[wildzzz]

Another weak point I've thought of, which probably applies to many alarm panels with zero knowledge of the correct pin, is what safeguards are there preventing someone from doing replay attacks on the pin entry? I would think a hardlined panel would be more secure.

[thomasjsn]

I agree. The ZigBee protocol is encrypted, but a replay attack is probably still possible. Another advantage of a hard wired panel is that it's not dependent on the Zigbee network being operational, and could be operated on the backup battery for days.

I think many systems fall through if the threat model includes someone watching you and doing a replay attack. But I'd still prefer a hardwired panel TBD. It's just not very easy to retrofit, with hidden cables.