Garage door security

Discussion in 'Technical Corner' started by Tarheelpilot, Feb 11, 2020.

  1. Tarheelpilot

    Tarheelpilot En-Route

    Joined:
    Dec 5, 2010
    Messages:
    3,653
    Display Name:

    Display name:
    Tarheelpilot
    So ... all you smart IT/systems folks. My garage door imploded last week. The replacement opener from lift master has WiFi connectivity to allow remote operation and monitoring.

    is it secure or an open door to thieves?
     
  2. dans2992

    dans2992 En-Route

    Joined:
    Jan 7, 2013
    Messages:
    3,404
    Display Name:

    Display name:
    Dans2992
    I use it. Its cool and no security issues that I’ve found.
     
    flyingcheesehead and rtk11 like this.
  3. James331

    James331 Ejection Handle Pulled

    Joined:
    Apr 18, 2014
    Messages:
    20,311
    Display Name:

    Display name:
    James331
    Real world, most of the subhumans that would be trying to rip you off are far to stupid/lazy to hack the system.

    If somehow you got on someone’s radar that has the ability or tenacity to hack the WiFi and means you harm, that door is the last of your worries.
     
    Dana and wilkersk like this.
  4. rtk11

    rtk11 Cleared for Takeoff PoA Supporter

    Joined:
    Apr 25, 2015
    Messages:
    1,352
    Location:
    Southern California
    Display Name:

    Display name:
    rtk
    Same here. Cool app and works great and quickly. Ever drive away wondering if you closed the door? No worries, the app will tell you. Reasonably good security on the app as well.
     
    GMascelli likes this.
  5. -KLB-

    -KLB- Pre-takeoff checklist

    Joined:
    Sep 25, 2018
    Messages:
    315
    Display Name:

    Display name:
    -KLB-
    The garage door itself is one of the less secure entry points unless you remove the emergency disconnect cord and handle. So far I haven’t seen any stories of attacks against the WiFi equipped openers. They do have an advantage if you park outside the garage and only use your phone as an opener, you now have no opener in the car to break in and steal to gain access to the house.
     
    flyingcheesehead likes this.
  6. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    If it uses “the cloud”, it’ll get hacked eventually.

    Still better than people who have vehicles parked outside with garage clickers hanging from the visor. LOL.

    And as others have mentioned, attacks on the emergency pull are usually easy.

    And your house probably has ground floor windows without bars or film reinforcement anyway. Especially those long ones next to many front doors. Thieves love those.

    So it’s not a huge deal. Not truly 100% secure, but way better than your biggest problem or easiest way in. :)

    The best setups “security”-wise are DIY and don’t talk to “the cloud” ever, but then you need your own server for them to talk to, and stuff... to get an app to the cellular network/internet.
     
  7. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    5,000
    Display Name:

    Display name:
    asicer
    Perhaps I'm being unimaginative, but why keep an opener in the car if you don't park it inside the garage?
     
    Stan Cooper and Jeff Oslick like this.
  8. wilkersk

    wilkersk Pattern Altitude

    Joined:
    May 21, 2015
    Messages:
    1,642
    Location:
    Puget Sound
    Display Name:

    Display name:
    KennyW

    ^^^This! :)


    If its just Wifi, I believe its all going to depend on your network security. Do you broadcast your SSID, is your passcode sufficiently strong? Do you use the WPA2 or WPA3 security protocols? Have you taken steps to identify and limit your wifi to known devices?

    And, as others have said, if it is a connected "smart" device that talks to Alexa, or allows you to open your garage door from anywhere in the world, chances are sooner or later, like your social security number and all your other personal info, its gonna end up compromised.
     
    Last edited: Feb 12, 2020
  9. midwestpa24

    midwestpa24 Pattern Altitude

    Joined:
    Mar 4, 2016
    Messages:
    1,745
    Display Name:

    Display name:
    midwestpa24
    Honestly, if a burglar wants in the house there are probably easier ways. Locked doors and windows only deter a theft of opportunity, a pro will get in. That's where it pays to have security systems and other measures in place.
     
    denverpilot likes this.
  10. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Many people enter through their garage.

    Or they just program the built in opener in the car in all their cars but don’t it can’t park all of them inside.
     
  11. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Actually they’re smart. They’ll just pop a window. Or bump key the front door. Why waste time? The typical household Kwikset or Schlage is a three second bump to open. Especially the electronic ones. Super cheap cores and five non-security pins. Bump. Open.

    There’s a pretty good video of a house thief who was doing time who had done hundreds of houses and was atoning for his sins by making a video to show the parole board — he never did anything fancy, and he hit houses with alarms all the time. All he had to do was get in and out quickly with easily pawned items. He would pretend to be a jogger and case the neighborhood for a week, then hit a bunch of houses at once and move on. His favorite were those long windows next to big grand front doors. Easy to pop, quiet, could look like a delivery guy to be on the front porch, once popped didn’t look popped from casual glances from the street, squeeze thru and let yourself out whatever door when finished. He wasn’t worried about dogs either. Said dogs that barked all the time were even better. Everyone already was trained to ignore them.

    No point hacking the WiFi. The garage door company surely doesn’t have the best and brightest server security folks out there. They don’t pay anywhere near what finance and other companies do that need server security. Go after the “cloud” server. Way easier.

    But the hackers interested in messing with the garage door company usually aren’t doing it to break into a house. They’re doing it for larger scale mayhem and kicks.

    What you should really do is hire “Wag!” to walk your dog and use one of their key boxes! LOL. Kidding. LPL is fun... and most locks are garbage... literal garbage...

     
  12. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    5,000
    Display Name:

    Display name:
    asicer
    Many garages have a pedestrian door.
    Fair point. But doesn't the built-in opener require the ignition to be on or in ACC mode?
     
  13. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Haha. He just released another quickie with three cheap padlocks. Fun. One second each.

     
  14. Spring Ford

    Spring Ford Pre-takeoff checklist

    Joined:
    Jul 11, 2018
    Messages:
    294
    Display Name:

    Display name:
    SpringFord
    [edit]
    What I have written here is not quite right but the sense of it is correct.

    https://en.wikipedia.org/wiki/Network_cloaking
    [/edit]

    Just a small point, unless it has changed over the last few years all WiFi Access Points always broadcast the SSID.

    If you tell the AP to not send the SSID (I forget the jargon right now) it then only sends one copy instead of two. All you need to see the SSID in any case is a packet capture setup. This is pretty trivial to set up and is cheap or free. Winpcap and Wireshark if you happen to have a suitable WiFi card and many are suitable.

    My understanding is that turning off the visible SSID also messes with channel selection by other APs, so you are more likely to get tramped on by your neighbours.

    I never do it now.
     
    Last edited: Feb 12, 2020
  15. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Most don’t. They want you to be able to open the door from the inside before you start the vehicle. Or reach in and use it to get the lawnmower out in summer without walking to the wall button.

    Some are so cheesy they’re built into mirrors or just a module that pops into the overhead. They’re often just the same inside as the ones that come with the opener, just have a 12V always on wire to them and are in a plastic housing the car maker just popped into the trim.

    They’re more about convenience than security.
     
  16. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    You’re correct. Hiding the SSID is useless these days — if it was ever useful — and actually can cause problems.

    Plus these garage door things don’t usually have any sort of unencrypted method to talk to them nor do they talk unencrypted to their mother ship, so someone getting on your WiFi really gains nothing if they’re going after them.

    You’re probably more at some sort of risk letting the garage door company see the rest of your network than from hackers wanting to get to the garage door. :)
     
  17. -KLB-

    -KLB- Pre-takeoff checklist

    Joined:
    Sep 25, 2018
    Messages:
    315
    Display Name:

    Display name:
    -KLB-
    The biggest issue now with non broadcast SSID is that instead of constantly advertising it at your house, you are now walking around with smartphones or tablets that are rarely really off, so they constantly ask If the configured non broadcast SSID is there, giving that much more surface to track your device and in turn you. And it stands out as different, possibly raising the question of why you are different, and making you a more interesting target.

    As for remotes in cars not parked in the garage, using it for entry is really common for rear entry garages, especially if you keep your back yard gates locked. Heck our HOA used the addition of a person door to a garage as the major evidence in a lawsuit claiming an owner was subleasing the garage in violation of the covenants.
     
    Spring Ford likes this.
  18. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    5,000
    Display Name:

    Display name:
    asicer
    With the stock Netgear firmware, the only way to disable WPS is to turn off SSID broadcast. {DD-, Open}WRT support can't come soon enough on my model. :mad:
     
  19. flyingcheesehead

    flyingcheesehead Touchdown! Greaser!

    Joined:
    Feb 23, 2005
    Messages:
    23,346
    Location:
    UQACY, WI
    Display Name:

    Display name:
    iMooniac
    It's "secure enough". It's a helluva lot more secure than someone leaving the door open by accident... If your Liftmaster is like mine, it has auto-close that you can set to 1, 5, or 15 minutes in addition to the remote connectivity, which I frequently use to double-check the doors, let someone in when I'm not there, or put my tractor away when I'm done mowing or snowblowing.
     
  20. Arrow76R

    Arrow76R Pre-takeoff checklist

    Joined:
    Jan 27, 2015
    Messages:
    162
    Location:
    Colorado Springs
    Display Name:

    Display name:
    Arrow76r
    I have a simple remote controlled switch bought at Home Depot into which my garage door opener is plugged. At night I simply turn off the power to the opener. Someone is home 99% of the day so that isn't a problem.
     
    G-Man likes this.
  21. Juliet Hotel

    Juliet Hotel Pattern Altitude

    Joined:
    Jul 21, 2018
    Messages:
    1,690
    Display Name:

    Display name:
    Juliet Hotel
    IF a thief wants in, they are going to get in and its unlikely they will bother trying to figure out what kind of garage door opener you have in order to do it.
     
  22. DFH65

    DFH65 Pattern Altitude

    Joined:
    Jun 29, 2013
    Messages:
    2,027
    Display Name:

    Display name:
    DFH65
    Locks keep honest people out. Nobody is going to waste time hacking your garage door if they want in you house. I breaking a window takes seconds. Breaking in a window takes seconds. Picking a standard house lock takes seconds.
     
  23. Spring Ford

    Spring Ford Pre-takeoff checklist

    Joined:
    Jul 11, 2018
    Messages:
    294
    Display Name:

    Display name:
    SpringFord
    That's very interesting - It hadn't occurred to me to consider how a connection could be established when there was no SSID broadcast.

    The breadth of possible attacks available is breathtaking.

    Here is my favourite - Use social engineering to get a significant number of employees of a company to visit your website. That site contains a link to an embedded image, but a "file" URL (I think it must be). Windows then very HELPFULLY includes your user ID and password hash in the request in case it is required for the site.

    Password hashes can often be attacked successfully offline and you may get an admin password or access to OWA (corporate email) or something.

    Of course a conscientious Corporate will have the relevant ports blocked in the firewall - won't they, and everyone will use long non-guessable passwords?

    Thanks.
     
  24. denverpilot

    denverpilot Tied Down

    Joined:
    Nov 8, 2009
    Messages:
    52,022
    Location:
    Denver, CO
    Display Name:

    Display name:
    DenverPilot
    Bwahahahahahahahaha! You crack me up.

    And companies hire staff who know how computers work and provide high quality training in same, too. ;)

    Oh wait. Companies also hire someone who passed Security+ and think they got a seasoned security professional... LOL!
     
  25. Jacksonpop

    Jacksonpop Filing Flight Plan

    Joined:
    Jan 5, 2020
    Messages:
    8
    Display Name:

    Display name:
    Jackson
    Don't worry. wifi garage door opener is reliable. I have one, but not lift master. Cheaper than it, and works well so far.
     
  26. luvflyin

    luvflyin Final Approach

    Joined:
    May 8, 2015
    Messages:
    7,531
    Location:
    Vancouver, WA
    Display Name:

    Display name:
    Luvflyin
    Dunno. I open mine when I want it opened and I close it when I want it closed. There’s the button on the wall in the garage and the remote thingy in the car with a button. How WiFi figures into the equation, I dunno. But I guess it can be an issue. Voices in my head say, unless you think you have some reason to open and close it from your computer or phone, then don’t activate that feature.
     
    Last edited: Mar 19, 2020
  27. weilke

    weilke Touchdown! Greaser!

    Joined:
    Jan 26, 2010
    Messages:
    13,557
    Display Name:

    Display name:
    weilke
    If your garage door gets breached, it is by a drug addict with a wire hanger who is looking for some tools he can fence at the pawn shop. It's not by some russian hacker who camps out in your driveway until he can crack the security settings of your WiFi router.
     
    Last edited: Mar 19, 2020
  28. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    5,000
    Display Name:

    Display name:
    asicer
    Where can I get a Harbor Freight sticker for my garage door?