patrick.net

So if the battery is dead, you're locked out, can't open the hood.
If your key battery is dead, you're locked out.
If the software has a flaw, you're hacked, thieves enter.

How about a normal physical key?

This remote technology is just plain inferior.

Heraclitusstudent says

So if the battery is dead, you're locked out, can't open the hood.

If your key battery is dead, you're locked out.

That's what manual backups are for, and wireless keys already have them. Furthermore, your objection is irrelevant to the problem or my solution as my solution is about making the communication unhackable and has nothing to do with any battery limitations of the key.

Second, if car manufacturers were smart, they would have two batteries in a car, not one. That way you would not be stuck when a battery dies.

Heraclitusstudent says

If the software has a flaw, you're hacked, thieves enter.

My software isn't flawed. The current system is. Once again, you are a petty person trying to grasp at any straw to attack me instead of simply looking at the solution. Had someone else presented this solution, you would be applauding. You are so petty.

Real men don't bitch about problems. They find solutions.

Heraclitusstudent says

How about a normal physical key?

Easily circumvented. That's why the manual backup key only opens doors, but does not start the engine.

Math beats mechanics for security. I'd explain this to you, but you wouldn't understand.

Public caning of car thieves' asses & anyone's ass that is involved with the car after the theft might be a good deterrent.
I want to see them hack their way out of a good caning.

HEY YOU says

Public caning of car thieves' asses & anyone's ass that is involved with the car after the theft might be a good deterrent.

Not really. Every study ever conducted demonstrates that thieves and other criminals don't expect to be caught and thus are not deterred by punishment. Making the car unstealable is a better option. Better still, privately owned maglift vehicles. They can't be stolen.

Dan8267 says

If I could solve this problem, wouldn't it be worth a measly $1 million? Well, here's the solution. Just use RSA authentication. Your wireless key should have it's own public and private key, as should your car's authentication system. The key sends a request encrypted with the car's public key. The request includes the wireless key's public key. The car matches the public key against it's paired devices. If it matches, the car sends a random token encrypted with the wireless key's public key. The wireless key decrypts the token and sends it back to the car using the car's public key. Authentication confirmed.

Now give me my million dollars GM.

You have to patent it first. And ideas cannot be patented.
Self driving cars won't have that problem in the near future, because they won't even need a steering wheel.

Dan8267 says

Public caning of car thieves' asses & anyone's ass that is involved with the car after the theft might be a good deterrent.

Not really. Every study ever conducted demonstrates that thieves and other criminals don't expect to be caught and thus are not deterred by punishment.

It works with the Saudis.

Strategist says

It works with the Saudis.

Not really.

Do you need me to point out Saudi Arabia? I'll give you a hint. It's in the brown (3-10) range just like the United States. In contrast, Europe which is far more liberal than America or Saudi Arabia has far less violence. This hardly suggests that harsh punishment makes a society safer from crime.

And would you really want to live in Saudi Arabia?

Interesting. They say it's an amplifier.

http://www.nytimes.com/2015/04/16/style/keeping-your-car-safe-from-electronic-thieves.html

It amplifies the signal so that the car can receive the keys signal from far a way, instead of only within a few feet. This is for the kind of keyless entry where you touch the door of the car, and then the car talks to the key you have in your pocket (or if amplified, the key that's inside your home).I think these are usually cars with keyless ignition too.

Not a worry for me.

Dan8267 says

Do you need me to point out Saudi Arabia? I'll give you a hint. It's in the brown (3-10) range just like the United States.

You don't know where Saudi Arabia is, do you? Saudi Arabia is in the grey

And would you really want to live in Saudi Arabia?

Are you kidding me? I don't even want to go near it. They hate Atheists more than some of the wackos here.

marcus says

It amplifies the signal so that the car can receive the keys signal from far a way, instead of only within a few feet. This is for the kind of keyless entry where you touch the door of the car, and then the car talks to the key you have in your pocket (or if amplified, the key that's inside your home).

Looks like Dan's "solution" would be useless against this type of attack.

I use my mind to keep the door closed.

Dan8267 says

Thieves using a $17 power amplifier to break into cars with remote keyless systems

This is bullshit. RF key fobs don't work that way. The key fob sends the signal, the car system doesn't request it. Since the early 90's car makers have used a system where the fob and car both have a 40 bit synchronized pseudo random number generator. The fob sends the current 40 bit code then both reset to the next code. If you push the fob when the car is not around and get it unsynchronized the car will accept up to the next 256 codes. If you push it 257 times and go outside the window you have to use the resync process for your car.

A brute force attack of a 40 bit code would take an awful long time since there are 1,099,511,627,776 possible codes. It is theoretically possible to hack these systems, but not very practical. http://www.snopes.com/autos/techno/lockcode.asp Anyone who had the time, money, and resources to steal a car that way would be smart enough to just use a wrecker.

There is a possibility of blocking the signal to lock the car, the thief would have to be right there with a transmitter using the correct frequency for that car blocking the signal. But they couldn't start the car.

Maybe dan should understand how the technology actually works before offering a solution to a problem that doesn't exist.

Straw Man says

marcus says

It amplifies the signal so that the car can receive the keys signal from far a way, instead of only within a few feet. This is for the kind of keyless entry where you touch the door of the car, and then the car talks to the key you have in your pocket (or if amplified, the key that's inside your home).

Looks like Dan's "solution" would be useless against this type of attack.

No, dummy, it's exactly what my solution protects against. Amplifying a signal or using a brute-force attack against all possible codes would not work because the key has to retransmit a randomly generated token encrypted with the key's private key! Your amplifier isn't going to have that private key.

Just because you did not understand my solution, doesn't mean it doesn't work.

bob2356 says

The key fob sends the signal, the car system doesn't request it. Since the early 90's car makers have used a system where the fob and car both have a 40 bit synchronized pseudo random number generator. The fob sends the current 40 bit code then both reset to the next code. If you push the fob when the car is not around and get it unsynchronized the car will accept up to the next 256 codes. If you push it 257 times and go outside the window you have to use the resync process for your car.

You're thinking of keys in which you have to press a button. Modern luxury cars use keys that you just keep in your pocket and you touch the door handle to lock and unlock. You don't have to press a button.

bob2356 says

Maybe dan should understand how the technology actually works before offering a solution to a problem that doesn't exist.

Doesn't exist? Have you seen the news coverage in the original post? Your statement is empirically false.

You should really read the story before making asinine judgements.

Or just do what I do, and drive something nobody would want to steal, like my 1995 Ford Escort.

zzyzzx says

Or just do what I do, and drive something nobody would want to steal, like my 1995 Ford Escort.

You shouldn't have to make that choice. Auto manufacturers could easily make cars more secure. It would not add significant costs to do so. The technology is dirt cheap, adding only pennies to the cost of a car. Think about it. This problem has already been solved. If it hadn't, you would not be able to do online banking. The financial incentive for criminals is too great to ignore. Online banking is possible precisely because RSA encryption works. If it didn't, you would have to verify your identity by physically going to a bank and showing ID, which actually is less secure because physical IDs are easily forged.

There's another major flaw with modern cars, and again, it has nothing to do with the limitations of technology but simply the short-sightedness of executives. Modern cars have wireless networks in which one component of the car talks to another. This allows for better safety, more fuel economy, more reliability, and better diagnostics. However, these wireless networks are unencrypted and have no security. Auto manufacturers simply assumed that no one would care enough to hack these systems.

But hackers could send misinformation and bad commands to these systems compromising safety. Depending on what those systems do, one could even remotely cause a car to crash. Essentially, this is the same problem as the one with wireless keys, and it has the same solution.

Dan8267 says:"Not really."

The deterrent is not in the threat it's in one hell of an ass whipping,unless they enjoy it.
How many will commit crime to get a chance for more caning?

Dan8267 says

If I could solve this problem, wouldn't it be worth a measly $1 million? Well, here's the solution. Just use RSA authentication. Your wireless key should have it's own public and private key, as should your car's authentication system. The key sends a request encrypted with the car's public key. The request includes the wireless key's public key. The car matches the public key against it's paired devices. If it matches, the car sends a random token encrypted with the wireless key's public key. The wireless key decrypts the token and sends it back to the car using the car's public key. Authentication confirmed.

I think that's a brilliant idea Dan. It's just cars aren't made that smart these days. There might be some logistics issues with that fancy RSA thing you are talking about, after all car manufacturers penny pinch every little detail.

FortWayne says

There might be some logistics issues with that fancy RSA thing you are talking about, after all car manufacturers penny pinch every little detail.

RSA cryptography has been around since the 1970s. It's a very mature and reliable technology. There are already devices that provide security using this technology such as the common RSA keychain.

These are used to authenticate web site logins and require the user to type the every changing number, but typing isn't necessary for a wireless key.

The war between code makers and code breakers is over. It ended with RSA encryption and code makers won. The math behind modern encryption ensures that the time it takes to crack codes increases exponentially faster than the time it takes to encrypt. This is why the NSA is always trying to plant backdooors in encryption algorithms and why they fear efforts like Mega.

The NSA can't crack well-written encryption, so they try to get flaws injected into the software used by businesses and private citizens. However, this backfires and allows China and other states and terrorist organizations to break into our national security infrastructure including Pentagon Contractors.

Make no mistake, the warfare of the 21st century will be primarily cyberwarfare, not guns and rockets. This is exactly why no nation, not even ours, should be allowed to compromise information security. In the long run, any advantage gained by such efforts are outweighed by the negatives.

On of the best things our nation could do today is to invest heavily in upgrading and replacing our entire infrastructure including Internet infrastructure and secure wireless communication. It would be a tremendous economic boon and is essential for 21st century commerce and consumer confidence.

Dan8267 says

The current system is. Once again, you are a petty person trying to grasp at any straw to attack me instead of simply looking at the solution.

Your solution is as good as can be for a remote key. I absolutely didn't mean to attack you.
Good engineers do not attach their egos to technical solutions.

I just dislike over-engineered solutions that bring more problems than they solve. Today anything with a computer is seen as better than what was there before, from machines to remote keys.
What do remote keys it really solve? To have to insert the key and turn it? Really?

If you are really worried physical security, it's kind of obvious that anyone can smash the window and enter the car.

As to the notion that encryption by itself protects against hacks, it's a little bit too simple. Your software would sit on a platform that may have other vulnerabilities. Encryption is not known to be a silver security bullet.

Dan8267 says

Doesn't exist? Have you seen the news coverage in the original post? Your statement is empirically false.

Dan, your solution to encrypt the communication between car and keyfob in certain way does nothing to defeat a "transparent amplifier" hack which is currently in the news.

Dan8267 says

No, dummy, it's exactly what my solution protects against. Amplifying a signal or using a brute-force attack against all possible codes would not work because the key has to retransmit a randomly generated token encrypted with the key's private key! Your amplifier isn't going to have that private key.

Why would a contraption which simply amplifies a radio signal need to have any key at all? All it does is makes the original key fob (which is still sitting in the owner's purse) seem to be near to the car which prompts it to unlock the doors automatically (your "classic" Volvo doesn't do that, but new cars do and they are being targeted). You solution is aimed to prevent other devices from masquerading as an original keyfob in absence of the latter, but this is not what happens.

Straw Man says

Dan, your solution to encrypt the communication between car and keyfob in certain way does nothing to defeat a "transparent amplifier" hack which is currently in the news.

Simple, require a push of the button on the wireless key instead of constantly transmitting the "I am standing right next to you, so it's okay to unlock the door" message. Each time the unlock door message is sent, it's authenticity is confirmed with the randomly generated token. The hacker would have to guess the token correctly the very first time or its invalidated, and that's not going to happen. It's insanely foolish to be constantly sending the unlock the doors message. That's like leaving your keys right on the car's roof.

The bottom line is that these thefts could have been easily prevented using a little common sense.

Dan8267 says

Simple, require a push of the button on the wireless key instead of constantly transmitting the "I am standing right next to you, so it's okay to unlock the door" message.

Pfff, this part is obvious and solves the problem right away (but kills the whole idea of "I don't need to dig car keys from my purse anymore" which women like a lot). The rest of the "they don't encrypt it the way they should" rant is irrelevant.

What you basically saying is: "to make this feature safe - delete it altogether".

Dan8267 says

bob2356 says

The key fob sends the signal, the car system doesn't request it. Since the early 90's car makers have used a system where the fob and car both have a 40 bit synchronized pseudo random number generator. The fob sends the current 40 bit code then both reset to the next code. If you push the fob when the car is not around and get it unsynchronized the car will accept up to the next 256 codes. If you push it 257 times and go outside the window you have to use the resync process for your car.

You're thinking of keys in which you have to press a button. Modern luxury cars use keys that you just keep in your pocket and you touch the door handle to lock and unlock. You don't have to press a button.

I know what proximity keyless systems are. The signal from the car is a very weak low frequency signal, range about 3 feet. If it is amplified it propagates a delay that is detected. They did a test on this in switzerland http://www.internetsociety.org/doc/relay-attacks-passive-keyless-entry-and-start-systems-modern-cars-paper. They needed an amplifier/transmitter, a receiver, and 2 antennas to make it work. One on the car door handle and one close to the key fob. So it can be done. But sneaking up in range of the key fob with an antenna and receiver unit after you put a transmitter and an antenna on the door handle would be a tough trick that wouldn't be very practical to say the least. A tow truck would work much better.

Dan8267 says

Do you need me to point out Saudi Arabia? I'll give you a hint. It's in the brown (3-10) range just like the United States.

I have to admit that's pretty funny. You'd better double-check next time, or CiC will be all over it.

If you are that worried about it, just install a kill switch someplace hidden.

Straw Man says

Pfff, this part is obvious and solves the problem right away

Actually, no. Signals can be recorded and played back. A brute force attack can cycle between codes until it finds one that works. The current system is inherently insecure.

zzyzzx says

If you are that worried about it, just install a kill switch someplace hidden.

no, that makes too much sense..it has to be a complex software/hardware solution with $1000 parts that fail when you least expect it!

Dan8267 says

You shouldn't have to make that choice. Auto manufacturers could easily make cars more secure.

Has anyone ever NOT bought a car because they were afraid it would be stolen and bought a lesser car instead?

Call it Crazy says

Dan8267 says

Second, if car manufacturers were smart, they would have two batteries in a car, not one. That way you would not be stuck when a battery dies.

You really are stupid, aren't you?

Redundancy in an essential component that keeps your vehicle from becoming an expensive brick... How exactly is that stupid?

I keep a starter battery in my trunk for just such an occasion. The first time I use it, it's paid for itself in both saving me time an towing fees.

Once again, CIC demonstrates his foolishness.

Call it Crazy says

You shouldn't HAVE to use it on such a fine automobile. Plus, a person with a $100K salary should have AAA or similar on their insurance policy to cover jump starts.

You obviously know nothing about cars. And why would I want to waste any of my actual time waiting for a tow truck or jump when a $50 starter battery solves the problem immediately?

komputodo says

.it has to be a complex software/hardware solution with $1000 parts that fail when you least expect it!

http://www.ehow.com/how_7703885_disable-gm-passlock-system.html

Call it Crazy says

Why do you have to carry a second battery in the first place if you drive such a quality car.

Car batteries have a limited lifespan regardless of the car and need to be replaced a few year. As someone who has never owned a car, it's not surprising that you don't know this.

Come on people, read the entire article. The solution is simple and uses existing technology: put your keys in the freezer. No one's broken into my 1995 Civic since I started doing this, though I've found the metal keys stick to my fingers.

I forgot about the other solution, which is to buy a Luxury Faraday Cage With Views This has an added bonus that you can take off your tinfoil hat once you enter your abode.