494
Revealed: car industry was warned keyless vehicles vulnerable to theft a decade ago
(www.theguardian.com)
this post was submitted on 26 Feb 2024
494 points (96.4% liked)
Technology
55712 readers
5144 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Seems to be specifically about these you unlock from your phone and then press a button to start
Don't they use rolling codes? So I suppose this emulator is some malware you install on your phone
Could be the Flipper Zero that Canada just banned, due to it's use in car thefts.
https://medium.com/enrique-dans/canadas-flipper-zero-ban-once-again-politicians-show-they-know-nothing-about-technology-37f76fb37a3b
The flipper zero can't get around rolling codes, unless it's a very specific situation. Car thiefs aren't using them.
The OP's quote leaves out the "It is being targeted at Hyundai and Kia models." part. From what I can find those brands are (were?) susceptible to rollback where sending an old code reactivates codes that came after it
https://www.reddit.com/r/flipperzero/comments/z2fq6h/broken_rolling_code_system_old_sent_signal/
I think you would still have to wait for the owner to use their keys.
Default firmware cannot, and most cars won’t work. But specific makes have decades old security holes that still exist in new models… for reasons? And custom firmware unlocks the firmware limitations.
So technically possible, but banning the flipper doesn’t fix the security hole. It’s like banning a hammer because it can break a window. It’s now more difficult to do construction work, and crow bars still exist.
It couldn't be, and they haven't been used in thefts. They've just been used to make viral TikTok videos staging thefts. Politicians can't tell the difference.
I would hope that they would use rolling codes, but I would also not be all that surprised if they did not. Car manufacturers have cheaped out for less.
The emulator part seems like it's confusing a few different things together. Although I'm a little suspect of that, since someone holding up a games console to a car or house is suspicious anyway.
It could also be described as an emulator (emulating the key), and the crossover with game emulators might be causing some confusion?
A dedicated device might make sense there, if it has better antennas, or better capabilities than would be available with a basic phone, in addition to being less technical than having to install an app and fiddle about with all of that.
Yeah, someone got confused with all the terminology. Probably also old people think small stuff with a screen looks like a gameboy?
Don't know about the article, but most have been doing relay attacks by just forwarding the rolling code sent by the key to unlock and then start the car. It works because keyless entry requires a transaction starting from the car, so you can effectively just stand between the car and wherever the keys are and do easy relay attacks.
Then they usually drive it to a nearby safe location first so they can just reprogram the keys.
I do feel like this could at least be cheaply mitigated by having an immobilizer for the gas pedal that stops throttle input if the key isn't detected after a cooldown after moving a few feet, which would prevent thieves from being able to move the car very far after starting.