keep your keyless fob in a metal box my friends car was broken into

clubb699

clubb699

clubb699

Associate
Joined
18 Oct 2011
Posts
668
Location
Near Brummie land
Hi all, just a word of warning my mates car was broke into by thiefs , they used a key fob relay and stood outside his house and beamed the signal to unlock his car.

They turned the alarm off and opened the doors of his company car and stole stuff from inside the car, not sure why they did not take the car but luckly they did not.

Keep safe dudes
 
clubb699 said:
Hi all, just a word of warning my mates car was broke into by thiefs , they used a key fob relay and stood outside his house and beamed the signal to unlock his car.

They turned the alarm off and opened the doors of his company car and stole stuff from inside the car, not sure why they did not take the car but luckly they did not.

Keep safe dudes
Click to expand...
Because they haven't got the chain to get rid of it yet and were testing the concept, now they know it works they'll be stealing cars to order.
 
Surely it's back to the drawing board if cars as being opened this easily?! O.o

Perhaps set up 2FA when you buy your car as a suggestion for security? Treat it as if it's PayPal which uses the fingerprint or iris scanner on your phone, then NFCs it to the car.
 
it does seem pretty ridiculous how crap some manufacturers are at security... this whole keyless entry thing... oh just broadcast a signal that when re-broadcast works as though the key is actually there...

whereas a phone costing far less than a car can be unlocked by fingerprint or even just scanning your face... it think it is about time they started thinking about some form of two step verification for cars
 
It's like figuring out key replay and impersonation isn't already a solved problem. There's no reason why keyless entry can't create a secure channel between the key and the car, and the key fob doesn't wake up unless it's being moved.
 
Privacy and security aren't considered important enough to be worth spending money to develop and implement and overcome customer annoyance at reduced convenience.
 
Fitting Immobilisers to cars was a big step forward, but unfortunately, it just sent car thieves in to houses to retrieve the keys.

The worry thing with putting any sort of two factor verification in place, especially biometrics, is that the scumbags will just step up the level of violence involved again, putting people at even greater risk.

Edit: what we need is remote control car bombs. They can take your car, under duress if need be, but as soon as they drive off you detonate the bomb.
 
it would be nice also if you could immobilise your car remotely via your phone say, and or be able to get alerts/push notifications if it starts up while not in proximity to your phone
 
Nazbit said:
Fitting Immobilisers to cars was a big step forward, but unfortunately, it just sent car thieves in to houses to retrieve the keys.

The worry thing with putting any sort of two factor verification in place, especially biometrics, is that the scumbags will just step up the level of violence involved again, putting people at even greater risk.

Edit: what we need is remote control car bombs. They can take your car, under duress if need be, but as soon as they drive off you detonate the bomb.
Click to expand...

I think that approach might have a few drawbacks - it would wreck the car and potentially harm anyone who happened to be nearby, plus it would trigger terrorist alerts all the time and that would harm more people. Interior car guns to shoot everyone inside a lot? Many of the same problems. Poison gas? The thieves could open a window.

We need to get Q on the case!
 
Why don't key fobs use security technology we already have, like SSL certs that stop man in the middle attacks just like this. The fob and the car need to do a security handshake first and exchange public keys. The fobs would be programmed to only accept keys signed with a particular cert (i.e the manufacturers)
 
This is one reason why I didn't bother to replace my remote fob when it died. I just kept the transponder key, which only works within direct proximity to the ignition.
 
Caged said:
There's no reason why keyless entry can't create a secure channel between the key and the car, and the key fob doesn't wake up unless it's being moved.
Click to expand...

geuben said:
Why don't key fobs use security technology we already have, like SSL certs that stop man in the middle attacks just like this. The fob and the car need to do a security handshake first and exchange public keys. The fobs would be programmed to only accept keys signed with a particular cert (i.e the manufacturers)
Click to expand...

I don't see how that would prevent this, it isn't a man in the middle attack - the purpose here isn't to stand in the way of each endpoint for the purpose of intercepting anything but simply to relay on the signals... TLS and SSL would therefore not make any difference here AFAIK, the certificates can just be passed on as normal... if I unplug a length of 10ft cat5 cable from a network and replace it with a length of 100ft cat5 cable so the device that usually connects via that cable can connect from further away then the presence of SSL etc.. isn't going to make any difference just because the cable has been replaced... the signal just gets transported along the longer cable as usual.. ditto to having some device as in this car key fob example rebroadcast the exact same signal over a longer distance

the second point by caged re: the key fob not waking up until it is moved is a good point though
 
I don't get why a key fob signal is being sent at all. My van keys for instance right now surely aren't sending any signals, and dontbhave the ability or need to receive one so how does this work?only when I click unlock/lock button on the font will the device send any sort of signal
 
Fairly sure the answer is no said:
I don't get why a key fob signal is being sent at all. My van keys for instance right now surely aren't sending any signals, and dontbhave the ability or need to receive one so how does this work?only when I click unlock/lock button on the font will the device send any sort of signal
Click to expand...

because they're key fobs designed so you don't need to do that, you just put them in your pocket and when you're close to the car the door unlocks itself and you can just press the start button to start the engine... ergo all the thieves need to do is essentially amplify that signal to open the car doors
 
You must log in or register to reply here.
Back
Top Bottom