Slashdot Mirror

← Back to Stories (view on slashdot.org)

Keyless Remote Entry For Cars May Have Been Cracked

Posted by Soulskill on from the all-your-glove-compartment-are-belong-to-us dept.

WheezyJoe writes "The Today Show had a piece this morning showing video of thieves apparently using a small device to open and enter cars equipped with keyless entry. Electronic key fobs, which are supposed to be secure, are replacing keys in more and more new cars, but the evidence suggests that a device has been developed which effortlessly bypasses this security (at least on certain makes and models). 'Adding to the mystery, police say the device works on some cars but not others. Other surveillance videos show thieves trying to open a Ford SUV and a Cadillac, with no luck. But an Acura SUV and sedan pop right open. And they always seem to strike on the passenger side. Investigators don't know why.' Police and security experts say they are 'stumped.'"

5 of 398 comments (clear)

  1. Stumped my ass by Anonymous Coward · · Score: 5, Insightful

    Haven't we seen proof of concept hacks of these kinds for a while?

    Also, "adding to the mystery", also my ass. Different keyfobs work with different algorithms and protocols. Someone's hacked a particular subset of them.

  2. Just a thought. by Capt.DrumkenBum · · Score: 4, Insightful

    they always seem to strike on the passenger side

    Maybe because people commonly stuff things like their GPS into the glove box, which is located on the passenger side?
    My car is so old it doesn't even have door locks, so not really a problem for me.

    --
    If I were God, wouldn't I protect my churches from acts of me?
    1. Re:Just a thought. by dkleinsc · · Score: 4, Insightful

      Also, the passenger side is right next to the sidewalk if the car is parallel-parked. That makes it a lot easier than trying to break into a car while traffic is barely missing your tush.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
  3. Re:Thumb by workactnumberfive · · Score: 4, Insightful

    The incident with the guy with the backpack is even more telling. He was walking along trying doors till he found one unlocked. Notice we took a step back when the door opened.

    He is walking by cars, hitting the button on his device. If you watch it again, you'll see that as he walks by, the lights in the car go on before he touches it...just like they do when you hit your unlock button on the keyfob. When that happens, he then backs up to enter the vehicle, as it is now unlocked.

  4. Re:just now? by JonBoy47 · · Score: 4, Insightful

    It was actually nice when automakers rolled out RFID car keys about a decade ago, bringing two-factor authentication to the car's ignition. You needed a key with the right RFID, AND the correct mechanical cut to start the car. Two completely different systems had to be defeated to start the car, and it was difficult to do so without arousing suspicion. Now automakers are taking a step back in security, Not only is keyless ignition only single-factor authentication (relying on RFID exclusively), which makes it susceptible to remote attack, but it is also used to autonomously operate the door locks. A thief can steal a compromised car without any suspicious activity.