This will be an in-depth talk about the SIA-HS and Vebon SecIP alarm system protocols in use in The Netherlands. We will cover why these protocols are broken and how Dutch alarm systems can be rendered useless, creating panic at the alarm receiving centers and allow for a 'Die Hard' like scenario to be achieved.
We will go through the mistakes and assumptions about security that were made while designing the SIA-HS (HS for Highly Secure) and SecIP protocols and will also detail the current state of alarm signalling. As a bonus, details of the Dutch alarm industry's response to their mistakes being pointed out (while also getting the Dutch NCSC [National Cyber Security Centrum] to contact them) will be covered.
ABOUT WILCO BAAN HOFMAN
Reverse engineer. Hacker. Programmer -- Wilco has been working on black box reverse engineering the Windows registry and group policy objects for the Samba project and reverse engineering Windows domain membership trusts to 'offline-join' Windows computers to a domain. He has contributed code to various packages throughout a typical Linux distribution and is currently involved as treasurer of Bitlair, where he spends his time on federated security projects and projects for NIKHEF.
Uploader: Hack In The Box Security Conference