Hacker News new | past | comments | ask | show | jobs | submit login
Some new cars at risk of theft by exploiting weaknesses in keyless entry systems (bbc.co.uk)
37 points by lewiscollard 75 days ago | hide | past | web | favorite | 64 comments

A lot of new car "innovations" remind me of my issues with the newer iPhones and Macbook Pros (no headphone jack, thinness above all else, etc):

I like having a physical key to start the engine. There was never any confusion in our household about "who has the keys" like there is now.

I despise the start-stop nonsense. Let me use the pedals to start and stop.

I don't need my car to broadcast a wifi signal.

Etc etc etc

Sometimes manufacturers should just "version-lock" their devices and keep going with it -- a lot of customers would be happier.

start stop for the engine when not needed is a welcome innovation though some brands handled it poorly when introduced. It does save fuel and when done well is seamless. I had this on a manual 2012 Z4 and loved it.

the wi-fi hot spot craze that manufacturers bought into never made much sense to me except as a revenue source for the same. I do know that GM though OnStar sells such services and they are seriously over priced, Onstar is near theft level just for monitoring services which is separate from data service!

As for keys, I love that my phone works as my key for my Tesla Model 3. For added security I can simply have PIN to drive setup in the car. Now some will say you lose security as all they need is your phone, well that is no different than just having your key too. I would be curious if the BT connection on the TM3 can be opened via signal boosting between phone and car. I do believe the optional key fob can be.

Now myself, though I had and tried it, I am not a fan of letting my phone take over the car UI no matter how dreadful a UI can be. I used it on my second generation Volt but in the end it really didn't not make much sense. First off, like I have found in my TM3 I really don't use much of the display or buttons while driving so any added features are moot. I did like that it would tell me my text messages, but some cars do that as well and let you voice transcribe replies.

The advantage for cars other than Tesla is that in those cars maps are never updated or only for money and infrequently. Let alone all other features.

Earlier versions of S/S worked a lot better with manual transmission cars. If you stop at a light and put the car in neutral, the first thing you have to do to go again is push down the clutch. You push it all the way down, then move your foot from the brake to the gas. You only expect the car to start moving when you start pushing down the gas and lifting the clutch. The S/S system can begin restarting the engine as soon as you touch the clutch.

In an automatic car, you stop with your foot on the brake, and as soon as you start lifting your foot, the car is supposed to start moving. You need a much more responsive and tuned S/S system to give a good experience when it has much less time to react.

What do you mean by “the start-stop nonsense” as opposed to using pedals? I don’t have a newer car.

Some will stop the engine while idling and the brake pedal is pressed. When it is released it will start the engine again. This is to avoid idle consumption and emissions at intersections, open bridges etc. (The stop/start is performed without you turning the key for ignition).

Or the OP simply meant he didn't like the button with the label "start/stop" present on many "keyless" systems (wireless keys) :-)

I put my money on the first. If you're not used to it - it can be quite unnerving when the engine suddenly stops at an intersection.

> it can be quite unnerving when the engine suddenly stops at an intersection.

Even more unnerving when it doesn't start right away, and you're already pushing the gas when it does, causing the car to lurch forward unexpectedly fast. All you can do is hope the person in front of you doesn't stop quickly, before you can get your foot back over to the brake.

I rented a Ford Ecosport for a road trip earlier this year and made good use of the unlimited miles package ;) It had the idle shutoff feature, which I didn't realize at first but figured out after a stoplight or two. Through a few weeks of city driving and highway driving, I never once felt it lurch. It was always absolutely responsive. Maybe they've gotten better? It worked great, and it was really nice to know I wasn't burning through gas idling at any stoplight or stop-and-go traffic on the highway.

This is a feature every car should have, and one that'd make much more sense to mandate over rear-view cameras.

No. Rear-view cameras are safety. They're simply a switch. IF in R turn on CAMERA. If move to D, turn off Camera. If MT, IF in R, Camera, if not no Camera.

Gas mileage is simply an op-ex of a car, and does not make more "sense" over a rear view camera, because increased c pillars decrease overall glass and visibility.

I rather pay a few bucks more in gas then have a featureset unused in my car or have to go through disabling it every time I operate it.

Rear view cameras are a major safety innovation for pickups and SUVs. There's simply no way to see if a child is standing in back of your rear bumper without one.

OP is likely talking about the system that automatically shuts down and restarts the combustion engine when you come to a complete halt. This is meant to reduce emissions and fuel comsumption.

I don't get why people are so opposed to it, I love it and I drive a Mercedes-AMG. Fantastic feature in traffic.

Audi driver here, and I hate it. Especially hate that I have to push a button every time I start the car to disable it. What an awful feature. Then again, I live in rural America and traffic isn’t a frequent thing I experience.

If you don't experience traffic frequently, then why would it bother you? It does nothing if you're just driving along. And I'm curious - what exactly makes you hate it?

I can't help but think that the extra wear and tear from start/stop cycles will end up exceeding the value of the fuel saved.

People always made that argument, but seeing as S/S systems have been in use for at least a decade now and we're not seeing catastrophic increase in rates of alternator/starter failures, I'd say that's not true. And it's not about fuel savings for me at all, it's just nice that the engine shuts off in traffic, it's quiet for a moment while you're standing still.

What's the link between start and stop and pedals ? Isn't it seamless for the driver ?

With a bit of practice, yes. First time I drove such manual transmission car was very confusing. I didn't know the engine stopped because I switched in wrong gear and didn't have enough torque or what. Felt very frustrating. After I got used to the transmission it was ok. I guess it would become seamless after a couple of days.

I think this all happens because buyers tend to greatly overestimate value of those small features. Initially, producer will devise a new feature to differentiate from competition. Later, competition will feel pressure to keep parity and so they will also include it. It becomes a standard and nobody will sell a car without the feature. That's how you get a car laden with heaps of marginally useful features.

I think "start-stop nonsense" is referring to push button ignitions

"Innovation" is increasingly newspeak for "regression."

I despise the start-stop nonsense. Let me use the pedals to start and stop.

What's this in regard to? Hybrid engines starting and stopping?

Hybrids are ok, since the initial acceleration is done using the electric motor, and is instantaneous. But some non-hybrid cars will stop the engine when the car stops, and start it real quick as you move your foot off the brake. This gets a bit disconcerting for us drivers that grew up with cars that would have a hard time starting back up if the engine died in an intersection, so the first few times it happens it induces a bit of mild panic.

Especially if you are at an intersection waiting for a gap in traffic, you take your foot off the brake and the engine starts, you start to ease up a bit for a better view then the engine stops again. Now there is a gap in traffic, and you want to go "right now", but if feels like there is that slight hesitation as the engine starts up again before you can start accelerating.

Now on the technical side, then the engine stops, the engine is positioned at a part of the combustion cycle so that it takes very little effort for the starter to get the engine to pop off. And the starter motor is an upgraded version, designed for the frequent use, so overall it is very reliable. But from a psychological viewpoint, it is very hard to shake the feeling that your car engine just died and you are about to get hit by an oncoming car.

Apple Watch Mac unlock uses time of flight to prevent relay attacks. Wouldn't that prevent this kind of thefts?

Here's a description of the Apple Watch Mac unlock process https://networkingnerd.net/2016/09/21/apple-watch-unlock-802...

Has there ever been a lot of friction as far as how quickly someone could get into a car?

Let's say it took someone 60 seconds in the past, is 10 seconds really that big of a change as far as committing the crime goes?

It's not the getting in part that's the problem, it's starting the car that is. When key-based immobilisers got introduced in the 90s the rate of car theft has dropped through the floor, because suddenly thieves couldn't start the car as easily as before. The keyless relay attack allows thieves not only to open but also to start the car within seconds, all of which without triggering the alarm.

On my Mercedes key I always double click the lock button which entirely disabled the keyless features until I use the key again.

Now the question is - is this actually safer? If some thieves arrive at my house to steal my car and their relay gadget doesn't work, are they going to give up, or are they going to break in and threaten me for the key? Now that's a question I don't like to think about too much.

It is one thing to steal a car. Another to break in and threaten someone. Escalating that much is a lot more dangerous. Firstly, now you might know what they look like, or at least partially. But you can also bet that the police will put more time into finding thieves that threaten people in their homes over simple car thieves. Which is definitely not what they want.

If you find a burglar in your home, the burglar is generally more likely to flee as quickly as possible, than pull a gun on you. Escalating to (the threat of) violence will likely make it harder for them, not easier.

You can probably rest assured that that won't happen. The type of thieves interested in quickly/easily/silently breaking into your car are probably not the same as the type of thieves who are willing to turn it into a violent crime. Probably.

They're going to give up. It's opportunistic, they're not going to risk robbery, or they'll think it's not working.

You would give up, as would most rational people. Once you’re committing felonies the primacy of rational thought could be called into question.

No. The typical person who is willing to steal a car is not willing to commit violent assault in order to take keys from you.

Someone whose logic is so flawed that they think “oh well, felony” is probably not just stealing cars. At that point they might as well break into your house, murder you for your stuff, and then do the same for every house on the block. “Because felony”, right?

So ‘No.’ but then you go on to restate my point?

No. Your point seems to state that committing a felony implies that a criminal is automatically willing to escalate to any other crime, as if anything resembling rationality is impossible. I’m saying that’s absurd.

Car thieves don’t generally commit war crimes.

This is what i said:

>Once you’re committing felonies the primacy of rational thought could be called into question.

This is what you're saying i said:

>Your point seems to state that committing a felony implies that a criminal is automatically willing to escalate to any other crime, as if anything resembling rationality is impossible.

See the difference?

No, I don’t see the difference. You said that someone committing one felony will escalate to another felony because they can’t think rationally.

The question was whether someone who’s willing to break into a parked car to steal it is willing to break into a house to assault the car owner in order to take their keys to steal the same car. You said yes, or at least you implied “yes” extremely strongly. If you don’t believe the answer is “yes” then I don’t know what the point of your comment was.

PS: The fact that you thought my absurd extrapolation of your statement was making the same point tells me that you do indeed believe a car thief is likely to escalate to far worse crimes “because felony”.

The Mercedes double click is specifically mentioned in the article, where someone claims a theft occurred after using it.

Two questions that immediately come to mind are 1) Is there feedback that the double-click was executed correctly? 2) If so, do you still get that feedback if the mechanism for disabling the keyless feature is interfered with in some way, e.g. by jamming?

Once you double press the lock button, there is a red light that comes on the key and flashes twice. But the thing to remember here is that this only disables the keyless features on that key. If they had the spare key somewhere in the house and didn't double click on the spare, then the spare would have responded the the relay attack even if the main key was switched off.

Thieves don't want your car, they just want a car. If your car is too hard to steal they'll just take your neighbors instead.

Both my neighbours either side of my house had their cars stolen by this on the same night. One was a Jaguar, think the other was an Audi.

They didn't touch my car even though it was newer, probably because it was a Kia. I am happy with my choice.

There's a common attack that boosts the wireless signal of proximity fob to trick the vehicle into unlocking & starting. Fob wireless systems should ideally redesigned such that the round trip time is precisely measured of only valid encrypted challenge responses that only the fob can answer.

Spending a bunch of money on a luxury vehicle is usually idiotic and most people who do so usually can't afford it in proportion to their income sheet and balance sheet. Plus, it advertises the owner and the vehicle as targets for all sorts of criminal intrigue.

Yeah I know the attack model, it was just amusing they took the cars that were worth less (at market value) over the newer car that was less cool but worth more.

We put our car keys in a metal tin near the door now which stops all this anyway.

Your car probably wasn’t actually worth more to them. Even if your Kia was worth more according to the Blue Book, it’s quite likely that Audis and Jaguars fetch more on the parts market, and many (most?) stolen cars are torn down for parts.

So can many old cars, with rockout keys[1].

[1] https://www.sparrowslockpicks.com/product_p/ck13.htm

I can break into an old or new car in 2 seconds with a hammer. Thankfully people don't break into your car just because they can.

But you can't start the car with a hammer and drive away, which is something the article talked about as well.

Good point. That is concerning.

Relay attacks let them start it an drive away too.

“Stolen in 20 seconds, but could not drive away.”

Isn’t that the same as “not stolen”?

The definition of stolen seems fuzzy here.

And here I am living in smalltown America and I don't lock the doors on my car in my driveway. For much of my life, I didn't even take the keys out of the ignition.

Back in the 80s my aunt and uncle each owned the same car, though different model years. It didn't take them long to realize that both keys worked in both cars.

A faraday car key bag costs about €20. And they work, I use one. But one has to be consistent and always put the key in the bag. Not a problem, really.

But... you shouldn't have to do this! It's an extra step, an inconvenience.

Yes, I agree. What’s the point of keyless access when one has to always take the key out of the faraday bag...

And I blame car manufacturers and dealerships for this. For introducing and advertising these features without explaining to less saavy buyers what are the risks.

The article doesn't support the headline. I don't doubt there are vulnerabilities, but the article didn't deliver.

It is clear what the vulnerability is. A lot of these remotes are susceptible to relay attacks. The car's challenge is being relayed into the house so the fob can respond. This response is relayed back to the car. The door just opens and you can start it and drive away.

It is also trivial to be this attack by adding an accelerometer to the fob. If the fob isn't moving, don't respond to the broadcast from the car. You could also be more extreme and have the car check constantly. If fob disappears, kill the engine.

>It is also trivial to be this attack by adding an accelerometer to the fob. If the fob isn't moving, don't respond to the broadcast from the car. You could also be more extreme and have the car check constantly. If fob disappears, kill the engine.

That would have to be a pretty sensitive accelerometer but you'd still end up with voodoo stuff like "I have to shake my purse while starting the car". Killing the engine if the fob disappears means you need to be polling the fob. See the lawsuits over heavy keys wearing out the ignition lock and steering column locking up to see what happens when the polling fails. Probably not a good idea, IMHO.

This attack can also be defeated by seeing how long the signal takes to respond from the fob so it knows how far away it is. Thieves can't get around the speed of light. Or use multiple antennas to triangulate the signal from the key fob.

They mention the relay attack. You hav an antenna amd amp. You press a button and the car challenges the key. The amp makes it reach the key.

Perhaps it make sense to place all your key fobs in a small Faraday cage while not in use.


They make them just for that purpose.

Would the fob still announce with the battery removed? A fob still works without the battery when put up-close to the start button.

How would the victims quoted here have any idea if their cars were opened with a relay attack? Someone grabbed your bag? It’s more likely that you forgot to lock your car than that you were a relay attack victim. Especially if you were in such a bad state that one of you literally passed out at the airport.

But also how are manufacturers still selling vulnerable cars? This seems like a class-action lawsuit waiting to happen. Relay attacks have been a known vulnerability with known solutions for years.

Leaving the car unlocked wouldn't explain how they were able to start the car and drive off with it.

Car missing + all keys accounted for in your house + no smashed glass = relay attack.

The people who have their bag stolen, did not have their car driven away.

That’s a valid question for the other victim, but I’m pretty sure cars are still occasionally stolen without the keys nearby by defeating the immobilizer.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact