492
Revealed: car industry was warned keyless vehicles vulnerable to theft a decade ago
(www.theguardian.com)
This is a most excellent place for technology news and articles.
Seems to be specifically about these you unlock from your phone and then press a button to start
Don't they use rolling codes? So I suppose this emulator is some malware you install on your phone
Could be the Flipper Zero that Canada just banned, due to it's use in car thefts.
https://medium.com/enrique-dans/canadas-flipper-zero-ban-once-again-politicians-show-they-know-nothing-about-technology-37f76fb37a3b
The flipper zero can't get around rolling codes, unless it's a very specific situation. Car thiefs aren't using them.
The OP's quote leaves out the "It is being targeted at Hyundai and Kia models." part. From what I can find those brands are (were?) susceptible to rollback where sending an old code reactivates codes that came after it
https://www.reddit.com/r/flipperzero/comments/z2fq6h/broken_rolling_code_system_old_sent_signal/
I think you would still have to wait for the owner to use their keys.
Default firmware cannot, and most cars won’t work. But specific makes have decades old security holes that still exist in new models… for reasons? And custom firmware unlocks the firmware limitations.
So technically possible, but banning the flipper doesn’t fix the security hole. It’s like banning a hammer because it can break a window. It’s now more difficult to do construction work, and crow bars still exist.
I would hope that they would use rolling codes, but I would also not be all that surprised if they did not. Car manufacturers have cheaped out for less.
The emulator part seems like it's confusing a few different things together. Although I'm a little suspect of that, since someone holding up a games console to a car or house is suspicious anyway.
It could also be described as an emulator (emulating the key), and the crossover with game emulators might be causing some confusion?
A dedicated device might make sense there, if it has better antennas, or better capabilities than would be available with a basic phone, in addition to being less technical than having to install an app and fiddle about with all of that.
Yeah, someone got confused with all the terminology. Probably also old people think small stuff with a screen looks like a gameboy?
Don't know about the article, but most have been doing relay attacks by just forwarding the rolling code sent by the key to unlock and then start the car. It works because keyless entry requires a transaction starting from the car, so you can effectively just stand between the car and wherever the keys are and do easy relay attacks.
Then they usually drive it to a nearby safe location first so they can just reprogram the keys.
I do feel like this could at least be cheaply mitigated by having an immobilizer for the gas pedal that stops throttle input if the key isn't detected after a cooldown after moving a few feet, which would prevent thieves from being able to move the car very far after starting.