Slashdot Mirror
Using Laptops to Steal Cars
Ant writes "Thieves are using laptops/notebooks to steal the most expensive luxury cars. Many of these cars have completely keyless ignitions and door locks, meaning it can all be done wirelessly. Thieves often follow a car until it gets left in a quiet area, and they can steal it in about 20 minutes..."
20 minutes to remove the laptop from the bag, smash the window and pound on the steering column with it? They must be using those modern, fancy-pants, lightweight laptops. In the old days we could get a car in under 5 minutes with a Mac Portable.
Trolling is a art,
And thats why people will want a regular key. Its worked for hundreds of years on other things, so a car should be no problem.
All they really need to do is start randomizing the locks on cars, and not just use the same pattern...
yea, expensive, but safe.
Yay, I have a sig.
Laptops are evil.
Fortunately, friendly Republican senators are even now pushing a bill through Congress to outlaw these devil-machines. Always looking out for our interests, those guys.
Note to mods: I'm probably being sarcastic.
I saw a video from a conference in Germany that has to do with infared hacking. It's quite interesting if you have the time to watch it.
I knew this was going to happen a LONG time ago.
I'm surprised it took this long.
I've been under the impression that thieves steal cars to strip them for parts, as its impractical to re-sell a stolen car as a whole.
/20 minutes and a laptop? //more like 2 minutes, a brick and a screwdriver
Are parts for luxury cars that specialized? I thought most parts were more or less universal these days. Does a H3 take a special spark plug or something?
This is exactly why my daughter will not have a keyless chastity belt...
Cool! The resale value of my 10-year-old car just went up!
Occam's Razor strikes again...
This ain't rocket surgery.
Text of article:
High-tech thieves are becoming increasingly savvy when it comes to stealing automobiles equipped with keyless entry and ignition systems. While many computer-based security systems on automobiles require some type of key -- mechanical or otherwise -- to start the engine, so-called 'keyless' setups require only the presence of a key fob to start the engine.
The expert gang suspected of stealing two of David Beckham's BMW X5 SUVs in the last six months did so by using software programs on a laptop to wirelessly break into the car's computer, open the doors, and start the engine.
"It's difficult to steal cars with complex security, but not impossible. There are weaknesses in any system," Tim Hart of the Auto Locksmith Association told the U.K.'s Auto Express magazine. "At key steps the car's software can halt progress for up to 20 minutes as part of its in-built protection," said Hart.
Because the decryption process can take a while -- up to 20 minutes, according to Hart -- the thieves usually wait to find the car in a secluded area where it will be left for a long period. That is believed to be what happened to Mr. Beckham -- the crooks followed him to the mall where he was to have lunch, and went to work on his X5 after it was parked.
While automakers and locksmiths are supposed to be the only groups that know where and how security information is stored in a car, the information eventually falls into the wrong hands.
According to the Prague Post leaving such information on a laptop is what got Radko Souek caught for stealing several cars. "You could delete all the data from your laptop, but that's not good for you because the more data you have, the bigger your possibilities," he says. He says any car that relies on software to provide security can be circumvented by other software. "Every car has its weak spot," he says. Souek faces up to 12 years in prison.
The Leftlane Perspective: Many modern cars now rely on software entirely for security. Gone are the days where microchips supplemented mechanical locks as an additional security measure. In the case of true 'keyless' systems, software is the only thing between a thief and your car. As computers become more powerful, will stealing cars become even easier? Never mind future cars with better security -- what about today's cars a few years down the road? With cars as inexpensive as the Toyota Camry offering entirely keyless systems, these concerns a relevant to all consumers.
Posted anonymously to avoid karma whoring.
Are they referring to their server? 5 minutes after the link arrived on /. and I already get a timeout error.
".torrent?"
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
I want use Cars to steal LAPTOPS!
"Speaking the Truth in times of universal deceit is a revolutionary act." -- George Orwell
The keyless feature of the Prius was one of the main reasons I was considering it over the hybrid Honda models, but after considering the higher price of the Prius and reading about the insecurity of RFID I decided against it. Now I'm even more sure I made the right decision.
Read my blog posts on usability.
"While automakers and locksmiths are supposed to be the only groups that know where and how security information is stored in a car, the information eventually falls into the wrong hands."
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
I call shens on this article.
Though what the author describes is technically possible, outside of test environments luxury cars are almost never stolen by strangers... friends or family members with grudges maybe, but professional car thieves avoid these cars because of their almost zero resell/chop-up value.
My updated keyless 1968 Rambler 550 classic is going to be stolen soon?
Guess I'll havee to down grade.
It's not like 99% of keyed systems were very secure. Except for the newer laser/dimple keys, thieves are going to easily get into your car.
I remember seeing on TV a news thing they did with a former car thief. He said that a car with a club, a brake pedal lock and an alarm system were the most secure. Not because they were un-stealeable, but because it wasn't worth the time or effort.
Maybe Car MFGs will get serious about security in the future, but I doubt it. The only business they lose is from people who see the top ten most stolen cars and think "I don't want one of those". Otherwise, stolen cars = money for them, mechanics and part manufacturers.
[Fuck Beta]
o0t!
...favorite Knight Rider joke here: "Michael, someone's trying to connect to me via Wi-Fi and and override my locking mechanism!"
GetOuttaMySpace - The Anti-Social Network
1. What kind of embedded os they are running? I am at total loss with modern cars.
2. It seems that this problem is more solvable than attacks on computers from the Internet, because the car hackers have the following disadvantages
*) less time to hack
*) less time to use the car after hacking
*) more visibility and danger of immediate apprehension
*) even the most luxurious cars are of a less source of income (after stealing) compared to what modern hackers can earn
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Hmm..
For someone to follow her around with a laptop for 20 min... And to need a chasity belt...
She's probably doing something she shouldn't be doing.
20 minutes? What, is it just sending some pre-generated random number? Are they really too lazy to use a simple challenge-response scheme like normal password authenication? Or would that take up too much battery power on the errr... key?
Of course, as another poster mentioned, it does not really matter what you can do fancily and wirelessly because you can just smash the window.
Centralization breaks the internet.
There are reports out of Nebraska today that people with laptops have been seen plugging them into airport electrical outlets, and stealing electrons in an unguarded airport. The Department of Homeland Insecurity has declined to comment on the matter.
Details at 6:00
Oh You POS
And that's insecure? Your run-of-the-mill car can be broken into in about 20 seconds. How'd I know? I managed to leave my keys in my car and called AAA. The guy showed up and had it open in under 20 seconds, just using a coathanger.
From that POV, give me the fancy-pants stuff any time.
There is a student on campus that was bragging that he could do just as the article describes. A professor put down $100 and bet the student that he couldn't get into his car in 15 min without breaking anything. The student took the bet. Needless to say, the whole class was out in the parking lot 5 min later to watch. It took the student about 5 minutes. The car chirped and the lights flagshed. I assume this meant the doors had been unlocked. Next, the car started, the student opened the door and got it.
This was really cool to see live. There is a something about seeing it done live that is very impressive.
I am a viral sig. Please help me spread.
Oh! Perfect! And now I need a nerd for my getaway laptop...
My 0.02 cents
Am I the only one that found Radko Souek's situation ironic? Instead of doing a better job of protecting his data (encryption) he just left it out there and his information eventually fell into the wrong hands...
looks like Slashdot put leftlane's server smoking into the hard shoulder awaiting recovery
Why go through the hassle? It's WAY easier to back up to a car with a flatbed or wheel lifts to steal a car. You can lift the drive wheels and be gone in 30 seconds or less. You can then override the rest of the system at your leisure.
All I need it to do is advise me of its location, and if it's not where I think it should be, I want to snap a picture of whoever's in the driver's seat. Then, I'll either fax that picture and the car's location to the cops, or just wait for the perp to leave the car and go take it back myself.
Of course, wiring a 2 or three farad capacitor into the steering column so that I could zap him unconscious would be fun, too.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
It's an option... You don't -have- to get the Smart Key. You have to pay extra to get it. There's tons of reasons not to get a Prius, but this isn't particularly one of them.
Frankly, I'd like to see how vulnerable my car is. If I can hack it in 20 minutes, well, ok so that'd be cool and stuff, but I can modify my car's computer through a tool made available from volkswagon. I'd like to expirement with my car. I dunno. Try to lock it down a bit if you'll pardon the pun.
Your sig(k) has been stolen. There is a puff of smoke!
And thats why people will want a regular key. Its worked for hundreds of years on other things, so a car should be no problem.
No, they're not safe. The key merely turns a lock that closes a contact telling the computer it's okay to proceed. After my 2001 Sukuki GSXR was stolen and recovered, I had to learn a thing about hot-wiring ignitions because the thieves had changed the locks. Within the ignition tumbler was a small PCB that connected circuits to ground for parking lights, accessories and the ignition. The added "security" was that a resistor was used in the circuit for the ignition.
Turns out, the wiring harness for the ignition has a molex connector underneath the right side fairing, right about where my fairing had been shattered by blunt-force-trauma. With nothing more than some knowledge, a spare connector, some wires, a switch and a specifically rated resistor, you could build a plug that would "start" any modern GSXR in about 20 seconds.
Keys are no safer. As far as the computers are concerned, they're either on or off. RFID, challenge/response, better encryption, failed-attempt lockouts, these things are going to become more common because they do a better job slowing the thieves down.
These opinions guaranteed or your money back.
Wow, who wrote this stuff?
Unless I'm way off base here, this sentence:
"You could delete all the data from your laptop, but that's not good for you because the more data you have, the bigger your possibilities," he said.
Makes no sense or apparent relevance. Maybe an illusion to using security by obscurity? Dunno.
Does anybody know more about the article than what it says?
What kind of technology does the security software use? I'm assuming its wireless, RFID, bluetooth, retinal scan, or something. I don't know.
Also, I'm curious what country this is based? The 12 years in prison for stealing a car seems a bit excessive, even for US standards. I mean, stealing a car is only an inconvenience. Most people with such a car can't afford it so they finance it which requires full coverage, and so you get a new car.
Also, its so easy to steal a car, so what is new? People used to be able to use standard radio scanners to open garage doors and keyless entry things. Snatching a purse with keys is probably the easiest way to score an SUV today. The problem is really what do you do with the car? That is much more difficult than stealing it in the first place.
The repo man uses the tow-away method too. Even though they have a legal right to snatch a car in default they don't like to stick around for a confrontation anymore than a thief does. 20 minutes is a long time.
This issue is a bit more complicated than you think.
"as inexpensive" - this is exactly why it is NOT relevant to "all" consumers. Who would spend time on training hacking and $500 on a laptop to steal "inexpensive" Camry? The goal does not justifies the means.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Homeland Security needs to outlaw laptops!
This is detailed in the latest Popular Science. Just get one of those prepaid GPS cellphones. You can track the phone online, at about $9 a month. If I find the article I'll link to it, but check the May 2006 issue of PopSci.
Finally, I pour some cod liver oil on the upholstery and lock a couple of cats in it for a few days (with the windows cracked and plenty of food and water - I'm not mean.)
That just about puts an end to anyone's desire to steal my cars.
posted anonymously so THEY won't find me.
Mine doesn't. If it did it by default, then I'm sure I disabled it the first day, when I read my manual.
This approaches DRM's insidiousness in vendor lock-in through needless proprietary interfaces. Well, needless from a consumer standpoint, anyway. But hey, I do get deterrence from theives who think my car's worth $6.00 but not $90.00.
I haven't tried starting the car with my laptop yet...
Pi Ran Out
"If you had access to the computer, could you open the doors?"
"Of course. Why?"
"Just wondered how good you really were."
"Don't try and manipulate me, Blake."
"Now why should I try and do that?"
"You need my help."
"Only if you can open the doors."
"I could open every door, blind all the scanners, knock out the security overrides, and control the computer. Control the computer and you control the ship."
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
I managed to leave my keys in my car and called AAA. The guy showed up and had it open in under 20 seconds, just using a coathanger.
Convertables don't count!
And that's insecure? Your run-of-the-mill car can be broken into in about 20 seconds. How'd I know? I managed to leave my keys in my car and called AAA. The guy showed up and had it open in under 20 seconds, just using a coathanger.
From that POV, give me the fancy-pants stuff any time.
The triple A guy would not have been able to do that with these expensive luxury cars. And the 20 minutes the car jackers spend trying to wirelessly crack the car's computer are not spent right next to the car. The thiefs can do it from the safety of their own car while listening to the radio. Once their laptop has cracked the target car's code, they can just walk up, unlock the target car, and drive away.
From that POV, the theif can get a much more expensive car for a lot less risk.There are some simple ways to prevent this from happening that would have limited impact on the coolness factor of keyless:
-Install a $400 fingerprint scanner (for this and others non-secure people need a physical key)
-Voice recognition of a code through a microphone
-Require a 4 digit code input through the radio (or other)
-Body weight of person in seat must be +/- 10 pounds last use
-Require a different engine start code/security sequence than the door requires and only allow keyless engine start sequences within 30 seconds of the door opening (and the door must be opened and shut to reset + a 2 minute wait). If the second portion requires an expected 10 minutes to break the code of active attempts (assuming randomized attempts), it will require 40 minutes in stead and require them to get in and out of the car 20 times.
There are probably a few more options and things to add on here, but I would have to start invoicing Slashdot. In short though, I think the security approach (pure tech encryption) is shortsighted (albeit not knowing too much about it).
Hunger is the best sauce.
at least they upgraded from the old method, standing there with your PSX pad pressing 'X'
I never understood, why bother trying to start the cars at all when you're stealing them for parts? Isn't it a lot easier and quicker to just hook up a tow truck and off you go, 20 mins later it's a pile of parts anyway. Seems like a waste of time and effort to start it.
I can see if you're a teen going for a joyride. but not a "pro"
I thought the point was to *steal* the car, not just bust it up to the blares of the alarm.
How's this for lucky timing? Audi, through their sponsorship deal with Real Madrid, has gifted the entire Real roster, including Beckham, with brand new, fully loaded Audi Q7 SUVs.
Of course, all the thieves have to do is twiddle two dropdown lists...
This sig intentionally left blank.
A physical security system such as The Club is the way to go, both standalone and as a complement to an electronic system. I've used it for years on both inexpensive and expensive vehicles. It's inexpensive and IT WORKS.
I locked my keys in my truck at a gas station. The attendant, a former tow truck driver, had my door open with a slim jim (the metal tool not the questionable meat snack) faster than I could have unlocked it with my key in hand.
Gone in 60 Seconds indeed
Even people that believe in pre-destiny look both ways before crossing the street.
When I locked my keys in my car, the guy took 30 seconds and almost fucked up the lock (I had to lock/unlock it a few times to make it work correctly).
However, I have the benefit of having a car that theives don't want to steal: a 1979 Ford Fairmont. The three most valuable things in there are a power inverter, a discman and some speakers (the stock speakers have gone bad and it only has a radio, not even an 8-track). Not only that, but the car doesn't run too well, either. A theif would be spending his time better stealing any other car on the lot.
"Beware of he who would deny you access to information, for in his heart he dreams himself your master."
Didn't you have one of those fork locks?
Sure, they can start the motor, but let them try to actually drive it anywhere.
I had a car where I could just reach inside the door through the rust holes and unluck the door. That's a good reason not to leave your keys in the car. Anyway, the point is to slow a thief down. They can always pick up the car or strip it on the spot, but these things get noticed. You can pop the doors on my current car with a slim jim in seconds. It will set off the alarm. You also will need to bypass both a physical lock (steering) and an electronic lock (computer) before you can drive away. I prefer this, even if it means I have turn a key in a lock (such effort).
Now all I need is an article explaining how to swipe a laptop.
A good idea, but... A tow truck might attract attention, while sitting an a car parked next to the target car tapping away at your laptop doesn't (yet) attract much attention...
"I'll have a Guinness, no wait, make that a Coors Light" -Grad student I work with, who shall remain anonymous...
The girls must be falling all over you...
>While automakers and locksmiths are supposed to be the only groups that know where and how security information is stored in a car, the information eventually falls into the wrong hands.
If you replicate a "secret" a few million times, put it in places outside your control, and if you have no way of changing it in the field then you do not have a secret!
>"...There are weaknesses in any system," Tim Hart of the Auto Locksmith Association told the U.K.'s Auto Express magazine.
What, Mr. Hart, are the weaknesses in OpenSSH public key authentication? It sounds like the automakers are trying to roll their own crypto, with the usual results. Designing a crypto system is like playing chess with a grandmaster. You'll make a mistake somewhere, and your opponent will find that mistake and use it to break you.
As long as people make blunders like this we'll have fiascos like the TI chips with 40-bit encryption.
He says any car that relies on software to provide security can be circumvented by other software. "Every car has its weak spot," he says.
Sounds like a movie ploy. Software doesn't have to be a weakness, it can be another vulnerability, but doesn't have to be.
If someone were to create two-way encrypted public-key communication between the key and the car, where the car sends a random string, the key encrypts it and sends it back encrypted, then the car decrypts the string, that would be a good chunk of it.
Then you add a few factors like ensuring that each attempt must be at least 1/2 second from the last and after some number it reverts to requiring a manual override on the door panel buttons.
After that, software is pretty secure, but what about hardware? Can you R&R the computer? Is the authentication module physically separate from the computer so that a simple wire-cut is all it would take? Can someone override the computer completely by using traditional keys?
It's a damn hard problem to make a secure car, but it shouldn't be one we have to keep revisiting. The car companies should just buy a handful of hackers to help them design the next system.
The designers create a system, give it to the hackers (with full blueprints and software source-code except for the public/private key pairs) and then let them have at it.
Only by continually thwarting fully-informed attacks will they finally be able to design a truly safe system.
Oh, and don't forget to check for DOS attacks such as invoking a lock-down sequence that makes it so the driver can't get in or start his car.
You slow sorry dog shits!
I would just use my tow truck...
A car getting towed often gets noticed, but a guy with a laptop parked in the next space doesn't...
"I'll have a Guinness, no wait, make that a Coors Light" -Grad student I work with, who shall remain anonymous...
This has been possible for years. Here is a salon article from 1998 about doing the same thing with a Palm.
t ml
http://archive.salon.com/21st/log/1998/12/07log.h
-W
because usually I'm doing the reverse... using cars to steal laptops. *peels out*
Cars use similar systems to garage door openers. They are immune to pure replay attacks. And they have a 48-bit keyspace, only about 6 bits worth of which is active at a time (about 30 or so codes out of the keyspace will work at a time).
So you are looking at hitting a 1 in 2^42, or 1 in 4 trillion needle in a haystack.
Even if you rifle through codes, you're not going to hit one soon.
And if the system is designed to lock out after 3 failures, and make you wait 5 seconds to try another key, that means you won't stand much of a chance of rifling through the codes in your lifetime.
So, if these systems have flaws right now, it's in implementation, not design, and it'll be rapidly fixed.
BTW, for about 15 years there were only about 40 different door keys on all GM cars. We happened to have two at once that had the same door key (although they didn't use the same ignition key, GM used a two key system at the time). So this electronic system is still pretty much better, the only downside, is there is no deterrent to sitting a few feet from a car and trying to open it electronically versus putting a key in the door of the car and trying to turn it.
http://lkml.org/lkml/2005/8/20/95
I had one of those once. The damage the thieves did cutting the steering wheel to pull the bar free cost more than all of the rest of the damage they did. Nasty. I'm sure it slowed them down by a minute or two, however.
Socialism: a lie told by totalitarians and believed by fools.
I hate to break it to you but I found her "Hide-A-Key". You chose an obvious place to try to hide it.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
I think his point is it's not that much different with a luxury car then it is with a more traditional car. If you know what you are doing, it only takes a minute or two to steal a car. Here's a video of some amaturish appearing kids stealing a car in about 2 minutes. A minute of that was working the lock and about 40 seconds was working the ignition wires. If it's a quite area, just breaking the window takes a second or two.
In reality the only differences between the two types of theft is the amount of money spent on the vehicle, and the amount of time no one notices (or cares about) someone working on it. 20 minutes or 2 minutes, either way your car is gone.
In 20 minutes, the car could be at a garage far away and nearly stripped.
My brother's car was stolen with a tow truck. It probably took 20 second (I'd bet that the theives didn't bother with the safety chains). The cops told him that the car would be stripped before they finished taking the report.
What OS do they use for cars?
Probably whatever real-time OS they have available for the MCU which gets chosen.
I'd laugh if they used PICs.
:(){
And I can implement a system that locks out ssh from any IP address that tries more than 3 wrong passwords. That won't stop someone from exploiting a vulnerability in Apache or PHP, and rooting the box. It also won't stop someone from trying passwords from the console, if I didn't set that up as well...
If you had bothered to read the article- the whole point is that theives are exploiting weaknesses in the systems and doing so successfully. Some early systems were hilariously bad; GM's first attempt involved a resistor at the base of the key, and the ECU would simply check if the resistance was correct.
You remind me of the Iraqi Ambassador, with buildings getting shelled behind him, declaring that the Americans are being repelled and have not entered Baghdad. Cars are being stolen right now, despite all the lockouts and "rules" car manufacturers have imposed.
See, modern cars have variable valve timing, coil-on-plug ignition, and a whole bunch of other stuff that simply will not work without the cooperation of the computer.
Variable Valve timing and coil-on-plug ignition do not make a car harder to steal; you still need fuel and a spark, and if the ECU won't allow the car to start, it won't allow the car to start; a 2007 A6 with direct-injection, Variable Valve Timing, Variable Intake Geometry, Coil-on-Plug ignition, etc is no harder to "force" to start than my '91 Audi with none of the above; both ECUs will simply not allow fuel or spark. Plus all of these components are 'stupid'; they're just valves and whatnot. It is not cost-effective to make each coil-pack module demand authentication from the ECU. The manufacturer's job is to make it difficult to steal a car; the rest is society's job (ie low motivation to steal, public awareness ie people notice someone doing something they shouldn't, and last but not least, government- ie police, courts, jail, legislation.)
Futhermore, dealerships use computerized scan tools to communicate with the various modules in the cars. When the owner uses the wrong key 6 times in a row to try and unlock his shiny new Mercedes- they don't package the car up, slap a UPS label on it, and send it back to Germany...nor do they do that with any of the computer modules like you implied; it honestly sounds like you had no idea what you were talking about and confusing RADIO lockouts (where MANY radios WOULD permanently lock themselves if too many incorrect keycodes were entered, and had to be sent to "repair" centers.) The dealer tech plugs in a computer, possibly calls a hotline and validates himself to get a code based off the vehicle VIN number or a code the ECU spits out, aka challenge/response - and then unlocks the security system. VW uses a particular system that is almost completely emulated by software packages like VAG-COM and ProDiag, and both can be used to re-associate a dashboard and ECU without any dealer involvement.
Anti-theft is about theft deterrent; as we network people say, "you can't stop a big enough hammer." There are now towing/recovery companies using tow-trucks that have crane, reach over the car, the tow truck operator slips arms under each wheel, and then the crane picks the car directly up and plops it on the back of the tow truck. You can do almost the same thing with a regular flatbed tow truck and a set of wheel dollies (designed for moving cars that can't be started, have been crashed, etc.)
Please help metamoderate.
My first car was a Ford Pinto with an unbreakable anti-theft system. Every so often, at seemingly random times, it would stall and couldn't be started for approx 24 hrs. It usually did this in the worst possible places (left lane of highway, busy intersection, etc). Any thief who could bypass this system could have had the car if he only told me how he did it because no mechanic was ever able to figure it out.
On a good note I did get to use 100% of my free AAA tows for that year.
My wife's Honda Civic has a similar feature that prevents it from being started if you leave the cruise control on. The cruise control button "on" light is dim and well hidden behind the steering wheel for extra security.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
This really brings up an interesting point. Repo guys really might start using this technology. Those big deisel tow-trucks are quicker than breaking into the car, but they are really noisy, which wakes the owner and the tow truck takes long enough that the owner has time to run outside and object (in most states, a verbal objection to repossession is enough to make finishing the repossession job illegal). Imagine if the repo guy just parked accross the street, pulled out his laptop, and went to work. 20 minutes later, he opens the door, hops in, and drives away--no one has time to figure out anything has happened before the car is gone.
/.). If that happens, then we'll soon have nice easy to use software that just about anyone could use to drive away in a car that isn't theirs.
However, if repo guys started doing that, then real software for it would come out. Nice, easy to use software with a pretty GUI that even a repo guy can use (I'm not saying they're dumb, but I don't think they're generally too computer savvy. Sorry to all the repo guys read
About 5 years ago, there was an article about keyless systems and I said they would be easy to crack or get around.
I got many responces me call ing an idiot and explain that there would be so many possiblities it would take years to find the right one.
The Kruger Dunning explains most post on
How did the situation arise, the professor bringing this up?
And a student who could do it was in the class? And the student happened to have his programmable 390MHz transmitter with him?
And then, he managed to pop it open and start the engine, something you can't do from the remote on any car except a few Chevys? All in a few minutes, despite the enormous keyspaces car security systems use?
I'm sorry, I'm calling BS on this story at first glance. Do you happen to have more details?
http://lkml.org/lkml/2005/8/20/95
But hiding the technicalities and making it illegal to discover their weakpoints is the way manufacturers/**aa or whatever think they protect themselves.
Which is great but the whole thing about criminals is that they generally are more concerned with successfully committing crimes than legal issues surrounding their failure to successfully steal cars or even worse, download an mp3.
Can a Gibson do it? I mean, with 4 hackers they can do it in 5 minutes but wow, the power of the Gibson? 2 minutes flat.
My aunt drove to the mall, locked the car, and then found out she could not get back into the car. Turns out that she had started her car using her husbands keys, both owned the same brand of car but not the same model. Now his key would actually not start her car which I guess might be attributed to wear on one mechanism or another... but I don't know for sure.
Back in the 80s my Ford key would also unlock a few other Fords that friends had in the dorm. I could not start any but it was interesting to find out how many of us could unlock other cars.
Now I have never seen a keyless entry fob work on more than the car it was assigned to.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
... is that instead of dealing with issues, all you guys ever do is throw buns at the "other" party. You're both identical, FFS.
Yes, I know your reply was in jest. It still applies though.
And that's exactly how the politicians like it. Play their political games, instead of taking them to task for destroying what was once a great country.
You need to build up it's self esteem. Talk nicely to it, tell it what a good car it is. Buy it some premium when it's being good.
Don't belittle or yell at your car when it's naughty, a firm "No!" perhaps followed up by thwacking it in the grill with a rolled up newspaper should suffice to let the poor auto know it has been bad without destroying it's self esteem.
When the time comes and your car starts to notice cars of the opposite sex, do not make this a big deal, that can cause deep seated insecurities in any automobile. Let it know that the feelings it is having are natural and no big deal.
It will also help if the car does not have to worry about it's old age and retirement. Let your car know you have invested some money for it to live off of when it leaves the workforce.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
For any system put in place for security, there's always a way around it. In this case, after taking your laptop and a special adapter from serial/USB to plug into the car's computer, you can reprogram it any way you choose (Guess you never watched Fast and Furious, eh? Remember the guy who had his engine's timing and nitro/fuel ratio all done on computer?) We've been doing shit like this for years and years, down to re-wiring shit under the hood to bypass useless crap like that. Please. There are engineers and smart people out there that coudl take something requiring a laser-cut key with RFID embedded into the key and make it run and drive with a few simple modifications and wire re-routes, and it doesn't take that long. It's not that hard, and if you don't believe me - come with me next time I decide to screw around in a junkyard - I'll show you just how to bypass the computer in a car so you get pure fuel pump and spark without any computer-controlled crap in the way. It's honestly not that hard at all.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Don't bother with all the high-tech stuff.
Paint up a flatbed truck which has a mini-crane for lifting vehicles to look "official". And get some kind of uniform.
Cruise around areas which have parking meters and if you see a nice car, park next to it and pick it up and drive off. 30 seconds maybe.
Chances are, no one will bat an eyelid or ask a question. And because people are good at completely ignoring the mundane (Someone Elses Problem), no witnesses when you do it in daylight hours.
I won't be surprised if people are already doing this.
No sig. Move along - nothing to see here.
I hope Mr. Beckham doesn't protect his wife Victoria (Posh Spice) Beckam from being stolen and having her engine started the same way.
On second thought I have a laptop, so maybe I hope he does protect...
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
I am so excited someone else besides me noticed why those were there!
The fact that is the only reason the poles are there is hilarious to me because it takes a clever person to proactively think of having the poles. Of course, it's not so clever if they're a reactive measure!
Anyone have a better link? Are they just scrolling through all the possible keys or what?
"Physics is to math as sex is to masturbation." -R. Feynman
Looking at the specs, I see 6 to 12 hours battery life in that portable.
Wow, look how far we have come from there.
* Carthago Delenda Est *
I don't own a car....
But I do have a laptop..... (( bwahahahahaah! ))
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Why do people always think that stolen cars are always stolen for parts or shipped overseas.
It is'nt really hard to steal a car and drive it yourself with perfectly legal VINs and S/N's without ever getting caught. People seem to think stealing a car means that you will never able to drive it. It is actually pretty easy to convert a stolen car into a perfectly legal car so that the police will not be any wiser.
Take a look around as you drive - see if you can spot the "repo trucks" in your area. Once you know what to look for (most of the time it will be a relatively unmarked truck with the special grabber, white or black, usually - if there is any signage on the truck, look for the words "asset recovery" and the like). Interestingly, also, some repo men do side jobs as tow trucks - for short, in-town runs such trucks work great.
It wouldn't surprise me a bit if there were car thefts being performed with repo trucks - maybe an errant driver who lost his repo job for drug use, drunk driving, or other - or maybe a used repo truck - now being used to steal cars...
Reason is the Path to God - Anon
Either that viedo is less than 15 fps, or it is sped up, because the people's movements are quite jerky.
of those laptops!?
Oops probably should have posted this as Anonymous Coward.
"To be is to do." --Socrates
"To do is to be." -- Aristotle
"Do-Be-Do-Be-Do..." --Sinatra
If you gain complete control of the onboard computer, could you, say, corrupt the ABS drivers (pardon the pun)?
Or the brakes completely. Or throw in a new program, that's set to disable brakes at a certain speed.
Would this be possible?
Where's the release on this? This is why it's important for security vulnerabilities to be released to the public immediately. The public needs to know that it is possible, however unlikely, that some random stranger could get into their car. I don't care about the car; I care about the laptop in the trunk.
I once used the same replay exploit with the original Handspring Visor and a Mercedes e320 that used infrared door locks.
Late to the punch, I realize, but I used to do odd (electronics) jobs for a car stereo/alarm dealer, where I learned a great deal about car alarms.
No, car alarms don't disble themselves on an angle. In fact, a common accessory is an angle *detector* to make the alarm go off in case someone (legit or not) attempts to tow. Often this is just a ball bearing in an assembly that completes a circuit when tilted, although I've seen ones made out of mercury that work essentially the same way as the older-school a/c & heating thermostats.
When an alarm WILL disable itself is when you enable the courtesy feature. Say you have your sensitivity set high, and the night is unusually windy. Instead of going off all night, your car alarm will disble the inputs for that ZONE for an hour (or 2, whatever... programmable).
Note that door switches, window break sensors, motion detectors are all still active, since each of these is on its own zone.
Sony ha
I think you're missing the point that locking a car down via software (which is what you're advocating above) isn't secure.
Sony ha
Many cars do not have remote starting. It is available on some 3rd party alarms though.
GM was the first to introduce it. Why, I dunno, since it had been available from 3rd parties for some time.
As to the 2nd part, I blew it, I see how the situation happened, how the prof would make that statement (he was prompted). But having a 390MHz transmitter on hand. Unlikely.
And as I said, the systems are very secure, at least in design.
http://lkml.org/lkml/2005/8/20/95
I know this comment will be offtopic! ITS OFFTOPIC!
My car been broken into for the 5th time for the past 5 years. And it seems to me it happens in April every year. I want a anti-theft system that will stop those trying to steal my car stereo, incl anything else they want to steal.
This time around, they took my $650 stereo, DC-AC power inverter, power adaptor for my laptop, and adaptor for my cell phones (while leaving behind the plugs). Emptied my glove box for the radar detector, and $100 cash hidden underneith in a black cash fold, while causing $500+ in damage to the center console they tore up trying to take the well mounted stereo and they took my insurance papers for my car. (didn't notice the missing insurance papers until after I got pulled over a week later... the police officer was kind enough to let me go because my car was hit prior)
I've devised a nice anti-theft system for car stereos, so please bear with me on this.
I intend on placing a live grenade behind the stereo head unit. Now I know heat might set the thing off... but I'm willing to take that risk on the test bed. alot of trial and error will happen while I test this system with many cars, in very bad neighborhoods.
I plan on mounting a grenade behind car stereos, fashioned together by a trigger release wire, that is attached to the rear of the stereo and the mounting harnest.
(I've tried the 12guage wire, to help prevent the theft of my last stereo, and learned with enough force, the weak point in yanking out my stereo was the screw holding the wire to the frame of the car.)
Now this time the wire will hold the pin and tab of the grenade until the stereo is yanked out of the mount, the wire seperates from the head unit. I say, time/set the grenade for 5 seconds.
You know what happens at this point. We loose a theif, and a car + stereo + other vehicles nearby, and some casualties of war. But in the grand scheme of it all. I feel better because the bastard didn't get my stereo.
"Don't Forget to Salt the Fries"
My 1981 Ford Escort had problems with the ignition key cylinder. I found out that you could pop it out and just start the car with a screwdriver.
I used to leave it unlocked with the screwdrive in the glove compartment. Nobody ever touched it. It wasn't exactly a car that was high on the theft list.
How will this affect the keyless entry to my bicycle? Will people be able to use their laptops to activate its drivetrain?
- RG>
Hey pal, this isn't a pleasantforest, so don't waste my time with pleasantries!
2 MB flash on the key, 128-bit codes, 128 k codes total
The car never accepts an old code.
The only exploit other than stealing the key: borrow the key, clone it, and get to the car before the owner uses the key. (the owner's use of the key would make your clone obsolete)
This is probably the best system that doesn't involve the key becoming a receiver. If the key does receive, then you might want to AES encrypt the time of day as received from GPS.
[20 minutes later]
"Allllll circuits are now free of outside influence."
Recycle PCs and build a wireless community network www.hillsborough.org.nz
Wonder if the wireless protocol is too fast -- seems like a 300 to 1200 bps protocol would pretty well eliminate any brute-force attacks while still working fine when the right chip comes close to the car.
Now this is real wardriving!
The clock in the lower left starts at 48:17 and the car drives away around 50:54. The total length of the video is 53 seconds. However, if nothing is changing on the screen, the time jumps considerably. That, along with the chopyness, makes me beleive it's some type of a security camera that takes a reduced framerate to allow longer record times. So I think you are right that the framerate is low as well as it is sped up.
Why not use something like a "gear lock". Its a physical thing, with thick steel frame. Case in point, a friend of mine uses it in his open jeep. some guy as a prank pushed in a chewing gum into the slot. The guy had to get a "welding machine" to cut open the gear lock after a steel file(industrial grade) failed to cut through. It took two hours. And yes a welding torch will attract lot of attention. Thats why though there exists electronic locks etc,, such physical devices like Steering wheel locks and gear locks are deterrent enough. Since they are very visible most thieves think "Why try my luck here, lemme choose an easier target" So no matter what gimmikery is installed in your car, always go for reliable physical protection. Newer models come with oddly shaped keys which are difficult to replicate and hence the "master key bunch" usually fails.
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
Who needs a laptop? All you need is the key pad thingy, a Wu-Tang Clan disk and a Samurai sword.
From a related article: "Thieves are using cars/trucks to steal the most expensive luxury laptops/notebooks. Many of these laptops/notebooks have completely keyless ignitions and door locks, meaning it can all be done wirelessly. Thieves often follow a laptop/notebook until it gets left in a quiet area, and they can steal it in about 20 minutes..."
ASking a thief to take time to learn how to pick locks is like asking him to learn Spanish so he can steal from Mexicans.
No sig today...
The original article refers to the BMW X5, certainly a luxury SUV pricewise. I would not be
/. poster related a $30K Honda, parted out, as worth more than $90K. No doubt,
surprised if the X5 used the same OS as the BMW 7xx series, which is MS Windows CE. A
graphical UI screen on the 7xx is used to access radio/stereo functions, bluetooth config,
environmental controls, GPS navigation, car servicing info, etc. Why MS Windows CE? Both
vehicles were designed and built in the USA, so I presume that there was an inherent pre-
disposition toward this OS.
Another
a $60 - 70K luxury BMW might break down to more than $200K, parted out. Certainly
not chump-change. This represents a relatively high return for 20 minutes worth of effort,
as opposed to hacking a server somewhere, especially when you consider the downside.
Hacking a server in the USA draws a lot of attention, and violates enough Federal laws to
rack up 20 to 30 years in prison (FBI, DHS, DMCA, Computer Security Act, Patriot Act, etc.).
An auto theft, OTOH, would rack up only 2 - 5 years, even if an interstate crime (Feds).
Methinks some physical anti-theft device, like a brake pedal lock, might be in order for
even a luxury car like the BMW X5 or 7xx. Nothing would prevent a rogue tow-truck
operator from getting your vehicle, though.
Fantastic, so now a crook can DoS my car by trying to authenticate too many times, and I have to send a part back to the factory for reprogramming if they do?
Give me my keys back.
Lock the car in the garage, and hire enough armed guards to provide 24/7 protection. Do an in depth background check on the guards, make friends with them and pay them well. Become somebody known and feared by likely thieves. Remove some key portion of the ignition system and take it with you.
Or you could just get your car insured, take reasonable precautions, and just put this whole thing in perspective. Life has its risks, and they can't all be evaded all of the time. Keep in mind that you will die some day and lose everything no matter what you do.
Hard-to-steal cars get people killed. Look at any country where carjacking (hi-jacking) has become popular. You'll normally see the same escalation process:
1. Cars have no security, then get stolen
2. People get an alarm - thieves learn how to disable these
3. People get an imobiliser - thieves go work at the installers to learn how to disable these
4. People get a gearlock - the hijacking starts
At point 4, it's easier to take a car while it's rolling than it is when it's parked. So they do. But the escalation continues
5. People get satellite tracking so that hijacked vehicles can be recovered. Thieves turn to killers and murder the hijack victims to buy themselves enough time to get the car parked out of tracking reach while they chop it.
So give me an easy to steal car any day of the week. I want my car stolen from the shopping lot or my driveway. I don't want a gun in my back at a traffic light or a freeway onramp.
The thing is, I did the exact same with an electronic ignition system, must have been around 92/93. My fathers car had a broken keyfob and curious me wanted to know how it worked. Boy was I shocked. It was simply a case of a generic chip, where a "key" was set by cutting traces on the board. There were no more than 12 of these traces to select.
Using a little binary counter, I was able to make an interface to it that cycled through all of the combinations in around five minutes. Piece of piss, needed nothing more than high-school electronics.
OHS NAP
I was hoping it was a HOWTO
Karma: Bad. (As in Good?)
Even if some user monitoring is necessary on the attacker laptop, it could be done with a cellular remote link and VNC!
Man, did I play too much Shadowrun...
You're not old until regret takes the place of your dreams.
But he didn't TAKE your car. Getting in is one thing, overriding all the engine-kill stuff and driving it away is another.
I can explanate how to administrate your network. You must configurate and segmentate it, so it can computate.
He realized mid-order that the Guinness was not on tap, and the Coors Light was...
"I'll have a Guinness, no wait, make that a Coors Light" -Grad student I work with, who shall remain anonymous...
Dear ein', It has been a while since you've been to slate.. you've also had your posts erased. I was saddened when I saw the empty page, where your MBTU would be. Being that I'm kinda of interested in the phychology of people, and I tend to be oservant.. It seemed only OBVIOUS to me, that your name was specifically unique to you..and that you must also use it for other things. Also, I put that guess together with the fact that you are into technology.. therefor, making it only clear, that you'd most likely have accounts elsewhere.. under the same alias. So, I had found you on a few message boards you went to, since you were first on Slate. I'm not weird (well, maybe a little,) but I mean I'm not a ceep. LOL.. I just have a love for research; & that's all I did was research. & found you on google. Anyone could have done it. :-)
Anywho.. just sending a note saying "HI", and that you are missed on Slate. Hope you might pass by every now and then, to post a comment. bringing your informative and enjoyable posts.
I find it aweseome, your vast horizon of knowledge. and miss it greatly.
Hope all is well with you and your career.
- Love,
Pure'
Unfriendly corrupt Republicans steal all they can from government.
Anybody who wants your car will find a way to take it. Whether it's lock and key, or encrypted tokens. The keys just keep honest people honest.
Even if you locked the doors with a physical key, had a car alarm with tilt sensor, used the club, and had software protection, someone could still bypass all of that and steal your car. But it may not be worth the risk or the effort.
The trick is not to be the weakest link. Yeah someone can get around a car alarm, or cut the club off your steering column. But if you have taken reasonable steps to secure your car, and it's going to be a lot of trouble to get into, a thief is more likely to take a crack at the next car.
If I really wanted to take someones car easy, I wouldn't bother decrypting and breaking in. I'd
A. Wait for them to get into the car and then jack them at gunpoint in which case I get the car and the keys but then they can call the police right away, unless I kidnapp them or kill them, either way it complicates things.
B. Follow them home and break into their garage when they are asleep. You would not believe how many people leave their keys in the car in their garage or how many people leave their cars parked in the driveway, unlocked, with open access to the garage door opener. The weakest link will almost always be the person.
If you don't want to loose your car then be smart. Don't leave your car unlocked. Don't leave the keys in the car. If your car has security, use it and make you a less attractive mark than your neighbor.