Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
HKC VS Siemens App Discussion Stickey Temp
Options
Comments
-
-
We have been through all this and over and over. We have discussed what free does & we have discussed whats paid does. They both, like every system that every existed have their flaws.
Your paid for systems will fail in the event of a jammer being used & then the power being cut.
As i write this post, there is the following power cuts in the country:
Bangor Erris, Co Mayo affecting 26 Electricity Customers.
Ballymote, Co Sligo affecting 70 Electricity Customers.
Cullion, Co Donegal affecting 182 Electricity Customers.
Moville, Co Donegal affecting 185 Electricity Customers.
Oldcastle, Co Meath affecting 94 Electricity Customers.
Ballinderry, Co Leitrim affecting 32 Electricity Customers.
Abbeyland, Co Meath affecting 351 Electricity Customers.
Macetown, Co Meath affecting 81 Electricity Customers.
Sallins, Co Kildare affecting 54 Electricity Customers.
Morristown, Co Kildare, affecting 44 Electricity Customers.
Kilmagig, Co Wicklow affecting 178 Electricity Customers.
Crane, Co Wexford affecting 157 Electricity Customers.
Bagenalstown, Co Carlow affecting 126 Electricity Customers.
Ballyhale, Co Kilkenny affecting 116 Electricity Customers.
Castlecomer, Co Laois affecting 51 Electricity Customer.
Kilmacthomas, Co Waterford affecting 84 Electricity Customers.
Midleton, Co Cork affecting 31 Electricity Customers.
Ballyrickard, Co Kerry affecting 231 Electricity Customers.
Rineanna, Co Clare affecting 31 Electricity Customers.
Cahir, Co Tipperary affecting 96 Electricity Customers.
Cashel, Co Tipperary affecting 69 Electricity Customers.
Salthill, Co Galway affecting 188 Electricity Customers.
All the above is publicly available on the ESB PowerCheck App.
So as I write this now, there are 2,573 Electricity Customers without power, this is on a summers day today 20th June 2018. Not during some severe weather conditions.
Now you mentioned a Jammer.
I wonder are there 2,573 jammers in use right now.
I seriously doubt that.
I reckon in all probability there are none.
So if those 2, 573 premises took your advice and went for the Free option, all of their systems are now incapable of transmitting alarm signals, comms issues, power issues you name it, but no matter what.....zilch, nothing.
That to my mind is not what security is about.
Now while i look at that figure i seriously have to wonder if this issue will have to be tackled head on by those who regulate our industry, I think it is a disgrace that security system installers, recommend, specify and install systems that are incapable of transmission after a power cut.
It is a serious flaw in standards and it need to be addressed.
We all as consumers need to know that everything we purchase can stand up to challenges, an electrical fault on an intruder alarm system is not a huge issue as the system will keep functioning.
The ones I recommend will keep communicating in the event of a power cut.
Yours won't.
Hopefully some regulation will be introduced to sort this out as it just is not right.Yes free stops after a power cut,but you will still get that notification very quickly. Something quick is better than nothing slow.
Anyway. we know, everyone knows,everyone knows the massive differences between 5 minutes polling & 5 hours.
Everyone knows they can have their free & they can add GSM/back up if they want to. They can even add it and still have the benefits of 5 minute polling compared to 5 hours.
Everyone knows it & they make their own choices. Thats it
Thats what I mean about offering people choices and options.
Wow it took all of that to get you to say that Free cannot transmit anything in the event of a power cut.
Now once again its that polling peach you are on about.
I wonder how many of those 2,573 people without electricity right now give a care about polling.
What is going over your head completely here is the vulnerability of your Free recommendation.
Again if any of those people have your Free option and God forbid they are in trouble right now and press a Panic Button, well there will be no response to that as the Free cannot work without electricity.
With respect, people only know what professionals tell them, it a case of everyone to their own.
I tell mine the implications of Free, they all get it.But you are not interested in that. You are more concerned for some reason at constantly attacking me & what I do. along with anyone else who dares to disagree with you or sell a different product to you. Well that's life & that the free market we do business by. Ooops that free as well. Apologies for offending you with the free word.
Anyway . I'm stepping out of this thread unless there are some new developments in the features already discussed.
Fire away with the attacks on me and others & you can have the last word again., its getting tiresome but its really showing up your true agendas.
For gods sake let people debate the issues and the differences between systems & calm down & give everything else a rest.
No I am not attacking what you do, all I am doing here is discussing this topic of Free versus Payed for.
This is not a case of ' the best things in life are free ', they are not really singing about security systems there.
Oh I like Free, scenery, views, love all that kind of stuff.
But then when it comes to commodities, service and all that kind of stuff, then the old saying ' you pay for what you get' comes to the fore.
Actually you have me confused now, you are claiming I am attacking you and what you do and then at the end of your post you are saying let people debate the issues and the differences between the systems.
But that is exactly what I am doing
As for your ' calm down ', I am very calm.
I don't need to stress if one of those 2,573 Electricity Customers have to press a Panic Button, or if their Fire Alarm goes off or if their Intruder Alarm goes off.
Because I know my option will work.
Its getting like Today FM here, with The Last Word
0 -
-
-
-
Advertisement
-
-
-
So what?! I can't have an opinion. I can't read docs and see the very clear vulnerabilities that exist?
I can't bring my experience of developing software and penetration testing it for some of the most security sensitive organisations in the world to the table?
Well because you installed your own ahem....Yale alarm system, that does not comply with standards, sur by all means, lets chat, you never know before this post is over you might learn something new.
God loves a trier they say.
But with you developing software and penetration testing it for some of the most security sensitive organisations in the world, I am surprised you have the time to be so interested in this matter.
They say every man to his own, anyway on we go.I am, and tick a few boxes and dogmatically following an outdated En spec doesn't sound like a good recipe to me.
As you know a wireless system can only meet grade 2. Grade 3 and 4 are wired only. However the requirements for a grade 2 system are actually very weak and out of date.
An outdated En spec, is that why you installed a Yale DIY alarm system, was it because it did not comply with that?
So you have zero experience of working day to day to comply with that standard but you feel qualified just because you did some work for some super duper international organisations ?
I am sure the lads in the NSAI, EQA, MSC and such bodies would love to hear from you :rolleyes:
Because as you appear to be demonstrating on your post, that you know it inside out :rolleyes:A system that uses 433MHz sensors, one way, with no rolling code, frequency jumping or encryption on the link will pass as a grade 2 system.
433MHz, woops a daisys.
Boo boo there.
Now what was that you were saying about the En standard?
Was it 50131?
Because if it was, well you had better go and study it again.
What actually I find funny here is KoolKid thanked your post.Fortunately not all companies stick doggedly to a spec like you and go beyond the basics required by those specs.
How would you know that? How could you assume to make such a comment?
I have to watch out for you computer guys hacking my emailsHKC in fairness to them, use 868Mhz and two way.
Do you know why they do that ?:rolleyes:Yale go a step further, adding rolling code to their 868MHz two way comms, which helps against replay attacks.
DSC/Visionic add frequency jumping to their 868Mhz which helps with jamming.
The latest Z-wave spec adds 128bit AES encryption which blocks man in the middle attacks.
Great, Yale and HKC are now first cousins so will I pass on your expert opinion to the engineers there ?
DSC/ Visionic, there are not too many installers in this country that would not touch either with a barge pole.
As for the latest Z - wave spec adding 128bit AES encryption, well lets wait until we are up against Jason Borne, James Bond or Mc Gyver.
Or just wire the thing, as you have mentioned in your expert knowledge sur wireless only goes as high as grade 2
I'm aware that only grade 4 requires 3 minute or less polling. But given it is so cheap and easy today, there is no reason why it shouldn't be avialable on consumer level kit and it is from many companies.
Consumer level kits, like your Yale one that does not comply to anything :rolleyes:HKC needs to upgrade to meet consumer expectations or fall behind and become irrelevant like other alarm companies.
They are always upgrading, they now have deeper pockets so I am sure they will be very proactive.
They have moved on a bit since those 8/12 panels, like the one you replaced with your Yale oneYawn, you mean long range radio monitoring. I know.
Of course you do, you are an expertThat is all expensive commercial level systems..
That is another assumption, I have domestic systems with the same level of security as a commercial system.
Now where did this term ' level ' come from?What we are saying is that there is no reason why consumer level systems can't have the same level of protection. All the new smart alarm systems in the US have this level of protection.
Are you sure you read those EN50131 standards?
It is immaterial whether the system is commercial or domestic.HKC better get their finger out and offer the same or fall behind the market.
Again I will let them know you said thatLong range radio can be jammed too if that is what you are on about. That is why fast polling, which as you will know is required at grade 4, is needed.
Ya, ok, of course, just in my almost 30 years in this business I have yet to come across such an occurance, but you know best.
Let you carry on there with your grade 4 and sur for the crack grade 5 while you are at.
While I will just go on with the practicalities and realities of Grade 2.As you and I both know, Garda response requires two sensors to be activated. And as we both know even then they are slow to respond, it gets low priority.
As we both know, what a computer guy has hacked my brain
That is quite an arrogant statement for you to assume what it is I know.
I Know very well what is required for a Garda response and i certainly do not need someone who has fitted his first and only Yale DIY Alarm system to explain the in and outs of my own profession.
As for Garda response times, again yet another assumption.Their don't mention any rolling code protection or encryption like other companies specify.
This means they are vulnerable to a range of attacks. The most common would be a replay attack between the RF feyfob or wireless panel, similar to what is very commonly used to attack car alarm systems.
The other would be a more sophisticated man in the middle attack.
So as far as you are concerned and again with your vast experience, you think that you can do that with a HKC system?
Just so you know, it was tried and well HKC won.
But I cannot say likewise for another manufacturers system.And you will get an even faster response if you personally call the Gardai and tell them you can see a burglar on your cloud IP cameras, so shrug..
Shrug away all you like, I have a day to day working relationship with the Gardai.
How you assume to know so much is incredible.
Reality is another thing though.0 -
-
-
Advertisement
-
-
Moderators, Motoring & Transport Moderators, Technology & Internet Moderators Posts: 22,486 Mod ✭✭✭✭
Join Date:Posts: 22082
Well because you installed your own ahem....Yale alarm system, that does not comply with standards, sur by all means, lets chat, you never know before this post is over you might learn something new.
God loves a trier they say.
It doesn't comply because it is a DIY system. EN 50131-1 requires a professional install, therefore a DIY system can't be EN 50131-1. However that is a silly circular argument.
My new Yale system covers most (but not all) of my own requirements and I'm really liking what I'm seeing at the moment. Hopefully HKC can gain from them and vice versa.But with you developing software and penetration testing it for some of the most security sensitive organisations in the world, I am surprised you have the time to be so interested in this matter.
An outdated En spec, is that why you installed a Yale DIY alarm system, was it because it did not comply with that?
So you have zero experience of working day to day to comply with that standard but you feel qualified just because you did some work for some super duper international organisations ?
You go to any security conference and you will meet lots of folks who aren't "installers" but would have vast knowledge on how to penetrate a security system and find faults in it. People with electrical engineering experience, wireless system design, networking code design, pen testers, computer scientists, engineers, etc. These are the folks who figure out how the weaknesses in a system.
An installer of course has fantastic day to day experience of installing a system. That is unquestionable. But that doesn't mean they know all about the ins and outs of wireless systems, networking, secure cloud services, encryption, etc.
It takes an awful lot of different, highly skilled professionals from different fields, working together, to build a truly secure system of any kind.
Take a look at this article for examples of the type of penetration testing they do on even EN 50131-1 Grade 2 certified systems:
https://www.pentestpartners.com/security-blog/hacking-wireless-house-alarms/I am sure the lads in the NSAI, EQA, MSC and such bodies would love to hear from you :rolleyes:
I'm sure these folks know the issues with their standards and are actually rolling their eyes at you!
Reading the standard, I can see that it is actually very well written and thought out. These folks know about security.
They understand that security is a trade off between security, cost and convenience and you have to try and balance those.
They also understand that security is an ongoing and changing landscape. That it is a constant battle between the "defenders" come up with new security techniques and the "attackers" looking for ways around those.
At best a 12 year old spec gives you a decent basis. But you shouldn't get caught up in it in being the be all and end all. An awful lot has changed in the electronics industry in the last 12 years.
Things which would have been too cost prohibitive for a home environment 12 years ago, such as grade 4 level polling or encrypted wireless sensors have become far cheaper to do today and no reason why they can't be deployed in even the most basic home system.
And what is weird about this conversation, is that HKC themselves seem to understand this. They have gone beyond the Grade 2 base requirements. For instance their polling meets Grade 3 comms requirements, despite is otherwise being a grade 2 system.433MHz, woops a daisys.
Boo boo there.
Now what was that you were saying about the En standard?
Was it 50131?
Because if it was, well you had better go and study it again.
EN 50131 actually says nothing about what frequency should be used for a security system at Grade 2. There are plenty of Grade 2 systems using 433MHz:
http://www.divetis.eu/index.php?lng=eng&categoryid=54673. Wireless devices communicate by an encrypted protocol in the 433MHz band at a maximum distance of about one hundred meters.8. The system is certified according to euro-norm EN 50131-1 grade 2 (low to medium risk).
If you Google it, you will find plenty of other Grade 2 systems using 433MHz.
Not that I recommend it, but I'm giving it as an example of not doggedly sticking to a 12 year old spec and instead going beyond that.Do you know why they do that ?:rolleyes:
Of course, do you? :rolleyes:
SRD860, the EU frequency bands set aside for license free operation of short range devices. Mostly for the use of wireless sensors including alarms, social alarms, low powered wide area networks, etc.
433MHz is also a license free band for short range wireless devices. But it has a lot of interference today, so many are moving to 868MHz. Like Z-wave devices.
868Mhz has an advantage that it limits it's duty cycle to just 1% on some frequencies. Which helps reduce interference from lots of 868MHz devices trying to transmit at the same time (and also helps reduce battery use). Of course that assumes all devices are behaving to spec and no one is trying to jam the frequency.
It is definitely an improvement over 433MHz and it should be harder to replay attack and jam, but it isn't magical, it still can be jammed and replay attacked. That is why encrypting the wireless links is also now preferred, given that the cost of it has come down a lot.Great, Yale and HKC are now first cousins so will I pass on your expert opinion to the engineers there ?
Oh, they already know! See the above article of previous Yale systems getting hacked. That is why Yale has now moved to 868MHz and rolling code, helps reduce those attacks.
As always it is a trade off between cost. The newer encrypted stuff is more expensive as it requires newer silicon and more processing power. All companies build their systems to a particular price point and therefore the trade off.
I know these vulnerabilities, they do too of course, these are engineering and cost trade offs.As for the latest Z - wave spec adding 128bit AES encryption, well lets wait until we are up against Jason Borne, James Bond or Mc Gyver.
That just shows your knowledge and approach to security!
The problem with the dropping cost of electronics that the security industry can benefit from is a double edged sword. It also means that the cost of electronics to attack these systems has come way down and more widespread too.Or just wire the thing, as you have mentioned in your expert knowledge sur wireless only goes as high as grade 2
Absolutely, but as you know, wired, unless the home was prewired, is a lot more expensive. As always security is a trade off between cost and security.
But just because wired exists, doesn't mean we should stand still on wireless and not integrate the latest enhancements in processor technology to make it more secure.
Technology moves on, what was once expensive and hard to do, becomes cheap and easy. Whether that is more secure wireless sensors or fast polling.
Think of the car industry. Air bags were first introduced on the Mercedes S Class, a very expensive car. The regulations at the time didn't require air bags, but the technology got cheaper and it moved down the car classes until multiple air bags in even the cheapest cars.
This happened because of a mix of customer demand and dropping prices. The safety regulations now require air bags, but that only happened after most cars already got them.
Often regulations follow behind after where the market has already gone.
And HKC is no different. Originally they had no comms, then they add text and voice dialing. Then IP over GPRS, now they have added dual path. And they went from offering just wired to hybrid wireless. All because the market demanded it, not because they were doggedly sticking to an old spec.
They have already added grade 3 level polling to their grade 2 level system. The obvious next step for them is to add Grade 4 level polling. It shouldn't be too hard. They already have the hardware, they just need to beef up their servers.They are always upgrading, they now have deeper pockets so I am sure they will be very proactive.
They have moved on a bit since those 8/12 panels, like the one you replaced with your Yale one
Exactly, upgrades that go beyond the requirements of a grade 2 system. Shows that it is foolish just to over focus on an old spec.
I genuinely hope they bring out a nice new panel and sensors. I might even return to them if it suits my needs and recommend my family and friends to upgrade to it.
HKC make good solid systems. That is unquestionable. But it certainly isn't perfect, it has pros and cons like any system. Engineering trade offs, etc. They need to keep up with the latest developments in the market if they want to stay relevant.0 -
-
Moderators, Motoring & Transport Moderators, Technology & Internet Moderators Posts: 22,486 Mod ✭✭✭✭ Join Date:Posts: 22082
I know this is going around and around with what is best . What is faster what is more secure. ETC.
Having used different panels and different communicators like CSL etc.
I used HKC and securecomm back at the start when they had fast polling and shorter fail times. This in theory was great but when im getting calls from customers beacuse their internet has gone down for 5 min . or the GSM unit has gone off line for 5 min . This for a commercial is fine and fast polling is required.
Security is the top priority but what happens is the system the cries wolf to often. If a customer is getting poll losses messages every 5 min then they are onto me complaining etc. Its all about a balanced approached to meet the customer security needs and call backs for poll losses , Call back for faulty equipment is one thing you have warranty on products but there is nothing o can do about GSM or wifi issues.
Very good point. Yes the "boy who cries wolf" is a real issue.
That is why I'd say the "ideal" is dual path + fast polling. So lets say you advertise 5 minute polling. What you actually do is have your servers "poll" the wifi path every 4 minutes. If a poll fails you do two things:
1) Keep trying the poll via the wifi path every few seconds (this should eliminate a temporary network blip).
2) Try polling the secondary, GSM path.
If after a minute of the above you don't get a response from either, it is then that you notify the user.
Also ideally with dual path, if the panel sees that one path is down, it should automatically notify the monitoring services via the secondary path and the monitoring services should increase their polling, if not necessarily inform the customer.
All the above would definitely reduce outage notifications.
BTW while it is good to add wifi for the ease of flexibility of panel placement, I'd also prefer if they also included ethernet port to use where available. Helps reduce problems with wifi and jamming of it.
Given the premium price of HKC gear and monitoring service, I don't think the above would be too much of an ask.I have a company to run and to make profit so if the equipment is good and no call backs then im going to use that equipment end of.
And that is completely fair and completely understandable. It makes total sense.
I've no problem at all believing you guys saying that the hardware is highly reliable, easy to install, etc. Would easily explain why they are so popular with installers and have such a high market share and I'm really happy to hear that an Irish company can make such a good product.
I just don't like people trying to make out that they are somehow perfect. There simply is no such thing as perfect security. All security is trade off's. I've seen far too many badly installed HKC systems and I can see issues with their approach to comms, IoT, HA, etc.
But I hope they don't see my comments as attacking them or you guys as installers. I hope they can be seen as constructive criticism, for things they can hopefully improve on in future.
I'm actually really excited to see what comes out of the merger. I think a panel that is a hybrid of HKC gear/expertise, mixed with Yale smarthome, IoT, app experience could make for a fantastic system.
Depending on how it turns out, I may well get one myself and recommend my family to upgrade theirs to one too.The HKC RF is one of if not the best on the market.
I know the HKC version 4 has frequency hopping. Not sure what other security features they have.
Great, I'm very glad to hear it
From having talked to HKC Assa Abloy are looking to integrate the HKC alarm into smarthome technology to provider customers with a complete solution. Smart door locks , Alarm , IP cameras and Smarthome devices . Sounds good to me . We will have to see what happens.
Yes, sounds fantastic to me
They already have smart locks and IP cameras and some smart devices, their alarm is ok, but can definitely benefit from HKC experience.
BTW the cloud/IP monitoring thing really benefits from scale. It is much easier to deliver low cost or free monitoring/polling if your programmers, system admins, etc. are looking after 10's if not 100's of millions of alarm systems, rather then just hundreds of thousands.
As a result I think this will really turn into a global scale market, rather then small companies in each country. So hopefully HKC will be well positioned within Assa.
In summary, I'm actually really excited to see what HKC/Yale comes up with.0 -
It doesn't comply because it is a DIY system. EN 50131-1 requires a professional install, therefore a DIY system can't be EN 50131-1. However that is a silly circular argument.
My new Yale system covers most (but not all) of my own requirements and I'm really liking what I'm seeing at the moment. Hopefully HKC can gain from them and vice versa.
I agree, it is indeed a silly circular argument and lets draw a line under it here from your link below, here is a statement from the conclusion of your link:
Remember that an alarm isn’t just a load of detectors and a panel – it needs to be installed properly. It’s nowhere near as easy as it sounds, and it’s often worth speaking to a professional alarm installer who can do a full risk analysis and get you what you need. It’s a broad statement, but in our experience, alarm security quality usually correlates with price.
Did you draw that?
You go to any security conference and you will meet lots of folks who aren't "installers" but would have vast knowledge on how to penetrate a security system and find faults in it. People with electrical engineering experience, wireless system design, networking code design, pen testers, computer scientists, engineers, etc. These are the folks who figure out how the weaknesses in a system.
An installer of course has fantastic day to day experience of installing a system. That is unquestionable. But that doesn't mean they know all about the ins and outs of wireless systems, networking, secure cloud services, encryption, etc.
It takes an awful lot of different, highly skilled professionals from different fields, working together, to build a truly secure system of any kind.
Take a look at this article for examples of the type of penetration testing they do on even EN 50131-1 Grade 2 certified systems:
https://www.pentestpartners.com/security-blog/hacking-wireless-house-alarms/
On a day to day basis, I deal with reality, the reality of criminals and what they need to do to break into one of my clients homes or business premises. I have almost a life time of experience in security, common sense and the brain power to ask questions and query things I do not know much about, I have a day to day direct working relationship with Gardai and I keep updated as to what actually goes on and how property crimes were committed etc.
So sitting around a room and trying to find weakness's with systems, well I trust the manufacturer I choose to use, so I will leave who ever actually does that :rolleyes:, to do it.
I sincerely doubt it very much if there are people as you mentioned above, regularly meeting up and discussing home intruder alarm systems.
As for your link, I am sorry to say it is irrelevant to this discussion as the frequency which they tested was 434.8.
That frequency is now redundant in regard to professional wireless Intruder Alarm Systems.
Interesting reading with regard to the Internet, but I will leave that to the expertise of others, much like yourself for that matter, to use their skills there and I won't stick my nose in there.I'm sure these folks know the issues with their standards and are actually rolling their eyes at you!
Do you really think so ?
I somehow doubt that very much.
Reading the standard, I can see that it is actually very well written and thought out. These folks know about security.
They understand that security is a trade off between security, cost and convenience and you have to try and balance those.
Well I suppose as those that wrote it are/ were involved in the security business that it goes without saying that they know about security.
Let me assure you, on a day to day basis, everyone involved in security know all about that trade off.They also understand that security is an ongoing and changing landscape. That it is a constant battle between the "defenders" come up with new security techniques and the "attackers" looking for ways around those.
At best a 12 year old spec gives you a decent basis. But you shouldn't get caught up in it in being the be all and end all. An awful lot has changed in the electronics industry in the last 12 years.
Things which would have been too cost prohibitive for a home environment 12 years ago, such as grade 4 level polling or encrypted wireless sensors have become far cheaper to do today and no reason why they can't be deployed in even the most basic home system.
And what is weird about this conversation, is that HKC themselves seem to understand this. They have gone beyond the Grade 2 base requirements. For instance their polling meets Grade 3 comms requirements, despite is otherwise being a grade 2 system.
Most installers i know install systems that go beyond grade 2 as well, I find those that advertise the most just go as far as grade 2.
You get what you pay for.
I never said that En50131 was the be all and end all, but it is a standard to which us installers have to work to, therefore we have to recognise it and take it for what it is.EN 50131 actually says nothing about what frequency should be used for a security system at Grade 2. There are plenty of Grade 2 systems using 433MHz:
http://www.divetis.eu/index.php?lng=eng&categoryid=5467
If you Google it, you will find plenty of other Grade 2 systems using 433MHz.
Not that I recommend it, but I'm giving it as an example of not doggedly sticking to a 12 year old spec and instead going beyond that.
Well tell you what, lets get down to brass tacks here, when you get your audit for EN50131, come back to me then and tell me more about 433 complying with that standard.
Because NSAI, EQA and MSC think otherwise, but what do they know?
We will all bow to your superior knowledge ( after your own Yale alarm install you know it all now )
Of course, do you? :rolleyes:
SRD860, the EU frequency bands set aside for license free operation of short range devices. Mostly for the use of wireless sensors including alarms, social alarms, low powered wide area networks, etc.
433MHz is also a license free band for short range wireless devices. But it has a lot of interference today, so many are moving to 868MHz. Like Z-wave devices.
868Mhz has an advantage that it limits it's duty cycle to just 1% on some frequencies. Which helps reduce interference from lots of 868MHz devices trying to transmit at the same time (and also helps reduce battery use). Of course that assumes all devices are behaving to spec and no one is trying to jam the frequency.
It is definitely an improvement over 433MHz and it should be harder to replay attack and jam, but it isn't magical, it still can be jammed and replay attacked. That is why encrypting the wireless links is also now preferred, given that the cost of it has come down a lot.
Oh, they already know! See the above article of previous Yale systems getting hacked. That is why Yale has now moved to 868MHz and rolling code, helps reduce those attacks.
I really do not need to be told all that, thank you anyway.That just shows your knowledge and approach to security!
I take that remark as a personal insult and for a moderator on this site you should know a lot better rather than to be getting personal like that.
I suppose there is little point in me reporting that comment anyway, birds of a feather flock together and all that :rolleyes:
Anyway on a day to day basis and in my own profession and in the business i run, my customers have no issues whatsoever with ' my approach to security or my knowledge '
I know of course now that you have installed your one and only Fischer Price type alarm system, then your knowledge has vastly exceeded my own.
Dream on sunshine.Absolutely, but as you know, wired, unless the home was prewired, is a lot more expensive. As always security is a trade off between cost and security.
But just because wired exists, doesn't mean we should stand still on wireless and not integrate the latest enhancements in processor technology to make it more secure.
Technology moves on, what was once expensive and hard to do, becomes cheap and easy. Whether that is more secure wireless sensors or fast polling.
Wow was all that in the Yale kit manual ?
Think of the car industry. Air bags were first introduced on the Mercedes S Class, a very expensive car. The regulations at the time didn't require air bags, but the technology got cheaper and it moved down the car classes until multiple air bags in even the cheapest cars.
This happened because of a mix of customer demand and dropping prices. The safety regulations now require air bags, but that only happened after most cars already got them.
No, it was not Mercedes, have a read of this:
https://www.thoughtco.com/history-of-airbags-1991232Often regulations follow behind after where the market has already gone.
And HKC is no different. Originally they had no comms, then they add text and voice dialing. Then IP over GPRS, now they have added dual path. And they went from offering just wired to hybrid wireless. All because the market demanded it, not because they were doggedly sticking to an old spec.
They have already added grade 3 level polling to their grade 2 level system. The obvious next step for them is to add Grade 4 level polling. It shouldn't be too hard. They already have the hardware, they just need to beef up their servers.
Exactly, upgrades that go beyond the requirements of a grade 2 system. Shows that it is foolish just to over focus on an old spec.
I genuinely hope they bring out a nice new panel and sensors. I might even return to them if it suits my needs and recommend my family and friends to upgrade to it.
HKC make good solid systems. That is unquestionable. But it certainly isn't perfect, it has pros and cons like any system. Engineering trade offs, etc. They need to keep up with the latest developments in the market if they want to stay relevant.
So HKC make good solid systems, but not good enough for you as you chose Yale.
Interesting.0 -
-
Moderators, Home & Garden Moderators, Technology & Internet Moderators, Regional East Moderators Posts: 12,533 Mod ✭✭✭✭
Join Date:Posts: 12233
Remember that an alarm isn’t just a load of detectors and a panel – it needs to be installed properly.
Agreed, that is exactly the point I made here.
This is the real issue, some installers cutting corners as has been highlighted on this forum many times.It’s nowhere near as easy as it sounds
Really?
To honest I think it is much more straightforward now than in the past thanks to the advances made with wireless sensors. The most difficult part for me when I installed intruder alarms many moons ago was getting cables to where I wanted them.and it’s often worth speaking to a professional alarm installer who can do a full risk analysis and get you what you need.
I am very unimpressed with some of the PhoenWatch installs have been done yet these have supposedly passed the risk assessments. Hence my lack of faith in risk assessments. Need I say anymore?So sitting around a room and trying to find weakness's with systems, well I trust the manufacturer I choose to use, so I will leave who ever actually does that :rolleyes:, to do it.
That is your call.
As an engineer that sort of blind "trust" goes against what my degree trained me to do. In my experience manufacturers make mistakes just like the rest of us.I sincerely doubt it very much if there are people as you mentioned above, regularly meeting up and discussing home intruder alarm systems.
Seriously?
Do you really believe that a company like Siemens have simply stopped ??
If not what do you think they are doing???Well tell you what, lets get down to brass tacks here, when you get your audit for EN50131, come back to me then and tell me more about 433 complying with that standard.
Because NSAI, EQA and MSC think otherwise, but what do they know?
I don't understand the point you are trying to make here.So HKC make good solid systems, but not good enough for you as you chose Yale.
Like you I would select the HKC. However do you not agree that the Yale system has some great features?
I would happily pay more for my HKC panel if it had these features.0 -
Agreed, that is exactly the point I made here.
This is the real issue, some installers cutting corners as has been highlighted on this forum many times.
Really?
To honest I think it is much more straightforward now than in the past thanks to the advances made with wireless sensors. The most difficult part for me when I installed intruder alarms many moons ago was getting cables to where I wanted them.
I am very unimpressed with some of the PhoenWatch installs have been done yet these have supposedly passed the risk assessments. Hence my lack of faith in risk assessments. Need I say anymore?
That is your call.
As an engineer that sort of blind "trust" goes against what my degree trained me to do. In my experience manufacturers make mistakes just like the rest of us.
Seriously?
Do you really believe that a company like Siemens have simply stopped ??
If not what do you think they are doing???
I don't understand the point you are trying to make here.
Like you I would select the HKC. However do you not agree that the Yale system has some great features?
I would happily pay more for my HKC panel if it had these features.
Hi 2011,
There is a flaw in your post i am afraid.
I took the last paragraph out of this link that BK posted:
https://www.pentestpartners.com/security-blog/hacking-wireless-house-alarms/
I will leave it with your good self 0 -
-
-
Advertisement
-
-
Moderators, Home & Garden Moderators, Technology & Internet Moderators, Regional East Moderators Posts: 12,533 Mod ✭✭✭✭ Join Date:Posts: 12233
However, I have to ask you, how can you just base your decision on a lack of faith in Risk Assessments based on what is basically a company that is only interested in numbers?
Many alarms installed by a well known PSA registered company have no working bellbox, no perimeter protection, depend almost entirely on PIRs for detection, and have communications that can easily be defeated. Yet the premises have been subjected to a risk assessment by a "professional" who has then certified the installation. How could any sane person have faith in risk assessments if that is considered acceptable?How can you form an opinion that my Risk Assessments, are in anyway lacking?
You are personalising my lack of faith in risk assessments. There was nothing to suggest that I directed my comment at your particular risk assessments.Yes the standards are lacking here, that is not my fault.
Agreed, they are lacking and it is not your fault.
It never occurred to me that somehow this could be your fault.I use HKC equipment, to be fair to them, their quality is A1.
I am not trying to bash HKC. I think their kit is very good too, that is what I installed in my own home. However that does not mean that I disagree entirely with BK.
There is a lot to like with HKC, but it is also possible to be disappointed by the lenghtly polling intervals and the fact that is does not have some of the more advanced features that other systems have. I imagine that the new generation of HKC panels will have resolved these issues, the question is when will it be available.In all my years in this business, I have to honestly say they are the only manufacturer that have never let me down.
Everyone said the same about the Nokia mobile phone too. What happened to them? The iPhone came in and kicked ass. Where are Nokia now?
Well they still make a very reliable phone. In all my years of using mobile phones I can honestly say my Nokia never let me down...:)I can say all our systems are thoroughly tested and as long as they work then I am happy, more a case of doing exactly as it says on the tin.
I love tin analogy's, lets continue
I am sure your alarms all do exactly what it says on the tin. The problem is that the tin says very little and very soon customers are going to want their tin to say a lot more and interface with many other tins.i rely on my experience and my belief that you learn something new everyday.
With respect, it does not appear that you want to learn. Customers want more and you seem to be resisting change with remarks like this: convenience and security are not bed fellowsWhere did your reference to Siemens comes from? I do not recall singling them out anywhere.
I singled them out as they are a great example of a multinational that is constantly pushing the boundaries of technology and they also make intruder alarms.I never had an issue integrating 6/10's, 14/54's, 8/12's. 16/ 120's or indeed 10/70's ( HKC Ones that is ) and 10/270's with home automation systems.
Obviously this relates to inputs and outputs, which worked and kept the system within the relevant standards
It is a start but lets be honest this is possible on a very basic level only.
Here is an example of what real integration can do.Sorry but as a professional I only come across Yale alarm kits in hardware stores, I would not touch them with a barge pole.
I understand that and I agree with you. However that does not mean that some of the features that they have would not be welcome in a quality panel like the HKC. Would you not agree?0 -
Many alarms installed by a well known PSA registered company have no working bellbox, no perimeter protection, depend almost entirely on PIRs for detection, and have communications that can easily be defeated. Yet the premises have been subjected to a risk assessment by a "professional" who has then certified the installation. How could any sane person have faith in risk assessments if that is considered acceptable?
As a result of a phone conversation and a one kit suits all homes no matter how different they are.
Just some bits you never mentioned
Well I can tell you, my wife has queried reps, in shopping centers, from a certain nationwide monitoring company that spend a fortune on advertising on that very point.
How can someone offer such and such without actually seeing my home, then the words Risk Assessment get brought up by her and suddenly these reps get very confused.
We could probably discuss any service here and we will find the good and the bad.
But just because that organisation and others who have taken a page out of their book, carry on like this, it does not mean that we all do.
Have you ever heard the expression you can't paint all with the same brush ?
The bigger issue here is standards, as i have previously mentioned, I follow them, are they perfect? No.
Could they be better? Absolutely.You are personalising my lack of faith in risk assessments. There was nothing to suggest that I directed my comment at your particular risk assessments.
Agreed, they are lacking and it is not your fault.
It never occurred to me that somehow this could be your fault.
Well the only Risk Assessments that I am most familiar with are my own ones.
So again how can you assume that mine are farcical ?I am not trying to bash HKC. I think their kit is very good too, that is what I installed in my own home. However that does not mean that I disagree entirely with BK.
There is a lot to like with HKC, but it is also possible to be disappointed by the lenghtly polling intervals and the fact that is does not have some of the more advanced features that other systems have. I imagine that the new generation of HKC panels will have resolved these issues, the question is when will it be available.
Well is HKC perfect? No, but they are a hell of a lot better than their direct competitors, actually competitors is a very kind word when comparing them with one particular company.
We can but assume what will be improved with the takeover, integration with Home Automation systems will be interesting as I think En50131 will present lots of challenges but who better to face such challenges?Everyone said the same about the Nokia mobile phone too. What happened to them? The iPhone came in and kicked ass. Where are Nokia now?
Well they still make a very reliable phone. In all my years of using mobile phones I can honestly say my Nokia never let me down...:)
And that Nokia car kit still has not been beat.
However I would not doubt HKC's ability to develop new products etc, as always they wipe the floor with competitors when they release new equipment.I love tin analogy's, lets continue
I am sure your alarms all do exactly what it says on the tin. The problem is that the tin says very little and very soon customers are going to want their tin to say a lot more and interface with many other tins.
Well I will have to go with your own experience there of reading what is written on the side of tin's.
As for predicting the future, well lets see what is more important a home automation system or a security system.
I await advancements there and will again be very interested in how standards will be accommodated here.With respect, it does not appear that you want to learn. Customers want more and you seem to be resisting change with remarks like this: convenience and security are not bed fellows
I find when I am discussing automatic gate systems with customers and that when they mention the convenience of an induction loop, I mention that should their car be robbed in their driveway, then the thiefs will be delighted to see their auto gates opening to let them out.
I find that the convenience here losses out to the security.
It always does.
I do security, not convenience.I singled them out as they are a great example of a multinational that is constantly pushing the boundaries of technology and they also make intruder alarms.
Going right back to the Europlex days, I have always said they were class.
Their equipment is still class, they just lack the range.It is a start but lets be honest this is possible on a very basic level only.
Here is an example of what real integration can do.
Again with your link, I have to bring up the point of the standards and they not allowing for a voice to arm an intruder alarm system.
Is your point here solely regarding integration? Just you must be aware of the lack of everything else with a Yale Alarm system.I understand that and I agree with you. However that does not mean that some of the features that they have would not be welcome in a quality panel like the HKC. Would you not agree?
Of course I agree, so lets see what time brings.
Still no matter what they do, there will always be a poster here and his tag buddy who will never recommend them.0 -
Moderators, Motoring & Transport Moderators, Technology & Internet Moderators Posts: 22,486 Mod ✭✭✭✭ Join Date:Posts: 22082
I took the last paragraph out of this link that BK posted:
https://www.pentestpartners.com/security-blog/hacking-wireless-house-alarms/
I will leave it with your good self
Just on this point, with respect I think you maybe missing the point of this article and missing the bigger context on how all this works.
Yes, the techniques being used in this article are relatively sophisticated and being carried out by very geeky people who aren't really looking to break into peoples homes and are more just interested in figuring out how things work and how to break them.
This would be a mindset that is very much thought in any engineering course, whether it is Computer Science, Software Engineering, Electronic Engineering, hell even Architecture, etc. You are thought how to break things. You are thought to think about how some one might hack your system. How it might break. You are thought to see beyond the "standards"! And you then try and come up with cost effective and convenient methods to stop it from breaking like that.
The problem is that while most Engineers might hack a system for fun, most would never dream of actually using it against someone. Unfortunately there is always a small percentage of unscrupulous people in any walk of life and all it takes is one unscrupulous engineer to find an exploit and then package it up in an easy to use form and then sell it on for big bucks to less technical people to actually use.
An example of this was replay attacks against car remotes. It is a sophisticated attack. But someone took the idea and packaged it into an easy to use device and sold it from China so that pretty much any local thieve could easily buy it and use it without needing to understand the complexity behind it.
You may of heard the term "script kiddies", it is the same idea in the software world. Basically a skilled Engineer finds a zero day exploit in some system. They then package up the exploit and sell it onto the "script kiddies" who are the ones who then actually use it against those systems, without actually having much of an understanding how it works.
So while the techniques might be relatively sophisticated. The concern would be that if they aren't fixed that they might end up getting packaged into easy to use devices and could hit the streets, like the car remote hacks did or GSM/433Mhz jammers.0 -
-
-
-
Moderators, Home & Garden Moderators, Technology & Internet Moderators, Regional East Moderators Posts: 12,533 Mod ✭✭✭✭ Join Date:Posts: 12233
Which are audited annually, I know you don't audit mine and it seems a real pity as you cannot form a view that there is any issues with my Risk Assessments.
Your logic is flawed as your position is that as a result of your risk assessments are good that it somehow follows that people will be of the view that all PSA risk assessments are good. In reality most people have no idea of the quality of your risk assessments and as you have stated yourself some a severely lacking.Now i might be out of line here, but as far as i know you do not work in this business any longer.
That is not entirely correct. I work in a design role and use a PSA registered contractor on a continuous basis to maintain, modify and install fire alarm, LSS, access control and security systems on the site I am on at present. We meet regularly and RA's would crop up a bit especially in relation to the fire alarm.You are coming across here as a genius with regard to Risk Assessments so please tell me all about them.
Thanks I wouldn't go that far but I review 3 or 4 RAMS a week.
The clue is in the name, it is an assessment of risks. Some are good and some are worse than useless as they can give the impression that all risks have been quantified and recorded when in fact they have not. This can then result in mitigation measures lacking, resulting in an incident.
In my view a RA for an intruder alarm system is not something that should be carried out over the phone, I gather you share this view.Is it really? Well the rest of Ireland must be a few decades behind you lot up there in Dublin then.
I wouldn't say that, no. Sure you have some people that are stuck in a time warp, but not all. BTW I'm not in Dublin and at present I work on a large pharma plant outside of Dublin and another one in Limerick.Let me know please, which one of these smart home/ home automation companies systems conform with EN50131......thats just a little bench mark for security systems so if a security system is a component of these home automation systems then it needs to conform to that standard.
Sure, Cytech would be one.
However I am particularly impressed with the Inner Range systems. These combine advanced automation with access control, intruder alarm and interface with the BMS and LSS systems. The PSA registered installer that we use installed an Inner Range system on a large high profile project for us recently.
If you want to see an Inner Range system in action it is also used in the science block in UCD.Sorry are you suggesting your boiler is part of your security system ?
Not at all
I am suggesting that the integration of my boiler control to my alarm system does not comprise the security of my alarm. I assume that you agree?
....or maybe not as this would of course conflict with your earlier statement: "I find that the convenience here losses out to the security. It always does" Your position seems to shift on this.In my own experience more and more convenience equals less and less security.
Except when switching a boiler....As I have already stated, it will be interesting how this Assa Abloy takeover of HKC will go with regard to new technology.
.....and how Anixter bought out Inner Range.0 -
Your logic is flawed as your position is that as a result of your risk assessments are good that it somehow follows that people will be of the view that all PSA risk assessments are good. In reality most people have no idea of the quality of your risk assessments and as you have stated yourself some a severely lacking.
As i have already asked you, what is a PSA risk assessment ?
When did i say Risk Assessments were severely lacking ?
I may have said they do not exist with regard to a certain nationwide marketing company, that also does house alarms, whether of course these can be deemed as security systems is another subject altogether.That is not entirely correct. I work in a design role and use a PSA registered contractor on a continuous basis to maintain, modify and install fire alarm, LSS, access control and security systems on the site I am on at present. We meet regularly and RA's would crop up a bit especially in relation to the fire alarm.
There are Risk Assessments for everything these days, I can of course see the importance of them in relation to Fire Alarms.
I trust you know that Fire systems are outside the remit of The PSA.Thanks I wouldn't go that far but I review 3 or 4 RAMS a week.
Ah you must be fairly verse with them alright so.The clue is in the name, it is an assessment of risks. Some are good and some are worse than useless as they can give the impression that all risks have been quantified and recorded when in fact they have not. This can then result in mitigation measures lacking, resulting in an incident.
I know what a Risk Assessment is and what their purpose is, thank you.In my view a RA for an intruder alarm system is not something that should be carried out over the phone, I gather you share this view.
Absolutely i agree, but i can assure that the biggest culprit here has themselves covered anyway with probably light touch auditing as they are paying their certification company so much money.
Sure, Cytech would be one.
However I am particularly impressed with the Inner Range systems. These combine advanced automation with access control, intruder alarm and interface with the BMS and LSS systems. The PSA registered installer that we use installed an Inner Range system on a large high profile project for us recently.
If you want to see an Inner Range system in action it is also used in the science block in UCD.
Great to see that the likes of Cytech are embracing relevant standards.
Inner Range, yes it is incredible equipment alright, I am very familiar with it, going right back to 2002/03 and i have a few of my own installs as well.
Some going for a " one trick pony "
I am suggesting that the integration of my boiler control to my alarm system does not comprise the security of my alarm. I assume that you agree?
....or maybe not as this would of course conflict with your earlier statement: "I find that the convenience here losses out to the security. It always does" Your position seems to shift on this.
Except when switching a boiler....
Well you do have to enter in your alarm code in order to access your alarm system in your App, I know of some people who question the convenience of entering in a code to do that, takes all sorts
Well my position did change as you brought up a perfectly good point and I acknowledged it.
But I do think that there is such a thing as too much convenience impacting on levels of security.....and how Anixter bought out Inner Range.
Well I find that even though Inner Range and HKC are both security system manufacturers, I cannot imagine them going head to head too often, they are probably at different points in the market.0 -
Advertisement
-
Moderators, Home & Garden Moderators, Technology & Internet Moderators, Regional East Moderators Posts: 12,533 Mod ✭✭✭✭ Join Date:Posts: 12233
As i have already asked you, what is a PSA risk assessment ?I know what a Risk Assessment is and what their purpose is, thank you.When did i say Risk Assessments were severely lacking ?
I may have said they do not exist with regard to a certain nationwide marketing company
This alone is enough for me to loose faith in these risk assessments.Absolutely i agree, but i can assure that the biggest culprit here has themselves covered anyway with probably light touch auditing as they are paying their certification company so much money.
^^^This statement of your does more to undermine PSA risk assessments than anything I have ever said.
Case closed, move on.Great to see that the likes of Cytech are embracing relevant standards.
YupInner Range, yes it is incredible equipment alright, I am very familiar with it, going right back to 2002/03 and i have a few of my own installs as well
That's two agreements in a row, seems like a recordWell my position did change as you brought up a perfectly good point and I acknowledged it.
Fair enough, I have more respect for someone that admits that they have changed their mind.
The problem is that after changing it and agreeing with me you then reverted back to your previous position with this statement "I find that the convenience here losses out to the security. It always does". Now you seem to be agreeing with me again. I have lost track of your position on this. Either convenience always results in a security compromise or it doesn't, you can't have it both ways.Well I find that even though Inner Range and HKC are both security system manufacturers, I cannot imagine them going head to head too often, they are probably at different points in the market.
Yes, at the moment they target very different parts of the market.
But now they have both been bought out by very large companies that have very deep pockets. That means that this could change dramatically within a short space of time. This should be interesting.0
Advertisement