Slashdot Mirror
The Future of Hi-Tech Auto Theft
NicknamesAreStupid writes "Over the past twenty years, car theft has declined as new models incorporated electronic security methods that thwarted simple hot-wiring. The tide may now be turning, as cars become the next Windows PC. The Center for Automobile Embedded Systems Security has posted an interesting paper from UCSD and UW that describes how modern cars can be cracked (PDF). Unlike the old days of window jimmies, these exploits range from attacks through the CD or iPod port to cellular attacks that take inventory of thousands of cars and offer roaming thieves Yelp-like choices ('our favorite is mint green with leather') with unlocked doors and running engines."
Yes I would download a car.
one of the reasons auto theft declined is police busted and closed chop shops that took and resold the parts. and you can now buy cheap off brand parts for any car as well. not like anyone stole cars back in the day for personal use
What a stupid fucking statement about Windows PC. What is that even supposed to mean? How is a modern car comparable to a computer running Windows? What version of Windows are we talking about here?
It's not clear to me why the CD player should even be on the same network as the engine-related microcontrollers.
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
With the capability for devices to do remote start, or ONSTAR to do things like remotely unlock your doors, as well as wireless keyfobs. I figured we'd already have people with devices that can fake these signals to gain access to and start automobiles. Much like how there exist DIY RFID readers where you can just walk through a crowd and read all their passport RFIDs and so on.. CD, iPod, Bluetooth, and Cellular attacks. That's clever too.
So the other day I was on the bus and I saw this hot woman driving a car. I pulled out the iPhone, SSH'd into home and ran nmap on her license plate.
LOL, stupid woman didn't notice her gas cap was left off from the last fill but nmap caught it. Used nc to push 'fire.jpg' into her tank and she blew up.
True story, fucker.
Trolling is a art,
In many many ways we've been opening more security holes in our cars as time progressed, the wireless unlockers. Even if we pretend that wireless isn't heaven to sniff and spoof. People leave their keys out in all sorts of public places, not everyone locks them up at the gym, most people leave them unattended at a waterpark or beach etc... before wireless that was reasonable, no-one is going to steal my keys because there are 500 cars in the parking lot, nobody can try each one. now with wireless, if you steal someones keys, you can just walk around the lot and push a button to make it beep and find out where the car is.
I seriously doubt this will have much effect on car thievery. A jimmy and hotwiring are things pretty much anyone can do. On the other hand, hacking a car's PC is not a skill generally held by people who have an actual desire to steal cars. I expect a few very expensive cars will be stolen via high-tech means, but I wouldn't expect this to cause a noticeable change on cat theft rates for non luxury cars.
Help I'm a rock.
We need a car analogy here.
I live in a country with high levels of criminality.
And the truth here is: You could have a fancy high-tech anti-theft system. But that is going to give you a broken glass or something similar.
The best counter-measure that you can use here is leave the car open with nothing of value or personal belongs inside, and remove a cable from the ignition system.
If a thief cannot start the car in less than 5 minutes, they ussualy try to find a more easy target. Sometimes a simple switch hidden in the car it's better than a $5000 anti-theft system.
Ever watch bait car? They steal cars left and right!
The future of full coverage car insurance...
If someone wants your car, they will take it somehow.
Get full coverage.
Most cars except for Benz, are really easy to bypass there immobolizations. You just have to open the car's ECU and rip out the immobolization chip. You just get a check engine light on after the chip has been removed.
I'll stick with my trusty MagnaVolt System.
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
Your car has been uploaded to iCloud and the criminal can now access it from anywhere!
Seems like the obvious next step in vehicle security is to be more pro-active in the defenses, i.e., reliance on tracking systems to show where the car is, built-in webcam to take pictures of people approaching and occupying the car (yeah, he can wear a mask, but that makes him obvious to onlookers), etc. Your car should be pretty safe if, in addtion to jimmying the doorlock (by electronic means or otherwise), the thief needs to disassemble the engine block and pull out the module that is transmitting the car's GPS coordinates. Hard to do casually in an open area.
They already own the car.
Dont worry about a thief stealing the car by using the CD player. All of these articles are pure FUD. they cant do a "Shadowrun" style unlock and start from standing outside the car and using their Uber haxor toolkit.
Do not look at laser with remaining good eye.
I have a Nissan with an Intelligent Key, so I can walk up to the car, push a button on the door handle, and the door unlocks. This is theoretically vulnerable to a relay station attack, where Mallory can put a radio in the next cubicle over and his accomplice stands outside with another radio, this "simulating" my key.
I doubt this would happen. If my car is even stolen, it will be by one of the following methods:
- Taking the physical key, whether by force (robbery/carjacking) or TWOC. TWOC is highly unlikely, since I keep my keys in my pocket, and at home, I have no roommate or teenage child to decide to take my car. My wife obviously has permission to drive my car.
- Towing. This would be quite easy, as people tend to ignore wreckers, assuming the car owner has requested towing, or that the car is parked illegally. This would most likely happen away from home, as I have a garage at home. This is also not very common.
I live in Tallahassee, FL, which was recently ranked the USA's 8th most dangerous city. LoJack isn't available here, but if it was, I'd most likely get it for both our cars, especially since it's a one-time cost.
Now, the Nissan Intelligent Key has one interesting quirk that I hope to never find out about. Assume a typical carjacking where the perp approaches my car with a gun and makes me get out, while he gets in and drives away. The Intelligent Key is in my pocket, so assuming the carjacker does not kidnap me or search my pockets, the first time he turns the ignition switch to off, he will be unable to restart the car without the key.
I used to have a car with the ultimate anti-theft device, and when my car is no longer worth maintaining, I will most likely get another one: a standard transmission. My current anti-theft device is that my car is a non-luxury mid-size, 5 years old, with 52,000 miles on the odometer, making it less appealing. Most effective if I park near an almost-new luxury SUV.
They have a movie about his. If you havent seen it, rent/download Ghost Dog : The way of the samurai. One of my best. Main guy steals Lexus with electro device he built himself.
http://www.imdb.com/title/tt0165798/
-- Home is where you eat your heart out.
I've heard that a huge percentage of cars are stolen because there are places where people leave the engine running.
Then of course there's the whole iDevice left on the front seat problem. They don't get the car; but they still get something.
Really though, can we just dispense with the whole car alarm thing? Nobody cares. In fact, I'd like to smash the windows of cars that do it, including my own.
There are *real* alarms you can trigger silently when the car is stolen. Those rock. That should be standard; but only subject to activation from your key fob or by sending a text somewhere with a PIN that you determine. User-activated GPS location: good. Government tracking: bad.
Here in Europe high tech theft is done as follows:
Door is opened through the usual manners. (Window broken or various known vulnerabilities that are also used by road services when you leave your keys in the car.)
(Alarm may sound.)
A special device is put into the OBDB connector that does some magic to reset the ECU. (Overwrites certain values in EEPROM/FLASH. It has a nice interface to select make and model of target car.)
The alarm is now silenced and all known "carcodes" are lost.
You can now start the car with any fitting key. There is no need for transponder anymore.
Generally there are only a few (20) possible key combinations and you can by sets of those.
You now just need to reprogram the car again with another VIN, and change the chasis number.
Generally a VIN of a scrapcar is used.
The car will never be found...
To reboot the car trun key to off (soft switch)
If that does not work open hood and unhook battery
Get ready to say good buy to any non dealer car repair place. And if they want to be real dicks about dealer oil changes at 3000 miles.
I always wondered about the legality of installing a pepper spray car alarm system. Is it considered a bobby trap?
Another thing about towing - people might assume the car is being repossessed. The 'not very common' thing might not be common, but it's a fairly well known method, as you don't have to break jack to do it. More appropriate when it comes to top end vehicles.
Personally, I'm tempted to install a hidden kill-switch.
I don't read AC A human right
I can has Porsches?
of making the next car a Windows PC, I have no problem, I will simply back it up onto my Windows Phone and Microsoft cloud whenever and wherever I park it. If it gets stolen, I will simply restore it.
... the length of prison sentences...
So there is an EASY way to prevent car theft: imprison the perpetrators for decades, for so long that they either realise they have to give up crime, or spend the rest of their lives in prison, and thus can't reproduce.
Criminals create criminals through reproduction. This isn't rocket science.
'Poverty' does not cause crime, criminals do.
After my father's 1963 Chevy was stolen, he installed a car kill switch kit. You can get them for modern cars too. Since you put the switch where ever you want, it would take a thief time to find it, and they won't be bothered. You can sometimes get a lower insurance rate too.
"Be grateful for what you have. You may never know when you may lose it."
Wouldn't that make the amount of crime inversely proportional to the length of prison sentences?
When you replace a lock with a remote control you certainly know what you are doing!
People have a false concept about security. even people in Slashdot!
Physical keys can be copied by taking a photo far far away.
Locks can be broken, but still it still can serve our security purpose. Electronic counterpart ? When an encryption method is broken, does it still can possibly serve as a security purpose? Why security systems were designed with single encryption method in mind? Why not more than one encryption methods ?
I've heard this mentioned other places. It was said by one person and kept repeating.
Can anyone locate a proof of concept attack using a special burned cd? Sure everything is connected but I don't think its possible.
Only the State obtains its revenue by coercion. - Murray Rothbard
always wondered. you can pretty much drive by some OBD-II ports... bmw can be started even by my old obd-I.
and lots of people buy those bluetooth dongles just so they can have an extra tachometer on their iphones on the dash.
may not be so usefull for stealing the car... as i doubt it has power when the car is off... but may very well be the case, i don't know. But imagine sending the acelerate signal on the highway to everyone around you that has such device
Here is a supply demand problem, you take out the supply of available thieves down to the few that don't get caught, and the going rate for the service will go up so that people will take the risk of boosting a car when the going rate gets to a certain theshold so that a) they can pay for good legal representation b) the reward is worth the risk
You think I'm wrong? Go visit vegas, those hotels aren't built because people generally win at the casinos, but the general public still perceive the reward to be greater than the risk.
Since there is a lot a value in cars there is a lot of room to move in the amount of money that is available to pay for the jacking.
Also, genetics is not the only factor in determining a criminal, circumstances WILL play a part, so while yes these sorts of things run in families, not always. Besides the criminal gene must have some sort of survival benefit or it wouldn't exist, take that away and what do you have? Docile sheep.
I am not advocating stealing cars, it is pretty f'ing low, I just think the OP analysis is short sighted and off the mark. America has more people in prison than anybody, and yet our crime rates are pretty high too - I don't think the argument holds water.
Certain model Fords from the late 90's had the alarm (PATS) system in a separate module in the trunk. If you could jimmy the trunk open, all you needed to do was disconnect one harness.
This eliminated the need for the transponder key and disabled the alarm completely. Hot wiring the car from there is rather conventional and trivial.
Wasn't till the 2000s that they at least had the thought to add a bit in the ECU ROM or a bit switch (don't recall which) that told the ECU to require the security module.
A few other car makers had similar easy to defeat modular systems, but I'm not sure about years and makes from that time.
I wasn't really trying to debate criminology. I was just questining OP's use of "directly".
This is one of the best articles place on Slashdot in a long time. Its a pity that very few of the above posters have actually read it.
Firstly, it details the methods of accessing the car. Surprisingly, the CD was most effective. They found vulnerabilities in parsing MP3's and WMA's. They reverse engineered the firmware, - found a buffer overflow and exploited it. From there, they then exploited the Dealer tools used to analyse vehicle faults.
So, infect and mp3 and upload it via sharing. That infects cars, which then infect their dealer tools. The infected dealer tools can then reprogram ecu's and other devices on the cars themselves.
This is only the start. They then proceed to find more in depth vulnerabilities and propose possible wholesale models of theft that become possible. For anyone with an interest in hacking (and true hacking, not just script kiddy stuff) then have a good read of this article...
In Soviet Russia the insensitive clod is YOU!
I wish my latests cars were not so security thigh, most notably not codded and/or RFID key.
Security devices only levels up the barrier for the lifters to get a car, forcing them to take cars when the driver is in the vehicle.
In the good old days they could lift a car with a jumper cable to the ignition coil and get away in two minutes, now they need to take it from you at gun point, between two or more thefts and most of the time getting away with you in the car for a couple of miles or even take the opportunity for an ATM raid.
I much prefer the old way, really.
http://it.slashdot.org/comments.pl?sid=2603836&cid=38588550
http://it.slashdot.org/comments.pl?sid=2603836&cid=38588550
Security systems, fancy locks, or anything else doesn't deter pros. They just drive up with a flatbed or tow truck, scoop the car up, and drive away.