Meltdown and Spectre Look like a Worst-Case Scenario in the Security Area

Nobody wants to paint too gloomy a picture – but the following question arises nevertheless: What if alarm systems fail during a disaster due to critical security gaps? Not only human lives are threatened, but soon the question of liability and responsibility also comes up.

 

An attack without physical access is impossible in Swissphone’s alarm networks. The Swissphone base stations are equipped with AMD processors which exclude a meltdown attack due to the underlying architecture. Despite the fact that the Swissphone base stations (ITC2100/ITC2500) are potentially susceptible to another possible attack – Spectre – this is nevertheless excluded without physical access. A direct way for hackers to place an executable code on a base station without physical access does not exist in digital alarm networks. This is because slave base stations from Swissphone are designed as wave net topologies, i.e. completely independent of TCP/IP and therefore not endangered. In addition, the master base stations connected to a TCP/IP network exclusively operate in a closed and internal network. In addition, the user data encryption used by Swissphone is transparent for the base stations, so that no sensitive information can be stolen from the base station even if the machine is physically accessed.

Swissphone has long advocated dedicated alarm networks instead of public mobile phone networks: And that for good reasons, as it is now finally becoming apparent.