100 Million Vehicles, 4 Secret Keys

Armageus

Armageus

Armageus

Don
Joined
19 May 2012
Posts
19,704
Location
Spalding, Lincolnshire
I read this earlier...slightly shocked that in this day and age its an issue. With the WV emissions scandal, its just another day in the office.
 
There must be a way to get around this stuff. Back when the key was just a key it meant physically stealing the car, now it's all 'keyless go' and computers. There must be a third option that stops stuff like this surely?
 
I have a simple wireless hack that can access pretty much any car. I call it the 'brick'

Interesting that this article seems to specifically mention keyless entry and then go on to imply that basically every VW group car built in the last 20 years is vulnerable. There's either a misunderstanding around what keyless entry is compared the the much more widespread remote fob, or sone hyperbole going on with regard to the actual number of affected vehicles.
 
kaiowas said:
Interesting that this article seems to specifically mention keyless entry and then go on to imply that basically every VW group car built in the last 20 years is vulnerable. There's either a misunderstanding around what keyless entry is compared the the much more widespread remote fob, or sone hyperbole going on with regard to the actual number of affected vehicles.
Click to expand...

In the context of this document/paper, RKE - Remote Keyless Entry is the normal remote central locking, whereas PKE is Passive Keyless Entry and start, is the actual Keyless entry/ignition system.


ttaskmaster said:
Perhaps worth noting that the University guys state you'd need academic levels of cryptography to pull it off, as well...
Click to expand...

Lots of things do, but generally if they can be pulled off by at least someone, and there is sufficient demand for it, it ends up being distilled down into an easy to use package that anyone can unfortunately use.
 
kaiowas said:
I have a simple wireless hack that can access pretty much any car. I call it the 'brick'

Interesting that this article seems to specifically mention keyless entry and then go on to imply that basically every VW group car built in the last 20 years is vulnerable. There's either a misunderstanding around what keyless entry is compared the the much more widespread remote fob, or sone hyperbole going on with regard to the actual number of affected vehicles.
Click to expand...

The way I read it it's both. They have one hack to steal all the keyless ignitions and another hack that can intercept clone and use all central locking locks. So they can have access to the car but would still need other means to start it if it didn't the keyless ignition.
 
Armageus said:
Lots of things do, but generally if they can be pulled off by at least someone, and there is sufficient demand for it, it ends up being distilled down into an easy to use package that anyone can unfortunately use.
Click to expand...
Fortunately, that is not true of everything, else no lock would be chav-proof!

kaiowas said:
Interesting that this article seems to specifically mention keyless entry and then go on to imply that basically every VW group car built in the last 20 years is vulnerable.
Click to expand...
I'm more intrigued by why VW are getting the flak, when there are several other brands equally vulnerable... Kinda like how VW got the emissions scandal, but then they started finding the same thing in other makes.
 
Probably because VW are seen as the head of the VAG group, which is huge compared to some of the other brands mentioned and even when you compare FIAT and FCA. Although true, they do seem to be picked out as the main culprit here, but saying "100 MILLION VW CARS ZOMG" is a bit more attention grabbing.
 
What ever one man can do another man can undo.
I'm the wrong side of 40 and can remember when workmates with the same make of car had about 1/4 chance of opening other workmates' cars with their key and turning the tax disc upside down or setting all the heater blower and wipers to come on full when the owner gets in and turned the key - oh how we laughed. People could open your car door with a coat-hanger or plastic strap off a pallet. Some cars you could start with a screwdriver and bit of elbow grease.
Things have come on a lot in those 20-25 years and I think these new claims are no shock, we never thought newer cars were uncrackable - just secure through obfuscation and too much hassle for your average scrote.
 
ttaskmaster said:
I'm more intrigued by why VW are getting the flak, when there are several other brands equally vulnerable... Kinda like how VW got the emissions scandal, but then they started finding the same thing in other makes.
Click to expand...

The reason why VW are mentioned is that they have already been in discussion with the authors of the report about the problems and have allowed it to be released. Other manufacturers, who also have the same issues, haven't reached this stage yet.
 
kaiowas said:
I have a simple wireless hack that can access pretty much any car. I call it the 'brick'

Interesting that this article seems to specifically mention keyless entry and then go on to imply that basically every VW group car built in the last 20 years is vulnerable. There's either a misunderstanding around what keyless entry is compared the the much more widespread remote fob, or sone hyperbole going on with regard to the actual number of affected vehicles.
Click to expand...

Not sure if that definition is just a British one. Keyless entry in North America just means you have a remote key fob. If your car isn't sold as keyless entry then you'll have to physically put a key in a lock and turn.
 
Watch the videos on Securemycar.co.uk website.... It effects many brands, Ford, BMW....
They simply break a window and plug into the OBD port, switch the standard alarm and unlock with a switch in seconds.... Then insert a new plank key in the ignition and program it.... Then drive away.
When I picked my new car up on Thursday, I had them come to the dealer and fit better system while I was signing the paperwork.
 
9designs2 said:
Watch the videos on Securemycar.co.uk website.... It effects many brands, Ford, BMW....
They simply break a window and plug into the OBD port, switch the standard alarm and unlock with a switch in seconds.... Then insert a new plank key in the ignition and program it.... Then drive away.
When I picked my new car up on Thursday, I had them come to the dealer and fit better system while I was signing the paperwork.
Click to expand...

This is completely different! The scenario you are talking about has been known for quite some time.

About a year ago two neighbours with new Audis had their cars unlocked remotely and everything from inside the cars stolen. There wasn't a mark on them...
 
I have seen a way to open many cars with keyless entry (UK definition- as in leave keys in pocket and touch handle). They have a device which activates the keyfob in the house and receives the reply signal from it and rebroadcasts it to the car - a sort of man-in-the-middle relay or signal booster. It basically just acts in the middle to 'bring the keys in the hall and the car closer together in radio terms in order for it to unlock. They then use the ODB port to do something else - I thing programme a new key. My advice would be to keep the car key fob far enough away from the car (middle of house) such that this exploit won't work.
 
You must log in or register to reply here.
Back
Top Bottom