

Thieves Break Into Cars Using Mysterious 'Black Box' - BrandonMarc
http://chicago.cbslocal.com/2014/02/27/car-thieves-break-into-cars-by-hacking-them-with-black-box/

======
skywhopper
I'm assuming automakers don't publish their specs for keyless entry for
review? I'm sure they are relatively insecure, and they almost surely have
backdoor codes known to thousands of individuals in each company and likely to
several law enforcement agencies as well. Such info will inevitably be leaked.
I'm honestly surprised we haven't already seen widespread hacking of keyless
entry. Now that many cars do all their user authentication to wireless
keyfobs, hotwiring's not even necessary if you can crack the protocol.

~~~
aosmith
It's RF so all you would need is a little know how and a spectrum analyzer...

~~~
gizmo686
They could use an interactive zero knowledge proof, or some such crypto.

~~~
jrockway
They could, but most people only test that something works, not that it
doesn't work ("goto fail"), and so probably didn't do that.

"UNLOCK" "OK"

------
ChuckMcM
Not exactly a new story :
[https://www.google.com/search?q=automatic+door+unlocker&ie=u...](https://www.google.com/search?q=automatic+door+unlocker&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-
US:official&client=firefox-a&channel=fflb#channel=fflb&q=wireless+car++door+exploit&rls=org.mozilla:en-
US:official)

That said, its annoying. I've gotten in the habit of pulling the fuse to the
car locks in my car when I park it in the long term airport lot.

------
just2n
This is only the tip of the iceberg as far as this kind of thing is concerned
(this kind of thing being people relying on software to keep them and their
belongings safe).

With peoples' lives at risk and with cars representing huge investments for
many people, it's probably about time to get regulation that requires the
software systems that are interacting with vehicles to be open to experts at
large.

The same goes for things like in-home security software.

The competition should not be in the critical software. That much needs to be
standard. The competition should be around fluff, construction quality, body
design, brand, perks, horsepower, etc.

How is this kind of thing handled in the medical and aviation industries? How
about NASA? Life-critical and safety-critical software isn't something you
should hire the lowest bidder to create, nor is it something that should be
hidden away in the belief that "obscurity is (the best, and the only)
security."

~~~
lisper
> How is this kind of thing handled in the medical and aviation industries?

You need government approval (FDA or FAA respectively) to bring a product to
market. Are you sure you want that kind of bureaucratic overhead (and the
associated politics) in your car and home alarm?

~~~
just2n
I don't think "government" means "good engineering", I think that it should be
thoroughly vetted by sufficient expertise.

I'm not sure if the FDA or FAA are capable of doing that, given how the
government is really, really bad at building or contracting software (in
general).

If only we could have some kind of standardized software to power these
devices that is built by the community at large and thoroughly reviewed for
correctness. Even at the cost of limiting hardware, I think that's an option.

~~~
awor
It'd be neat if they could come to some sort of a standard on this so that its
an open, reviewable piece of software that handles the crypto side of things
and then passes that off and they (the Automakers) can "customize" the rest of
the software all they want.

Somewhat (but also not at all) like a more advanced ODBII[0]

[0][http://en.wikipedia.org/wiki/On-board_diagnostics#OBD-
II](http://en.wikipedia.org/wiki/On-board_diagnostics#OBD-II)

------
WalterBright
My anti-theft device is a gearshift. Nobody knows how to drive them anymore.

~~~
hnriot
except everyone who didn't learn to drive in the USA.

~~~
sosborn
I love how some people believe that this is a USA-only phenomenon.

~~~
dageshi
I live in the UK and everyone I know who's ever passed a driving test drives a
manual/stick.

~~~
WalterBright
Fortunately, I never take my care to the UK!

------
sparrish
This is nothing new. I saw a similar report with a different video over a year
ago (couldn't find the link).

~~~
lstamour
This one?
[http://www.reddit.com/r/videos/comments/1skuij/new_hightech_...](http://www.reddit.com/r/videos/comments/1skuij/new_hightech_car_theft_device_showing_up_in_the_us/)

------
vinalia
There was a pretty good talk at 29C3 about side-channel analysis and how it
can break secret keys of wireless devices and smartcards. [1]

With knowledge of cryptanalysis and lots of free time I think it's conceivable
that someone could have cracked the system. I wonder if car companies test
their crypto very rigorously?

1\.
[https://www.youtube.com/watch?v=Y1o2ST03O8I](https://www.youtube.com/watch?v=Y1o2ST03O8I)

------
ansimionescu
Ghost Dog much? :)

0:
[http://www.youtube.com/watch?v=VKgTdEYDlKg](http://www.youtube.com/watch?v=VKgTdEYDlKg)

------
zhng
Read somewhere that this is possible by re-playing bluetooth (or similar)
keyless entry signals. The suspect doesn't actually know what car he or she is
going to unlock. So they brute force walk by any car that opens and drive off.

------
seventytwo
Anyone know how this is done? Maybe brute forcing the keyless entry? Maybe
damaging the antenna/preamp with something high-powered would work if there's
a fail safe feature to unlock the car in that event?

~~~
Sae5waip
I've recently seen a presentation about attacks on a widely used system used
in current cars.

There are a couple of different ways that are significantly better than brute
force (as in: works against real cars in seconds to a few minutes). (Though
since key length is only 48 bit, even brute forcing might be practical.)

This might interest you:

[https://www.usenix.org/system/files/conference/usenixsecurit...](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final95.pdf)

~~~
herbertwest
I post this whenever this subject surfaces. Great paper.

------
joshuaheard
I suspect it will be necessary soon to start putting a keypad on the keyfob or
door handle to ender a pin code in order to unlock the door.

------
rl3
Too bad there isn't a market for modern vehicles with minimalist, open-source
embedded systems. That would be cool.

~~~
valarauca1
Writing real time serial DAQ applications that will run for 20-30 years on end
on custom 20 year old microprocessor isn't exactly for the faint of heart.

Source: this is part of my job, I work in fuel systems.

~~~
rl3
I meant more in the sense that it would make all the subsystems of the vehicle
subject to review by security researchers and hobbyists.

Things like backdoors in key/locking mechanisms or even gross incompetence
would be difficult to hide when the underlying hardware and software was open
source.

~~~
valarauca1
(sorry long weekend)

The issue becomes when opening sourcing engine components it becomes very easy
to damage engines in ways that could injure the driver/other people on the
road, as well as maintain EPA standards for emission and fuel consumption.

Not every mechanic is a Fuel System Engineer, its relatively easy to hydrolock
an engine. If you screw up the internal mechanics then just a hop-skip-and-a-
jump to a VERY rapid dis-assembly.

It's a lot like overclocking, but instead of a 500CPU you have a 5,000 6
chamber bomb.

------
becauseGoogle

      Gee, you guize! Oh noes, scarey people is 
      doing bad, bad tings, and let's all worry now!
      Police no can help! Meesuh gonna die now???
    

Is there a particular reason why the 5 o'clock news is dumbed down to non-
verbal pre-schooler degrees of retardation? I mean this is like Barney The
Purple Dinosaur "2 + 2 is 4" level informative.

    
    
      "...AND NO ONE KNOWS WHAT IT IS!"
    

Bullshit. That is a fucking lie. What's the next segment going to be? Strange
lights in the sky, and maybe they're space aliens? Thanks for nothing,
"journalists."

 _Someone_ knows exactly what it is, and where it came from, and they're just
not permitted to explain on public channels, because classified. This is just
an all-points-bulletin to make sure an otherwise disinformed citizenry starts
reporting on a type of crime that they might've been previously unfamiliar
with.

~~~
dragonwriter
> Is there a particular reason why the 5 o'clock news is dumbed down to non-
> verbal pre-schooler degrees of retardation?

Yes, getting eyeballs and selling ads. The simple model of appeals with high
emotional resonance and low rational content that generates among a large
segment of the population a feeling that the world is a scary, scary place and
if they don't keep tabs on the latest danger by watching the news it will be
even more dangerous for them is a very effective way of doing that.

~~~
krapp
Often, there's simply no benefit to putting more than the minimum amount of
effort into a story. Staff may be untrained, overworked, underpaid, crunched
for time or (apparently in this case) just serving up whatever shit the
mothership gives them to fill some space.

Just look at how many times that particular 'story' mentions 'CNN reported'
and 'CNN says.' And the whole thing is like ten sentences. I bet someone
didn't even have to put down their coffee for this one.

~~~
FLUX-YOU
I've worked at a local NBC station that was exactly like this. Nice people,
but there's absolutely no incentive at all for anything in depth. Local
stations sometimes redeem themselves when shitty weather hits the fan though.

