Comcast home security exploit could let burglars in (updated)

Xfinity Home can be tricked into thinking everything's safe during a break-in.

Sponsored Links

Comcast home security exploit could let burglars in (updated)

Comcast's Xfinity Home system is supposed to keep your whole house secure, but a recently published vulnerability could leave things wide open. Researchers at Rapid7 report that you can use a quirk in the 2.4GHz wireless frequency to break communications with security sensors, forcing them to fail open and take a long time (several minutes to 3 hours) to reconnect. As the system doesn't even recognize the lost connection, that gives intruders free rein -- you might not know that anything's wrong until it's too late.

We've reached out to Comcast to see if there's a fix in the works, and we'll let you know what it says. However, you might not get a solution any time soon. Rapid7 says it notified Comcast about the hole in November, and published details about it only after giving the cable provider some time to update its software. Given that there's no short-term workaround, you'll just have to hope that would-be burglars aren't smart enough to jam your wireless signal.

Update: Comcast got in touch, and it claims that this sort of issue affects "all" security systems that use wireless sensors, not just Xfinity Home. It's not dismissing the issue out of hand, mind you: it's checking the findings and will see what fixes it can offer. Check out the full statement below.

"Our home security system uses the same advanced, industry-standard technology as the nation's top home security providers. The issue being raised is technology used by all home security systems that use wireless connectivity for door, window and other sensors to communicate. We are reviewing this research and will proactively work with other industry partners and major providers to identify possible solutions that could benefit our customers and the industry."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget