- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
Experts alerted motor trade to security risks of ‘smart key’ systems which have now fuelled highest level of car thefts for a decade.
You must log in or register to comment.
Aren’t all cars within the past decades using rolling keys?
These are different attack vectors.
The classic one was listening to a key, then impersonating it later.
Rolling keys fixed that.For keyless, the usual attack is working as a relay.
Victim is 30m from their car, too far for keyless.
Attacker stands between the car and the victim with a transceiver that links the car and the key together, despite the distance, and opens it.Yes.
This article does not do a good job of explaining what the attack vectors are.
Among other things, this is why I wanted a house with a garage. I just keep my car in the garage.
I’m very much in the minority in my neighborhood though. Everyone seems to use their garage for other things then park in the driveway or on the street. It annoys me to no end.
Garages aren’t at all secure, FYI. There are a number of ways in, from physically hooking the release that hangs from the opening mechanism, to cloning the wireless fob (much, much easier than car fobs.)
It’s still an extra hurdle, an attacker will prefer a car parked outside in the driveway.
Garage Security Vulnerabilities Exposed?
Garages aren’t at all secure, FYI. There are a number of ways in, from physically hooking the release that hangs from the opening mechanism, to cloning the wireless fob (much, much easier than car fobs.)
2
Body
Cancel Preview Reply
Yea, but I’d also hear that since it means I’m home. That’s the important part. If my car is on the street or in the driveway gonna be harder to tell it’s my car taking off. And even if I did, it’s already too late for me to do anything about it.
And my garage has no windows so you can’t even tell if there’s a car in there.
Eh, you’d likely be surprised. If your garage opened at 4am and you were dead asleep, would you actually hear it? Because I sure as hell wouldn’t.
Don’t get me wrong, I leave things in my garage unsecured. I just make sure to deadbolt the interior door.
Just wanted to make sure to point out that a garage isn’t as secure as the inside of your house. (And even that isn’t very secure.)
Yes. Curse of being a light sleeper now. It’s also right under my bedroom. Plus, even odds on me still being awake at 4AM.🙂
Odd thing to be that annoyed by. I don’t understand people who obsess over the way other people’s houses look. Unless you have an expensive car or a project car it seems like a waste of good space to store a car in the garage. But hey, to each their own.
If I had a garage it would totally be used for shop space and storage. Most people here seem to use their garages as additional space. My car can survive the rain just fine outside. The tools and equipment I wish I had space for, not so much.
Shame you let other people’s reasonable decisions bother you. Not everyone wants to obsess over opening a car.
Understandable or overkill?
Odd thing to be that annoyed by. I don’t understand people who obsess over the way other people’s houses look. Unless you have an expensive car or a project car it seems like a waste of good space to store a car in the garage. But hey, to each their own.
If I had a garage it would totally be used for shop space and storage. Most people here seem to use their garages as additional space. My car can survive the rain just fine outside. The tools and equipment I wish I had space for, not so much.
Shame you let other people’s reasonable decisions bother you. Not everyone wants to obsess over opening a car.
I mean, a garage or covered parking is better than leaving a vehicle out in the elements in a fair few cases (hail storms, snow - especially in plow areas or places where they salt the roads, etc). It’s nice in inclement weather to be able to get into a vehicle dry and not exposed to the elements. Your insurance may be cheaper because you aren’t parking a vehicle in the open where it could be vandalized or stolen.
Public space used for the storage of personal items, paid for by tax or rate payers…
I don’t care what their house looks like. But it does make it more difficult to navigate the street when they park at the curb, blocking the view on the curves and at the stop sign. And park right at the entrance so it’s a hassle to get in and out because that’s also a curve.
When I moved in I was worried the truck wouldn’t be able to make it to my house because they park on both sides of the street. Thankfully I did it during the day so they were mostly gone.
A car sitting outside all the time will absolutely wear much faster than one that’s in a garage. I mean people can do what they want, I don’t care, but it’s not just a cosmetic thing to keep your car indoors when you’re not using it.
Damn wtf. I think I learned of this and forgot
It’s near impossible to clone the signal from newer rolling codes, you need to trigger the key fob with out the signal reaching the car and then recorded with the flipper zero, then played back to the car. It takes a lot of coordination using the key fob. Here are some videos of it.
Here is an alternative Piped link(s):
https://piped.video/HwdoHMVKTpU?si=BZpgfJRsOjquIqL1
https://piped.video/5CsD8I396wo?si=5Mkc6EFUH2HZG9vo
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Those videos aren’t for cars with keyless entry (or in the case of the mini, which is a car I actually own, into the little slot for the round key. Those cars have a bladed key for placing in an ignition lock cylinder to start the vehicle. The flipper zero recording a code isn’t what I am talking about when I talk about repeater attacks. What I’m talking about is using a receiver to receive and amplify the code so that they can use keyless entry (where you simply touch the vehicles door handle with your hand with the key within three feet of the car) and only requires you to have the key on you. Did you read the other comment I linked? This isn’t about having a key with buttons that are required to be pressed to enter the car. This is literally about passive keyless entry. Please go read the articles I linked.
I mentioned nothing about signal cloning and you clearly didn’t read.
https://www.techtarget.com/whatis/definition/passive-keyless-entry-PKE
Oh my bad, I was inferring that from the original article. Those articles you posted are good and talk about the CAN attack, but the original article talks about the rolling codes using a flipper zero like device.
My bad, I didn’t intend to come off badly, I just literally had a similar conversation when the someone who didn’t read what I wrote and I may have come off a bit terse as a result. But you are correct about the flipper zero specifically.
Seems to be specifically about these you unlock from your phone and then press a button to start
A device disguised as a games console - known as an “emulator” - is being exploited by thieves to steal vehicles within 20 seconds by mimicking the electronic key.
Don’t they use rolling codes? So I suppose this emulator is some malware you install on your phone
Could be the Flipper Zero that Canada just banned, due to it’s use in car thefts.
The flipper zero can’t get around rolling codes, unless it’s a very specific situation. Car thiefs aren’t using them.
The OP’s quote leaves out the “It is being targeted at Hyundai and Kia models.” part. From what I can find those brands are (were?) susceptible to rollback where sending an old code reactivates codes that came after it
https://www.reddit.com/r/flipperzero/comments/z2fq6h/broken_rolling_code_system_old_sent_signal/
I think you would still have to wait for the owner to use their keys.
Default firmware cannot, and most cars won’t work. But specific makes have decades old security holes that still exist in new models… for reasons? And custom firmware unlocks the firmware limitations.
So technically possible, but banning the flipper doesn’t fix the security hole. It’s like banning a hammer because it can break a window. It’s now more difficult to do construction work, and crow bars still exist.
It couldn’t be, and they haven’t been used in thefts. They’ve just been used to make viral TikTok videos staging thefts. Politicians can’t tell the difference.
Don’t know about the article, but most have been doing relay attacks by just forwarding the rolling code sent by the key to unlock and then start the car. It works because keyless entry requires a transaction starting from the car, so you can effectively just stand between the car and wherever the keys are and do easy relay attacks.
Then they usually drive it to a nearby safe location first so they can just reprogram the keys.
I do feel like this could at least be cheaply mitigated by having an immobilizer for the gas pedal that stops throttle input if the key isn’t detected after a cooldown after moving a few feet, which would prevent thieves from being able to move the car very far after starting.
Have car companies addressed this vulnerability yet?
Don’t know about the article, but most have been doing relay attacks by just forwarding the rolling code sent by the key to unlock and then start the car. It works because keyless entry requires a transaction starting from the car, so you can effectively just stand between the car and wherever the keys are and do easy relay attacks.
Then they usually drive it to a nearby safe location first so they can just reprogram the keys.
I do feel like this could at least be cheaply mitigated by having an immobilizer for the gas pedal that stops throttle input if the key isn’t detected after a cooldown after moving a few feet, which would prevent thieves from being able to move the car very far after starting.
Don’t they use rolling codes? So I suppose this emulator is some malware you install on your phone
I would hope that they would use rolling codes, but I would also not be all that surprised if they did not. Car manufacturers have cheaped out for less.
The emulator part seems like it’s confusing a few different things together. Although I’m a little suspect of that, since someone holding up a games console to a car or house is suspicious anyway.
It could also be described as an emulator (emulating the key), and the crossover with game emulators might be causing some confusion?
A dedicated device might make sense there, if it has better antennas, or better capabilities than would be available with a basic phone, in addition to being less technical than having to install an app and fiddle about with all of that.
Yeah, someone got confused with all the terminology. Probably also old people think small stuff with a screen looks like a gameboy?
It didn’t need to be warned anyway. it knew. they always only ever lie.
I mean sure… but using a key to enter isnt really any safer? Like lock picks and jimmys and air bags have been defeating physical locks for even longer? Hell, a brick through a window gets you in faster than anything.
Riiight. Go ahead and apply that logic the next time you want to get in your house. Or brick your way into your car since it’s easier. Hopefully nobody spots you and calls the cops! You’re definitely not being a dickhead just by making that argument either, don’t let anybody tell you that. Those words needed to be said, it was important! And anyway the rest of us are so stupid we probably think we actually need keys.
I mean… to break into a keyless car you need special radio interception and replay equipment, the know how to implement them, to keep up on the latest security measures from car manufacturers, and car thief communities developing security counter measures.
Or get a coat hanger, watch a YouTube video, and get into any car you want.
Or get a coat hanger, watch a YouTube video, and get into any car you want.
Still not much more effort than a flipper zero but it is more expensive than a coat hanger.
These keyless ignition cars should never have been legal and the manufacturers should be on the hook for recalling and fixing them.
I’ve been saying that since they were first released.
That flipper zero (not disguising a car theft tool as a game device btw) can be used to attack said cars is irrelevant, because you could trivially order the parts to make your own.
I hate that the insurance lobby is winning out on security by obscurity via lobbying governments and putting out scary statements, instead of hiking the rates for Kia’s and other trivial to steal cars. The insurers are having their cake and eating it too by wanting to charge money but leaving the wherewithal to actually charge rates commensurate with risk.
It’s not just a car theft tool, its not really even intended for that. It’s just a neat little multi tool and it isn’t even close to the first or only device capable of repeating recorded codes. A hammer can be used to break into a car really easily and nobody’s ever called those “car theft tools disguised as hand-tools”
Yes sorry if that was miscommunicated. It’s a neat multi tool, that has a fun design. It’s not a tool for stealing cars, but can be used for that kind of thing.
Really its a wonder we didn’t have really simple radio tools for theft before.
It’s not a tool for stealing cars, but can be used for that kind of thing.
Not any cars sold in the last 40 years.
Where I live, insurance companies have been charging higher rates on most Kia models specifically because of how targeted they’ve become by thieves.
They struck gold in the most horrible way possible: People dependent on their cars + their car keeps getting stolen = infinite money printing machine
I hear americans love big cars. Here is big car for them to buy:
Dude youre being a condescending ass, plenty of us wish we had the ability to use public transit but it is either wholly insufficient or non existant in many places.
Just using myself as an example, say I want to go to taco bell I have 2 options drive for 15 minutes at most or walk for over 2 hours because my city is built on a fucking slope. Also the city has no infra city public transit cause we’re too small, also most of the city is actually pretty walkable if you live towards the center of the East West axis which I do not.
I find it hard to believe cities are too small for public transit and too big to walk at the same time. I find it easier to believe people are just too lazy for a 30 min walk.
It wouldnt be too big for wlakability if it wasnt on aa fucking slope, 30 minute walk downhill will translate into an hour minimum walk up hill.
Have ya tried a bike/ebike? Till I was 26 all I ever used was a bike. Can easily do 20km/hr and bypass traffic. Used to work 12 hr shifts and bike to and from work (12km) and where I am there are hills in both directions
Shit I got an e bike now that does 50kph/32mph and I can get to work (8km) in less than 15 min
I used to bike all around town in highschool and middleschool, but the problem is that they only shave off so much time relatively speaking. Also once again I must note I live in the worst part of town for walking or biking anywhere, bout 30 minutes to walk anywhere bout an hour and a half minimum to walk back home.
Looks like ya hit a sore spot with some millimeter peters
Wut?
Small dick people downvoting
Ah
fuckcars folks trying not to be the most annoying person in the room for one second challenge (instant fail)
Look, I love good public transportation infrastructure as much as you. I always try to tell other people and especially the government how much my city urgently needs to upgrade its trains, BRTs, sidewalks, etc (thankfully though there’s now multiple efforts on building MRT & LRT).
But, that doesn’t mean cars are the worst invention in the history of man–you folks always say that and it’s infuriating to me, it’s such a narrow-minded way of seeing the world.
Take Japan for example, the train infrastructure is pretty much the best. I know that cuz I’ve been there, trust me, I can talk about this for hours. So good that, while we lived there, we didn’t feel the need to buy a car. Their bus is pretty good too. Sidewalks, bike lanes, accessibility, etc have been taken into account when they were building their city.
But when you live in rural parts of Japan, it’s inevitable–you need cars. There isn’t just enough demand for public transportation. Sometimes there’s a train going through but the frequency is low, and most of the time it’s only single-track. Or sometimes there are buses going through, but infrequently.
And it’s fine. The city is small, and there aren’t enough car users to make bad traffic congestion.
Different story for big city though. I always thought that living in a big city is a form of compromise: you have a limited space of land to use, but you need to use that land for millions of people. If the city only relies on cars, it’s going to be so inefficient. Too much traffic congestion, bad pollution. That’s why good cities build mass transportation, or in your case, buses.
And the best cities build extremely good mass transportation so good that people doesn’t feel the need of buying cars. Of course cars still exist, like the city I lived back in when I was in Japan. Or rural parts of Japan. Or perhaps people that commute between them. But there are options: cars, bikes, buses, trains, etc.
Here’s my point: the availability of options are the best. It’s okay if you want to ride cars, bike, bus, or trains.
Cause you’ll need cars at some point in your life. And it’s alright.
Unbelievable! How’s the community coping?
They struck gold in the most horrible way possible: People dependent on their cars + their car keeps getting stolen = infinite money printing machine
38 1
Body
Cancel Preview Reply
“THAT WASN’T MY QUESTION!!! WILL THEY MAKE ITS MONEY???”
I have a key fob faraday cage/pouch keychain to prevent people from being able to dupe my key fob’s signal.
Seems like keyfobs need an on/off switch for signal broadcasting.
Honestly this is a great idea. You could likely even make one yourself with a couple wires, a switch and a piece of tape.
Keyless cars still at risk?
Convenience is usually at odds with security.
That said, keyless access is amazing. Not having to dig out the car key is just so comfortable.
My favorite keyless car:
Too many weirdos peeing in your favorite car, harassing other passengers, stinking, and listening to their music full blast on their portable speakers for it to be my favorite car.
I wish one of them went from my home to my place of employment or my places of entertainment, much less at a time that’s reasonable
The bus trip home from the nearest transit route can take up to half an hour for me due to how often it comes and its path. The drive from the transit stop is 3 minutes.
Not that it matters, I still wouldn’t be able to get to the nearest grocery store on the bus, inexplicably none of them go there. These systems need work.
Y’all ready for the same article to come out about various smart home devices?
Already has a few dozen times. All the more reason to self-host. Corporations can’t be trusted to secure your data.
are they talking about smart phone app to unlock cars or the keyless entry that has been around since the 90s?
Both, honestly. But the real problem in this case is the keys that can open and start a car with their mere presence. A relay attack makes bypassing them trivial, and when a large number of people leave their keys at the front door, it’s not difficult to give it a shot.
Key security improvements needed?
Both, honestly. But the real problem in this case is the keys that can open and start a car with their mere presence. A relay attack makes bypassing them trivial, and when a large number of people leave their keys at the front door, it’s not difficult to give it a shot.
3
Body
Cancel Preview Reply
For one, completely remove presence based unlock and start would be a good first move. They are inherently insecure, as they are much too easy to relay attack.
Next, alter fob controls to encrypt the communication with private/public keys tied to the specific car. This way, even if the fob communication is intercepted, the information is functionally impossible to reverse engineer.
Finally, implement two way communication. An initial handshake followed by the command. This would functionally remove any chance of a replay attack. Even if the handshake is recorded, the fob won’t send the command.
These three changes would essentially remove any chance of using a device like a flipper for entry. Yes, it would still technically be susceptible with a relay attack, but the chances are so slim as to be essentially impossible.
…and keyful ones aren’t?
To be fair, I think we ignore the security of physical locks. Atleast one must get physical access to the lock in order to pick it.
Or even password books. Atleast someone has to get physical access to said book, which requires knowing it exists in the first place.
Does that make them better? No, not imo, but it is an aspect of these things that often gets overlooked
This is lockpickinglawyer and today I’m going to show you picking 100 locks in 100 seconds
This is the LockpickingLawyer and today I’ll show you just how easily I can pick the door to the bunker you’re hiding in. And there we have it.
Here is an alternative Piped link(s):
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Physical Security Consideration Overlooked?> To be fair, I think we ignore the security of physical locks. Atleast one must get physical access to the lock in order to pick it.
Or even password books. Atleast someone has to get physical access to said book, which requires knowing it exists in the first place.
Does that make them better? No, not imo, but it is an aspect of these things that often gets overlooked
Atleast one must get physical access to the lock in order to pick it.
It’s a fair point, but if we’re taking about cars, I’d say physical access is a given. Keyless vehicles haven’t quite enabled remote car thefts just yet
I’d also like to point out that most modern vehicles use rolling codes to prevent replay attacks. I’ve only recently learned this as I was concerned about devices like the Flipper making these sorts of techniques to people that otherwise would lack the expertise to put such a device together themselves
Well that’s why i don’t like keyless vehicles, it’s easy to stole it with some wireless signal emulator
In the end the principle is same like wireless garage door opener, some thieves can hijack it very easily like no effortDo you not know what rolling codes are?
Isn’t that what the Flipper Zero is for ;-) Kia notwithstanding it’s not that easy. But the relay attacks have been around since at least 2018 and I suspect years longer.
For garage doors… Yeah, it’s been a thing
Because you can sit something there, monitor the rolling codes, then inject so it has a real one.
For a car, you have to follow them around while they lock/unlock repeatedly. And that’s only if people are using the button and not proximity. If they’re just using proximity, you’re going to have to be standing right next to them.
I think most of the wireless attacks aren’t trying to be so sophisticated. They target cars parked at home and use a relay attack that uses a repeater antenna to rebroadcast the signal from the car to the fob inside and vice versa, tricking the car into thinking the fob is nearby. Canada has seen a large spike in this kind of attack. Faraday pouches that you put the fob inside of at home mitigates the attack.
So does not leaving your keys by the front door… not that I follow my own advice :-)
Yeah. Shockingly people store things where it is convenient to have them. :) I’m glad I didn’t have a keyless system to with about.
I’m just banking on my car being the least fancy in my complex ;-)
Keyless entry sounds stupid and I’ve totally mocked people for being “to lazy to turn a key.” But pushbutton start makes my slow little Subaru feel like a race car :-)
Relay attacks don’t need the key to be in close proximity, they can be read from almost anywhere in the house if they aren’t in a faraday pouch or microwave. Have you seen the size of the antennas these attacks use?
I’ve seen a few low res clips over the years… one did use a yagi (Christmas tree looking one?). I’m sure it’s possible, but I don’t think it’s actually a given. I’m not even expert adjacent on this one though 😅
I have a question. What do you think a rolling code style security system does if the thief is amplifying your key fobs signal by standing in your driveway at 3 am and then transmitting it to your door lock? Because we’re talking about keyless entry where you don’t have to push any buttons on the key fob it just has to be within three feet of the vehicle. They are literally using your key to unlock your door. The key is always transmitting. The vehicle is always receiving. At the point where they have access to the interior of the vehicle they can just pull the fuses for the horn and lights and then pop the transmission shifter cable off the transmission control lever and manually put the car in neutral. This attack takes maybe ten minutes. At that point they can literally just roll the car onto a flatbed and drive away. The flipper zero costs $169 USD. But you can make one from parts for much less. A GPS blocking tool costs around $15. A signal repeater isn’t expensive either. Keyless entry on the whole is broken.
You may stop joyriders and petty thieves. But you won’t stop anyone looking to steal a car who has the know how and who is looking to sell your car for parts. The fact is, a lot of premium cars are vulnerable to attacks like this.
And before you even start about what I know about it, literally I’m an avionics tech. Rolling codes and frequency hopping is how we keep unfriendly forces from listening in on comms. Electronic attack and defence is literally what I did in the Navy for twelve years.
Rolling codes are a good security feature. But they do nothing to stop the attack that other articles on this subject better explain.
https://www.cbsnews.com/news/cars-hacked-stolen-keyless-vehicle-thefts/
Cars, yes, because they’re permanently transmitting. Garages not so much.
What has that got to do with the price of rice in China? Please explain why what I said has anything at all to do with garage door openers? Because what I said specifically never mentioned garage doors at all.
The person you replied to mentioned garage door openers.
"Well that’s why i don’t like keyless vehicles, it’s easy to stole it with some wireless signal emulator In the end the principle is same like wireless garage door opener, some thieves can hijack it very easily like no effort."
“Do you not know what rolling codes are?”
I responded to the second quoted comment asking (because the article is about car theft) how rolling keys prevent relay (repeater) attacks on keyless entry vehicles. There are several people in this thread who are comparing car keys to garage door openers, however, that’s not what my conversation with the person above was about.
Yes, I also read the comments prior to yours, no need to quote then back to me.
Did you read OPs article or the ones you linked?
I went to the ARS one and it’s talking about CAN hacking which requires a physical connection…
It’s a great article, but if it has anything to do with this conversation and if anything backs me up. It’s about all the work thieves are going thru because rolling keys beats emulators.
C’mon man, even if you know what you’re talking about about (doesn’t seem to be the case) you still gotta read your own articles.
The articles I linked do explain how they can start a car in order to drive it away using the CAN injection hack. But they also talk about the key signal repeater attack which would give them access to the interior of the car which does two things. The first is that it allows them to have access to the hood release and thereby the horn and the fuse box. Pulling the connector to the horn, or the fuse that gives the horn and lights power will make it so even if the alarm activates it can’t sound. It also gives them Access to the transmission select lever which allows them to physically put the car in neutral. With the use of a GPS jammer it would prevent the car from sending it’s location anywhere. Rolling codes prevent them from walking by you in the grocery store, recording the code your fob was putting out at that moment and then using that code later to enter your vehicle and drive away with it. It does nothing to prevent the kind of attack ops article is alluding to.
https://driving.ca/features/feature-story/where-do-you-park-your-car-keys-preventing-relay-attacks
"The research uncovered a form of keyless vehicle theft neither researcher had seen before. In the past, thieves found success using what’s known as a relay attack. These hacks amplify the signal between the car and the keyless entry fob used to unlock and start it. Keyless fobs typically only communicate over distances of a few feet. By placing a simple handheld radio device near the vehicle, thieves amplify the normally faint message that cars send. With enough amplification, the messages reach the nearby home or office where the key fob is located. When the fob responds with the cryptographic message that unlocks and starts the vehicle, the crook’s repeater relays it to the car. With that, the crook drives off." This quote is directly from the Ars Technica article.
Keyed vehicles are stolen just as easily.
Aren’t most keyless cars also keyed? It seems to me that extending the signal of a wireless fob is just easier and quicker.
It’s so difficult to use a regular key though.
I’ve had to cancel journeys before because I get in the car and I just cannot work out how to turn it on 😞
I finally did but…gawd turning a key is so much work!
We need a turnkey solution for this, stat!
You have to use your hands? That’s like a baby’s toy!
No shit.
I mean not to side with the car industry, and not to dog on non-tech folks, but if you bought a push to start engine that doesn’t require a key…
…
Like how do you think it works?! You couldn’t have thought it was very different from your TV remote, and everyone knows universal remotes exist. In glad there’s so much talk about moving away from passwords and over to physical security keys for computers.
Like how do you think it works?!
Rolling codes…
This article is stupid, the reason Kias and Hyundai are being stolen, is they lack an immobilizer.
So you break the window, crack open the steering column, and the part you turn conveniently is the same size as a USB plugin.
It’s acting like people are hijacking codes, because the author has no idea what they’re talking about about.
I’m not sure about what the article is referencing, which is probably a little more exotic, but relay attacks are very common against keyless cars. Keyless cars are constantly pinging for their matching fob. A relay attack just involves a repeater antenna held outside the car that repeats the signal between the car and the fob inside the house. Since many people leave the fob near the front of the house, it works and allows thieves to enter and start the car. Canada has has a big problem with car thieves using relay attacks to then drive cars into shipping containers and then sell them overseas.
Maybe you should read the article?
If you did, you’d probably be able to see the author has no idea what’s going on.
Like, the international crime ring that you’re talking about that gets cars halfway around the globe in a few weeks?
That happens, but it’s not why so many Kias and Hyundai are being stolen thousands of miles from a coast
I did read the article. I’m unfamiliar with the “hacking” tools or methods they mention given they use terms like emulator. I was simply sharing one wireless attack that is common in certain areas and why.
Don you have a good article discussing how this communication from car to key fob works?
Every fob like this that I’ve seen isn’t effective unless the key is close to the car (inches), because it uses a no-power system in the key fob, similar to a card reader (so no battery required in the fob to unlock car and start engine, once in close proximity). I’ve tested this on a few cars by removing the battery in the key fob.
Other functions (door locks, remote start etc), seem to be provided by conventional key fob electronics.
I’m sure there are several different ways this is accomplished, so any insight would be useful.
Thanks!
Hey, sorry it took so long to see your question. Here is a paper (PDF) on the subject with diagrams.
https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/42365/eth-4572-01.pdf
The link is composed of two parts, the emitter and the receiver. The emitter captures the LF signal and up-converts it to 2.5 GHz. The obtained 2.5 GHz signal is then amplified and transmitted over the air. The receiver part of the link receives this signal and down-converts it to obtain the original LF signal. This LF signal is then amplified again and sent to a loop LF antenna which reproduces the signal that was emitted by the car in its integrity.
Edit: and here is a times article that covers the problem in one area. https://www.nytimes.com/2024/02/24/world/canada/toronto-car-theft-epidemic.html
You managed to pack an impressive amount of ignorance into this one comment.
Show me a car today without keyless.
They’ve all been going that way for years. Last car I bought (two years ago, and it was a 2016), I couldn’t find any equivalent vehicle using a key.
And no, I’m not buying some junk just because it uses a key. I buy cars that I know I can keep running forever, and in that category they’re all keyless today.
