Random Thoughts... [Automotive Edition]

Matt2000

Disco Stu-pour
DONOR
Joined
Feb 17, 2006
Messages
14,543
Location
Country smells, England
Car(s)
'01 Disco 2 V8, '90 Disco 1, '05 Smart Roadster
If I ever get a car with keyless entry or start, I’m damn sure that the key will live in a Faraday cage when I’m at home. I can at least be sure that I’ve done my part.
 

LeVeL

Forum Addict
Joined
Jun 16, 2007
Messages
12,745
I think you folks are overthinking this. My Jeep has keyless - if someone actually decides to steal a brown Jeep, well, that's what insurance is for.
 

GRtak

Forum Addict
Joined
Sep 6, 2008
Messages
18,833
Location
Michigan USA
I think you folks are overthinking this. My Jeep has keyless - if someone actually decides to steal a brown Jeep, well, that's what insurance is for.
It is one thing to say it, it is another when it happens. It is just prudent to try and do a little extra to prevent it from happening.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
This is incorrect for any car correctly implementing a 4-way rolling code system.
First you say this, then you say exactly how to defeat it:
Or, you know, the relay attack. Which is like $20 worth of gear but still requires getting right up in the key's face, and the key being active, which is just crappy opsec.
How many people think about putting their keys into either power save or some sort of an RFID blocker?

What you are talking about is all theory, here is the reality:
I can use astrophotography equipment to photograph your keys with sufficient resolution to duplicate them from 100 yards or more:
Which would require that my keys are visible long enough for you to photograph, you know which of the cars they are for and still leaves you with needing to defeat the immobilizer, which just about every car made in past 20 years or so has.

It's all about targets of opportunity, it's more difficult to steal my car without a key than it is one that uses RF based keys. Again not impossible or even massively difficult just harder enough that it will ward off most would be thieves.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
It is one thing to say it, it is another when it happens. It is just prudent to try and do a little extra to prevent it from happening.
In that same vein, I had my X broken into a couple of years ago when it was parked on the street. Nothing of value is ever in the car and the only damage was a side window that cost me $200 to fix. That however made me rent a parking spot from my neighbor, it ends up costing me way more but the amount of time and aggravation that fixing a window requires along with having to clean out the car from all the glass, IMO the extra $ is worth it.
 

IceBone

Blue Wheel Hipster
DONOR
Joined
Jan 14, 2007
Messages
27,143
Location
Slovenistan
Car(s)
Audi A5 Quattro
How many people think about putting their keys into either power save or some sort of an RFID blocker?
Which is why I'm for phones being used more when it comes to anything RFID. The antenna only works after you've securely logged into your phone and only activates with the correct signal when required, drastically reducing any window for a spoofing attack. I've already migrated to paying everything with my phone wherever possible (lucky for me, 99.9% of POS terminals in the country are contactless already).
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Which is why I'm for phones being used more when it comes to anything RFID.
You mixing up two different technologies here. Phones use NFC which only works in extreme proximity (like putting your phone almost on the POS to have it read). For two things you use your phone being able to boost your signal is rather pointless. Your phone uses rolling codes to transmit a 1 time use card number to the POS that is then transmitted to your bank, the bank then verifies that this is the correct 1TU number and releases the funds. (There can be extra security like logging into your phone before sending the number and having to put in your PIN into the POS)

What cars use is an RF signal from the fob that is meant to work over much larger distances (like if your key is in your purse) and is used to tell the car that the person with the key is close enough to unlock the car and allow to start it. This is why a relay attack is so effective, it simply makes the car think that the key is there, it has no other way of verifying the user so it turns off all security measures.


Using your phone to unlock/start the car is actually even worse, since that functionality requires internet connectivity, your car would always be on the network. This also means any exploit discovered will usually affect all the cars using same vendor.

P.S. Also having to log in to your phone to unlock your car basically defeats the point of a proximity key, if you are taking something out of your pocket to unlock and start your car, you might as well use a physical key.
 

IceBone

Blue Wheel Hipster
DONOR
Joined
Jan 14, 2007
Messages
27,143
Location
Slovenistan
Car(s)
Audi A5 Quattro
Teslas get NFC cards that you put against the B pillar. BMWs have the same with Android phones. You have to put the phone next to the B pillar.

I'm against the car just magically unlocking by proximity. There needs to be a positive action from the owner for it.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Teslas get NFC cards that you put against the B pillar. BMWs have the same with Android phones. You have to put the phone next to the B pillar.

I'm against the car just magically unlocking by proximity. There needs to be a positive action from the owner for it.
But then what is the benefit of an NFC card vs pulling out a key and hitting unlock button?
 

Nabster

Has Slutty Mustangs
DONOR
Joined
Oct 15, 2007
Messages
4,500
Location
DFW
Car(s)
1969 Mustang Coupe, 2019 Mustang GT, 2011 F150
I'm on the second Mustang in nearly 5 years with the keyless entry and neither one has been stolen.

Maybe I just don't leave them parked in bad places or dangerous areas though :dunno:

The convenience is great for me, and frankly I think until you start living with the system you won't know if you like it.
 
Reactions: TC

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Who the hell would bother stealing a Mustang? Maybe if you had better cars you’d have to worry about it :p
Another thing I noticed since advent of those silly systems is people leaving their cars running.
 

EyeMWing

Well-Known Member
Joined
Nov 17, 2008
Messages
4,963
Location
MD, Amish Country PA
Car(s)
Many things, none of them working.
How many people think about putting their keys into either power save or some sort of an RFID blocker?
Ones that read the manual?

Anyway, either I missed explaining something or you missed reading something, because a 4-way replay attack is NOT a target of opportunity compared to a physical key and a 1-way replay attack. I ain't got time to diagram it, so you're free to continue being wrong on the Internet.

NFC, by the way, is also capturable at a distance. It does not require near-physical contact.
 

Spectre

The Deported
Joined
Feb 1, 2007
Messages
36,675
Location
Dallas, Texas
Car(s)
00 4Runner | 02 919 | 87 XJ6 | 86 CB700SC
NFC, by the way, is also capturable at a distance. It does not require near-physical contact.
NFC is capturable at a far longer distance than it is usable. With the appropriate equipment, you can read NFC off, say, an "ID badge" from halfway across a parking lot, I am told. Though I haven't seen one done at that range, I have seen an NFC card ripped and copied to another card at a distance in excess of 10 meters. That was the end of the "NFC-ID-Card-Only" entry policy at this client; keypads and/or biometric scanners were quickly added.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,509
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Ones that read the manual
So no one :p
Anyway, either I missed explaining something or you missed reading something, because a 4-way replay attack is NOT a target of opportunity compared to a physical key and a 1-way replay attack.
Explain to me how any number of rolling keys matter when all you are doing is amplifying the signal that is being sent by the fob? You aren’t trying to break into the stream you are simply making it work over longer distance.
NFC, by the way, is also capturable at a distance. It does not require near-physical contact.
But can it be relayed like an RF fob? What Ice is talking about still requires some user interaction (say putting a PIN in). (Not sure if new RFID chips can also have rolling encryption)
 
Top