Car Keyless entry easily hacked

[j.caine]

Please move this thread if maling section ko ginawa... thanks!


read an article posted yesterday about researchers successfully opening/hacking cars with keyless-entry. researches were able to get in to the car kahit malayo yung key fob...good thing they can only open the doors and the trunk if the car requires an actual key na iinsert para mag start pero malas na din if may start/stop button yung car, they can drive away with your car... sana di makarating sa mga masasamang tao kung pano ginagawa to....

read more about it here:

http://blogs.cars.com/kickingtires/2...ent-theft.html

Remote keyless entry has been around for a while – since the late 1980s, in fact – and today it’s almost standard on all new cars. But the pervasiveness of this feature is not without consequence. As researchers in Switzerland point out, the technology can make vehicle theft a breeze for a savvy thief.
Remote keyless-entry systems use radio waves that typically are specific to a manufacturer, and the signals are usually encrypted. When your vehicle’s key fob is within 20 feet of the car, you’re allowed to transmit a signal to unlock the doors, pop the trunk, remote start your car (when equipped) or activate the car alarm.
Researchers at ETH Zurich discovered that these encrypted signals are easy to intercept and trick.
The theft works by setting up two antennas, one near the targeted vehicle and one near the holder of the key fob — be it in a purse, bag or pocket. This equipment can usually be purchased for $100 to $1,000. The person with the antenna aimed at the owner of the key fob needs to get within 26 feet of the target. In a store, this could be a few aisles away, so as to not arouse suspicion.
Once the antenna is near the intended victim’s key fob, the key transmits a low-power signal to the antenna, which is then relayed to the antenna near the vehicle. Once that occurs, the thief can unlock the doors and drive away (if the vehicle has push-button start).
The Swiss researchers hacked into eight car manufacturers’ passive-entry systems using this method. No cryptology or protocol could stop it.
While this system may seem fairly complicated, it could catch on with car thieves because of the cost of the equipment and anonymity. However, the hack cannot start the cars with traditional keys. Today’s ignition systems are increasingly complicated and secure. That’s one reason why car thefts are largely on the decline in the U.S.
David Wagner, a computer science professor at the University of California at Berkeley, said there are probably easier way to steal cars, but the “nasty aspect of high-tech car theft” is that it doesn’t leave any sign of forced entry. That could lead to problems with police and insurance companies in tracking down the criminals or with filing claims.
Right now, the only way to protect yourself is by either shielding your key fob’s radio with a guard or leaving your key fob at home. Srdjan Capkun, an assistant professor at ETH Zurich, says the institute is working on a way to prevent this sort of theft.

[desert fox]

Kung totoo man yan, dapat inihinto na ang mga remote keyless entry o start stop button.....

pero halos lahat na nga ng bagong sasakyan ganyan na...

[j.caine]

unfortunately totoo... you can google news it "keyless entry hacked"

[desert fox]

for years na nangyayari ito bro, sa palagay ko me mga prevention na ginagawa mga carmakers dito....

hopefully.

[desert fox]

"Most new cars use a “rolling code” that can’t be captured. This has been around for a number of years with many of the older remotes using the same signal signature over and over. Current vehicles now use a different code each time so if a potential thief captures the code it cannot be used again. I would suggest that the vehicle in the story is an old car with an early remote locking system, or an inferior aftermarket alarm system has been fitted. Even remote garage doors have rolling codes these days."

-blogger

[desert fox]

From MIT:

Car Theft by Antenna

Researchers beat automatic locking and ignition systems.

• Thursday, January 6, 2011
• By Erica Naone

E-mail Audio » Print
Car thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key, according to new research that will be presented at the Network and Distributed System Security Symposium next month in San Diego, California.
The researchers successfully attacked eight car manufacturers' passive keyless entry and start systems—wireless key fobs that open a car's doors and start the engine by proximity alone.

http://www.technologyreview.com/computing/27037/page1/

Delikado nga....

[Nell]

I think ang covered lang nito yung may proximity sensor type car security system yung pag tumabi ka sa oto automatic bubukas yung pinto and will automatically lock pag lumayo ka without touching the keyfob. Pang highend model lang ito. Kase ginagawa nila they use the antenna to simulate na malapit na yung keyfob sa car therefore bubukas yung oto. I think yung keyless type na di pindot tulad ng satin di nila kaya kase kailangan pinipindot nung owner yung keyfob bago magsend ng signal sa car to open the door. Alangan namang maghapon silang sumunod sayo at hintayin kang accidentally mo mapindot yung open sa keyfob.

[desert fox]

I think ang covered lang nito yung may proximity sensor type car security system yung pag tumabi ka sa oto automatic bubukas yung pinto and will automatically lock pag lumayo ka without touching the keyfob. Pang highend model lang ito. Kase ginagawa nila they use the antenna to simulate na malapit na yung keyfob sa car therefore bubukas yung oto. I think yung keyless type na di pindot tulad ng satin di nila kaya kase kailangan pinipindot nung owner yung keyfob bago magsend ng signal sa car to open the door. Alangan namang maghapon silang sumunod sayo at hintayin kang accidentally mo mapindot yung open sa keyfob.

aha, most probably yun ngang latest tech sa KEYFOB system.

[hondaboot]

if the equipment costs $1000 and it will require some tech savy skill, then tanggal nasa profile ang karamihan ng mga carnappers dito sa'tin.

so the new profile would be, would be a carnapper with a car parked near you and dresses the same way as you so as not to arouse suspicion. this carnapper would also shell out the P50k plus worth of equipment bec. no carnap boss would supply/invest jologs carnappers with that expensive equipment

[guigui]

kahit 2-way radio, pwedeng gamitin as signal jammer sa keyless entry. i've already seen one doing it.