printer and determine what has been printed because every letter/word emits a specific sound pattern. Sound travels wirelessly. This link from 2009 refers to that. Unfortenately it is written in German and I didn't find anything in English, but you could translate it.
Edit: typos
Sorry for being that guy but if possible you should always refrain from using Wifi for applications in production, safety and security. Too many known and unknown vectors to its reliability.
But yea, I get it. Most people don't know the details and on the overall market most affordable devices and services for security systems are some semi-"smart" products which are simple to set up. The extra work and cost that come with professional equipment aren't really appreciated, eapecially by those who don't know any better.
This is exactly why the old fashioned Analog installations cost more to begin with: They're very secure and more difficult to disable.
Of course, the number 1 method to avoid robbery is to simply make yourself an unappealing target: no FB/Instagram stories, door that looks more solid than it is, padlocks, signage warning of dogs/firearms (even if you don't have either). Keep your equipment, cars, or boats inside or covered. Etc. Even just a floodlight that detects motion at night and makes a beep beep sound can scare off most kids and crackheads. If you live in an apartment, put some broken furniture on your patio and people will think you're poor.
It seems like Wifi Cams and the little signs/stickers they come with are exactly the opposite: "I HAVE SOMETHING TO HIDE THAT YOU WANT BUT HAVEN'T SECURED IT PROPERLY."
You're right that you should try to make yourself a less appealing target for thrives, but some of your methods don't really hold up to scrutiny. Beeping motion sensor lights and secure locks and doors are great ideas. They will absolutely deter casual thrives and addicts.
Advertising that you have guns is just advertising that you have something to steal that is valuable, easy to sell, and easy to carry.
Warning signs for dogs aren't much better. If you don't have a dog, that will usually become obvious to anyone close enough to read the sign. If you do have a dog, then the sign is just an invitation to have them murdered the next time you have to interact with police at home. It will also expose you to liability should any trespasser be injured by that dog. Yeah, even the person robbing you, but also children, other pets, and well meaning innocent people just doing their jobs (and not breaking the law by entering your property without permission) like meter readers, mailmen, land surveyors, emergency response, etc. When I see a dog warning sign, to me it just says that a dumb asshole abusing a dog lives here.
Broken furniture sounds clever, but that just says trashy, not poor. Actual poor people take better care of their shit. HOAs would also limit the places you could actually do this without fines in the suburbs. Broken outdoor furniture is as common as weeds in more rural areas.
WiFi Cams just mean that you can afford Internet. EVERYBODY has WiFi cameras. They are ridiculously cheap to buy and easy to install. Cameras (WiFi or not) aren't a great deterent anyway.
I think the most primary thing of all is that, most people don't have the means to run Ethernet cables to places that typical cameras are installed (doorbells and garage floodlights)
It's a catch 22 though. Ok one hand, every single person in my neighborhood has multiple cameras on their property now and even when I lived in an apartment complex, everyone had a camera at their doorbell, but they all are usually ring or some other subscription based, phone home type.
Do WiFi cameras present a new attack vector, yea for sure. Is having a WiFi camera that could be disabled better than not having a camera at all (what was the reality 5 years ago), hard to say.
Networked cameras used for security should have local storage to buffer when the network isn't available, regardless of if you're using wired or wireless.
It drives me up a fucking wall that WiFi is the de-facto local device communication protocol. There are so many reasons not to use it.
Most home automation stuff seems to use Zigbee. Doesn't have a lot of bandwidth though, so not useful for video.
And frankly, even if you have a video, the police around here won't do shit with it unless someone has been killed.
That's because you aren't one of the owner class. The legally supported armed thugs don't protect the citizenry. They protect the owners private and personal property. Your personal property isn't worth protecting in their eyes.
I personally have many zigbee devices that I operate happily, but most entry devices by big names (e.g. Google, Amazon, Wyze) and smart-home appliances (think garage door openers, light/fan fixtures, laundry machines, ect.) end up being WiFi. Even if you're a self-sufficient homelabber who buys all zigbee and self-hosted devices, it's hard not to end up with a bunch of WiFi devices anyway.
And if you have a spouse who is less knowledgeable, it can be really hard to explain or justify the higher expense for something like a security camera, or dissuade them from buying a smart fan they really like because it uses an external WiFi connection for its smart features.
Zwave is great too, but still no video. Wired is the answer.
Wifi jamming is an easy thing to do, as the whole 2.4GHz band works on the assumption that everyone is nice to each other. One non-cooperative device, and everything in that band goes down: Wifi, BT, Garage door openers, Car key fobs...
Vehicle fobs are usually not in the 2.4Ghz range, they're usually in the 300-500mhz range.
But yes, there's a lot of assumptions and usually it's right, but it can be wrong also.
Also, fun fact, microwave ovens use very high power 2.45Ghz. so they can do this by simply rigging a microwave to turn on when the door is open, then pointing it at your house at a safe distance, like across the street.
Most companies that make outdoor stuff generally avoid 5Ghz because it's a regulatory nightmare. Some countries allow it, others only allow certain frequencies, others only allow certain frequencies up to a certain power level, others basically don't allow it at all. So all your fancy door bell/cameras/whatever that you connect outside your home are all going to be limited to 2.4 GHz with is basically universally available internationally (it's an ISM band, while the wifi 5ghz is a UNII band).... So yeah, good luck everybody!
Also wired cameras and such exist, they're a pain to install, but they work well, and the market for other outdoor network connected things is extremely limited.... Things like doorbells.
I hate putting static objects on wifi, even something like my TV, I want it wired simply because it never moves and there's no reason to use it wirelessly. I can run a wire to it once and even if I upgrade the TV, the wire still works. To explain this a little more, I'm an IT administrator and I have a specialty in wireless networking. As tersely as I can: more stuff on the WiFi makes it slow, so if something can be wired, it should be wired. Obviously there are things that are not well suited to it, like cellphones and laptops, but pretty much everything else should be wired. TVs, set top boxes, desktop computers... Basically anything that can be wired, that doesn't regularly move around.... Wired. This extends to cameras, doorbells, gdo's....
This frees up wireless bandwidth for devices that are obligated to use it, like your phone and tablet.
I've seen a lot of network issues resolved by simply plugging in everything that's practical to plug in, even if the device having the issue wasn't one of the things plugged in.
Internet-of-Thieves devices.
Use POE Ethernet. Problem solved.
Any recommendations for PoE cameras?
Check out Reolink, they have a lot of package systems and lots of deals. Watch some videos on the installation process.
I've been happy with Hikvision recording to my Qnap NAS. I've heard some bad ethical things about their company, but the cam works well.
I've set family up with a lorex system, setup was pretty straightforward and it works well. No monthly subscription fees rock.
Quick question: What advantages do PoE cameras have over offline CCTV cameras?
They’re essentially the same, but you only need to run one wire to them instead of two. The PoE means you don’t need to worry about getting power to the camera, which historically has been one of the more expensive parts of installation; It usually means tying into existing electrical boxes if they’re nearby, or pulling new lines if they’re not. But with PoE, everything is on that one cable.
There’s also the advantage that a networked system can be controlled remotely. Things like pan/tilt/focus/etc can be remotely controlled via Ethernet. So if you have configuration options with the camera, you don’t need to physically access it with a ladder just to make those adjustments.
As for the actual video, it’s not much different; Everything lands at a centralized hub, which then records the video or streams it to a remote server, which then records it. There are advantages and disadvantages to either, and it’s typically advised to do both. Because with a local server, once a thief gets physical access to it, they can do whatever they want with it. You were relying on that video footage, but now it’s useless because the thief took all of your hard drives. With a remote system, the big disadvantage is that it’s reliant on your internet connection. So all a potential thief has to do is cut the line going into your house.
For a truly “secure” system, the general consensus is two local servers and a remote server. Have one local server accessible, in something obvious like a server rack. Then have another redundant server somewhere else, which is more hidden and more difficult to access. And put power backups on those local servers, so they can’t simply cut the power at your breaker panel. The hope is that even if they cut your internet and/or power, and destroy the first local server, you still have the second local server. This is notably easier to do with a PoE system, due to the aforementioned lack of power runs to the cameras. Just put your network on the power backup, and the cameras will continue to function even after the power is cut. But that’s hella expensive, and would typically be reserved for enthusiasts, paranoid apocalypse preppers, and/or rich people.
Easier and cheaper to install and maintain.
Only needs a single cable that can come from any PoE switch.
CCTV is just out-dated.
Digital. Can use regular computer as recorder.
Idk if it's worth trusting articles from this site after the fake ddos toothbrush article.
Nonetheless, I can't imagine crime not getting more sophisticated as time moves on.
POE cameras are the way.
I never understood wifi cameras, because yes of course it's super easy to jam them. You need a power cable there anyway, is a data cable then really such a hassle?
Yes. With WiFi cameras you don't need to run any cable, just plug in to the nearest power outlet. That's very appealing to people.
I have a wifi camera. It saves locally to sd card. When it's jammed, it won't be accessible, but it'll still record motion, so recording will be accessible as long as camera itself isn't stolen.
I think a lot of them, like the Google doorbell camera use rechargeable batteries. So you don't even need the power cable. Just take it off of the mount every few weeks to charge it back up.
Then throw it in the trash in 2-3 years once the battery sufficiently degrades and buy a whole new one of course.
More like throw it in the trash when gooogle decides it's obsolete and bricks it for "security concerns"
Painful how true that is. It's awful.
At least some doorbell cameras power themselves off the doorbell power supply, so it's not all devices with battery. Still more than should exist though.
Lol, there's even 2 solutions that do both. Power over Ethernet and power line networking, so you only have to drag 1 wire across the house/attic
You can get POE(power over ethernet) cameras that dont require a separate power source. Closed circuit cameras are the only way to go.
My cameras are wireless. Some I recharge every 3-4 months, the others are powered by solar.
My video doorbell takes power from the existing doorbell wiring, but there’s no reasonable way to use that for data, so it’s WiFi (I really should see if I can pull Ethernet through but then I need to pay for a new camera)
Other models are battery powered and supposedly last as long as half a year.
I’ve seen WiFi cameras you can hang anywhere: battery powered and kept charged with a small solar panel
I just power all of my cameras with POE
I've been saying this since the Nest and other similar bullshit came out. In the electronic security industry, we've been installing hardwired PoE cams for over a decade and a half. High resolution, high bandwidth, no batteries or separate power adapters, centrally managed LOCAL video storage. And not vulnerable to RF jamming/hacking. Stop buying the shitty Harry Homeowner equipment.
In the 80s and 90s stores used to put up signs that read "monitored by CLOSED CIRCUIT television" because even back then they didn't trust wireless and they made sure you knew it wasn't.
The picture shows a bullet cam, and PoE is readily available.
Wired network doorbell cameras are much harder to find, and they are double the cost
And that’s why hardlining is still by far the best option available.
- Hardlined cameras need to be physically accessed and the cables snipped in order to disrupt them, and most cameras offering hardlining now feed Ethernet through their bases, providing additional protection.
- Most sub-20 camera systems can run for up to an hour or two on a 500VA UPS, and up to a week or more with PowerWall backups, defeating intentional power outages.
- A fully airgapped system can defeat any sort of direct Internet intrusion.
- Shielded Ethernet can help protect from crosstalk attacks provided they are correctly grounded with the appropriate switches.
- Hardware auth between cameras and the DVR can help defend against direct attacks via an unplugged cable or an open wall jack, in that only approved hardware can make the needed connections with either end.
- Encrypted communications between cameras and DVR can enhance the security of data across the wire.
- A brace of identical dummy cameras - similarly powered, if they have external indicators - alongside real ones will waste the time and effort of attackers who conduct physical attacks, while keeping recording-infrastructure needs to a minimum.
- Bonus if identical but “dark” Ethernet is similarly spoofed throughout the building, as not only will it confuse physical attackers, but it’ll also be already in-place for future communications-infrastructure improvements.
- DVR needs to be in a secured location, ideally fireproof. In combination with № 7 and № 8, a dummy DVR (with live screens showing actual content) can exist elsewhere to distract any physical attackers.
Sure, this list isn’t 100% coverage, but it gets you nearly there with a minimum of effort.
You have some interesting ideas about what a minimum of effort looks like
minimum of effort
yeah, nah, they can just have my stuff.
Right, and always remember they’ll go for the easy win first. First choice is likely walk in an unlocked door, then kick in one not visible from the street, or if you really want in, break a window.
The thing is, even if you get a good shot of the person doing it, it probably can’t help find the person, only prove that it was them, if you find a suspect.
A better use is to get that early warning of what is happening as soon as it happens, and get a response going, but what’s the response time from your local police department? A smash and grab gets them on their way with your valuables, with very little chance of police getting there on time
That’s when we’re back to physical security and it may not be what you think. Can you reinforce your lock plate and door jamb to make it difficult, noisy, and time consuming to kick in a door? Are there windows they can easily get in and what can you do about that? Are there hidden places where they can break in without being seen? If a light suddenly comes on or alarm goes off, will they leave in case someone looks?
Isn't this easily detectable?
The camera sends a ping every 30sec to the host. Missing ping: sound silent alarm with possible tampering. Missing 4 pings, let all hell break loose alarm sound.
That is how my sensors work. They work on 433/868mhz, this is open band and easy to flood. If the hub misses a ping from a sensor, the tamper protection alarm goes of.
I feel like that would cause false positives
Then again, not that many people mess with their router
If I got an alarm every time a 433 sensor didn't check in for 10 minutes, I'd never get any sleep!
fucking wasps cause 100x more false alarms than network issues for me. I need a neural net or something that can differentiate between a wasp and a human.
I mean if you really care about security you're not using wifi... you're going hard wired. Wifi can be messed up by your neighbors unintentionally and then there goes your tampering alarm. Tampering alarms are good when the system isn't fragile.
No security installer is going to suggest wifi if someone's genuinely concerned about security.
as tech becomes cheaper and easier to acquire
I didn't know an improperly sealed microwave oven was such a difficult thing to get ones hands on.
I think they're talking about it from the other end: more cheap tech like wifi security cameras means more people are vulnerable to "an improperly sealed microwave"
No. They're talking about the jammers getting cheap and easy to get. Cheap wifi security cameras have been a thing for over a decade now. Then got stupid dirt cheap in 2017 when wyze started selling one for $20.
2.4GHz wifi is vulnerable to even lower power attacks: Just spamming de-auth packets is enough to render a network useless.
My work has those. Very versatile. Works with door open AND closed!
no one likes roasted nuts
More of a boil situation. Nothing's getting golden brown and delicious in this scenario.
They're not, but a little cumbersome to carry around and find power on a heist.
There are loads of little pocket sized battery powered jammers available now.
This is the reason that all of mine are hardwired (literally) through the roof. Obviously more timeconsuming to do but the signal is way more responsive than wifi (esp. when my wifi bandwidth drops due to giant periodic cloud backups or multi-gigabyte PS5 update file downloads) and I wanted to make sure that all of the video is shunted to cloud and local secure storage in whatever seconds it might take for an attacker to physically disable the camera. Dozen cables down and into my router and switch in the mancave but it is what it is.
On top of that, having a bunch of cameras on wifi is a good way to flood the spectrum and make it useless for normal wireless devices. Rule of thumb for network devices: Unless it is really used as mobile, wire it.
Can't you do both so that a physical cut don't stop the cam?
Running wires is expensive. That's why most people opt for wireless, and on top of that, the convenience systems like Ring offer with their app, no NVR/DVR, none of the typical security system hardware cluttering things up.
Running ethernet is pretty cheap
The cost of the cable maybe, not the cost of all the ancillary work.
Most people have or want cameras in places where it won't be particularly easy to run wires, like door frames for door bells, and outside walls with insulation and various utilities in the way.
Other people live where they can't do it at all (an apartment)
I think he meant relative cost (including time)
You could just add a small nonvolatile buffer to each camera if it’s not wired, such that if it loses connection with your home assistant server it will start recording. With 720p video and a 64gb flash storage you could, depending on encoding, store well over a day of footage. (Napkin math so could be wrong)
Many cameras only save recordings based off of motion triggers, so 64 gb goes a long way if most of the time there's no movement.
720p is not a bitrate
Sounds like a good way to get the feds interested in your otherwise not very notable property crime.
The simple solution here is to record to flash when wifi dies. Yes wired stuff is nice but half of these are consumer installed.
certainly record to flash, but you need to have notifications when the camera can’t be contacted/when storage would be theoretically getting full
that does open you up a little though: recording on device means the attacker can just destroy/steal the camera which is pretty easy because they, by definition pretty much, are in a place that’s trivial for an attacker to access
I really like those "Protected by Xfinity/AT&T" signs in the windows.
Tells me what wire to cut.
/s
Maybe, but if there’s no specific reason to choose your house, some may decide it’s less risk to break into your neighbor’s who don’t have that sign
Putting up a sign or window decal is the cheapest option, and supposedly does work some of the time
And if there really is an alarm monitored by one off those companies, they are supposed to see and respond. You’ve just wasted a little time giving them early notice and you’re no closer to your payoff. Better hurry
Another reason to buy PoE cameras.
As a gamer, I can only wonder what Path of Exile has to do with this. What does PoE stand for here?
Power-over-Ethernet
*Starts microwave open*
Someone said jamming?
Does anyone have another link? The site isn't loading for me
Probably burglars jamming your wifi
deleted by creator
Looks like my expensive ass setup was worth it after all now doesn't it?
Thank fuck jammers like that are #HIGHLY# illegal here. Punishable up to 1M in fines.
That’s great. Around here they just make the burglaries illegal.
I mean so are the robberies but that doesn’t seem to be stopping them either.
So this is for wifi enable devices, can they still do those on wired ones?
Not with radio jamming, but with an EMP you can disable wired devices too .
A couple of well trained dogs are better than cameras if you're serious about security.
They serve different purposes.
Dogs are a deterrent. Cameras are (in most residential use cases) for catching someone after the fact.
Dog treats. Works every time
GEESE
Yeah, just have those asshole dogs wake the neighbours baby whenever they see a cat/possum/cloud.
Most dogs don't bark that much, but some certainly do.
This goes without saying but obviously the most secure will be analog. Unfortunately that is neither accessible or worth the time and trouble for the average consumer.
You know digital can be wired right? And analog doesnt mean secure, you can listen in and disable analog signals just as easy as digital ones.
These people are just using signal jammers you can buy on AliExpress. They can jam analog and digital it's just about what frequencies it blocks. However using them in North America is illegal.
The Flipper has become prolific in the crime world, apparently.
Police need to have the tools to detect and locate the deployment of wireless jammers. People need more visibility over the electromagnetic spectrum. It's a pretty big tell when they begin to use them.
Most likely 2.5g WiFi deauth. 5g fixes it and the companies just put 2.5g chips that are affected by this. Not that hard to use 5g chips.
Edit: Jamming Jamming is different. At that point use Ethernet
5ghz doesn't fix deliberate jamming. There's just more channels available for a device to use. Find the channel the AP is on and start blasting away at that frequency and you're golden. Bonus since 5ghz has a shorter range than 2.4 so with a sufficient antenna and power (because fuck legality if you're already stealing shit).
