Slashdot Mirror
Using Laptops to Steal Cars
Ant writes "Thieves are using laptops/notebooks to steal the most expensive luxury cars. Many of these cars have completely keyless ignitions and door locks, meaning it can all be done wirelessly. Thieves often follow a car until it gets left in a quiet area, and they can steal it in about 20 minutes..."
20 minutes to remove the laptop from the bag, smash the window and pound on the steering column with it? They must be using those modern, fancy-pants, lightweight laptops. In the old days we could get a car in under 5 minutes with a Mac Portable.
Trolling is a art,
Laptops are evil.
Fortunately, friendly Republican senators are even now pushing a bill through Congress to outlaw these devil-machines. Always looking out for our interests, those guys.
Note to mods: I'm probably being sarcastic.
This is exactly why my daughter will not have a keyless chastity belt...
Text of article:
High-tech thieves are becoming increasingly savvy when it comes to stealing automobiles equipped with keyless entry and ignition systems. While many computer-based security systems on automobiles require some type of key -- mechanical or otherwise -- to start the engine, so-called 'keyless' setups require only the presence of a key fob to start the engine.
The expert gang suspected of stealing two of David Beckham's BMW X5 SUVs in the last six months did so by using software programs on a laptop to wirelessly break into the car's computer, open the doors, and start the engine.
"It's difficult to steal cars with complex security, but not impossible. There are weaknesses in any system," Tim Hart of the Auto Locksmith Association told the U.K.'s Auto Express magazine. "At key steps the car's software can halt progress for up to 20 minutes as part of its in-built protection," said Hart.
Because the decryption process can take a while -- up to 20 minutes, according to Hart -- the thieves usually wait to find the car in a secluded area where it will be left for a long period. That is believed to be what happened to Mr. Beckham -- the crooks followed him to the mall where he was to have lunch, and went to work on his X5 after it was parked.
While automakers and locksmiths are supposed to be the only groups that know where and how security information is stored in a car, the information eventually falls into the wrong hands.
According to the Prague Post leaving such information on a laptop is what got Radko Souek caught for stealing several cars. "You could delete all the data from your laptop, but that's not good for you because the more data you have, the bigger your possibilities," he says. He says any car that relies on software to provide security can be circumvented by other software. "Every car has its weak spot," he says. Souek faces up to 12 years in prison.
The Leftlane Perspective: Many modern cars now rely on software entirely for security. Gone are the days where microchips supplemented mechanical locks as an additional security measure. In the case of true 'keyless' systems, software is the only thing between a thief and your car. As computers become more powerful, will stealing cars become even easier? Never mind future cars with better security -- what about today's cars a few years down the road? With cars as inexpensive as the Toyota Camry offering entirely keyless systems, these concerns a relevant to all consumers.
Posted anonymously to avoid karma whoring.
"While automakers and locksmiths are supposed to be the only groups that know where and how security information is stored in a car, the information eventually falls into the wrong hands."
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
That's only allowed in Soviet Russia.
There is a student on campus that was bragging that he could do just as the article describes. A professor put down $100 and bet the student that he couldn't get into his car in 15 min without breaking anything. The student took the bet. Needless to say, the whole class was out in the parking lot 5 min later to watch. It took the student about 5 minutes. The car chirped and the lights flagshed. I assume this meant the doors had been unlocked. Next, the car started, the student opened the door and got it.
This was really cool to see live. There is a something about seeing it done live that is very impressive.
I am a viral sig. Please help me spread.
One thing they're doing these days is to store some state information so that each code is different than the previous one. However, this only goes so far in terms of increasing the complexity of breaking in. There are generally a limited number of possible codes, so you can eventually guess the right one. And since the car will be ignoring bogus codes (to avoid being fooled by other cars' remotes), you can pretty much send it crap until you hit the right value with impunity.
If you really want your car to be secure, what they need to do is make the keyless entry devices carry a public/private key pair. On each key device, put a mini-USB jack on them and have a USB jack on the dashboard hooked up to the car's computer. Use this to copy the public key from each "key". Require that after the first key is loaded, one known key must be within radio range in order to associate a new key.
When you push the unlock button on the key, the device would send an unencrypted "unlock" message. Upon receiving this, the car would reply with a random string of data (say a 2k packet). The key device would receive this, sign the data using its private key, apply a random back-off timer to minimize collisions, then transmit the signed copy of the data, skipping a random time interval between each attempt, and stopping after 5 seconds or when the car transmits a "verified" message.
Of course, the car would stop listening after 5 seconds as well. Since the message to be encrypted changes each time, this would essentially thwart any attempts to fool the car by transmitting random data until it gets it right.
If you're really paranoid, you could design it so that the key also knows a public key for the car and uses that to get a session key so that the entire communication path is encrypted.
Check out my sci-fi/humor trilogy at PatriotsBooks.
And thats why people will want a regular key. Its worked for hundreds of years on other things, so a car should be no problem.
No, they're not safe. The key merely turns a lock that closes a contact telling the computer it's okay to proceed. After my 2001 Sukuki GSXR was stolen and recovered, I had to learn a thing about hot-wiring ignitions because the thieves had changed the locks. Within the ignition tumbler was a small PCB that connected circuits to ground for parking lights, accessories and the ignition. The added "security" was that a resistor was used in the circuit for the ignition.
Turns out, the wiring harness for the ignition has a molex connector underneath the right side fairing, right about where my fairing had been shattered by blunt-force-trauma. With nothing more than some knowledge, a spare connector, some wires, a switch and a specifically rated resistor, you could build a plug that would "start" any modern GSXR in about 20 seconds.
Keys are no safer. As far as the computers are concerned, they're either on or off. RFID, challenge/response, better encryption, failed-attempt lockouts, these things are going to become more common because they do a better job slowing the thieves down.
These opinions guaranteed or your money back.
How are sites slashdotted when nobody reads TFAs?
And I can implement a system that locks out ssh from any IP address that tries more than 3 wrong passwords. That won't stop someone from exploiting a vulnerability in Apache or PHP, and rooting the box. It also won't stop someone from trying passwords from the console, if I didn't set that up as well...
If you had bothered to read the article- the whole point is that theives are exploiting weaknesses in the systems and doing so successfully. Some early systems were hilariously bad; GM's first attempt involved a resistor at the base of the key, and the ECU would simply check if the resistance was correct.
You remind me of the Iraqi Ambassador, with buildings getting shelled behind him, declaring that the Americans are being repelled and have not entered Baghdad. Cars are being stolen right now, despite all the lockouts and "rules" car manufacturers have imposed.
See, modern cars have variable valve timing, coil-on-plug ignition, and a whole bunch of other stuff that simply will not work without the cooperation of the computer.
Variable Valve timing and coil-on-plug ignition do not make a car harder to steal; you still need fuel and a spark, and if the ECU won't allow the car to start, it won't allow the car to start; a 2007 A6 with direct-injection, Variable Valve Timing, Variable Intake Geometry, Coil-on-Plug ignition, etc is no harder to "force" to start than my '91 Audi with none of the above; both ECUs will simply not allow fuel or spark. Plus all of these components are 'stupid'; they're just valves and whatnot. It is not cost-effective to make each coil-pack module demand authentication from the ECU. The manufacturer's job is to make it difficult to steal a car; the rest is society's job (ie low motivation to steal, public awareness ie people notice someone doing something they shouldn't, and last but not least, government- ie police, courts, jail, legislation.)
Futhermore, dealerships use computerized scan tools to communicate with the various modules in the cars. When the owner uses the wrong key 6 times in a row to try and unlock his shiny new Mercedes- they don't package the car up, slap a UPS label on it, and send it back to Germany...nor do they do that with any of the computer modules like you implied; it honestly sounds like you had no idea what you were talking about and confusing RADIO lockouts (where MANY radios WOULD permanently lock themselves if too many incorrect keycodes were entered, and had to be sent to "repair" centers.) The dealer tech plugs in a computer, possibly calls a hotline and validates himself to get a code based off the vehicle VIN number or a code the ECU spits out, aka challenge/response - and then unlocks the security system. VW uses a particular system that is almost completely emulated by software packages like VAG-COM and ProDiag, and both can be used to re-associate a dashboard and ECU without any dealer involvement.
Anti-theft is about theft deterrent; as we network people say, "you can't stop a big enough hammer." There are now towing/recovery companies using tow-trucks that have crane, reach over the car, the tow truck operator slips arms under each wheel, and then the crane picks the car directly up and plops it on the back of the tow truck. You can do almost the same thing with a regular flatbed tow truck and a set of wheel dollies (designed for moving cars that can't be started, have been crashed, etc.)
Please help metamoderate.