Experts ​alerted motor trade to security risks of ‘smart key’ systems which have now fuelled highest level of car thefts for a decade.

  • devilish666@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago

    Well that’s why i don’t like keyless vehicles, it’s easy to stole it with some wireless signal emulator
    In the end the principle is same like wireless garage door opener, some thieves can hijack it very easily like no effort

      • sramder@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        Isn’t that what the Flipper Zero is for ;-) Kia notwithstanding it’s not that easy. But the relay attacks have been around since at least 2018 and I suspect years longer.

        • givesomefucks@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          9 months ago

          For garage doors… Yeah, it’s been a thing

          Because you can sit something there, monitor the rolling codes, then inject so it has a real one.

          For a car, you have to follow them around while they lock/unlock repeatedly. And that’s only if people are using the button and not proximity. If they’re just using proximity, you’re going to have to be standing right next to them.

      • atrielienz@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        9 months ago

        I have a question. What do you think a rolling code style security system does if the thief is amplifying your key fobs signal by standing in your driveway at 3 am and then transmitting it to your door lock? Because we’re talking about keyless entry where you don’t have to push any buttons on the key fob it just has to be within three feet of the vehicle. They are literally using your key to unlock your door. The key is always transmitting. The vehicle is always receiving. At the point where they have access to the interior of the vehicle they can just pull the fuses for the horn and lights and then pop the transmission shifter cable off the transmission control lever and manually put the car in neutral. This attack takes maybe ten minutes. At that point they can literally just roll the car onto a flatbed and drive away. The flipper zero costs $169 USD. But you can make one from parts for much less. A GPS blocking tool costs around $15. A signal repeater isn’t expensive either. Keyless entry on the whole is broken.

        You may stop joyriders and petty thieves. But you won’t stop anyone looking to steal a car who has the know how and who is looking to sell your car for parts. The fact is, a lot of premium cars are vulnerable to attacks like this.

        And before you even start about what I know about it, literally I’m an avionics tech. Rolling codes and frequency hopping is how we keep unfriendly forces from listening in on comms. Electronic attack and defence is literally what I did in the Navy for twelve years.

        Rolling codes are a good security feature. But they do nothing to stop the attack that other articles on this subject better explain.

        https://www.cbsnews.com/news/cars-hacked-stolen-keyless-vehicle-thefts/

        https://arstechnica.com/information-technology/2023/04/crooks-are-stealing-cars-using-previously-unknown-keyless-can-injection-attacks/

        https://www.locksmiths.co.uk/faq/keyless-car-theft/

        • givesomefucks@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          arrow-down
          1
          ·
          9 months ago

          Did you read OPs article or the ones you linked?

          I went to the ARS one and it’s talking about CAN hacking which requires a physical connection…

          It’s a great article, but if it has anything to do with this conversation and if anything backs me up. It’s about all the work thieves are going thru because rolling keys beats emulators.

          C’mon man, even if you know what you’re talking about about (doesn’t seem to be the case) you still gotta read your own articles.