'Digital Key' Standard Uses Your Phone To Unlock Your Car

The Car Connectivity Consortium, a mix of major smartphone and automotive brands, has posted a Digital Key 1.0 standard that will let you download a virtual key that can unlock your vehicle, start the engine and even share access with other drivers. Engadget reports: Unsurprisingly, the technology focuses on security more than anything else. Your car manufacturer uses an existing trusted system to send the digital key to your phone, which uses close-range NFC to grant access to your ride. You can't just unlock your car from inside your home, then, but this would also force would-be thieves to be physically present with your phone when trying to unlock your car. Apple, LG and Samsung are among the phone brands in the group, while car brands including BMW, Hyundai and the Volkswagen group are also onboard. There's also talk of a version 2.0 spec that will promise more interoperability between cars and mobile devices in the first quarter of 2019.

That is surprising

[stoborrobots]

Unsurprisingly, the technology focuses on security more than anything else.

The way things are in this industry at the moment, that is incedibly surprising to me...

Re:That is surprising

I wonder if it would work with my iPhone 6S?

Well I don't really care for now cause I ride the bus in San Jose. It enables me to relax in the bus and pick-up second hand lottery tickets at the bus stop trash can.

I still use my iPhone 6s and reduce my monthly bill from $80 to $50. As a phone and a video camera, the iPhone 6s isn't obsolete and I use it to make my videos on youtube. As a Sprint very special customer for 20+ years, Sprint will always give me a new iPhone for free if I decide to stop using the 6s as a phone in the next several years.

Bonus: get some silver coins, view recommendations on my special Youtube channel dedicated to the topic! They constitute a fail-safe insurance strategy for your retirement!

Re: That is surprising

[orlanz]

It's unsurprising that they used the word "security" in their product just like everyone else with an open AWS machine.

Whether it is secure or not is yet to be seen. At least you can't remotely drive the cars. Else someone will design a game where you drive a car onto a boat. And we get a few million cars stolen one night.

Re:That is surprising

[AmiMoJo]

Actually phones have increased security for things like mobile payments. Rather than just a contactless tap or easily observed PIN, you have a fingerprint unlock or arbitrarily long password.

Let's think about the security implications of unlocking/starting your car with your phone instead of the key. The key is probably just as vulnerable to theft since you have to have it on you, but has no authentication mechanism at all. No fingerprints, no passcodes, just having it unlocks and starts you car. So even if you disable authentication on your phone it's still no worse than the key.

Modern car keys use radio comms, so no loss there. Actually the wireless comms used for mobile payments are even more secure, being extremely short range and using a well tested standard algorithm instead of the manufacturer's own concoction. Never roll your own security if you can help it.

So all in all using your phone as a key seems like it can only be a net win. We have established that phones can securely keep secret tokens, as require for contactless payments.

Re:That is surprising

Unsurprisingly, the technology focuses on security more than anything else.

The way things are in this industry at the moment, that is incredibly surprising to me...

Actually implementing security, PROPERLY, is not the same as issuing a press release claiming that you are "focusing on security".

This is another stupid, pointless "technology" and another example of the old saying, "Just because you CAN do something, doesn't mean you SHOULD".

Re:That is surprising

[nospam007]

"$80 to $50. As a phone and a video camera, the iPhone 6s isn't obsolete and I use it to make my videos on youtube. As a Sprint very special customer for 20+ years, Sprint will always give me a new iPhone for free if I decide to stop using the 6s as a phone in the next several years."

Not to rain on your parade, but if you really pay between 50 and 80 bucks a month, all the players will give you a new phone.

Re:That is surprising

Don't try to show me how to make my budget! I am doing pretty good by myself thank you!

I find AmazonTM the gretest thing since sliced bread and helps taking care of my health at retirement with the Amazon long tail revenue streams!

All you need to do is find a website with a permissive TOS, say, Slashdot, create a Python script to scrape your own comments, sprinkle Amazon affiliate links in various posts, and then re-post past links whenever possible. You can even make video of yourself going to pick up AmazonTM parcel at the convenience store and post it on your youtube channel for more redundant revenue streams.

They also have a wide supply, the best of latte and clif/power bars at the best cost, espicially if you make a friend buy them for you with your own affiliate link!

Re: That is surprising

[e3m4n]

Label it the âoeCar/Boat Challengeâ on YouTube and thousands of teens will be duped into commiting grand theft auto overnight. Afterall, they dont seem to think for themselves anymore. Theyve been turned into lemmings and indoctrinated into GroupThink. Nobody even uses the expression âoeIf everyone else jumped off a bridge, would you?!â Because, they probably would. See Tide Pod challenge for a perfect example of this.

Re: That is surprising

[e3m4n]

Except having a physical key requires actually having the key in your posession. Some cars are more suceptible to hotwiring and slimjims, but thats the least common way cars are stolen and its pretty obvious when observed. I suspect with this that someone will discover a flaw in the API that allows any user to bypass authentication and execute the unlock feature. Its the same reason i dont have digital locks on my house. Why make it easy on them?

Re:That is surprising

[GrumpySteen]

You're bragging about digging through the trash for used lottery tickets.

I don't know if you're subtly trolling or if you're actually clueless enough to think that other people will envy you in some way.

Re:That is surprising

[Joce640k]

You need to get out of the house more often.

Re:That is surprising

[Joce640k]

Actually phones have increased security for things like mobile payments.

Sure, until you drop them.

(or sit on them, or whatever...)

I wouldn't want my money and car to be locked up using something so fragile.

Re: That is surprising

[e3m4n]

That fingerprint authentication is bullshit. A few years ago I discovered that my daughter added her fingerprint to my authentication just so that she didnâ(TM)t have to type in the pin number to unlock my phone. She was 10. Then they started rolling out fingerprint purchases out of the App Store. They didnâ(TM)t even have the foresight to require you to enter in your Apple ID and password to add a new fingerprint. They simply record your phone to be unlocked from a simple pin. And there in lies the fundamental flaw. What good is all this super security if the mechanism to add new trustees has no security. And there in lies a fundamental flaw. What good is all the super security if the mechanism to add new trustees has no security?

Re: That is surprising

Ummm. once upon a time a friend....had a friend who worked in a key shop. Its amazing how quickly you can trace a key on a piece of paper, go home and file a dummy out of wood, and then get....a friend....to cut the key for you.

The keys with a chip in them are impossible to do the above scenario with. Hacking is still possible but thats beyond...my friends..ability.

Re:That is surprising

[cmseagle]

The smartphone isn't the weak link here - it's car manufacturer's "existing trusted system." I suspect it'll be much easier for a bad actor to trick the manufacturer into sending a key to their smartphone than it would be for them to walk into a dealership and convince them to make a copy of a key that isn't already in their possession.

Re: That is surprising

[cayenne8]

You know...I just miss having a physical, metal KEY

My latest car is the first one I've owned that just has the key fob, that if present allows start of the car with a button.

I guess it is from decades of muscle memory, but even after I push the button to turn it off, before I get out, my right hand reaches over near the steering wheel to grab the keys.

I don't suppose I'll ever get used to it.

I'm guessing with fobs, much like this cell phone option...if you run out of batteries, you are SOL if you need to drive somewhere, even in an emergency....?

Re:That is surprising

[houghi]

Free, I do not thing that word means that you think it means.

Re: That is surprising

[Ol+Olsoc]

That fingerprint authentication is bullshit. A few years ago I discovered that my daughter added her fingerprint to my authentication just so that she didnâ(TM)t have to type in the pin number to unlock my phone. She was 10. Then they started rolling out fingerprint purchases out of the App Store. They didnâ(TM)t even have the foresight to require you to enter in your Apple ID and password to add a new fingerprint. They simply record your phone to be unlocked from a simple pin. And there in lies the fundamental flaw. What good is all this super security if the mechanism to add new trustees has no security. And there in lies a fundamental flaw. What good is all the super security if the mechanism to add new trustees has no security?

There was a a gaping, almost impossible to fix flaw in that ecosystem. That would be you.

Letting a 10 year old access your phone, and allowing her unsupervised access to boot is the biggest security flaw.

And you deciding to blame it on Apple just shows that you'll defeat anything they can come up with

Re:That is surprising

Chris,

You video has been stuck at 837 views all night. Apparently, you need to pay your click-bot provider another 20$ if you wish it to continue.

Dear cdreimer,

The credits have run out on your account.

You can buy another 750 views for 20$:

1) Go to our web site.
2) Deposit money in your account (minimum 20$)
3) Click on "Buy views"
4) Enter the URL of your video
5) Click submit

We are pleased to do business with you.
--
The Team

Re: That is surprising

That fingerprint authentication is bullshit. A few years ago I discovered that my daughter added her fingerprint to my authentication just so that she didnâ(TM)t have to type in the pin number to unlock my phone. She was 10. And there in lies a fundamental flaw. What good is all the super security if the mechanism to add new trustees has no security?

Ummm, you obviously gave her the PIN to unlock it in the first place. That *is* the security mechanism to add new trustees. If you didn't want her messing with your phone you shouldn't have given her the password. JFC.

Re:That is surprising

[JaredOfEuropa]

It depends on what you actually have to do to unlock your car with your phone. An increasingly common way to steal cars that have radio keys relying solely on proximity, is a relay attack. One guy stays at the car with a relay device, the other walks around your house with a device sniffing for your car key. Once the key is found, the devices link up over radio to relay the handshake between your car and your key. The car opens and starts, and off they go.

Re: That is surprising

Took me some getting used to as well. My fob actually has an emergency real key hidden inside it just in case the battery dies.

Re: That is surprising

[berj]

To add a new fingerprint you need to enter the unlock code for the phone. Your daughter had this so thatâ(TM)s how she did it. You let her.

In order to enable Touch ID for App Store purchases (which is off by default as far as I know) you need to type in your Apple ID password. Either you did that or she knows the password.

Not sure how much more protection you can expect.

Re: That is surprising

What about an emergency backup physical key that when used it lets you in the car and can start up some internal electronic systems but refuses to start the ignition without an additional security step like a thumbprint reader embedded in the steering wheel maybe.

Re: That is surprising

[Immerman]

Rather difficult to trace the key without having it in your possession, in which case you already HAVE the key, so why are you copying it? (unless some idiot posts a picture of their keys I suppose).

Basically your "friend" sounds like an asshole that abused the trust shown them by people who probably considered them a trustworthy enough friend to lend their keys to. Or maybe just an utterly unscrupulous valet. Either way the only thing the duplicate key grants them is less suspicion for their crimes.

Besides which, keys are almost always only relevant to honest or sneaky people - pretty much everything most people lock includes large openings secured only with a pane of glass. Opening the lock is actually one of the more difficult ways in, just more discrete and less destructive.

Re: That is surprising

[GoTeam]

The annoying part is if you unlock your car with that physical key it sets off the alarm. Our last car had the fob system and we had problem after problem. It was a 2007 car, so maybe the tech wasn't mature yet. It might be a while before I buy another fob locked/started car.

Re: That is surprising

[e3m4n]

Incorrect. And a pin code is not as secure as appleID password. I have figerprint purchases turned off. And every single fucking time I buy anything, the goddamn thing tries to turn it back on. Where is the âoefuck you, I said fucking NO 12 times agoâoe button? However, is it too much to ask for appleid password to alter the authentication method? I have to give this password to do an update or authorize a purchase, But a simple pin number is all that is required to add new accounts??? Thatâ(TM)s like giving a guest account access to the adduser or chgrp command without express permission. There are plenty of reasons why family menbers would need to unlock your phone but not be able to make purchases. When this problem occured it didnt even make you auth to add a new fingerprint. It simply required the phone to already be unlocked. Any retard suggesting you dont hand your child your phone to use has never actually had kids, or atleast raise them. Sit in a Dr office waiting room for 2hrs with your kid and see how long it is before youre letting them play games on your phone to keep them distracted. If this has never happened to you then youve either never had kids or couldnt be bothered to be a parent, probably sacked the mom to do all those tasks.

The point is, fingerprint is bullshit. It is fooled even by photocopies and more importantly the permissions required to set that up are vastly less secure than the security invoked when touchID is disabled. It should, at least, be on par with the auth required should you not have touchID enabled. You dont even have to guess a username for PIN authentication. At the time, PIN was merely 4 digits. To this day they still dont require appleid to alter those settings even though every other wallet-based transaction requires touchID OR appleID auth. I dont get how this is difficult to grasp. Stop letting guest accounts alter user permissions and require root level auth first.

Re: That is surprising

[gnick]

"If everyone else jumped off a bridge, would you?" Because, they probably would.

Wouldn't you? If I'm standing on a bridge and everyone starts throwing themselves into the water, I'll probably assume that there's something motivating them. Doubly so if my friends are jumping, because I know my friends to be rational people. No matter where I am, if "everyone" begins fleeing, I'll probably flee too.

Re: That is surprising

[gnick]

even after I push the button to turn it off, before I get out, my right hand reaches over near the steering wheel to grab the keys.

I'm on my first keyless car too. It still distresses me to close the locked car door after exiting without a set of keys in my hand. I ALWAYS looked at my keys as I closed the door and I never locked my keys in the car. But then, when I get to about 15 mph I still reach toward the console to shift into second even though it's been probably a decade since I've driven a manual transmission.

Re: That is surprising

[swillden]

Except having a physical key requires actually having the key in your posession.

Not the case with lots of new cars. Increasingly, they're all moving to RF keys, as AmiMoJo said. This is super convenient, since it means that you just have to have the key in your pocket and to be able to open the door and drive. But it also opens the keys up to relay attacks, where the key may be miles away from the car but a pair of transceivers relays the signal.

FWIW, I'm working on digital car keys for Android as well. I own most of "hardware-backed security" for Android at Google, which means most anything that relies on Trusted Execution Environments (e.g. ARM TrustZone) or embedded security chips. I won't say much about it here because I'm not sure how much I can share publicly, yet, but I will say that there's an intensive focus on security, including protection against relay attacks.

Re: That is surprising

[ctilsie242]

I have an older vehicle that has a key with a built in remote, and a transponder chip, which ensures it will start the car even if the battery is dead. I don't need to try to pry off part of the door handle either. The vehicle "auto cranks", and can be used with a push-button start, but I know that for someone to steal the car, they need to have a chip presence, and bypass the physical Strattec lock. Not impossible, but a lot harder to steal than a thief using a device that makes someone's transponder key in their pocket appear to the vehicle as right by it, allowing it to be unlocked with a press of the button on the handle.

One thing I've thought would be an interesting compromise would be an external key switch. Turn the key, the vehicle will ignore all transponders and will need to be mechanically opened. That would be useful if parking at an airport, or some other dodgy place.

Re:That is surprising

[swillden]

The smartphone isn't the weak link here - it's car manufacturer's "existing trusted system." I suspect it'll be much easier for a bad actor to trick the manufacturer into sending a key to their smartphone than it would be for them to walk into a dealership and convince them to make a copy of a key that isn't already in their possession.

Tesla's process requires you to send a copy of your registration and ID to get your vehicle associated with your Tesla account, which allows your phone to unlock and even drive the car without a key. The documentation is sent via email (assuming you're not buying from Tesla directly, in which case it would be easier), but I'm told they also validate the information against the public data from the state (at least in the US), so it seems reasonably good. The same paperwork would get a dealership to make a key for you, and last time I did this (about five years ago) they didn't check the state database. I'd guess they still don't.

Given your VIN, I'll bet I could create a fake registration and take it to a dealership and get a key for your car. And your VIN is easily visible from the outside of your car.

Hmm. I'm curious enough about this that I think I may try it... my son has lost one of the keys to his car, maybe I'll fake a registration in my name and see if a dealership will make me a key. I need to look into the law and make sure that they don't make creating a fake document a crime, though. It probably is a crime, actually, and if so I won't do it. I mean, I can get my son to write and sign a letter giving me permission to get a key made for his car just in case it turns out they do check the validity of the documentation and discover my attempt at pseudo fraud, but that won't help if merely making the fake document is a crime.

Actual thieves, of course, would probably just bribe someone who works in a dealership.

Re: That is surprising

Attn: iThing user or similar...
Please turn off "smart" punctuation.

Attn: /.....
Please do something about the bad unicode.

Re: That is surprising

[thegreatbob]

If you really want to, consider installing a hook, magnet, velcro, etc. to suspend the fob near where you're used to. Probably what I would do, though I plan to run my current old-style (mid-2000s crown victoria, which still has (more or less) the same interior arrangement as the 1992 model) automobile into the ground, so probably won't have to worry about the fobs for many years.

Re: That is surprising

[thegreatbob]

Don't forget about being able to replicate keys from photographs. There was a story a while ago about people being able to reliably replicate the keys (they showed a fairly high resolution shot of their key storage pegboard) shown in some prison/detention facility training video. While I don't think anything particularly bad came of that, just bear in mind that one only needs an image of the key, however they might obtain it.

Re: That is surprising

I've had a key fob only car for long enough to get used to it, so when I borrow another car I'm always scratching my head as to why the doors won't open, and start searching for the button after I get in and after I've parked, taking some time each time to realise that I'm back to an old fashioned key. It varies with manufacturers, but mine has an NFC reader in the start button, so if the key fob battery goes flat you can hold the fob up to the button to start. For the doors, there is a slim key inside the key fob. It has only the loop for the keyring to hold on to when turning, so isn't the easiest key to use, but it is ok for an emergency.

Re: That is surprising

I'll take the bait: If your "friend" is any affiliated with ALOA, they will get their CPL or CML pulled immediately, if they ever caught, or even suspected of doing that. If they are part of a locksmith shop and not certified, they will get fired. If they are part of an auto shop copying keys, they will get fired there.

Of course, there is the fact that cutting a key like that makes one an accessory to grand theft auto or BOV, but I'm sure your "friend" knows that.

Re: That is surprising

Keys with a chip generally require another key to be used to pair them with the ECU. Always make sure you have at least two keys, as if you lose the last one, your stealership is going to charge you a bomb for a replacement ECU.

Re: That is surprising

My last car (2010 Suzuki SX4) had a fob instead of a key, but instead of a push button to start it still had a traditional turn-over ignition where itâ(TM)s always been. It was the best of both worlds but I havenâ(TM)t seen any other cars do it that way since

Re:That is surprising

[EvilSS]

6s does have the necessary NFC hardware so maybe.

Re:That is surprising

[sacrilicious]

Let's think about the security implications of unlocking/starting your car with your phone instead of the key. The key is probably just as vulnerable to theft since you have to have it on you, but has no authentication mechanism at all. No fingerprints, no passcodes, just having it unlocks and starts you car. So even if you disable authentication on your phone it's still no worse than the key.

But I know that no malware is going to creep onto my key from the internet. If my phone gets hacked, they can exfiltrate the codes, or disable my access and hold me for ransom.

Re: That is surprising

[EvilSS]

You can't add a fingerprint without the phone's PIN code. If you gave that to someone else then that is your fault. You can also use anything for the pin, including a password. If you choose to use the default 4-number pin, again, that's on you not Apple.

Re: That is surprising

[Immerman]

I didn't - in fact if you'll notice I mentioned it right at the end of the first sentence.

Re: That is surprising

[e3m4n]

Then why dont they ask for a PIN code when making a purchase? After all, you seem to think itâ(TM)s so fucking secure, I did, by the way, mention it was âoeyears ago âoe. It was actually just a four digit numerical value back then. It wasnt until around thr iphone6 that they switched to even 6 digits. Apple clearly established two levels of security; one being higher than the other one. The PIN code has ALWAYS been considered less secure and unacceptable for financial authorizations. If this is the case then why the fuck did they let you use the same inferior mechanism when adding a fingerprint which is considered on par with the level of security that the Apple ID provides? Again youâ(TM)re giving an enduser account certain rootlevel permissions without making them authenticate. If you establish 2 tiers of authorization, then even a halfwit knows you require the higher auth to make root level changed like addjng new users (fingerprints). For the very same reson that corp computers require you to enter domain, user, AND passeord instead of picking the username off a list and keyjng a password. A PIN is nothing more than the same thing, half the information is already filled out.

Re: That is surprising

[berj]

Sorry.. I just don't see what you're seeing.

I turned off Touch ID purchases on my phone just now.

In order to turn it back on I need to enter my apple ID password.

I just went and bought something in the app store. Entered my Apple ID password. It didn't ask me to turn on touch ID for purchases.

To add a new fingerprint it is *not* sufficient to simply have the phone unlocked. In order to access the "Touch ID and Passcode" page of the preferences you need to enter your passcode *again*. This is how it's always been ever since the original release of the 5S on iOS 7.

What's more.. if you have touch ID for purchases on and then you add a fingerprint you *must* enter your apple ID password before you can use those new fingerprints. You get a dialog that says "enter the password for [apple id] to enable the new fingerpints for iTunes and App Store purchases"

So all in all.. nothing you're complaining about is actually the case.

Re: That is surprising

It was a privilege escalation attack.

Many companies have been sunk, much IP has been stolen through similar attacks.

Apple knows better. You should know better.

Re: That is surprising

T-shirt that reads: "I am a bomb technician. If you see me running, try to keep up."

Re: That is surprising

[e3m4n]

This is not how it has always been. Not with regard to adding new fingerprints. How do I know? Because my daughter does not have the faintest clue what my appleID is, hell my wife doesnt even know. Its not my email account for damn sure. She is 15 now. This happened back on my 5S. As far as asking to turn on touchID for purchases, every - single - time I get a purchase request (family sharing where kids have to request permission to get an app) and I authorize it, it constantly nags me to turn on touchID and does it in a way that someone not paying attention could accidentally enable it. I really wish there was a 'never fucking ask me this shit again' button. Its like I am being punished for choosing a more complex method of security instead of opting for the easy-button.

in fact, just now, on an iphone8 using the latest IOS

I went to settings -> TouchID & Passcodes and it only asked for a PIN. Then it let me add another fingerprint without further challenge to authentication.

It _should_, instead, require AppleID to get to this screen. It does not.

Sure turning ON 'iTunes & App Store' requires you to log into the apple store, which they seemed to get half-right. But if that was already enabled then adding another fingerprint has less security than the original enabling, which is weaker security. Every new fingerprint should have to authenticate to the highest level of security previously established. If having to enter an appleID was needed to enable purchases, then every subsequent added fingerprint should re-require the very same authentication. Maybe PIN code is enough to enable unlock the phone, as its literally an analogue for the same function. But PIN is not an analogue for secure transactions and allowing the lesser privileged mechanism to create users with higher privileges than itself is fundamentally flawed. How do you not see this? This would be called a privilege escalation exploit if this were to be conducted on a workstation or server.

another note, once you validate with the PIN to get to 'touchID and Passcodes' you can turn on and off Apple Pay all day long without having to authenticate shit. Why is the app store requiring higher level auth but the rest of your credit cards not??? Again 2 tiers of security and the WEAKER of the two is the one being sufficient. Is Apple Pay not as important as iTunes & App Store when it comes to making sure the right asshole is really authorizing this?

PIN code should be enough to get to the TouchID & Passcode screen to view settings. I'll even grant that changing the setting for 'iphone unlock' be unrestricted once you PIN validated to this screen. Every other setting, however, including adding fingerprints, should require AppleID to change their settings.

Personally I don't enable anything but 'unlock' because biometrics are crap. They are too easily fooled. Just today Google announced new libraries and code to help improve the vulnerabilities of bio-metrics. A photocopy of a fingerprint should not trick a fingerprint reader, but they do. Which goes back to the original post, that assuming that phones doing financial transactions are very secure is questionable at best. I gave fingerprint as just one example of how this is not very secure due to the privilege escalation symptom I am trying to describe. However, the most secure password in the world is useless if someone figures out how to trick an API into skipping that step and going straight to accepting commands. Hell even my key fob on my 2007 VW passat had a mechanism that if it was outside of the range of my car and the unlock button got hit 5 times within X amount of time, it disabled the key fob. That kept people from finding the fob, and walk through the parking lot looking for the car by pressing the lock or unlock key. To re-enable the fob you had to take the removable/ejectable key from the fob to unlock the door (key slot covered and not apparent to those not owning a vw) and once in the car you had to plug the fob into the dash to re-activ

Re: That is surprising

Why would you bother having a thief steal your car - when the car manufacturer is so willing to steal your money?

(Buying a new key costs almost as much as a new car!)

With this new technology, you only need pay for a new phone. Far cheaper! And quite like just as secure (ie not at all).

Re: That is surprising

[cayenne8]

But then, when I get to about 15 mph I still reach toward the console to shift into second even though it's been probably a decade since I've driven a manual transmission.

Well, thankfully, I can still say that I've never owned a car with an automatic transmission, I'm manual only!!

Re: That is surprising

[EvilSS]

Nope, you have been able to set long and complex pins since at least the iPhone 5, before they added finger print readers. I know because I've always used a long code and forgot mine once and had to reset my iPhone 5 after a trip to the theater (and turning the phone off during the movie). As for why they use the pin for security on the phone, it's because a) you don't have to have an iCloud account to use the phone and b) it's tied to the phone, and only that phone unlike the cloud account. You are blaming Apple for your own mistakes here.

Re: That is surprising

[EvilSS]

Here is a link for instructions for iOS 5, released in 2011. It allowed up to 37 numbers or characters. That went up to 90 with iOS 7.

https://www.youtube.com/watch?v=zz_UotC0JR8

Re: That is surprising

[EvilSS]

and for iOS 4, released in 2010: https://www.youtube.com/watch?v=TIrCh5Y53MQ both LONG before the fingerprint reader and no way it was running on the device you are talking about.

Re: That is surprising

[orlanz]

About a year ago, I got a car with a fob. I actually like it better than a key.

It won't let me lock the car from the door handle button if the fob is inside. It will allow me to lock the car with it still running but beeps a warning. It won't start without the fob in the front seats.

The single door handle & step lights go on if I get close while it is parked. The door unlocks with the handle button. All doors unlock and step lights turn on for all if double pushed. The hatch opens if the fob is behind it but not too close.

There is a key if battery goes out. The car still starts because of the chip. The only thing I miss is turning the engine off but keep acc on to power somethings. For that it's an off followed by 2 Start button pushes. Nice additional feature would be to turn the engine off remotely if parked or set to. Get the kids out and then turn off the car. Rather than off and have all slowly pile out as it warms up.

Re: That is surprising

[Joce640k]

If you're going to carry an " emergency backup physical key" with you then you might as well just carry a proper key.

Re: That is surprising

[RockDoctor]

Doubly so if my friends are jumping, because I know my friends to be rational people.

Do you have an evidential basis for that belief?

How about NO?

[grep+-v+'.*'+*]

Oh, look! Another attack surface. I'm sure THIS one will be completely secure. I can go to sleep with relief that someone without a physical or key fob will be able to access my car without my knowledge.

That if, if I manage to drink enough whisky. Maybe the self-driving car can pick up some for me. Hell, just add photo-recognition to it -- if it doesn't look like me or my wife trying to enter the car, just start it up and drive off. For bonus points get a picture of the perp. For EXTRA bonus points, make sure that same picture has the front tire of the car sitting on them. Or rear tire, I'm not picky, and there's already a camera back there anyway.

What was wrong

[stealth_finger]

What was wrong with, you know, a key?

Re:What was wrong

It can not be sold again to customer every two years and people are not willing to pay monthly fee for the door opening service using keys. On my cars even the remote control battery has lasted for the 5 years I have kept them. It is of course silly, that as phone battery is not lasting that long or a mandatory system update may kick in at any time, the drivers need to keep also the keys with them.

Re:What was wrong

[GuB-42]

The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around.
Second: a key is single factor authentication. Phones can be multi-factor (you need the phone and a password for instance). Keys are also difficult to revoke. If you lose the key, you need to physically change the lock in order to get a new bitting.
Another advantage of phone-based authentication is that you can transmit a token remotely to someone else if you want to give him access to you car. Basically the equivalent of putting car keys in someone's mailbox, but you get to keep your own key, and you don't need to actually go put it in the mailbox.

Saying "what's wrong with a key" is like saying "what's wrong with cash". There are many compelling arguments for cash over credit cards and the like, but cash isn't without issues.

Re:What was wrong

This still requires you to both have something on you (phone,) as well as have it working (with power.)

Token sniffing/interception is and has always been a thing. When I give my partner a copy of my key, I don't have to worry that a copy is maybe in the hands of someone third party. With this new system, can I trust that her phone is secure enough to have that token?

Re:What was wrong

[stealth_finger]

The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around. Second: a key is single factor authentication. Phones can be multi-factor (you need the phone and a password for instance). Keys are also difficult to revoke. If you lose the key, you need to physically change the lock in order to get a new bitting. Another advantage of phone-based authentication is that you can transmit a token remotely to someone else if you want to give him access to you car. Basically the equivalent of putting car keys in someone's mailbox, but you get to keep your own key, and you don't need to actually go put it in the mailbox.

Saying "what's wrong with a key" is like saying "what's wrong with cash". There are many compelling arguments for cash over credit cards and the like, but cash isn't without issues.

All those arguments can be made against the phone though? Cash or card is a choice, and as long as this is then that's ok.

Re:What was wrong

[Ol+Olsoc]

The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around.

Damn man - that' a hellava first world problem. Not to mention just how much space does a key take up?

As well, there is a really big flaw in a phone based system.

Batteries. Now I don't abuse my batteries, but from gas station and convenience store displays of batteries to plug into your dead smartphone, and my experience with my son and his phone that is always on the verge of dying, and his girlfriends and now wife.....

What exactly do you do when you want to get into your car, and you pull out a dead smartpphone?

Even for myself, I've had two occasions when I was in a fringe area and the phone maxxed it's output power to maintain contact with a tower, and drained itself.

Don't worry, if your phone goes dead and you cant get into your car, you can just call someone to pick you...... oh.....wait..

Oh, one quick note.Many (most) modern car keys are two factor. You have the mechanical key, then there is a lot of stuff inside the key handle that the car senses. Merely copying the key won't work..

Re:What was wrong

[b0bby]

I agree that there's nothing wrong with a key. However I can see that this phone based system could be better than the "key fob, not really a key" that new cars seem to come with. The problem I've found is that since you just have to have the fob somewhere in the car, it's pretty easy for that fob to end up with the wrong person. So for example, my wife and I drove somewhere in two cars, then drove around for a while in the newer car. She ended up with the fob even though I was driving, and then almost took off with it; I wouldn't have noticed for hours, which would have been a real pain. It's very unlikely that she'd wander off with my phone.

Re:What was wrong

[GuB-42]

Damn man - that' a hellava first world problem. Not to mention just how much space does a key take up?

Way too much. I just bought a new car and that key is bigger than all my other keys combined, ring included. It is at least twice bigger than the key of my previous car, which performed the same function, and wasn't especially small either. I understand a big car key can be seen as a status symbol but come on, it is an entry-level compact car, not something to show off with.. But that's an other subject... And yeah, definitely a first world problem but it goes well with cars with first world prices.

Oh, one quick note.Many (most) modern car keys are two factor. You have the mechanical key, then there is a lot of stuff inside the key handle that the car senses. Merely copying the key won't work..

That's not what two factor means. There are usually 3 factors: something you have (like a key), something you know (like a password) and something you are (like a fingerprint). No matter how complex the key is, it is still one factor, because it is the only thing required to open the car. What you are talking about is key control, which exist in mechanical keys too (usually in the from of moving bits and patented systems).
There are some cars that require a PIN to start, that's two factor, but I've only seen it once, and it is in a rather old car. Phones make two-factor much more convenient.

You are right about the battery, it is a problem. But I never said a phone lock was the ultimate solution ;) In fact, despite my comments, I don't trust my phone. When traveling, I always have my essential info printed out, and I would definitely carry a backup car key even if I used my phone. I also usually carry a spare battery (I still have a phone with a removable battery). I also tend to prefer cash over credit cards, and I have a small reserve in case my card gets blocked or lost.

Re:What was wrong

You are all over the place man. A key is inconvenient but two-factor isn't. You want your phone to be used for greater security but you don't trust it. You prefer physical cash over more secure credit cards but want a high-porous device with a huge attack surface to control your car. Complete incoherence.

Re:What was wrong

[b0s0z0ku]

Key fob batteries last months to years without replacement or recharge. Phones, not so much. Will there be a USB charging outlet or contactless charge pad outside the car to charge the fucking thing so you can get into your car at 2 a,m.? Imagine having to find a place to charge your phone in a dark parking lot in the rain. Give me a fob, or better yet, a good, old fashioned key with passive RFID authentication.

Re:What was wrong

[thegarbz]

Damn man - that' a hellava first world problem.

And? We happen to live in the first world. I don't go hungry, I don't have a lack of clean drinking water, I'm secure in my life, so what? Give up? Never seek any further improvements?

Speaking of first world problems, just how many 3rd world countries will be rolling out top of the line BMWs with fancy unlocking mechanisms from your iPhone X? Maybe we should stop developing all technology and luxury goods as they are all solutions to first world problems.

Re:What was wrong

All those arguments can be made against the phone though?

Is that supposed to be a question? Question marks are named as such because they're used for questions.

Re:What was wrong

You have to have a key on on?

You have to have a phone on you. The phone battery dies after about 8 hours. The key doesn't have a battery.

Sigh

[ledow]

- Doesn't solve any existing problem.

- Creates new problems all of its very own.

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all), "I locked my phone in the car", "Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car", "Previous owners of the car can just walk up to it with their phone to unlock it", etc. etc. etc.

Re:Sigh

[50000BTU_barbecue]

Also creates jobs in a system where every human need is already addressed but the social model is "work work work work".

Re:Sigh

[AmiMoJo]

"I locked my phone in the car"

Presumably they prevent that in the same way that they prevent you locking the key in the car. I've done it a couple of times and the car just beeps to let me know the key is still inside.

"Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car"

Proven to be groundless fears by many years of using NFC payment systems like Android Pay and Apple Pay.

"Previous owners of the car can just walk up to it with their phone to unlock it"

At least you can just unpair their phone from the car's screen, unlike if they keep the old key which requires expensive reprogramming.

Not least "your battery runs flat, but you need to open it to jump-start it"

You use the backup key. There is a slight loss of functionality here, in that you might keep the key at home so need to go and get it. It's a lot like having a puncture repair kit instead of a spare tyre - you can be screwed if the tyre is unrepairable, but in most cases it is and for most people the fuel saving is worth taking the risk of having to call a mechanic/flatbed.

Re:Sigh

[Scutter]

and you can buy the kit to open any car for $20k

I think I'll just use this rock I found lying by the side of the road instead.

Re:Sigh

[thegarbz]

Not least "your battery runs flat, but you need to open it to jump-start it"

1. Err this is a solved problem and has been for pretty much every "keyless" car on the market. There's always a secondary means of entry available to owners.

Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal

2. Err this is a solved problem and has been since the dawn of encryption.

Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k

3. Err See #1

My phone got a virus and now anyone can open my car

4. Err See #1

Previous owners of the car can just walk up to it with their phone to unlock it

5. Err just like you can* access my Facebook account from my previous phone after a factory reset?
*You can't.

etc. etc. etc

Oh no, please continue. I'm enjoying reading one nonsense statement after another.

Re:Sigh

[Registered+Coward+v2]

- Creates new problems all of its very own.

Beyond your examples, it provides a way for phone manufacturers to know when you are operating a vehicle, under the assumption that the phone used to unlock and start is the drivers. Once they have that information, how will they use it? Turning off texting and other messaging apps would certainly help solve the problem of idiots who text and drive, but how else can that information be used? What other services will be disabled if the think you are driving? Siri already won't let me open the garage door when it thinks I am driving, even if I am in my own driveway.

Re:Sigh

[geekmux]

- Doesn't solve any existing problem.

Really?

Leaving my house requires me to carry three main things; a smartphone, my wallet, and keys. If a solution could eliminate the need for 33% of the tools necessary for survival in a modern world, I'd sure as shit call that problem solving. What are you forced to leave the house with every day? Any reason all locks in your life could not be converted to electronic? (don't pretend those shitty consumer-grade locks really protect you either, a $50 set of bump keys and an hours worth of learn-to-lockpick videos on YouTube would break 90% of society)

And honestly, a continued physical to digital progression in this realm only makes sense, as it eliminates the need for the radio-enabled devices we've been using to unlock and control our vehicles for well over a decade now (keyfobs), which manufacturers have suddenly discovered a need to charge hundreds of dollars for. It's probably cheaper to replace a lost smartphone than it is a lost keyfob.

- Creates new problems all of its very own.

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all), "I locked my phone in the car", "Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car", "Previous owners of the car can just walk up to it with their phone to unlock it", etc. etc. etc.

Most of these issues already exist today with wireless keyfobs unlocking and controlling cars, along with some of the benefits (keyfob tech I had 10 years ago would not allow me to accidentally lock the keyfob in the car). As I said before, this really doesn't change much other than eliminate the need for the radio-enabled keyfobs we're already carrying around that unlock and control our cars. Not sold as a fan on the proposed solution yet, but I certainly see it's justification.

Re:Sigh

- Doesn't solve any existing problem.

you talk about broken phones as if nobody ever bent a car key

Re:Sigh

[CrimsonAvenger]

Beyond your examples, it provides a way for phone manufacturers to know when you are operating a vehicle,

If the manufacturer is monitoring every phone to the extent you suggest, they already know that, since they can safely assume you're not out for your morning jog at 70 mph....

Re:Sigh

- Doesn't solve any existing problem.

Maybe not for YOU, but it does solve a problem for growing number of people who are now getting into the habit of taking only one's phone when leaving home. No bags, no wallet, no clunky ring of keys.

While there are phone cases that can hold a few cards plus a $20 bill, the usual car key is too large to fit. Which means if one did not plan on driving when going out, then the car key will be left at home.

Enjoy your stay in the last century while the rest of the world move forward.

Re:Sigh

[houghi]

1. Err this is a solved problem and has been for pretty much every "keyless" car on the market. There's always a secondary means of entry available to owners.

As I do not have a keyless car (I do not even have a car) could you please tell me what the solution is? Because the last car I had and the car I rent or do carsharing woth all have a keyfob. That means that you will still need to have the key with you. Those would always have a key in it that can be used.

If that is the case, then great, using your key OR your phone is an option. In the 17 years I owned my car that I sold I had never a need to replace the batteries.

So I always had a key with me. It was easier to use the fob, but the key was there.

Now if I want to not carry a key with me and depend solely on the phone, issues like empty batteries are very real. Even when I still had a car and a charger in the car, I was left with a flat phone when I walked back to my car. So please do tell what the solutions are as I sincerely have no idea what they could be (except having a fob.key with you)

Re:Sigh

[houghi]

How will they use it? They sell it or they use it to send you ads or both. The "You are unable to text" will be used as a way to make more people use it, so they can sell more data and send you more ads.

The only reason they do not want you to die while texting is so they can keep selling your data and send you more ads.

Re:Sigh

[GuB-42]

your battery runs flat, but you need to open it to jump-start it

That's assuming there is no backup system, and that your battery really is flat, not just unable to start the engine. Jump starting modern cars is not recommended anyways, but thankfully, flat batteries are also becoming less common (better power management).

I locked my phone in the car

Not a new problem, you can lock your keys in the car too.

Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal

That's a long solved problem. All serious authentication systems use challenge-response techniques now and sniffing won't help you unless you break the underlying crypto.

Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k

Any locksmith can open your car using a variety of techniques and tools worth much less than $20k. It's even easier for criminals because they don't have to do it the least damaging way. The tricky part is getting passed electronic security, but they already have tools to do it now, and unlocking it with a key or a phone doesn't really change the deal.

My phone got a virus and now anyone can open my car

You make it sound easier than it actually is. Phones usually have secure areas that are not directly accessible even by the kernel. If the app is designed correctly, the virus won't be able to duplicate the authentication key. And even if it could, it is a difficult attack to pull off as you need to attack the digital world (the phone) and the physical world (actually steal the car). That's an additional attack vector of course, but not the easiest one to exploit IMHO.

Previous owners of the car can just walk up to it with their phone to unlock it

Not if you revoke their access. I didn't read the standard but I can't imagine there isn't a way to do it.

Re:Sigh

[mjwx]

- Doesn't solve any existing problem.

- Creates new problems all of its very own.

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all), "I locked my phone in the car", "Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car", "Previous owners of the car can just walk up to it with their phone to unlock it", etc. etc. etc.

Yep, a solution to a problem no-one has.

Beyond your points, there is no single standard for NFC... Hell, we cant even get the full standard for Bluetooth in every phone as manufacturers pick and choose what bits they want.

Add to this in the UK, there has been a spate of car thefts that have used buttonless "proximity" keys to simply open the door. The key may not work for you more than 3ft away so people think they're safe until the criminals simply use a signal repeater, open the door and drive off with your new car. As long as they dont stall it on the way to the garage/chop shop, its easy to retrofit it with a new ECU with new keys.

Re:Sigh

[Ol+Olsoc]

"I locked my phone in the car"

Presumably they prevent that in the same way that they prevent you locking the key in the car. I've done it a couple of times and the car just beeps to let me know the key is still inside.

What if I want to lock my phone in the car? This might sound like heresy to the under 35 set, but some of us are not welded to our smartphones. There are times, like going to a restaurant, that the phone is off, or better, left in the car.

You use the backup key..

But you've seen the posts. Having to carry that yuge key is a major imposition.

To me, the technology is okay except that it adds three problems two likely, and one less so:

First - the dead smartphone battery. Common

Next - Just adding a layer - So we had a key. Now you need the smartphone and a key. In case of problem one. Any bets on how many people will forget their key and pul out that dead phone?

Three - The Internet of Things has a well earned reputation for utter lack of security. My money would be on this system being cracked in maybe a day, and the ransom notices going out to send bitcoin ASAP to regain access to the car.

Re:Sigh

>> could you please tell me what the solution is?
Actual solution : mechanical key blade inside the fob to open the door, NFC to start
New solution : NFC to the unpowered phone, or wireless charge the phone, or credit card NFC unlock, etcetcetc..

Re:Sigh

[Immerman]

>2. Err this is a solved problem and has been since the dawn of encryption.
Solved yes - whether the solution is actually *used*, or even *known*, by the people rolling their own "super secure digital key" is a completely separate question.

As for 3 and 4, I fail to see how #1 is relevant to either. Sure, there's other ways into the car, but any keyless entry system adds an additional attack surface, one that's notoriously hard to make secure from automated attacks even for groups of digital security experts, experts that are often conspicuously absent from automotive software teams.

Besides which, just because it's (probably) possible to secure your car from digital entry by past owners doesn't mean that the new owner has any idea of how to do that, or even that it's necessary.

Re:Sigh

[swillden]

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all)

This is a problem with lots of new cars, not really related to this digital key question.

"I locked my phone in the car"

As with RF key fobs, the car should refuse to lock unless the phone is outside the car.

"Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal"

A complete non-problem. Cryptography. Relay attacks are an issue, though.

"Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k"

That's already true.

"My phone got a virus and now anyone can open my car"

Your phone having a virus can't affect it in any way, since it's not the phone's main processor or OS that do the unlocking, it's a separate secure element.

"Previous owners of the car can just walk up to it with their phone to unlock it"

No, this is a huge advantage of digital keys. It will be trivial to invalidate previous keys. That can't be done with physical keys without physically changing the locks (have you ever changed the locks on your car?), and can't be easily done with current RF key fobs.

Re:Sigh

Not least "your battery runs flat, but you need to open it to jump-start it"

1. Err this is a solved problem and has been for pretty much every "keyless" car on the market. There's always a secondary means of entry available to owners.

That solution being an actual key that is inside the "keyless" fob. So what's the solution when you get rid of the fob?

Re:Sigh

[Registered+Coward+v2]

Beyond your examples, it provides a way for phone manufacturers to know when you are operating a vehicle,

If the manufacturer is monitoring every phone to the extent you suggest, they already know that, since they can safely assume you're not out for your morning jog at 70 mph....

It's to so much the manufacturer collecting the data but now they have a positive trigger on the phone that can be used to allow other actions as part of a workflow. Some can be positive like disabling texting, NFC could also allow auto emergency calls if an accident is detected, etc. Is the information already available by inference since if the GPS sees you go at 15 MPH they can assume you are in a car; this just verifies who is most probably driving. On the negative side, it could trigger auto tracking for a phone, send alarms if certain areas or speeds are exceeded, etc., based on the assumption of who is driving. In the long run, it's not that much different from what can be done already; as you point out.

Re:Sigh

[AmiMoJo]

There are times, like going to a restaurant, that the phone is off, or better, left in the car.

My phone has both an "off" and a "mute" button.

the dead smartphone battery

Just add a USB port on teh OUTSIDE of the car. Then you can charge the car from USB as well!

Re:Sigh

[ledow]

Sigh.

"This is a problem with lots of new cars"
Yes. It doesn't solve it.

"As with RF key fobs, the car should refuse to lock unless the phone is outside the car."
Yes. It doesn't solve that. And RF range detecting the fob IN the car? That's dubious. Most cars that do this operate on the "you can't lock the door without the key in your hand" principle, not magically detecting that you left the key in the car and "not auto-locking"

"A complete non-problem. Cryptography. Relay attacks are an issue, though."
Contradictory in itself. Relay attacks are being used to steal BMW etc. cars today by relaying the signal to your front door where your keys are normally nearby. 3am, someone just uses your key from inside your house, remotely, from outside, to start your car and drive it off.
Plus, cryptography has a very limited lifespan and I'm not sure there's a single cryptographically secure car entry system out there.

Garages. Again, doesn't solve the problem.

Phone viruses. Er... are you suggesting it somehow magically works without integration with the phone? Pay-by-bonk technology is in phones and is rarely isolated from core NFC functionality.

"Previous owners of the car can just walk up to it with their phone to unlock it"

https://yro.slashdot.org/story...

P.S. My car physical keys/fobs can be cleared off quite simply. I think it's ten twists of the ignition with the master key without starting the car. How many people do you think know that? Do that? Again, it doesn't solve the problem, it just makes it much more likely to happen.

Cars are NOW being resold by official manufacturers without clearing that stuff off. Plus hire cars. How would you know? No, if you sold it on "we can show you a list of all the registered keys in the car's dashboard menu", then you'd have something. That'd be a new feature you could sell.

And you could implement it without smartphone integration.

Re:Sigh

Agreed, even the key fob for my car has a real physical key that can open the door. A bit of a pain to wiggle out of the fob but it is there. And there is a "magic" place in the car where the fob is powered by the car to authenticate and let me start the car when the fob battery is dead. I've even used it once when the fob was dead, so I know it works.

Re:Sigh

[houghi]

So the second solution of not having a discharged phone is to charge it. Got it. The first I am unclear how that would work unless the sa,me as the last solution. The last means I do not need the phone at all. Why would I use the phone if I have something else?

Basically it means you need to take a spare key with you. I would then rather just use that instead of the phone. That way it won't drop the phone when I am drunk. (That last part was a joke)

As long as I need to take something else with me, it is not a substitution, it is an addition. Just like the FOB was not a substitution to the key, but an addition.

Re:Sigh

[apoc.famine]

That won't start the car, I'm fairly certain.

Re:Sigh

In the 17 years I owned my car that I sold I had never a need to replace the batteries.

Really?

Re:Sigh

[b0s0z0ku]

USB port on the outside is a good idea for charging a phone. It can't pass enough power to charge a car battery at any good rate of speed, though.

Also, imagine having to wait 5 minutes till your phone gets up and running when it's 40F, raining, and you're in a dark parking lot in a less-than-safe area. Give me a fuckin key or key fob that "just works" already!

Re:Sigh

[b0s0z0ku]

Emergency call in case of accident isn't always positive -- with a single-car accident where the car is drivable, you might not want cops to be involved or your in$urance to go up.

Re:Sigh

[b0s0z0ku]

Only one of those things is REQUIRED. The keys. You don't need your wallet to just go for a walk or jog. You could also carry money in a money clip. I go out without my phone fairly frequently. Again, not required, just sometimes useful.

Re:Sigh

[b0s0z0ku]

I've bent a car key once -- was able to straighten it enough to use until I got a replacement. My phone's battery goes dead more frequently, at least once every week or two.

Re:Sigh

[thegarbz]

Solved yes - whether the solution is actually *used*

So go steal a car. I mean pretty much every single car out there uses keyless entry already. FYI, yes it is used and keyless entry has been resistant to replay attacks since the damn 90s.

As for 3 and 4, I fail to see how #1 is relevant to either.

I fail to see how 3 is not identical to 1, but in any case I misread 4. But someone was able to directly link a car with the phone owner, compromise the specific device directly, and then use it to access the car? What else are we afraid of. Aliens! Aliens can remotely trigger my phone to unlock my car and then they can get the chewing gum out of the glove box.

In case it's not clear, I'm mocking the absurdity that someone would jump through these absolutely insane hoops required to directly link the car, the device, and then directly attack the device, then monitor the driver for the opportunity to slip away with their car. (tip: very few viruses are targeted to this level, and no targeted viruses have every been discovered on mobile platforms).

Besides which, just because it's (probably) possible to secure your car from digital entry by past owners doesn't mean that the new owner has any idea of how to do that, or even that it's necessary.

Maybe once the first set of stupid people are separated from their cars people will learn to actually take an interest in the thing they just spent lots of money on.

Re:Sigh

[thegarbz]

As I do not have a keyless car (I do not even have a car) could you please tell me what the solution is?

Well the good news is that no-one has a keyless car. Which is kind of my point. Just because it looks keyless doesn't mean that manufacturers haven't taken your very scenarios into account since the dawn of the keyfob.

If the technology is too difficult for you to manage, how about you carry the key.

But in any case there sure as hell isn't some nightmare scenario where you need to get your car towed to some mythical garage that has some mythical $20000 piece of magic gear to get in your car.

Re:Sigh

[jgdnavy]

My place of employment doesn't allow personal electronic devices into the building at all. Granted there are a handful of lockboxes, but not nearly enough for even a quarter of the employees if locking it in the car stopped being an option.

Re:Sigh

[jgdnavy]

Isn't the whole point of this to replace the key fob?

Re:Sigh

[jgdnavy]

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all)

This is a problem with lots of new cars, not really related to this digital key question.

Most if not all the smart key solutions I've seen have a mechanical key hidden in the fob, so you can always at least open the car.

Re:Sigh

[swillden]

Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all)

This is a problem with lots of new cars, not really related to this digital key question.

Most if not all the smart key solutions I've seen have a mechanical key hidden in the fob, so you can always at least open the car.

Definitely not all. I've had a couple of rental cars recently which didn't (Toyota or Nissan, I believe -- I don't pay much attention to my rentals) and my Tesla's key fob doesn't. The Tesla doesn't even have a keyhole; I didn't bother looking at the rental car doors, so I can't say about those.

With the Tesla, if your key fob battery is dead, you can still unlock the car by placing it in a particular spot at the base of the windshield, and you an still drive it by placing the key at a particular spot inside. Of course, with a Tesla the car battery will basically never be dead. Even after it won't drive any more the dregs of the giant battery are more than enough to power stuff like door locks for a very long time... and if the battery ever does go completely dead, you've got far bigger problems because that's very bad for that very expensive battery.

Re:Sigh

[swillden]

And RF range detecting the fob IN the car? That's dubious.

Not at all. It's quite common. My Nissan does it. If you have a fob in the car and a fob in your hand, you can lock the doors. If you have no fob in either place, you can lock the doors (there are lock/unlock buttons on the door handles). If you have a fob in the car and none in your hand, you can't lock the doors.

My Tesla seems to be able to tell which key fob is in the driver's seat, and can also distinguish between fobs inside or outside the car. It also unlocks when the fob nears the car, and locks when the fob leaves the vicinity, which is the optimal behavior from a convenience perspective; you just leave the fob in your pocket and get in and out at your convenience. Now I want the same without having to carry the fob, since I always have my phone.

"A complete non-problem. Cryptography. Relay attacks are an issue, though."

Contradictory in itself.

You mentioned sniffing, which is a completely different thing than relay attacks. Sniffing is easily solved. Relay is harder, but it's solvable.

I think the best candidate is WiFI UWB, which has built-in secure, precise time-based ranging. The ranging process produces a shared session key with bits provided by both radios. So if you have an eSE connected directly to the WiFi radio it can kick off the process and get the measurement and session key back, and the car can get the session key from its radio. Both sides can then use the session key along with a previously-shared secret (the actual "unlock and drive key") to derive a session-unique shared secret that is bound to the ranging protocol.

The upshot of this is that a simple relay attack must become a MITM attack... and that is impossible, because although the attacker can complete the ranging protocol at each end (between phone and attacker transceiver 1 and between car and attacker transceiver 2) and will know the session keys produced by both processes, but because phone and car will be using different session keys to derive the session unlock key, they'll get different results and relaying the phones message to the car will do no good.

Plus, cryptography has a very limited lifespan

Ciphers and protocols easily last multiple decades... and this is all software, so it can be upgraded when needed.

I'm not sure there's a single cryptographically secure car entry system out there.

That's not true, but even if it were it it in no way implies that it can't be done.

Phone viruses. Er... are you suggesting it somehow magically works without integration with the phone?

No magic involved. The phone's CPU will be at most involved in shuffling encrypted bits between secure element and radio. Even that much involvement isn't actually necessary, and there are several good arguments for minimizing the application processor's (that's the main CPU) participation, mostly for corner cases like when the phone battery is very low (they're never actually dead). If you only have to power the eSE and a relatively low-power radio you can operate at much lower battery levels.

Pay-by-bonk technology is in phones and is rarely isolated from core NFC functionality.

Yes and no. I worked on the first incarnation of Google Wallet, as well as on some pre-smartphone payment stuff. In Google Wallet 1.0, the AP had almost nothing to do with the transaction; the eSE was connected directly to the NFC controller and did everything. Because carriers fought Google over use of the eSE (and OEMs didn't want to have to install one), Google finally moved to HCE which does, as you say, do the transaction on the AP. The latest incarnation is moving towards using the TEE or eSE for key storage and crypto operations, where available.

The work on phone-based car keys is starting where Google Wallet did, using the eS

Re:Sigh

[drsquare]

So now when you lose your phone, it gets stolen, or the battery goes dead, not only can you not contact people, but you can't get into your car or house either.

Single Point of Failure

[mentil]

So now when my phone gets stolen/broken/lost/runs out of battery, I have no way to call for help OR to start my car. Bonus points if the phone charger is locked inside the car-that-won't-start. Extra bonus points if you don't carry any method of payment aside from mobile payment.

Re:Single Point of Failure

[idji]

Isn't a physical key a single point of failure?

Re:Single Point of Failure

Isn't a physical key a single point of failure?

Every car I've purchased came with at least two keys, so no.

Re:Single Point of Failure

[rudy_wayne]

Isn't a physical key a single point of failure?

In theory, yes.

In actual practice, not so much.

I'm pretty old and have never lost my car key.

Or maybe I'm just more careful than the average idiot.

Re:Single Point of Failure

Do you carry both of your keys everywhere?

Re: Single Point of Failure

[e3m4n]

Well one typically has two, so there is always some means, albeit inconvenient, of regaining access. The upside is while it might be single point of failure, its typically a fails-safe design. Ive never seena factory recall because a car was allowing anyone with any key to access it. Failures happen. Its murphys law. Designing to fail in a safe position is engineering design crteria.

Re: Single Point of Failure

Lockpicking is a thing, yet have you ever heard of a lock recalled because it can be picked?

Re:Single Point of Failure

[N1AK]

I'm pretty old and have never lost my car key. Or maybe I'm just more careful than the average idiot.

It depends... are you regularly losing / breaking / running out of power, on your phone?

Re:Single Point of Failure

[houghi]

No. You will still have your phone to call for a solution if that fails.

What that solution is depends on the situation. Could be somebody bringing a spare. Could be a garage with a copy. Could be ordering a pizza so you will not starve. Could be asking the hooker to go directly to the hotel instead of picking her up. Could be using the light to find the lost key.

Re:Single Point of Failure

[Immerman]

Doesn't have to happen regularly to be a problem. Can you honestly tell me that you've NEVER had your phone get lost, broken, or run out of power? I can honestly say I've never lost or broken a key on my keyring.

Re:Single Point of Failure

[apoc.famine]

Previous phone? Ran out all the time. Current phone? Never. And I've never lost one or broken one.

I honestly don't understand how people lose/break their phones all the time. Put a case on it, and keep it in your front pocket or purse/bag so you don't sit on it. It's really not that difficult. With water resistant phones becoming more common, even dropping one in the toilet isn't a death sentence anymore.

With wireless charging now and far better power management, I don't run out of power. I just toss my phone on the charging puck/cradle at work and at home, and if I had a newer car, I could do it there as well. When I'm away from power for a long period of time, I can go into my power settings and crank them down once I get under 50% to give me hours more battery life. Current estimate for battery life is 7hrs at 60% battery. Cranking the power saving to max and it estimates about 17hrs.

With my last phone, I would not have been willing to use it as a key. With this one, I definitely would. I think that as phone technology continues to mature, this will become far more feasible.

Re:Single Point of Failure

[SCVonSteroids]

Bonus bonus points if you bother following the saying "Don't put all your eggs in one basket."
Dumbass.

Re:Single Point of Failure

Now if only we could get the AD revenue starved corporations to stop trying to integrate everything into a phone, we might make progress on doing just that.

Re: Single Point of Failure

The lock on your car is almost certainly more difficult to pick than the deadbolt on your house. This goes for cars 30+ years old, too.

Vulnerabilities...

[Gaygirlie]

...in 3...2...1...Car stolen.

great!

[sad_]

i'm sure it will be as secure as the keyless systems they have in place now.
can't wait for my car to be stolen.

Re: great!

[e3m4n]

Just dont buy a Toyota Camry if it has the feature. I guess its the massive amount of these cars in existence, but its one of the most stolen cars. It doesnâ(TM)t draw as much attention if youâ(TM)re driving a stolen Camry then, letâ(TM)s say, a Corvette. If youâ(TM)re driving around in a stolen Corvette, and you look as though you donâ(TM)t have enough money to rub two nickels together, you are probably going to get stopped and questioned.

No Cell Service, No Car?

[pubwvj]

So... we live out in a rural area where there is no cell service. Does this work without access to the net?

What if the net goes down as has happened? Everyone's locked out of their cars?

Seems like a bad idea made worse.

Re:No Cell Service, No Car?

[swillden]

So... we live out in a rural area where there is no cell service. Does this work without access to the net?

Yes.

What if the net goes down as has happened? Everyone's locked out of their cars?

It doesn't require -- or even use -- Internet.

Because...

[UID30]

...nobody ever loses their phone. Or sets it down at a restaurant. Or has it fall out of their pocket at a movie.

Re:Because...

[N1AK]

But keys are kept securely in pockets in all those same scenarios by voodoo magic?

Re:Because...

[Immerman]

More by unwieldy shape, and the fact that they tend to rapidly settle to the very bottom of any pocket or bag, and then remain there until used to open a lock. Unlike phones which tend to be removed every few minutes by many people, and then be re-inserted while sitting down so that they occupy a far more precarious position.

(Whether people who use their phone at the movies deserve to be locked out of their car for their crimes is a separate issue)

Wireless fob thefts

Seems ripe to repeat car thefts where the thieves used signal boosters/repeaters to trick the wireless fobs into unlocking and starting cars.

Of all the things I do not need

[houghi]

I do not need this the most.

As Hollywood likes remakes, they should make a remake of Taking care of Busines. Instean of a Filofax, they could use a phone.

Meanwhile, in the Land of Elon ...

[140Mandak262Jamuna]

Model 3, unlocks when you walk up to it. The phone is the key. I can also lock or unlock the frunk, the trunk and the doors, start the A/C, honk and flash lights from anywhere in the world.

Re:Meanwhile, in the Land of Elon ...

[crow]

My thought exactly.

This sounds like other manufacturers seeing what Tesla has done and deciding to do it themselves.

From a technical standpoint, I believe Tesla relies on Bluetooth, not NFC, but I'm not clear on much that matters. Bluetooth probably does a better job of working without having to pull your phone out.

I'm still waiting for Tesla to add this feature to the S and X lines.

This Is Great

Because no one is able to data mine my smart phone. I feel way more secure.

What about multiple keys?

Maybe if we had three keys, one in our phone and another embedded in a physical key fob with a third separate key card held in a wallet. Either of the first two can unlock the vehicle but the third key optionally kept inside the vehicle may be required to start the ignition. The equivalent of the physical locks on most houses but inside the house you still have a separate locked safe.

More power for hackers

Let's give hackers much more power to hijack any vehicle anywhere anytime!!! (Sarcasm!!!)

Why we keep trying to add major security risks to everything, in return for minor conveniences?
Is any computer/smartphone looks secure against hackers today, or the situation looks like the exact opposite?

Nope

[DriveDog]

The only "improvement" seen over a plain key so far has been wireless lock fobs (NOT fob/key things). Ford-style combinations would be nice if they had 10 buttons or longer codes. Concentrate on making better cars, not fiddlier gadgets.

Re:Nope

[b0s0z0ku]

Yep. Ford got that right in the 80s. My ideal (as I stated in another post) would be combination to get into the car, and combination + fingerprint to start and drive the car. All managed locally -- you should be able to add/remove profiles from the car itself without needing a manufacturer's service. Valet driving the car? No problem. Temporary code and their fingerprint is good for 5 starts.

as secure as keyless entry?

Or have they learned anything from the keyless entry disaster?

Nope, not me

[p51d007]

Sorry, I'm not one to "embrace" the tech, just because it is there. I'll stick with a good old fashioned KEY that you have to insert & turn to start the car. Yeah, a thief could rip the column/key lock off your car and use a screw driver to start your vehicle, but the LOOK of a screwdriver sticking out of the cylinder will raise eyebrows. Software can be hacked and I've seen a couple cases where keyfobs have been hacked, giving access to the vehicle and starting it. You want that high tech, fine, no problem, but at least give me the OPTION of keeping the old school tech. It's another reason why I still prefer MANUAL transmission (and yes, I live in a city). Also, manual transmissions are somewhat of a new fangled anti-theft device. I've noticed a few criminals have been stopped because they can't use a clutch transmission LOL.

Re:Nope, not me

[PPH]

Also, manual transmissions are somewhat of a new fangled anti-theft device.

Soon the day will come where car thieves won't know what to do with a key.

Heaven help them when they get into my truck and have to deal with the stick shift, transfer case, differential locks and manual choke.

Re:Nope, not me

[b0s0z0ku]

A Luddite after my own heart. Until electric cars become practical for me, I'll look for a 1990s Miata to drive till the wheels fall off! Manual and as bog-simple as possible is the way to go.

"the technology focuses on security"

"Inherently insecure technology is designed with workarounds to slightly reduce its inherent insecurity"

News at fkking 11

We're now in a world of fully post-tech morons who were born and became dumb in the age of technology. Soon we'll have the technology to have "helper nanobots" engrafted onto all our red blood cells in order to achieve a 3% discount on in-game Fortnite purchases, with the slight downside that the bots frequently malfunction to cause sudden, spectacularly traumatic death.

What a wonderful time to be a fully dispensable member of a class of endlessly reproducing consumers

sounds dangerous!

Does one really want to get pulled over by the cops when running their friends car from their phone app with no key/fob ?!?

Even worse!

You now have a remote start system that has NO benefit in the snow to warm up car :O

10 to 1 my key fob is quicker anyway.

so again, why?

Why bother with a phone? PIN/fingerprint.

[b0s0z0ku]

Use a PIN keypad on the driver's door to get into the car. Ford/Lincoln had this in the 80s. Require PIN + fingerprint auth to actually drive the car. Store a hash of all data locally and allow for local management. Fingerprints should be able to be added for a certain amount of trips to allow valets or service people to drive.

It shouldn't require a manufacturer's server as an intermediate -- manufacturers go out of business, stop supporting services, etc. I'd hate to own a 12 year old car (newest car I've owned was that old) and have it become a "brick" because the manufacturer stops running a key server!

Um this isn't new....

[freeschwag]

MB had this tech installed as a standard option since 2013...

https://www.mbusa.com/mercedes...

What if you don't have or want a smartphone?

[Rick+Schumann]

The article doesn't say anything about people who do not have and do not want a smartphone; is there an alternative? A physical key?
Also, can this be totally disabled, so no one can wirelessly unlock your car?

Re:What if you don't have or want a smartphone?

The article doesn't say anything about people who do not have and do not want a smartphone; is there an alternative? A physical key?

Also, can this be totally disabled, so no one can wirelessly unlock your car?

That's what I wonder, everyone seems to assume I carry a phone around with me all day and night. No way, once I'm done work it goes in my tool bag.
I do have my 2m/70cm radio with me sometimes though, I just like to play with my radios.

Re:What if you don't have or want a smartphone?

[Rick+Schumann]

Because the Average Person does obsessively carry their smartphone around with them, it's on their nightstand, it's at the dinner table, and so on. Note I said the 'Average Person'.

I can't wait for this to be showcased ...

... at the next DefCon!

Nah.

Nothing could go wrong and your car would be secure

Yeah right, for about a microsecond..