Comcast's Xfinity Home Security Flaw Leaves Doors Open

itwbennett writes: Researchers at Rapid7 have disclosed vulnerabilities in Comcast's Xfinity Home Security offerings that prevent the system from alerting homeowners to unsecured doors or windows and would also fail to sense an intruder's motion in the home. The root cause of the problem can be found in the ZigBee-based protocol used by Comcast's system to operate over the 2.4 GHz frequency band. Rapid7's Phil Bosco discovered that the Xfinity Home Security system does not fail closed with an assumption of an attack if radio communications are disrupted. Instead, the system fails open, reporting that all sensors are intact, doors are closed, and no motion is detected.

Re:You get what you deserve for using comcast.

[silas_moeckel]

It depends on how long of a loss of signal, a few ms sure a few seconds sure, get to 30 seconds and well you have a problem. And thats assuming that it's a missed poll. Polling a battery powered devices is a battery trade off. Mind you the zigbee wireless is a hell of a lot more secure than what ADT is putting in for wireless. Think remotes that can disarm the system without even rolling key aka 1980's garage door opener.