Car theft: Drivers warned proximity keys for newer models might be a risk
http://www.abc.net.au/news/2015-04-1...reezer/6399650
Keys in freezer may keep Lexus in your driveway
http://www.thestar.com/news/gta/2015...-driveway.html
TORONTO POLICE HELP SOLVE MYSTERIOUS BREAK-INS
http://www.autonet.ca/en/2015/04/17/...in-the-freezer
WHY YOUR KEYLESS CAR IS VULNERABLE TO HACKING
https://practicalmotoring.com.au/car...ble-to-attack/
It is a bad way to start a thread with links to various articles, but the topic is important enough to do so, hence the articles to show the magnitude of the problem.
I quote from the last article:
Quote:
All you need to do is walk up to the car, open the door, press the starter button and you’re away. This is known as PKES, or Passive Key Entry/Start, as distinct from an active system where you need to go to the effort of pressing an actual button.
How does this magic PKES work? Simple. The car recognises when the key is close by and unlocks the doors, and will respond a press of the starter button when the key is very close to the button. Technically, the car is constantly searching for the key using low-powered signals, if the key responds, then the car will unlock automatically, or allow itself to be started depending on exactly where the car thinks the key is.
Unfortunately, this system can be hacked.
It is possible to break the encryption between key and car, decipher the commands sent and then send your own commands. That is very difficult, given the nature of the encryption. But there’s an easier way, and it’s called a relay attack.
The concept is simple. Amplify the signals sent from the car that search for the key and send them, over a distance, to the key. Amplify the key’s return signals and send back to the car. It’s important to note that it’s not just amplifying the car’s signal, the key’s signal also needs to be amplified so the car sees the response. Then car and key think they are close together, when in fact they may be hundreds of metres away – possibly more. The amplification and distance introduces a tiny delay, and the tolerance of the car/key system to that delay is the major factor limiting the distance. The basic flaw is that the car’s security system assumes that the key can only respond if it’s close by.
How it works in practice is equally simple. Let’s say you’re at a cafe, keys on the table. An antenna connected to an amplifier is placed close to your car, and a similar unit is placed close to your key. Now your key thinks it is close to your car, so the thief can simply open the car and get in. Then the thief places the antenna close to the keystart button, and presses the button. The car starts. Or you could be waiting by an elevator, at a friends house…there’s so many places where someone or something could be close enough to the key without arousing suspicion, and need only be close by for the moments it would take the thief to open the car. The research paper we’ve looked at indicates that the key-side antenna might be as far as eight metres away from the key, and the total distance from car-to-key might be as much as sixty metres. Of course, once the car moves off it will break contact with the “key” but that won’t matter, because all cars I’ve tested (and have been tested for this attack) permit the vehicle to keep moving and operate even when it loses contact with the key. There may just be a warning message, nothing more.
This is a dangerous attack because it doesn’t need the encryption broken, there’s no proof of forced entry – indeed, it looks just like the owner has opened the car – and no alarms will go off because the actual, proper key has been used. Might make for an interesting insurance claim in the event of theft.
|
Thieves Thwarting Remote Keyless Entry Systems with $17 Device
http://www.techlicious.com/blog/toyo...s-entry-thief/
Yes indeed. Chinese websites have even got such devices posted for sale for just 17 Dollars. I hope if I buy in bulk (lets say, 100 units) they will even reduce on this price tag.
What vehicles are vulnerable? I am not sure, but based on the content available here (
http://www.roadandtrack.com/new-cars...entry-hacking/), at present we can say that:
Quote:
most common vehicles stolen are, strangely enough, utility vans like the Ford Transit, Transit Connect, and Mercedes-Benz Sprinter. It's not clear whether that's because of a particular vulnerability in those vehicles, or some other compelling reason. High-value late model BMW (15 percent of all thefts, according to the report) and Land Rover (10 percent) models are the next most common.
|
The Scotland Yard article also points out
another way that the key-less thefts occur:
Break into the car, connect to the OBD port and download the lock/ unlock information to a blank new key. (
http://content.met.police.uk/Article.../1400029057620 )
I request members to go through these links for starting off, and share whatever you can find on this topic.
If you are aware of resources that can help prevent such events from occurring for anyone, do share the same, as well as any tips/ tricks you may have as well.
Please do use this thread for information exchange as well as to have a healthy debate on the said subject.