Thieves Are Boosting the Signal From Key Fobs Inside Homes To Steal Vehicles (www.cbc.ca)

Jokes on you by ERJ · 2018-12-05 10:45 · Score: 4, Funny

I drive a crappy old car that cannot be started with a key fob signal. You can't steal my car!

Oh....

Re:Jokes on you by Dirk+Becher · 2018-12-05 10:46 · Score: 2

Mandatory auto update! He can now!
Re:Jokes on you by mschuyler · 2018-12-05 10:52 · Score: 1

So just steal it the old-fashioned way. Car theft has been a thing way longer than your old crappy car.

--
How about a moderation of -1 pedantic.
Re:Jokes on you by bobbied · 2018-12-05 11:02 · Score: 5, Funny

I drive a crappy old car that cannot be started with a key fob signal. You can't steal my car!
That's nothing, mine has a manual transmission..... NOBODY will be able to steal my car, maybe the stuff in it, but NOT the car, at least without a tow truck..

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re: Jokes on you by bob4u2c · 2018-12-05 11:45 · Score: 1

It was a upgrade option I believe.
Re:Jokes on you by dryeo · 2018-12-05 11:57 · Score: 1

Same here, and even though it has got an aftermarket remote start, the procedure to get the truck set up is detailed enough that I've never bothered. As well there's the steering lock and the club thing on the steering wheel.
I also have a hard time believing that my ancient fob is always broadcasting, rather then when pushing the unlock button.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Jokes on you by Anonymous Coward · 2018-12-05 12:06 · Score: 1

This is for the newer 'keep the fob in your pocket' systems where you never insert anything into the car or push any buttons on the fob to get in and start it.
- WolfWings, too lazy to login to /. in way too long.
Re:Jokes on you by CohibaVancouver · 2018-12-05 12:44 · Score: 2

So just steal it the old-fashioned way. Car theft has been a thing way longer than your old crappy car.
I know, right? I watch TV. It's clear all you have to do is twist two wires together, then brush a third wire against that pair and the car will start. Seconds later you can drive away.
Re:Jokes on you by Iwastheone · 2018-12-05 12:59 · Score: 1

Just get one of these,,, https://www.youtube.com/watch?...
Re:Jokes on you by viperidaenz · 2018-12-05 13:10 · Score: 1

Yes, like my 2005 Accord. But who'd want to steal a 13 year old honda?
Re:Jokes on you by 14erCleaner · 2018-12-05 13:14 · Score: 1

I can top that...my manual-transmission cars have been broken into twice, but the thieves couldn't find anything worth stealing! (It was a pain having to repair the broken windows, though...)

--
Have you read my blog lately?
Re:Jokes on you by ShanghaiBill · 2018-12-05 14:04 · Score: 1

I also have a hard time believing that my ancient fob is always broadcasting, rather then when pushing the unlock button.
My spouse has a Tesla, and there is no button on the fob. As she walks toward her car, it automatically unlocks when she is about 5 meters away. She doesn't even have to take the fob out of her purse.
I had assumed it was an RFID transponder, and the interrogation signal originated from the car, which has plenty of power. But maybe not.
Re:Jokes on you by PPH · 2018-12-05 14:38 · Score: 1

manual transmission
Mine has a knob on the dashboard labeled 'Choke'. I dare a millennial to figure that out.

--
Have gnu, will travel.
Re:Jokes on you by dryeo · 2018-12-05 15:15 · Score: 1

Someone stole my last truck, a '91 F150 that looked as ugly as hell. It didn't show up again, so it wasn't just a joyride either.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Jokes on you by dryeo · 2018-12-05 15:17 · Score: 1

Yes, after reading more comments, I realized things have changed in the way fobs work.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Jokes on you by PPH · 2018-12-05 15:24 · Score: 1

Not quite. You forgot a step

--
Have gnu, will travel.
Re:Jokes on you by mysidia · 2018-12-05 15:43 · Score: 1

And.... its gone!
Actually; I think one of those trying to drive into my neighborhood would very quickly be noticed, since such a large vehicle would fill up both lanes: even LTL delivery trucks can't get in because they're too wide for the road and too tall to clear the power lines.
Re:Jokes on you by mentil · 2018-12-05 17:36 · Score: 1

It's a Ford, remember. It stalled in the White Castle drivethrough so they ditched it.

--
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
Re:Jokes on you by Ambvai · 2018-12-05 18:29 · Score: 2

I had my car broken into in Las Vegas, through the rear windshield.
They ignored the three growlers of beer in the rear footwells and accompanying two-thirds pizza, the rather sizeable stack of cash buried at the bottom of the center console, and the tablet in the glove compartment.
What did they steal? A 30-year-old wool coat. In the middle of summer. (I had the sneaking suspicion it wasn't a smash and grab though, seeing as like 15 cars had their windows busted, nothing of note stolen, and a mobile glass replacement company was onsite the next morning.)
Re: Jokes on you by Cederic · 2018-12-05 19:57 · Score: 1

Maybe in your country but here it's called a manual gearbox.
How you operate it - gear stick, paddles, both - is entirely fucking irrelevant.
Most paddle operated gearboxes are semi-automatic though, no clutch. That's not always the case though.
Re:Jokes on you by Cederic · 2018-12-05 19:59 · Score: 1

To be fair, if its operating from 5m away then nefarious types can just generate the car's interrogation signal from outside your house and there's a chance the key will be close enough to respond.
Much as the article suggests, just the comms channels inverted.
Re:Jokes on you by AmiMoJo · 2018-12-06 00:42 · Score: 1

The car emits periodic radio signals that the keyfob can detect with an always-on ultra low power detection circuit. It's similar to RFID but a bit more sensitive, in that it's basically passive until excited by the radio signal from the car at which point the battery in the fob is used to power an amplifier and demodulate the actual signal.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:Jokes on you by havana9 · 2018-12-06 01:31 · Score: 1

Actually it could be tricky even for a Gen X or a baby boomer. You can flood the engine. And sometimes you have to find it. like in the Fiat 126 and figure how to engage the starter.
On the other hand a thief will start the car using a piece of brass sheet and a flat screwdriver.
Re:Jokes on you by froggyjojodaddy · 2018-12-06 01:58 · Score: 1

Bah, that's nothing. I got a manual car where 1st gear doesn't work. And if you put it in first gear, it's a PITA trying to get it out. You have to disable the linkage and then not do that again

Even if a thief broke into my car, managed to hot wire it and got it started, what's the first thing they're gonna do? That's right, put it in first gear (I back into my parking spot) and then BAM!! they're done!
Re:Jokes on you by dryeo · 2018-12-06 03:14 · Score: 1

Well that's why I expected it to turn up again, dead on the road somewhere.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re: Jokes on you by PPH · 2018-12-06 03:33 · Score: 1

FJ-40

--
Have gnu, will travel.
Re:Jokes on you by David_Hart · 2018-12-06 04:22 · Score: 1

Actually it could be tricky even for a Gen X or a baby boomer. You can flood the engine. And sometimes you have to find it.
like in the Fiat 126 and figure how to engage the starter.
On the other hand a thief will start the car using a piece of brass sheet and a flat screwdriver.
Unless they have experience with boats... plenty of boats still have chokes....
Re: Jokes on you by Impy+the+Impiuos+Imp · 2018-12-06 05:29 · Score: 1

Those let you decide when to shift, but the shift is automatic style with no (human-activated) clutch.

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Re:Jokes on you by Impy+the+Impiuos+Imp · 2018-12-06 05:32 · Score: 1

It's been stalled in the White Castle drive-thru for a few weeks now, but White Castle is so slow the people behind it haven't noticed anything wrong yet.

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Re:Jokes on you by Impy+the+Impiuos+Imp · 2018-12-06 05:46 · Score: 1

I've got a car in my driveway that if a thief managed to get it started I'd run out and scream how did you manage to get it started!
(That's a Norm Perfect joke.)

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Re: Jokes on you by CohibaVancouver · 2018-12-06 05:58 · Score: 1

Which modern cars don't have steering locks?

(Modern = made in the last 25 years.)

I appreciate that cars with pushbutton-start don't have steering locks on the column, but you can't start those by touching some wires together under the dash.
Re:Jokes on you by dasunt · 2018-12-06 06:30 · Score: 1

(I had the sneaking suspicion it wasn't a smash and grab though, seeing as like 15 cars had their windows busted, nothing of note stolen, and a mobile glass replacement company was onsite the next morning.
Odds one person would not call a mobile glass company that shows up the next day: 1/n.
Odds that out of fifteen people, at least one would not call a mobile glass company that shows up the next day: (1/n)^15.
Quick test that shows that if even 96% of the people don't contact a glass company that shows up the next day, there's a better than even chance that the glass company will still be there the next day.
Re:Jokes on you by DarthVain · 2018-12-06 07:15 · Score: 1

At least by nobody young. Extra points for having a twitchy clutch you refuse to fix that makes it even harder...
That said the car in which the article is about was found a few days later abandoned in a parking lot. So it isn't like this is being used to "steal" the car, more like borrowing the car for whatever other nefarious deeds they might have been up to then ditching it.
Re:Jokes on you by viperidaenz · 2018-12-06 07:50 · Score: 1

People steal expensive cars because they're expensive.
People steal fast cars because they're fun to drive.
People steal easy to steal cars because they need a car to commit a crime.
Someone probably stole your truck to rob someone's house. They then ditch it and set it on fire.
Re:Jokes on you by bobbied · 2018-12-06 08:21 · Score: 1

Ah, memories of my 65 VW Beetle's clutch.. It was badly in need of replacement and didn't quite fully disengage by the time I got rid of it.. Had to be fast and never leave it in neutral very long.
Come to think of it, the same car had a starter issue at one point. Had to "push" start the thing for a couple of months until I could save up enough cash to fix it. I can remember pushing it across the parking lot, jumping in, dropping it into third and popping the clutch... Steal that you youngsters!
But hey, I learned to drive in a 1955 Chevy pickup tossing hay out for the cattle in the field some 40 years ago. Taught me how to drive a manual transmission, rear wheel drive, on everything from pavement, snow, sheets of ice, grass and mud. You people who don't know why hitting the brakes doesn't fix anything on wet ice scare me now, or the idiots who cannot get a 4WD though places I've put that pickup with nothing but chains and a few bails of hay in the bed. Personally, I stay home these days, not because I cannot get around, but because some idiot will hit the brakes, turn the wheel and wonder why they still hit me.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Jokes on you by DarthVain · 2018-12-06 09:02 · Score: 1

Ha Ha! Similarly I had a 1985 Nissan Sentra Wagon in high school with a manual. Starter went on it... I remember for at least a couple of months before I got around to getting it fixed, I would either A) always park facing down a hill, or B) ensure I had a couple of guys with me to push, and jump started it everywhere which was surprisingly easy on that car.
Re:Jokes on you by Ambvai · 2018-12-06 10:31 · Score: 1

I would expect a typical thief would grab beer, cash, or technology, and not a hot jacket in the middle of summer (even if Las Vegas nights can be fairly cool), especially if there were multiple break-ins. I mean, if it was some homeless guy that was cold, just pick any car that seems to have a lot of luggage and break into that one vehicle alone. If they were people looking for something of value, they could've taken what was actually worth money. Punks screwing around for fun? Would they turn down a few gallons of beer?
Instead, nothing of consequence was missing from my car, nor that of the other people I was chatting with in the lot who were also broken into. The only other money involved would've been for the casino, and I was staying there anyways so no point in keeping me at the property longer that way, or the glass repair.
Sure, it's probably just paranoia... but I'm still wary.
Re:Jokes on you by John.Banister · 2018-12-06 11:19 · Score: 1

Maybe the value of the car was to use it for getting to the location for committing an additional crime, and a stolen car was best for that.
Re:Jokes on you by dryeo · 2018-12-06 13:46 · Score: 1

But then it would have turned up, burned. More likely chopped for parts.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Jokes on you by viperidaenz · 2018-12-06 14:08 · Score: 1

Or they removed the chassis and engine numbers before burning it.
If I was disposing of a get-away car I'd do that. Makes it harder for anyone to figure out where and when it was stolen. It just ends up being another write-off going to the crusher.
I suppose you could send it to a chop shop, but that's not going to get rid of any evidence if the shop gets busted while the car is still there.
Re: Jokes on you by justthinkit · 2018-12-08 00:53 · Score: 1

Some winters back I was shoveling snow around our house (corner lot) and a car comes along. Our intersection's snow had turned to ice. Somehow the guy gets stuck in the intersection. His solution (like his cause) was to gun it.
He polished the ice for several minutes.
People came over to help push.
Finally I went over, got in, put the manual in 2nd, let out the clutch slowly and the car was free in 5 seconds. Only words exchanged were "Let me give it a try".
What is the next thing we forget how to do?

--
I come here for the love

My tinfoil hat to the rescue ... by 140Mandak262Jamuna · 2018-12-05 10:47 · Score: 4, Funny

I keep my keys in my tin foil hat, Now who's laughing?

Seriously, get one of those wire baskets sold as desk organizers, hang it next to your key rack. Drop your key fob in that basket, and you are safe.

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact

Re:My tinfoil hat to the rescue ... by Thelasko · 2018-12-06 03:50 · Score: 1

I keep my keys in my tin foil hat, Now who's laughing?
Seriously, get one of those wire baskets sold as desk organizers, hang it next to your key rack. Drop your key fob in that basket, and you are safe.
They also sell wallets for this purpose. I don't know how this became an article. I thought everyone on Slashdot stored their keys in their tinfoil hats!

--
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".

Wrong! by Anonymous Coward · 2018-12-05 10:48 · Score: 2, Insightful

First, key fobs are NOT constantly broadcasting a signal. Their tiny coin cell battery would go dead really quickly. The CAR is constantly broadcasting a signal, which, when the fob is in range of, it answers with an unlock code. Next, sure, you can use a Faraday cage. You can put it in the refrigerator (which some people actually do!), etc. But you can simply park your car in your garage. Don't pile up crap in the garage and actually use it for the car. Boom, attack defeated.

Re:Wrong! by WilliamGeorge · 2018-12-05 10:58 · Score: 4, Informative

Not all of us have garages - certainly not most folks in apartments, and even many homeowners (myself included). Plus, there are pretty cheap ways for thieves to hack electronic garage doors too:
https://www.youtube.com/watch?...

--
William George
Re:Wrong! by bobbied · 2018-12-05 11:07 · Score: 1

First, key fobs are NOT constantly broadcasting a signal.

Um, no, they are regularly transmitting a short low power ping, at least the ones I've seen.
Just dropping your FOB into a open metal box, assuming it's deep enough, will likely work just fine. But the exploit path will remain when you walk away from your car in a store parking lot..

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Wrong! by nukenerd · 2018-12-05 11:19 · Score: 1

sure, you can use a Faraday cage. You can put it in the refrigerator (which some people actually do!), etc.

In other words the supposed convenience of having saved pushing a button on a fob on your key ring is more than completely negated by this sales gimmick. Could someone explain again why pushing a button is so hard?
Re:Wrong! by Anonymous Coward · 2018-12-05 11:35 · Score: 1

You clearly don't understand that pressing a button can be very, very difficult. After a bottle of wine and half a bottle of whisky, I struggle to even find my car key, let along hold it still enough to press any silly old button.
Last night, I was only able to get into the car because I'd left the doors unlocked, and when I woke up in the car, parked outside my house, I thanked my stars that I'd been at home in the first place. Not sure why I didn't just use the bedroom. Anyway, it would have been far worse, as you can imagine, if I'd had to contend with buttons and other such nonsense.
Re:Wrong! by ArchieBunker · 2018-12-05 11:42 · Score: 1

Going to need a source on that one. Those coin cell batteries can broadcast pings for years? I'm calling bullshit.

--
Only the State obtains its revenue by coercion. - Murray Rothbard
Re:Wrong! by fahrbot-bot · 2018-12-05 11:43 · Score: 1

Could someone explain again why pushing a button is so hard?
And, by extension, why using a regular key -- that has worked since the invention of the automobile -- is so hard?
Ya, ya. (1) I understand there were a few isolated issues in recent memory with keys because a manufacturer cheaped out on a spring in the ignition lock and (2) I get the convenience of key-less entry and ignition, but some solutions just create new problems. Both my 2001 Honda Civic and 2003 Honda CR-V have a key-fob to unlock the doors, but I *never* carry/use them (okay, maybe during a rainstorm) because they're too big to comfortably carry in my pocket. I just use the keys - and have never had a problem. I'm also not a fan of key-less ignition (and have read articles about people getting killed using them), though I concede that my next car will probably have it because manufacturers are going that way to (a) save on providing locks/keys and (b) raping consumers on the cost of key-less systems. I would pay extra to *not* have key-less ignition. Sometimes newer and/or fancier is not better. In a related story, I have a friend with a new(ish) Toyota Highlander which won't start if both his and his wife's key-fobs are (detected) in the car at the same time -- which seems like a design flaw.

--
It must have been something you assimilated. . . .
Re:Wrong! by Cmdln+Daco · 2018-12-05 12:00 · Score: 1

I have a two car detached garage. But being a nerd, there is just too much other stuff more worthwhile to keep in a garage than my cars.
Re:Wrong! by dryeo · 2018-12-05 12:02 · Score: 1

My ancient fob has a 12v battery that is about half the size of a triple A, length wise. I also don't know what the point of always broadcasting would be, have to press a button to unlock and enable the ignition and even with the key in the ignition, if i don't start it within 3 minutes or so, the ignition and starter (or maybe just the starter, have to try push starting it one day) are disabled forcing me to push the unlock button again.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Wrong! by godel_56 · 2018-12-05 12:03 · Score: 1

Going to need a source on that one. Those coin cell batteries can broadcast pings for years? I'm calling bullshit.
From the original article above ^^^^^ (Scroll up dude!) ^^^^^
"thieves are using a method called "relay theft." Key fobs are constantly broadcasting a signal that communicates with a specific vehicle, he said, and when it comes into a close enough range, the vehicle will open and start. "
It's other way around. The car is constantly sending an "unlock me" signal and the fob is always listening. When the fob gets close enough to hear the signal the pair negotiate an unlocking sequence. You would not want the fob to be always broadcasting because that would flatten the key fob's battery.
Re:Wrong! by bobbied · 2018-12-05 12:05 · Score: 1

So you are saying the article is wrong?
I'm not going to call BS, but I am going to ask for a citation on that... :)

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Wrong! by dryeo · 2018-12-05 12:10 · Score: 1

It's handy to just push a button to unlock both doors rather then walk around and unlock the passenger door after unlocking the drivers door. Likewise for locking them if the passenger forgot to push the button down before closing the door. Driving alone, it's not so important.
The truck also won't start without pushing that button to unlock the doors and screams if someone opens the door (reaching through an open window or such).

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Wrong! by ctilsie242 · 2018-12-05 12:34 · Score: 1

Maybe the remote needs an on/off switch. Flip the switch off, no attempts at communication would be made.
Re:Wrong! by godel_56 · 2018-12-05 12:37 · Score: 5, Informative

So you are saying the article is wrong?
I'm not going to call BS, but I am going to ask for a citation on that... :)
The citation is the original TFA link from cbc. Scroll down a bit and look at the diagram which shows how it works. But common sense will tell you that a tiny coin battery in a key fob can't be broadcasting on a regular basis without going flat, whereas the large battery in a car can.
Re: Wrong! by orlanz · 2018-12-05 12:39 · Score: 1

Like keyless entry, it's just a simple convenience that is nice to have. I understand it's not for everyone, but I really like it.
It's nice to have all the foot lights come on as I approach the car with kids. It's nice to have the interior and my door handle lights come on. The trunk opens/closes with a foot sensor.
And since I haven't touched the fob in my pocket, I don't need to take it out to start the car (I do need to push a small button to open the door). It's also nice to leave the car locked but running w/o the fob. The car will shutdown if someone tries to unpark it.
I don't think the risk is increased by much, if really at all, by going keyless. Knock on wood and all. If someone wants your car there are plenty of ways to take with either which way.
Re:Wrong! by fahrbot-bot · 2018-12-05 12:46 · Score: 1

It's handy to just push a button to unlock both doors rather then walk around and unlock the passenger door after unlocking the drivers door.

True enough, though both my Hondas have a power lock button on the driver's side to un/lock the other doors and locking the driver-side door with the key locks both doors. My wife's previous car was a 1991 Toyota Celica GT and the outside door locks had some nice intelligence. Unlocking the passenger door from the outside unlocked both doors and when unlocking the driver door, turning the key once unlocked just the driver door while turning it twice in rapid succession unlocked both doors. I actually wish my Hondas had that.

--
It must have been something you assimilated. . . .
Re:Wrong! by LostMyAccount · 2018-12-05 12:51 · Score: 1

You've obviously never had a car with a proximity key. It's extremely convenient. No more fishing for keys, taking off your gloves in the winter, screwing around with an ignition key. You just walk up, get in and push start. There are weeks that go by in the winter when I don't even take my keys out of my jacket pocket.
I know it seems only marginally more convenient than a button keyfob, but in use its fantastic, especially in the winter. It's probably arguably safer considering there's no signaling effect as to what car you're unlocking.
It'd be even better if the fobs were cheaper, like say $20-30 each. I'd buy a few more and just leave them in other coats, maybe my backpack.
I wish there were more buttons on the fob, though. I'd like one that would close all the windows and sunroof as well as an option for this to happen when I lock the car. I'd also like an auto lock feature that automatically locked all the doors (and windows/sunroof) when walking away from the car.
Re:Wrong! by Immerman · 2018-12-05 13:01 · Score: 1

Agreed. I don't have a garage, but if I did I certainly wouldn't waste valuable weatherproof space by filling it with a car that's already designed to be weatherproof on its own.
I've always thought the entire concept of a garage represented an unhealthy relationship with a tool.

--
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Re:Wrong! by viperidaenz · 2018-12-05 13:21 · Score: 1

Bluetooth low energy is designed to do just that. Last years on a coin cell transmitting as often as every few milliseconds. Most do a few times per second.
Re:Wrong! by quenda · 2018-12-05 14:02 · Score: 1

Next, sure, you can use a Faraday cage. You can put it in the refrigerator (which some people actually do!), etc.

That is the sort of thing that works in the movies, but I'm sure the real Ed Snowden knows better. Have you tried it?
Put your cellphone in the fridge or microwave, and call it. Are you surprised to heart the ring?
https://www.youtube.com/watch?...
Re:Wrong! by ceoyoyo · 2018-12-05 14:25 · Score: 1

You don't have to completely block the signal, you just have to attenuate it enough. Those little fobs are super low power, and the signal already has to go through at least your front door.
Re:Wrong! by dryeo · 2018-12-05 15:01 · Score: 1

Is there no lock/unlock doors button on the inside of your driver-side door?
No, manual locks and even manual windows.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Wrong! by dryeo · 2018-12-05 15:13 · Score: 1

Well my '98 F150 is manual, manual shift, manual windows and manual locks (last owner added the alarm, remote start and electronic locks). Last vehicle the power locks were broken, so manual, though if they worked, I could have just pushed a button after unlocking the drivers door to unlock the others. That vehicle, I had to replace the window regulator motor twice, spent too much time looking for the wiring break that broke the door locks and other various issues that made me want to avoid too much power this and that.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Wrong! by mysidia · 2018-12-05 15:54 · Score: 1

Never trust a journalist to get the technical details 100% correct. godel_56 is probably right, and the article is an approximation of the facts as the jouranlist understands or chooses to simplify the details for non-technical readers -- that the fob is always talking.
Re:Wrong! by mysidia · 2018-12-05 16:16 · Score: 1

the exploit path will remain when you walk away from your car in a store parking lot..
Well, you could put the fob in a RFID-blocking wallet or use a RFID-blocking liner around the pocket and pull out the fob when ready to start the car.
I would opt-out of the wireless start tech altogether.
Personally waiting for a vehicle with a more advanced feature such as Two-Factor unlock by activating a face-recognition scanner to unlock the door then entering a secret personal code onto a keypad and doing a biometric hand scan to authorize starting the engine.
Re:Wrong! by MrMr · 2018-12-05 21:15 · Score: 1

which seems like a design flaw
I'm not so sure. Perhaps just the third law of robotics. Could be that the car's AI has decided that the risk of them both in the car is too high for its own safety.
Re:Wrong! by MrMr · 2018-12-05 21:16 · Score: 1

Yes, and perhaps even a lock and key to fix it in the off position.
Re: Wrong! by nukenerd · 2018-12-05 23:01 · Score: 1

It's nice to have the interior and my door handle lights come on.
Eh? Even my very first car, an already ancient 1960's Vauxhall, had its interior light come on when I opened the door. Don't know what you mean by "door handle lights" - they glow in the dark?

It's also nice to leave the car locked but running w/o the fob.
You mean you are leaving it running without you in it? Why? Illegal in the UK anyway, and inadvisable anywhere (cases of software bugs changing transmission out of Park). Chist, in the UK it will soon become impossible to buy a car that does not have its engine automatically stop whenever the car stops moving, even in traffic, so obsessed the authorities have become with cutting emissions.
Re:Wrong! by ctilsie242 · 2018-12-06 02:01 · Score: 1

I wonder about having a mode setting on the vehicle. Set it, it only listens to the lock/unlock buttons. When locked manually, it ignores key proximity until the unlock button is pressed.
Re: Wrong! by orlanz · 2018-12-06 02:25 · Score: 1

My vehicle's door handles have lights under them. As do the running boards. As does the rear of the car so I can un/load things. Specific ones lighting up as needed is nice (the zones are just driver, pass, all, and rear).
I leave the car on when it's less than a 5 min stop. Ie: dropping shipping packages off or leaving the family watching TV to get milk. It will take me 5 min or 20 with family.
Re:Wrong! by dwillden · 2018-12-06 05:26 · Score: 1

Stay away from Tesla's then. You just have the fob with you. You walk up to it and it unlocks (and the handles pop out, You get in, put it in gear and drive, the handles retract as you start moving. At destination when you stop the handles pop out., you get out and walk away. And the handles retract again locking the doors. All in the fob.

--
I'm too lazy to compose a creative sig.
Re:Wrong! by dwillden · 2018-12-06 05:29 · Score: 1

Ever had your hands full and had to juggle stuff while getting the key out and using it? Or been wearing thick gloves in cold weather and had to take the time to take off a glove just to get the key out of your pocket?

With modern cars you just walk up, get in, push a start button and go. Or with Tesla's you just put it in gear and go. No need to handle the key at all.

--
I'm too lazy to compose a creative sig.
Re:Wrong! by cellocgw · 2018-12-06 05:53 · Score: 1

Stay away from Tesla's then. You just have the fob with you. You walk up to it and it unlocks (and the handles pop out, You get in, put it in gear and drive, the handles retract as you start moving. At destination when you stop the handles pop out., you get out and walk away. And the handles retract again locking the doors. All in the fob.
Both the unlock and lock feature can be disabled in the car's operation menu, leaving only a physical button push on the keyfob to lock or unlock the car. RTFM, already!

--
https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
Re:Wrong! by Immerman · 2018-12-06 06:32 · Score: 1

Sure, and if I have to repair a car at night, I'll bring it into a garage/worksace to do so if I have the option. That's pretty rare though, and it's not going to live there the rest of the time, preventing me from using the workspace for other projects.
As for climate - yeah, there's a few places where it might be justified. But most of the world doesn't get into the mid-hundreds (F) or 40+ below on a regular basis, nor deal with baseball sized hail (no, I don't consider minor cosmetic dents to be damage).

--
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Re:Wrong! by Immerman · 2018-12-06 06:34 · Score: 1

Nope. I've got rain, snow, searing sun, and occasional golf-ball sized hail. Cars can handle all of it.

--
--- Most topics have many sides worth arguing, allow me to take one opposite you.
Re:Wrong! by clovis · 2018-12-06 06:46 · Score: 1

You must be part of the 1% club. The rest of us who only make six figures can't afford garages. Silicon Valley is just too god damm expensive.
Anyone can have a garage anywhere. You just need to know how to make one.
Here's some examples you may emulate.
https://cml.sad.ukrd.com/image...
https://www.yorkmix.com/wp-con...
Poorly thought out attempts at garage-making.
http://news.images.itv.com/ima...
https://www.jdn.co.il/wp-conte...
Re: Wrong! by mysidia · 2018-12-06 15:25 · Score: 1

Not "gimping" ---- turning off a gimmick that's also a security risk.

Saw this video by Kernel+Kurtz · 2018-12-05 10:48 · Score: 1

about a year ago. Does not take long.

https://www.bbc.com/news/av/uk...

Not This Again by WankerWeasel · 2018-12-05 10:49 · Score: 1

This is the same story that made rounds on Facebook over a year ago, telling people to put their keys in their microwave when they're at home to prevent people stealing their car. https://www.foxnews.com/tech/w...

Some incorrect assertions by TWX · 2018-12-05 10:49 · Score: 4, Interesting

The mechanism in a fob that lets the vehicle start is not the same mechanism that operates the locks. Additionally there's different programming needed to add the convenience controls versus programming the fob to where the vehicle will start with it.

This "hack" was possibly demonstrated on an old Top Gear when one of the presenter's cars was moved into the street by another presenter while they were at a restaurant. Basically supposedly it was close enough that the the fob and car could communicate. Given that this was for entertainment it's difficult to say if it was real or not.

Either way though, I guess I'm still a fan of having a physical key that must be inserted into a slot, used in combination with an immobilization system that communicates with a chip that's embedded with the key.

--
Do not look into laser with remaining eye.

Re:Some incorrect assertions by ChoGGi · 2018-12-05 19:45 · Score: 1

Why doesn't the car turn off when the key is no longer "close" to it?
Re:Some incorrect assertions by kackle · 2018-12-06 02:06 · Score: 2

Dangerous, maybe? A dead fob battery could kill the engine while at 55 mph, for example.
Re:Some incorrect assertions by mjwx · 2018-12-06 02:10 · Score: 1

Why doesn't the car turn off when the key is no longer "close" to it?
Safety.

Say your Key Fob breaks or stops responding on the motorway whilst you're doing 80. The last thing you want is for the car to decide to shut itself down whilst Andrew Audi is millimetres from your tailpipe at those speeds. When the car shuts down you lose power steering and braking.

The issue here is that many manufacturers are pushing button-less entry. This means that you don't need to press the unlock button to enter the car or disable it's immobiliser. You only need the transponder to be close to the car. The safety "feature" is that it only works over a few metres... Which as anyone who knows anything about information security will figure out in 10 seconds flat, is no security at all.

This is why I didn't opt for this option on my BMW.

--
Calling someone a "hater" only means you can not rationally rebut their argument.
Re:Some incorrect assertions by ChoGGi · 2018-12-06 04:20 · Score: 1

The car could have a holder that ensures the fob doesn't run out of juice, or just not start if the fob isn't in a holder.
but that's probably too expensive...
Re:Some incorrect assertions by Agent0013 · 2018-12-06 04:48 · Score: 1

That would be called a metal key in the lock then. I never take my fob from my pocket. I unlock the car by touch, start the car by push-button, and lock it again by touching the handle. My hands can be full of coffee and a laptop bag etc, while the back of my hand is all it takes to lock the car. Now you want me to remove the key from my pocket to put it into a holder so the car does not crash while driving down the road. Stupid suggestion and I would rather just go back to a regular key than that. But the key fob is the best invention I didn't know I wanted until I had it. It really is way convenient and it isn't really apparent until you are using it and see how often it keeps your hands free.

--

-- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
Re:Some incorrect assertions by ChoGGi · 2018-12-06 08:41 · Score: 1

Now you want me to remove the key from my pocket to put it into a holder so the car does not crash while driving down the road. Stupid suggestion and I would rather just go back to a regular key than that.
The idea is people can't steal your car without the fob in direct contact with the car, you don't need to make it shutdown (sorry crash...), just not have the car start unless it's plugged in.
I'm also not sure what locking the car has to do with anything? That'll work just as it did.
Re:Some incorrect assertions by Agent0013 · 2018-12-06 09:34 · Score: 1

I'm also not sure what locking the car has to do with anything? That'll work just as it did.
I never remove the key from my pocket. It cannot get lost or locked in the car and it leaves my hand free for other things. The moment I have to take it out of my pocket the device is ruined for it's purpose. And if I only need to remove it after I got into the car, that is even worse since pockets are hard to reach into once sitting down. Do you understand now, or did I use too many words again?

--

-- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
Re:Some incorrect assertions by ChoGGi · 2018-12-06 10:39 · Score: 1

To each his own.
Re:Some incorrect assertions by John.Banister · 2018-12-06 11:39 · Score: 1

I don't know if the reason is to permit convenience similar to my use, but I'd take advantage of this when driving my parents (in their car) to doctor visits a lot. They'd have the keys in their pocket/purse. I'd park the car after letting them out at the entrance.

needs motion sensor by Bruce+Perens · 2018-12-05 10:49 · Score: 4, Insightful

At the very least, the key fob should have a motion sensor, and should not be beaconing when it's not been moving for a few minutes. That would defeat this particular exploit.

--
Bruce Perens.

Re:needs motion sensor by Actually,+I+do+RTFA · 2018-12-05 10:53 · Score: 2

Nitpick: I assume you mean it should have an accelerometer or other IMU package. A "motion sensor", as a term, tends to refer to a device that senses motion in the room (like that used to turn outside lights on as you approach).
Seems like a much more expensive solution than a button or slider switch to activate. Or socket in the car with a physical connection required.

--
Your ad here. Ask me how!
Re:needs motion sensor by Bruce+Perens · 2018-12-05 10:55 · Score: 1

Yes. The whole point is not to have to push a button to open the car door. You have key key in your pocket, and touch the door handle and it unlocks by itself. This is how it works on my Prius and Jeep.

--
Bruce Perens.
Re:needs motion sensor by Actually,+I+do+RTFA · 2018-12-05 11:03 · Score: 1

Sure, hence the other idea of a slide switch to activate/deactivate fob. Deactivate when you get home/to work. Activate before you walk outside.
Personally, I would prefer a button, but there are pluses and minuses.

--
Your ad here. Ask me how!
Re:needs motion sensor by Luthair · 2018-12-05 11:07 · Score: 1

Imagine someone sitting in their car with their key in a bag (e.g. a purse), suddenly they need to shake their bag to move their car? I think fix is accurate timing of the response which would indicate distance. They might also be able to listen for a replay but not being an EE maybe a directional antenna would defeat that.
Re:needs motion sensor by omnichad · 2018-12-05 11:12 · Score: 1

I keep my keys in my pocket - not on a table somewhere. If I'm awake, they've probably been moving in the last few minutes.
Re:needs motion sensor by dknj · 2018-12-05 11:26 · Score: 1

i like your idea of a slide switch because it gives the operator choice. you live in the boonies, have a garage, drive a $2000 fordor generally dont care then you don't have to disable for convenience. live in a major metro city, or otherwise are constantly at risk of theft of your $50k car you park on the street.. by all means boo-boo activate that slide switch.
i'm not inconvenienced, you are still safe. win-win. until you forget to slide it and get annoyed that your car won't unlock or worse, gets stolen because you never turned it off.
personally the accelerometer idea is superior but probably will destroy that cell battery in a matter of months rather than years
Re:needs motion sensor by nwf · 2018-12-05 11:40 · Score: 1

Too prone to error. A time of flight calculation would work. Of you are outside of, say, 10 feet, you can't unlock the car. Apple does this when unlocking a Mac with an Apple Watch. I'm sure it's not trivial, but it's certainly possible.

--
I don't know, but it works for me.
Re:needs motion sensor by dgatwood · 2018-12-05 11:59 · Score: 1

Signals travel at around a foot per nanosecond. That means the time to respond to a request must have no more than a few nanoseconds of variation. That seems unlikely to be possible, much less practical.
The right fix is for keyless driving and no-press keyless entry to be an optional feature that the user can disable.

--
Check out my sci-fi/humor trilogy at PatriotsBooks.
Re: needs motion sensor by orlanz · 2018-12-05 13:20 · Score: 1

I am not an expert, but do work on IOT circuits in my spare time.
I think an accelerometer consumes many times more power than a short range transceiver. The fob probably transmits for 1/10000 of a second every 1-3 seconds. An accelerometer probably draws more power idiling for movement over a 24hr period than the transmitter.
Then there is higher initialization consumption of an accelerometer. At the later stages of the battery, it probably will fail sooner, being unable to draw the necessary power.
It's a nice idea and probably a good trade of security vs battery life in a higher car theft risk area. But over all, I don't think the standard keyless and keyed cars are significantly safer to warrant it.
Re:needs motion sensor by Bruce+Perens · 2018-12-05 13:35 · Score: 1

I think if it stopped beaconing after standing still for 5 minutes, it would satisfy most needs. There are a few corner cases where the car has to be able to order the fob to beacon anyway. For example, if the car says "I'm about to lock the door, let me know where you are so that I don't lock the keys inside", it has to beacon. Obviously if you go to sleep in your car and then push "start" and nothing happens, you will have to shake the fob. Sorry.

--
Bruce Perens.
Re:needs motion sensor by Actually,+I+do+RTFA · 2018-12-05 13:35 · Score: 1

Hmm... interesting. The first links I get on DDG for "motion sensor" are hardware stores selling outdoor light sensors. Wasn't aware of the usage change. Sorry Bruce!
I'd be more concerned about power consumption than construction cost. Replacement fobs cost a couple hundred bucks, so there should be sufficient profit. I'm not even sure if the hands-free fobs have batteries or are just passive RFID.
Lastly, I've been desperately looking for cheap accelerometer all in one board. I haven't seen a usable accelerometer for $0.50, and certainly not once you count all the other pcb parts needed to make it work. I'd love to find out I'm out of the loop. any good recommendations?

--
Your ad here. Ask me how!
Re:needs motion sensor by Applehu+Akbar · 2018-12-05 13:43 · Score: 1

The Toyota solution: key required for the actual ignition. Problem solved.
Re:needs motion sensor by ceoyoyo · 2018-12-05 14:33 · Score: 1

Not a time of flight calculation. Light is too fast and the fob's response time is too variable. Delay detection would work though. You send out the signal and you know to fairly good precision (but much less than required for TOF) how long the key fob takes to respond. You would probably build the fob so it sets up its response, waits a particular amount of time, then fires it off.
Relays introduce an unavoidable delay. If you detect the delay, don't unlock the doors.
Re:needs motion sensor by mentil · 2018-12-05 17:52 · Score: 1

A newer Prius doesn't start with a key. A fob is required instead.

--
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
Re: needs motion sensor by AmiMoJo · 2018-12-06 00:49 · Score: 1

The fob doesn't transmit at all most of the time.
There are various kinds. Some use an ultra-low power RF detector to detect signals from the car (since the car battery is massive and rechargable), and then wake up when in range and start communicating. Others are entirely passive, they simply modulate a signal sent out by the car and reflect it back.
The current preferred method of avoiding these relay attacks is to look at the timing of the response. The relay adds a small amount of delay that can be detected.

--
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:needs motion sensor by im_thatoneguy · 2018-12-06 09:16 · Score: 1

Some do. It's a good simple solution.
People are petitioning Tesla to implement that in their smartphone app\key.

Why would it continuously emit ? by aepervius · 2018-12-05 10:50 · Score: 1

It just need to emit when you push a button on the key fob. Or is this one of those "innovation" with scary quotes where you just have to be near your car ?

--
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org

Re:Why would it continuously emit ? by fluffernutter · 2018-12-05 11:02 · Score: 1

Because a lot of vehicles now react if you have the fob and you touch the door handle, or if you have the fob and you sweep your foot under the back bumper. The point is to eliminate the necessity to touch the fob. I know my wife's is buried in her purse all the time and she never takes it out.

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
Re:Why would it continuously emit ? by Ingenium13 · 2018-12-05 11:12 · Score: 5, Informative

It doesn't continuously emit. It's false information in the article. The fob listens constantly, and when it receives a valid query from the car, then it broadcasts a response. So when someone touches a door handle, for example, to unlock, the car broadcasts the challenge, and the fob then broadcasts the response. Same for pressing the start button.
The coin battery in the fob would die within days (if it even lasts that long) if it was constantly broadcasting.
Re:Why would it continuously emit ? by bobbied · 2018-12-05 11:53 · Score: 1

It doesn't continuously emit. It's false information in the article. The fob listens constantly, and when it receives a valid query from the car, then it broadcasts a response. So when someone touches a door handle, for example, to unlock, the car broadcasts the challenge, and the fob then broadcasts the response. Same for pressing the start button.
The coin battery in the fob would die within days (if it even lasts that long) if it was constantly broadcasting.
Shesh, the article is right they are regularly transmitting, but you have to consider what it means. The FOB need only transmit a short low power RF pulse every 10 seconds, more or less. The FOB's I've seen come with absolutely huge batteries and YES they need to be replaced a lot more often than the button press kind. (and the dealer service department LOVES to do it for you.)

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Why would it continuously emit ? by tlhIngan · 2018-12-05 12:07 · Score: 1

It just need to emit when you push a button on the key fob. Or is this one of those "innovation" with scary quotes where you just have to be near your car ?
It can't continuously emit. Key fobs are powered by tiny batteries, and transmitters are power hungry. IN order to keep the battery life to several years they can't continuously transmit.
What happens is the key fob detects a low-level RF field emitted by the car, and the car interrogates the key when the key detects this. This is used for those keyless entry systems. This is an alternative to pushing the button.
What I don't get is the whole "don't need the fob to start". Every car I've seen refuses to start the engine unless the key fob is INSIDE the car. And the key is interrogated periodically - if you remove the key from the car, the engine will stop within 5 minutes. The only way to run longer is if the key fob remains near the car on the outside (this is essential for those of us in cold climates where we start the car, set the blower to fast and hot and defrosters on,. then go and scrape the windows on the outside, so the key fob is outside but close to the car).
So they can steal the car, and run it for as long as they can maintain the keyfob signal.
Heck, when they battery on my keyfob ran low (why the car souldn't tell me to replace the battery escapes me) the car asked me to insert the fob into a special key holder in the glove box as an emergency measure.

No...they do not by DewDude · 2018-12-05 10:51 · Score: 3, Informative

"always broadcast a signal". They only do that when within the low-frequency radio signal generated by the car. They work much like RFID if you don't press a button on it. This is also really only usable on vehicles that don't use the standard "press a button to do something" fob. My 2011 Hyundai uses a standard fob like this; the 2018 Yukon XL I rented used the more modern type since it was a push-start.

Why don't they fix this? by bobbied · 2018-12-05 10:57 · Score: 1

Come on you crazy car makers you can fix this exploit.... PLEASE start making the no button FOBs work on an interrogation basis... Make it necessary for the CAR to initiate the conversation and ONLY when the car needs to know when the FOB is in the local area. ALSO, make sure the FOB is at least close to the vehicle by looking at the delay between the ping and pong reply. You can keep the current button press FOB things, but for any "automated" unlocking do the right thing and MAKE SURE the FOB is actually near the vehicle (or INSIDE it when you start the motor). Come on, it's not that hard...

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101

Re:Why don't they fix this? by jaa101 · 2018-12-05 11:05 · Score: 1

Obviously more stolen cars results in more car sales so, at the very least, manufacturers aren't as well motivated as they might be in this area. Probably the fix is for insurance companies to jack up the rates on cars with insecure fobs. You do compare the insurance rates when chosing between car models don't you?
Re:Why don't they fix this? by RhettLivingston · 2018-12-05 11:20 · Score: 1

I agree. Seems like this is the perfect app for RFID. I believe there are some that could even rotate codes using just the energy broadcast to it.
Re:Why don't they fix this? by bobbied · 2018-12-05 11:23 · Score: 1

I actually DO compare insurance rates... But I admit that I'm weird when it comes to buying cars.
For my last two vehicle purchases I made a "final offer" and told the salesman I only had about 30 min to close the deal. When they first refuse because the "manager" didn't like the deal, just turned to leave. They got two chances. In both cases, it took about 30 min. The problem is you have to know what the vehicle is worth to the dealer, a bit of research that takes is daunting, because it's NOT dealer invoice, not by a mile, AND you need to be willing to actually walk away if they don't take your deal. In both cases, the dealer made about $600 on the car, best I could tell.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Why don't they fix this? by dknj · 2018-12-05 11:29 · Score: 1

so your car should constantly ping? how does that solve the problem.
-dk
Re:Why don't they fix this? by bobbied · 2018-12-05 12:02 · Score: 1

so your car should constantly ping? how does that solve the problem.
-dk
No, it only pings when somebody tries to access it. So it's quiet until somebody grabs the door handle to open the door, then it pings, or hits the "start" button, then it pings and verifies the FOB pongs and is actually INSIDE the car (easy to do with basic direction finding).
But think about what this means... That "ping" now needs to be sent to the FOB before it will pong.
This greatly increases the complexity of the exploit. Now you have to relay signals in both directions. You have to get the ping to the FOB, and return the pong from the FOB. That means that the thieves will need to be touching the car, broadcasting the ping, which they amplify to get it to the FOB and then trying to find the FOB's reply and amplify it for the car to receive. It's more than twice as difficult to do this.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Re:Why don't they fix this? by vux984 · 2018-12-05 12:53 · Score: 1

" It's more than twice as difficult to do this."
First. No. Having to do basically the same thing twice does NOT make it twice as difficult.
Is making two omelettes twice as difficult as making one? Twice as many eggs. Sure. Twice as time consuming maybe. But twice as difficult? No. If you can make one, then making a 2nd one does not really increase the difficulty of the task.
Second, boosting the signal from the car is easier. You know exactly where the car is, your within physical contact wit hti. You are trying to steal it after all. Finding and boosting the signal from the fob is harder, but if they've already got that part figured out boosting the signal from the car is only nominally more effort.
Re:Why don't they fix this? by mysidia · 2018-12-05 16:03 · Score: 1

Make it necessary for the CAR to initiate the conversation and ONLY when the car needs to know when the FOB is in the local area.
That may be very well what it does, but the thieves Relay the interrogation AND the responses to the interrogation..
ALSO, make sure the FOB is at least close to the vehicle by looking at the delay between the ping and pong reply.
The delay before the FOB responds is probably not predictable and measurable with sufficient precision.

Keep looking up ... by cpurdy · 2018-12-05 10:58 · Score: 1

... because it is almost as likely that you will get hit by a meteor as have this happen to you.

Video of thieves using that method to steal a car by ei4anb · 2018-12-05 10:59 · Score: 4, Informative

"Police in West Midlands, UK have released footage of criminals stealing a car by relaying a signal from the key inside the home, to the car in the driveway."

https://youtu.be/bR8RrmEizVg

Progress by fluffernutter · 2018-12-05 10:59 · Score: 1

Isn't technology great?

--
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.

Re:Progress by Anonymous Coward · 2018-12-05 14:38 · Score: 1

Clearly it is rocket science to the people making cars. But if this becomes wide spread, car people would do something to remedy the situation. Same happened with the regular key. There was a time when cars could be hot wired easy and car makers changed the system to put a chip in the key so the car communicates with the key to ensure that the key is the right one. After that was implemented all the old cars were getting stolen because the new ones were hard to start without a key. Something like this will happen with RF keys. In the mean time lots of cars with keyless start will get stolen.

this is better by RhettLivingston · 2018-12-05 11:02 · Score: 1

Given that there is no indication of an increase in theft and that thieves using methodologies like this are very likely professionals, the thieves have just found a less damaging way to steal your car. They can steal any car they decide they want - even if they have to haul it away on a car hauler. If it is stolen in this fashion and perchance recovered, you likely won't have to deal with as much of a repair job.

So go ahead and worry about making it more difficult with Faraday cages and other silliness. If your car shows up as one that they want for parts, you'll just get a busted window for your efforts assuming they recover it.

Huh? by jabberw0k · 2018-12-05 11:03 · Score: 1

The key fob only transmits a signal when you push the button. And what does the key fob have to do with starting the car? That's done with a key. Of course you can hot-wire a car, that's been a thing since there were keys. Article is confused.

Re:Huh? by Anonymous Coward · 2018-12-05 11:24 · Score: 1

The key fob only transmits a signal when you push the button. And what does the key fob have to do with starting the car? That's done with a key. Of course you can hot-wire a car, that's been a thing since there were keys. Article is confused.
No you're just way out of date. Many cars now have push-button start where the fob never needs to leave your pocket. The puddle lights on my car come on when I get within a few feet of it with the fob in my pocket and the door unlocks if I put my hand on the door handle. However for most this is a very low-power short range signal, the signal from when you do press a button on the fob is much, much stronger.
Re:Huh? by bob4u2c · 2018-12-05 12:14 · Score: 1

PKE (Passive/Proximity Keyless Entry). You only need to be close for the doors to unlock and the push to start button to function, hence the Passive/Proximity part.

Hot-wiring a modern car would be expensive, time consuming, and very invasive as you need to replace the computer with a hacked one as it is looking for a key code. Without the computer the car just won't run as starting, timing, and other adjustments needed for the engine to fire right are made via the computer. Try switching the computer out in a parking lot full of people and somebody will catch on. It might work if you had a convincing tow truck so you looked legit. But still there is a pretty big chance that the owner would walk up on you doing this.

Older cars yes; use a screw driver with a t-bar to break the cylinder lock and unlock the wheel. Then find the +12v battery wire, and the on/run wire (dash should light up when connected to the +12v wire). Twist these together, then touch the starter wire to it and your off. I have one of these older cars and yes I've started it this way a few times (the electric plates in the key lock were broken and being a staving college student I couldn't afford a replacement at the time).

This doesn't seem like it would normally work? by King_TJ · 2018-12-05 11:11 · Score: 1

I've owned a number of vehicles with keyfobs, and in almost every case, they didn't transmit anything until you pressed a button on them to unlock or lock a door, a trunk, or perhaps sound the horn repeatedly as a "panic" function.

That was true even for cars like my Hyundai Genesis Coupe that had "push to start". The fob might have transmitted something to tell the car it was present, so push to start was ok to start the engine. But you couldn't unlock the doors just by walking up to it. Come to think of it, my Cadillac CTS Coupe used to be the same way. It had push to start, but the fob didn't unlock anything until a button was pressed to send that signal.

I actually used to have a Chrysler Crossfire SRT-6 convertible (2005 model) where the keyfob would even stop unlocking the doors if a button on it was pushed too many times while outside the range where the car could act on the command. It must have used some kind of 2 way handshake when you pressed the lock or unlock button. When it would stop working (which happened occasionally because I'd accidentally press buttons on it when it was in my jeans pocket with the rest of my keychain), I had to put the key in the ignition, turn it to the "on" position, and double press a button on it, and then turn the car back off. That would pair it back up.

Re:This doesn't seem like it would normally work? by demonlapin · 2018-12-05 11:56 · Score: 2

Lots of modern cars have fobs that don't have to be pulled out of a pocket or purse. I can walk up to my car, and as long as the fob is very close (in my case, about a foot), putting your hand inside the door handle will unlock the car. It definitely recognizes which side of the car it's on, and might even recognize which door (haven't tried). If you use this technique on the driver's door, it will only unlock that door. Any other door, it opens all four. Then it's a normal push-to-start fob. That's a 2009 Lexus, so the tech has been around a while.

We are on the verge of a golden era for... by Blaede · 2018-12-05 11:15 · Score: 5, Interesting

...car theft. Once autonomous cars are perfected, thieves can remotely start the target car and have it drive itself into a Faraday caged trailer. The vehicle pulling the trailer will be autonomous too.

Put it in the garage by Fly+Swatter · 2018-12-05 11:32 · Score: 1

I am sure your Amazon or Google based internet home security system will be able to protect it.

In fact... by SuperKendall · 2018-12-05 11:34 · Score: 4, Funny

Turns out the thief is an autonomous AI as well, that figured out making money for new GPU's to increase processing power was a lot easier stealing cars!

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

Re:In fact... by mentil · 2018-12-05 17:47 · Score: 1

Turns out Jensen Huang is an AI. Suddenly Nvidia's cryptomining and AI applications make sense! Turing architecture... subtle...

--
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.

Extra step too annoying by SuperKendall · 2018-12-05 11:48 · Score: 1

Sure, hence the other idea of a slide switch to activate/deactivate fob.

That still means you have to dig it out, especially annoying in the winter. I like my keyless entry because as stated, I can just walk up to the door and press a button (on the door) and it unlocks without having to dig the key out of my pocket or jacket.

Now if you are really wanting this, this you could easily hack it up yourself - the wireless key fobs have batteries, so you could just rig some simple outside switch to disconnect the battery. I'll be the people able to make that happen and the people actually wanting this feature is a nearly complete overlap.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

Re:Extra step too annoying by Actually,+I+do+RTFA · 2018-12-05 13:28 · Score: 1

It's a slide switch. You're right you have to dig it out, but only to toggle it. So do it while inside your home/office/etc as part of putting on your coat to go outside. I understand that some people like the hands-free nature, but making it toggle-able avoids this problem with less engineering/cost from a sensor.
Also, I'm not sure if the fobs have batteries, or are powered with received EM from the car.

--
Your ad here. Ask me how!
Re:Extra step too annoying by epine · 2018-12-05 15:09 · Score: 1

That still means you have to dig it out, especially annoying in the winter. I like my keyless entry because as stated, I can just walk up to the door and press a button (on the door) and it unlocks without having to dig the key out of my pocket or jacket.
Then you deserve to have your radio signals amplified and replayed. Just because you find it annoying doesn't mean a terrible engineering solution somehow becomes a good idea.
I suppose you could two-factor with a fingerprint reader on your car door. Should work great until that surprise -50 degrees F event (climate isn't what it used to be). Then you be standing outside your car in some cold, remote place (remote from your fireplace), wishing your fob had a convenient and reliable button, rather than your car door having an erratic fingerprint reader, that reads blue fingers even less well than mostly sometimes.

Would this work in shopping centers? by bob4u2c · 2018-12-05 11:51 · Score: 1

Think about it. You have one person in the parking lot finding cars with push button start. Stand close to the car, then have another person in the store with a booster walking past people till the car unlocks. Take car, ???, profit!

Why not put buttons on the key fob? by OrangeTide · 2018-12-05 12:02 · Score: 3, Insightful

Perhaps design a key fob that doesn't constantly broadcast, it would be harder to intercept and perhaps save battery life. This revolutionary keyfob design could have a set of buttons to unlock your doors, start the car, maybe open the trunk, or set an alarm mode.

I should patent that idea before anyone else! Ladies and gentlemen, we may have solved this key fob hacking trick and added a whole suite of features in the process. Well done!

--
“Common sense is not so common.” — Voltaire

Re:Why not put buttons on the key fob? by flood78 · 2018-12-06 04:25 · Score: 1

too simple!
and as you quoted... “Common sense is not so common.” — Voltaire
Re:Why not put buttons on the key fob? by Agent0013 · 2018-12-06 04:53 · Score: 1

This post just means the parent has not tried the new fobs that never have to leave your pocket. Hand full of bags and coffee cups, just walk up and open the door with your pinky finger. The fob in the pocket and touch of the door handle allows the car to unlock. Same with locking, but the back of your hand works well there. And starting means you don't need to try to fish a key out of your pocket while sitting in the seat either.
It really was an invention I didn't think sounded so awesome until a car I got had it. Then after using it i realized how helpful it is and now want it in every car.

--

-- ssoorrrryy,, dduupplleexx sswwiittcchh oonn.. -Quote found on actual fortune cookie.
Re:Why not put buttons on the key fob? by OrangeTide · 2018-12-06 10:33 · Score: 1

My bike doesn't have a key. You open the petcock, set the choke, pull the decompression lever, turn it over 7 times, release the decompression lever, set the bike to "on", pull in the clutch lever, set the kick lever to top dead center, kick a 600 cc single hard like you mean it.
I'm more worried that someone might roll my bike aware than I am that they'll figure out how to start it. Even with my directions above it's hard to have a feel for starting it.

--
“Common sense is not so common.” — Voltaire
Re:Why not put buttons on the key fob? by OrangeTide · 2018-12-06 10:36 · Score: 1

Ah, I use a shopping cart to carry things. Also I can carry four 12 packs of beer (2 per hand) and still have have 2 fingers free for operating door handles. (my doors don't self-open)

--
“Common sense is not so common.” — Voltaire

Close to the door? by quonset · 2018-12-05 12:14 · Score: 1

bring a device close to the home's door, close to where most keys are sitting,

I must be one of the few people whose car key isn't located anywhere near the front door. It must be close to 30' where I put my key.

Also, as someone further up said, I drive a stick shift. Even though I have an electronic door lock, it only works when I press the button. So even if they could steal my signal, my anti-theft device will keep them at bay.

"If you do live in a house..." by fustakrakich · 2018-12-05 12:21 · Score: 1

I live in a cardboard box, you insensitive clod!

But I wrapped it in aluminum foil so nobody can steal my Lexus.

--
“He’s not deformed, he’s just drunk!”

Beach by aberglas · 2018-12-05 12:42 · Score: 1

But then you go to the beach, have a swim with the fob in your pocket, and you stay at the beach because the fob stopped working.

That is why I leave the electronics in the car and only carry the physical key (on a hybrid key/fob system).

Re:Beach by dryeo · 2018-12-05 15:05 · Score: 1

Yes, that is the drawback. Since I acquired this vehicle, I live in fear of locking the fob in the truck or losing the fob, especially at first when i only had one fob. Now I can use the spare key (which I didn't have at first) if the fob is inside, the truck will scream until I quickly find the fob and hit the unlock button, then 2 other buttons to reset things.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re:Beach by Dog-Cow · 2018-12-05 15:21 · Score: 1

I have a Mitsubishi Attrage (company lease car), and it won't lock if the fob is inside the car.
Re:Beach by dryeo · 2018-12-05 16:30 · Score: 1

One advantage of the modern fob.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re: Beach by BronsCon · 2018-12-06 04:32 · Score: 1

Ah, but it will lock with the fob inside if the car is running

--
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.

hard time believing that my ancient fob is always by charliemerritt03 · 2018-12-05 12:49 · Score: 1

>> hard time believing that my ancient fob is always broadcasting

Yea.

I had an after market fob that activated the fuel pump and ignition on a jalopy just by being in the car, no button. A resonant technology like the anti theft thingies in stores or quick-pass - these CAN be pinged while in your coat pocket at home. The button type do nothing till you push the button, these signals can be harvested in busy parking lots, but then you need to find the car later in order to be able to steal it. Of course there are the guys with a dolly they can slide under your car then up on a platform truck in under 90 seconds.

Not news; and another reason to avoid these things by Flexagon · 2018-12-05 13:22 · Score: 1

In addition to the post's reported issue (which is hardly news, BTW; it's been a thing for a good while), another reason I rejected this feature for our most recent car is that I often like to verify that the car's door is locked, and without that annoying beep if I (re)lock with the fob. With an auto-open feature (pun quite intended), a test of the door handle as I'm leaving the car always leaves it open. Maybe it automatically re-locks after some time, but even that might be longer than I want.

And if auto-open fobs weren't enough, another option was to be able to start the car remotely from a smartphone app. Warms it up and such. Just what I need, filling the garage with CO. I skipped that "feature" too.

Short range by Immerman · 2018-12-05 13:23 · Score: 1

And how about the claim that it's a "short range attack"? They've got Bluetooth "sniper rifles" that can connect to a device a mile away, how much do you want to bet the same thing exists for keyless fobs? Sweep that through the parking lot and across the store/restaurant/whatever as you drive past, and let it give a chirp when it unlocks something - along with a readout of whatever model-identifying information can be recognized. You wouldn't want to waste your time stealing the cheap junk after all.

--
--- Most topics have many sides worth arguing, allow me to take one opposite you.

Put your keyfob into a steel box by mnemotronic · 2018-12-05 13:28 · Score: 1

"The other thing that you can do is ... put your key fob into ... a faraday cage ...or even a steel box."

Like the car. Oh, wait.

--
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.

Good grief by sunking2 · 2018-12-05 14:03 · Score: 1

The entire article is speculative.

The proximity ones don't constantly broadcast by raymorris · 2018-12-05 14:10 · Score: 3, Informative

That statement is incorrect for the proximity fobs too. That would kill the battery in the fob. Anyone such a fob can easily test it.

Go stand next to your car. You probably won't hear it unlock.
Touch the door handle. You'll hear it unlock.

What's going on is:
The handle has a capacitive sensor to detect your hand.
When your hand is on the handle, the car sends an *inductive pulse.
The fob has a coil in it, which works like a transformer to catch the pulse from the car.
Note this pulse is more like a transformer than a radio.
When the fob is triggered by the inductive pulse, it sends a radio packet to the car.

Re:The proximity ones don't constantly broadcast by mentil · 2018-12-05 17:40 · Score: 1

That sounds like NFC. In any case, the indoor lights on my car light up when I approach with my keys on me, before I touch the handle, so it's probably sending pulses regularly.

--
Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
Re:The proximity ones don't constantly broadcast by BronsCon · 2018-12-06 04:21 · Score: 2

Chrysler tech here and I can confirm this for at least most Chrysler and Fiat vehicles produced in the past 5 years. The number of keyfob batteries I replace because the vehicle will only start if the button is pressed WITH THE FOB is secondary confirmation; without the battery allowing the fob to send pulses, the system reverts to a technology very similar to NFC (if not simply NFC by a different name) using an antenna embedded in the start button.

--
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Re:The proximity ones don't constantly broadcast by BronsCon · 2018-12-06 13:56 · Score: 1

Well there's a reason I changed career paths at 36... That said, I have more issues with the Ford I drive daily than I see on the typical FCA vehicle.

--
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.

A steel box by PPH · 2018-12-05 14:36 · Score: 1

Altoids cans work.

--
Have gnu, will travel.

Yes, but won't happen by SuperKendall · 2018-12-05 15:24 · Score: 1

Then you deserve to have your radio signals amplified and replayed.

Sure do! But it's super unlikely I figure. I'll gladly trade a lifetime of convenience for the slim chance it will be used to take the car some day - which insurance would just pay for another of anyway...

Also my car is garaged which adds an admittedly thin layer of extra security around it when not in use.

Honestly rather than a switch which would be annoying all the time, a simple RF blocking bag to drop the key into at home seems like a much more practical way to go if you have to leave your car on the street and want someplace near the door to leave the key.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

I think all fobs have batteries but... by SuperKendall · 2018-12-05 15:30 · Score: 1

Also, I'm not sure if the fobs have batteries, or are powered with received EM from the car.

My fob does have a battery, and most would for powering the broadcast signals that are used by the remote unlock buttons.

However after some thought, it seems like even with the battery disconnected the actual RFID chip would probably still broadcast, after all it is just a latent thing... so it's not that easy to rug up a switch. I guess a kind of switch could be as simple as a sliding RFID blocker over the body of the fob that you could fold away somehow.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

Protect your key fob? by Weirsbaski · 2018-12-05 20:00 · Score: 1

"If you do live in a house, try to leave your keys either upstairs or ... as far away from the vehicle as possible," he said. "The other thing that you can do is there are products out there that you can put your key fob into," such as a faraday cage -- a box used to block radio signals -- a key pouch, which works similarly, or even a steel box.

They bring a steal box, you bring a steel box. That's the Chicago way!

--

I am not a sig.

Unintended consequences by Ashe+Tyrael · 2018-12-06 00:05 · Score: 1

My wife's previous employers had a gloriously silly example of the earlier days of wireless proximity key fobs/cards. (this was in one of the Renault models.)

Essentially, the car was designed with a push-button starter, and unlike some of them, the key card only had to be near the car (they had a much more sensible version where there was a slot the card had to go into to make everything work) to start the engine.

You can already see where this is going. Sales rep has his key card in his coat pocket which hangs by his front door. Close enough for the car to register the card and be able to start, Goes out, starts engine, drives off. Leaves coat at home (along with card). The way those systems were designed, for safety purposes, once the engine was started you didn't need the card inserted/in proximity to keep it running. So he had no idea there was a problem. 200 miles later, he parks up, shuts the car off, and goes into work. 6 hours later he comes out, finds out he hasn't got his card.

Which is 200 miles away.

Nobody else had house keys to get in to get his key to bring it to him. You had to order the replacement cards from Renault in France so no spare. Unintended consequences indeed.

--
"How fine you look when dressed in rage."

Re:Unintended consequences by John.Banister · 2018-12-06 11:54 · Score: 1

My parents' Avalon will beep at you if the keys leave with the vehicle on, and start making more beeps if they stay gone for a while. It doesn't tell you why it's complaining, though.

FOB must be in car? by Frederic54 · 2018-12-06 01:50 · Score: 1

On my Sonata, I have a smart-key fob like that, it's in my pocket and if I'm less than a foot of the door, pressing the button on the handle unlocks the door. But to start the car, the fob must be in the car, else you have a warning in the dash saying this. And even if the thieves are using a booster and move it into the car to start it, after they drive ~100 yards, the engine will stop because it does not detect anymore the fob in the car. Right?

--
"Science will win because it works." - Stephen Hawking

Re:FOB must be in car? by MaxRockatansky · 2018-12-06 02:30 · Score: 1

Once the car is running you can take the fob out of the car will not stop. I think they do it for safety reasons, once the car is running you don't want it to stop just because it doesn't detect the key anymore. What if you were on the highway driving in traffic and the car for some reason doesn't detect the key in your pocket anymore, would you want it to turn the engine off? My wife has a Hyundai Santa Fe and on a few occasions I have driven her to a store and when she gets out, with the key fob in her purse, the car just beeps and flashes the "key not in vehicle" warning on the dash but the car keeps running. I'm able to drive around the parking lot looking for a parking space while she is in the store with the key. If I turn the car off it obviously won't start until she comes back with the key, but it keeps running otherwise.
Re:FOB must be in car? by Frederic54 · 2018-12-06 06:58 · Score: 1

Damn, to have an anti-theft like this would need a 3rd party immobilizer or something... maybe a kill switch hidden somewhere could be enough, or one activated with an RFID.

--
"Science will win because it works." - Stephen Hawking

Old News by ememisya · 2018-12-06 03:16 · Score: 1

This has been first reported nearly a decade ago, I'm not sure what's "news" about it today.

Signal blocking KeyFob case by slash.jit · 2018-12-06 03:37 · Score: 1

Oh.. so now companies will start selling KeyFob case which can block the signals!

Re: Measure latency --- THIS! by Kevoco · 2018-12-06 04:03 · Score: 1

That's the right approach. The vehicle alone can do this without any change to the keyfob. In particular, it would be an update to the BCM - Body Control Module - which interacts with key fobs.

This is old news from 2011 (or 2015) by HnT · 2018-12-06 04:11 · Score: 1

This has been discovered and published by ETH ZÃ¼rich as far back as 2011 and more on it in 2015. The car industry has basically been ignoring it and trying to sweep it under the rug. At most you will find a hint in the fine print that the keyless entry option has its downsides.
It is a relay attack which can work up to 400 meters (in 2015) and e.g. here is a detailed explanation (in German though) from 2015 https://www.heise.de/ct/ausgabe/2015-26-Autodiebe-tricksen-kontaktlose-Schliesssysteme-aus-3013915.html

Either you shield your keyfob at home or hope that manufacturers will offer a solution, which so far they havenâ(TM)t because a simple press of a button would not be âoeconvenientâ enough I guess. Or they check the response times to know how far the keyfob is actually from the car which even the relay couldnâ(TM)t fake because physics but that costs more money somehow, I guess???
I am very surprised to see this on /. only now because plenty of fancy cars have been boosted like this over the years. (Even my boss had her brand new sports car stolen on the day she had been given the keys, so yea there must have been an âoeorderâ for it.)

--
"Only one thing is impossible for God: To find any sense in any copyright law on the planet." - Mark Twain

Re:I'm sorry, SuperKendall by SuperKendall · 2018-12-06 04:54 · Score: 1

If you are the same person I accept your apology, I always figured the threats were not really serious (I've got a lot of death threats over the years for more trivial things). I appreciate your reevaluation, good luck.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley

OLD news??? by brunes69 · 2018-12-06 07:13 · Score: 1

This has been very widely known and reported for years and years and years.

Hell I think Gone in 60 Seconds showed this back 15 years ago???

Thanks, Grandma by Volatile_Memory · 2018-12-06 07:33 · Score: 1

I'm sure this is a real thing, but it reads like something published by Ann Landers and sent by grandmothers everywhere via email and FB to everyone they know.

--

/**
I have a "Zero Policy" tolerance.
*/

Slashdot Mirror

Thieves Are Boosting the Signal From Key Fobs Inside Homes To Steal Vehicles (www.cbc.ca)

178 of 269 comments (clear)