Help with DIY install equipment, cellular stand-alone monitoring decision, and interactive features

Dear Home Security enthusiasts and experts,
 
I just moved in to a house that has Vivint alarm, but without the control panel. It has door sensors and motion detector.
 
I am considering either GE Simon XT or Honeywell Lyric, mainly because of their encryption feature.
 
1. I don't plan to do home automation. Just home security with fire detection, that has encryption between the base and sensors. I plan to do DIY install. Since I am an electronic technician, a bit complexity to install is ok.
 
2. I want to have central monitoring (cellular stand-alone monitoring).
 
3. I don't plan to have interactive feature (no controlling system neither through Alarm.com nor AlarmNet nor mobile app) as I don't like the idea of having ability to disarm my system remotely. However, it would be nice (if possible), to be able to see sensor activity, but without the ability to disarm the system remotely.
 
4. It would be nice if I can put existing Vivint door sensors and motion detector into use, but this is not a must.
 
Any idea which path I should take?
 
Thank you so much :)
 
As far as I know, the GE Simon XT does not support encrypted wireless sensors. In terms of the major professional alarm manufacturers, only Honeywell has an encrypted system available - the Lyric system. That panel supports both a Verizon (Lyric-CDMA) and AT&T (Lyric-3G) cellular communicator.
 
The 2Gig GC3 panel will eventually support encrypted sensors as well but as of today, 2Gig has not released the encrypted sensors.
 
The Lyric works with Honeywell's Total Connect 2.0 service but you can certainly get regular cellular based central station service without the Total Connect 2.0 if you really don't want that service. You wouldn't be able to get the TC2 sensor activity features without having the ability to also arm/disarm remotely though. However, with TC2.0, you can program it so that you need to both login with a valid username and password and also type in a valid 4-digit user code to process a remote arming/disarming. Perhaps, you'd be open to using the service knowing that?
 
SterlingDonnelly said:
As far as I know, the GE Simon XT does not support encrypted wireless sensors. In terms of the major professional alarm manufacturers, only Honeywell has an encrypted system available - the Lyric system. That panel supports both a Verizon (Lyric-CDMA) and AT&T (Lyric-3G) cellular communicator.
 
The 2Gig GC3 panel will eventually support encrypted sensors as well but as of today, 2Gig has not released the encrypted sensors.
 
The Lyric works with Honeywell's Total Connect 2.0 service but you can certainly get regular cellular based central station service without the Total Connect 2.0 if you really don't want that service. You wouldn't be able to get the TC2 sensor activity features without having the ability to also arm/disarm remotely though. However, with TC2.0, you can program it so that you need to both login with a valid username and password and also type in a valid 4-digit user code to process a remote arming/disarming. Perhaps, you'd be open to using the service knowing that?
 
Thank you so much, Sterling.
I see, it seems that I will be stuck with Honeywell Lyric.
 
Will Lyric be able to connect to Vivint sensors/motion detector? Are they 2Gig's?
 
If I'm not mistaken, GE sensors are encrypted (Interlogix I assumed). Which are they, and what panel that support them?
 
I am a bit nervous with server hack cases recently. Banks, medical company, government, etc. It's just about a matter of time before they hack TC2 server. I understand a burglar may not hack TC2 server to disarm my house, but some kiddie script could easily play around and compromise my TC2 security system.
 
Btw, does your company offer monitoring with cellular stand-alone only without TC2?
 
I've never heard of encrypted sensors from GE/Interlogix. Where did you see that they offered encryption?
 
Your Vivint sensors are probably just regular 2Gig sensors although they may also be special proprietary Vivint sensors. Can you open one up and see if you can identify a model number? Either way, they won't be encrypted so I'm not sure that you'd want to use them as encryption seems to be one of the main features you want. If you do want to use them and they are 2Gig, they would only work with a 2Gig system unless you use 
 
If your going to use a system that is cellular based, your signals are going to process through some server. I can't really comment on the differences of the security on the main AlarmNet servers compared to the Total Connect 2.0 servers but I would assume Honeywell provides the same level of security on both.
 
With that said, Alarm Grid (my company) could certainly offer you central station service without TC2 service using a cellular connection for $25/month with no contract required.
 
I saw it in here:
http://cocoontech.com/forums/topic/28271-using-existing-sensors-on-diy-system/
 
And also here:
https://suretydiy.com/forums/topic/2gig-gocontrol-hacked-and-disabled/
 
Thank you for the suggestion, let me try to open them up.
 
Btw, I called on the other day, and the customer service guy told me that you don't offer cellular stand-alone only. He said the cheapest for cellular monitoring is Gold one, which is $35/month.
 
Oh btw, is your monitoring company CSAA certified?
 
Is there anybody that can tell me or confirm that what I read in those articles is correct, that GE/Interlogix implements encryption between the base and sensors?
 
Thanks before :)
 
So, what if the cellular company/tower is hacked and they access your alarm system via the cellular device? Do you think the security on a cellular tower is better than that of a bank?
 
drvnbysound said:
So, what if the cellular company/tower is hacked and they access your alarm system via the cellular device? Do you think the security on a cellular tower is better than that of a bank?
I believe it is easier to hack Totalconnect server than cellular company/tower in order to disarm the system.

As I said, I am nervous with recent hack news on many servers.
 
If you're connected, there is a chance of being hacked. So, what's the alternative? Or better yet, what is your ideal scenario for your system? How is it connected, to what, and who is monitoring?
 
drvnbysound said:
So, what if the cellular company/tower is hacked and they access your alarm system via the cellular device? Do you think the security on a cellular tower is better than that of a bank?
 
"hacking" is a laughable term. Not one of the scenarios out there is actual hacking, just exploiting weaknesses and poor security practices. There's far easier things to pursue. Do I see the point of encrypted RF transmitters, sure. They're only coming to market because of a lawsuit that boiled down, is about misrepresentation from alarm installation companies. It was a known evil for decades. It's easier to flood the RF signal and overpower the receiver than attempt to mimic an ESN. The real issue are convenience items....keyfobs or RF arming devices, which are negating security practices for the sake of convenience.
 
Unless you're on a leased line or dry copper and run true encryption devices on the circuit, you're not secure. I've installed them for the feds on their systems.
 
Banks are knowingly unsecure, they only have a known standard to meet for redundancy and coverage and the illusion of security. Very few installs even take advantage of AES encryption, which still can be broken with enough time and effort.
 
DELInstallations said:
"hacking" is a laughable term. Not one of the scenarios out there is actual hacking, just exploiting weaknesses and poor security practices. There's far easier things to pursue. Do I see the point of encrypted RF transmitters, sure. They're only coming to market because of a lawsuit that boiled down, is about misrepresentation from alarm installation companies. It was a known evil for decades. It's easier to flood the RF signal and overpower the receiver than attempt to mimic an ESN. The real issue are convenience items....keyfobs or RF arming devices, which are negating security practices for the sake of convenience.
 
Unless you're on a leased line or dry copper and run true encryption devices on the circuit, you're not secure. I've installed them for the feds on their systems.
 
Banks are knowingly unsecure, they only have a known standard to meet for redundancy and coverage and the illusion of security. Very few installs even take advantage of AES encryption, which still can be broken with enough time and effort.
 
I agree with you. Encryption is simply to buy time, everything can be broken with enough time and effort.
Regardless, I think it's still a better choice to have encrypted wireless home security (between base and sensors) rather than not.
 
None of the big manufacturers use end to end encryption. It's just not out there. Could it show up, sure, but not any time soon as encryption does not address the bigger issue with wireless, which is flooding the band preventing the transmission from getting through. If security is paramount, the installation is NOT going to be wireless.
 
I wouldn't recommend going that route, especially with a first gen product. I can appreciate the thought, but I believe you're putting the horse ahead of the cart a bit here.
 
EncryptSeeker said:
Is there anybody that can tell me or confirm that what I read in those articles is correct, that GE/Interlogix implements encryption between the base and sensors?
 
Thanks before :)
As already mentioned, GE wireless sensors and fobs send messages in plaintext.  If one desires to do so, it is much easier and less expensive to spoof a wireless GE/Interlogix sensor than any of the modern gadgets that implement encryption, even with all their flaws, like the notorious Phillips zigbee lamps from a parallel thread.
 
Here's an example of a GE wireless motion sensor that I put in my basement years ago just to see how long the battery would last (it's been 4 years and sitll going strong). It is sending a heartbeat every hour + some minutes by blindly shooting three 61-bit packets :
 
2016-11-07 16:51:40 0001 be4482 c 115 20   Basement Motion
2016-11-07 16:51:40 0001 be4482 c 115 20   Basement Motion
2016-11-07 16:51:41 0001 be4482 c 115 20   Basement Motion
 
...and  now that motion is detected  transmitting 8 packets:
2016-11-07 20:23:20 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:20 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:20 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:20 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:20 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:21 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:21 0001 be4482 0 914 3c  Basement Motion
2016-11-07 20:23:21 0001 be4482 0 914 3c  Basement Motion

In the above, the timestamp is mine, 0001 is the two start bytes, followed by 3 sensor id bytes, followed by a nibble that contains a state transition count and battery low indication, followed by the actual state message (five inputs, three nibbles), out which the first is violated (observe 9 instead of 1 in the three nibble group), followed by stop bits and a check parity/oddity bits.
 
https://www.google.com/patents/US5761206
 
The messages are received by a cheap ($15) rtl sdr receiver tuned to 319.5Mhz..
 
Presumably, the new elk two way sensor protocol is encrypted, but I do not know how well.  However, all this fancy two way/encrypted stuff does not come for free: messages are bigger, frequency is higher (902-928 Mhz vs 319.5Mhz) to accommodate more bits thus battery life and the range is lower.
 
DELInstallations said:
None of the big manufacturers use end to end encryption. It's just not out there. Could it show up, sure, but not any time soon as encryption does not address the bigger issue with wireless, which is flooding the band preventing the transmission from getting through. If security is paramount, the installation is NOT going to be wireless.
 
I wouldn't recommend going that route, especially with a first gen product. I can appreciate the thought, but I believe you're putting the horse ahead of the cart a bit here.
 
Thank you for the advice. I understand wired is better, unfortunately it's not possible for me at this moment (due to a high cost). That's why my option is wireless at this point. Unencrypted wireless vs. encrypted wireless to be exact. Hopefully in the near future when I have the budget I will do wiring.
 
Back
Top