Can this be true??

crazy_wheeler

Active VIP Member
Joined
Jun 26, 2007
Messages
6,388
Reaction score
12,738
Location
Stony Plain
I received this e-mail from a friend and was wondering if this could actually be true? There was contact information for a constable from Sherwood Park but I left that out.


New way criminals are getting into locked cars.


I locked my car --- as I walked away I heard my car door unlock I went back and Locked my car again three times. I looked around and there were two guys sitting in a car in the fire lane next to the store. When I looked straight at them they did not unlock my car again.
While traveling my son stopped at a roadside park. He came out to his car less than 4-5 minutes later and found someone had gotten into his car, and stolen his cell phone, laptop computer, GPS navigator briefcase.....you name it .. Called the police and since there were no signs of his car being broken into- the police told him that there is a device that robbers are using now to clone your security code when you lock your doors on your car using your key-chain locking device..They sit a distance away and watch for their next victim. They know you are going inside of the store, restaurant, or bathroom and have a few minutes to steal and run. The police officer said... Be sure to manually lock your car door by hitting the lock button inside the car, that way if there is someone sitting in a parking lot watching for their next victim it will not be you. When you hit the lock button on your car upon exiting...it does not send the security code, but if you walk away and use the door lock on your key chain- it sends the code through the airwaves where it can be be stolen, something totally new to us.
Be aware of this and please pass this note on..look how many times we all lock our doors with our keys...just to be sure we remembered to lock them....and bingo someone have our code...and whatever was in the car...can be gone.
 

tohigh

Active VIP Member
Joined
Apr 5, 2007
Messages
7,165
Reaction score
0
Location
ab
them dirty little ___________________---
 

H2SNOW

Active VIP Member
Joined
Oct 26, 2008
Messages
1,417
Reaction score
240
Location
North of 60 ....deep deep in da bush ...
pretty sure it is ...rather easy actually same as a garage door opener ..a series of 40 bit digits to activate an electonic device...take any old scanner and depress the keyless entry button ..for a split second the RF zips thru the air is subject to trackin ..now furthur that thought with a scanner that can aquire the said RF then it captures it ...now send out the same code via RF and presto ....really quite simple in theory

somebody just came up with device ..
 

H2SNOW

Active VIP Member
Joined
Oct 26, 2008
Messages
1,417
Reaction score
240
Location
North of 60 ....deep deep in da bush ...
here is the idea in depth

Yet another hack for RKE? We, as the designers for secure systems, should keep developing our systems and protect the Achilles' heel (security weakness) relatively.
The modern vehicles are equipped with various access control systems to prevent being stolen. The manufacturers promote many products such as immobilizer, RKE (Remote Keyless Entry), PKE (Passive Keyless Entry) for their cars. However, more and more car thieves still break into these advanced systems with their continuously improved hacking gears.

Threats and Attacks

There are different levels of attacking methods, either physical or logical (mathematical) ways. We are not going to involve too much discussion about cryptography, which is very boring for most visitors. And an open discussion for any existing Remote Keyless Entry (RKE) system will bring up more legal risks.

Interference for Remote Keyless Entry (RKE)

I read a newsflash about a group of series thieves, who have stolen various private cars with RKE (Remote Keyless Entry) interference units. They always wander in a car park. When the car drivers lock their cars with remote keys, they start the interference units and make the security system fail. Many drivers do not recognize that their cars are already in danger and just leave in that case. It is difficult to get them on site since the interference units are hidden well. This interference unit approach is used to attack the communication between the remote key and the RKE/ECU of the car. Most of RKEs employ OOK/ASK (such as MAXIM), which is very sensitive to the RF interference and easy to monitor.

RF Scanner

Another hacking approach is the RF scanner. The thief will scan all parking cars and try to open the cars with fixed or hopping codes in 10 m range. According to the report, the 3 billion hopping code can be tried in 10 minutes. If the Remote Keyless Entry (RKE) system under attack doesn't use extra encryption and authentication algorithm, this traditional try and error approach is quite useful in hacking most of the RKE (Remote Keyless Entry) systems.

RF monitors & Session Playback

The most advanced hacking approach is using RF monitor and session playback. The thief can use RF monitor to scan the RF communication between the RKEs and the remote keys. Then they decode the ciphers and simulate or make a "valid" remote key with PC. This approach is based upon extensive arithmetical operations. I don't know the detail of how to hack the algorithm, but I do know a simple fact: if the algorithm is in public and the last session is known, it is much easier to hack a one-way communication system. And Remote Keyless Entry systems are not the banking systems, they have not the limitation for trials. According to update report, the thieves who use the RF monitors can break into any high-end cars, including BMW, Benz, Bentley and etc. That is also a big reason why Microchip does not reveal the algorithm for its new KeeLoq products any more.

Possible Remedies

The biggest defect of most Remote Keyless Entry systems is plain communication on an open and insecure media: RF. The real reason is cost-driven and customer experience. However, such lagging thought should be abandoned in a fast growing world. Security should be the first consideration. Now the computers are cheaper and more powerful. We can find some alternative solutions accordingly to the make up the RKE systems.

Accordingly, the possible remedies for existing RKE systems include improved modulation under noise, mutual authentication, and encrypted communication with random seed.

Infrared

Infrared could be a low cost alternative physical layer for the RF based RKE systems. The infrared system is difficult to monitor or copy because of its visibility and narrow communication angle. One Chinese graduate student released an infrared access control system with mutual authentication with a standard 89C51 microcontroller. Its communication speed is reduced on purpose. The successful communication still fast enough for authenticated users, but it is a nightmare for car hackers.

IEEE802.15.4 (Zigbee) & Bluetooth

There are two RF alternative solutions for RKE systems: IEEE802.15.4 and Bluetooth. These two technologies are low-cost solutions, which are very cheap and proven in the consumer market. They can bring more safe two-way RF communication with mutual authentication.

IEEE802.15.4 is well-known as Zigbee, which uses DSSS/BPSK and DSSS/O-QPSK modulation, which offers higher anti-interference capability. BTW, IEEE802.15.4 mentioned here does not refer to a RF system who has implemented full Zigbee stack. Most of the Zigbee suppliers also offer their proprietary protocols, which can be implemented in a small-footprint microcontroller, and it is more attractive for the car manufacturers. Technically, IEEE802.15.4 is a proper replacement for the existing RKE systems, because it has longer battery life-time and it can be permanently embedded into a remote key. The car makers can develop their own cryptographic algorithm or strong RSA authentication in the embedded microcontrollers, which always bring more flexibility and options in deployment.

The Bluetooth uses GFSK modulation with hopping frequency capability. However, Bluetooth may win the market because most of the mobile phones have Bluetooth modules. On the other hand, broader installation base may be the shortcoming as well. And someone does not appreciate the key pairing of Bluetooth. There are too many commercial considerations.

Nobody knows who can win. But I prefer IEEE802.15.4.


CDMA Key

Theoretically, CDMA(Code Division Multiple Access) is the best solution for the RKE systems. It has PN code and spread frequency modulation, so the CDMA system can work in a noisy environment, is hard to monitor and track. However, we have to face the IP barrier and cost challenge. If a manufacturer promotes its CDMA Key RKE systems, I am interested to know who is supplying ICs for CDMA based RKE. Please give me some comments in case you know the IC manufacturer for CDMA key.



Finally, it is obvious that the existing RF based one-way RKE system is easy to attack and hack. (I do see the "two-way" RKE system. But the up-link is used to report the TPMS, rather than an authentication challenge). We can not see a quick change even so many cars are in danger. It is difficult to change the car makers minds.
 

Superford

Active VIP Member
Joined
Sep 13, 2007
Messages
232
Reaction score
8
Location
Sherwood Park, AB
I received this e-mail from a friend and was wondering if this could actually be true? There was contact information for a constable from Sherwood Park but I left that out.


New way criminals are getting into locked cars.


I locked my car --- as I walked away I heard my car door unlock I went back and Locked my car again three times. I looked around and there were two guys sitting in a car in the fire lane next to the store. When I looked straight at them they did not unlock my car again.
While traveling my son stopped at a roadside park. He came out to his car less than 4-5 minutes later and found someone had gotten into his car, and stolen his cell phone, laptop computer, GPS navigator briefcase.....you name it .. Called the police and since there were no signs of his car being broken into- the police told him that there is a device that robbers are using now to clone your security code when you lock your doors on your car using your key-chain locking device..They sit a distance away and watch for their next victim. They know you are going inside of the store, restaurant, or bathroom and have a few minutes to steal and run. The police officer said... Be sure to manually lock your car door by hitting the lock button inside the car, that way if there is someone sitting in a parking lot watching for their next victim it will not be you. When you hit the lock button on your car upon exiting...it does not send the security code, but if you walk away and use the door lock on your key chain- it sends the code through the airwaves where it can be be stolen, something totally new to us.
Be aware of this and please pass this note on..look how many times we all lock our doors with our keys...just to be sure we remembered to lock them....and bingo someone have our code...and whatever was in the car...can be gone.


I read an article in the Sherwood Park paper a while back about this and it is false. The constables name mentioned never even knew anything about it. There may be some validity with how it could be done but the other details in the e-mail are not true.
 

H2SNOW

Active VIP Member
Joined
Oct 26, 2008
Messages
1,417
Reaction score
240
Location
North of 60 ....deep deep in da bush ...
I read an article in the Sherwood Park paper a while back about this and it is false. The constables name mentioned never even knew anything about it. There may be some validity with how it could be done but the other details in the e-mail are not true.

perhaps the particular story in question is untrue but ..it is happening .....and is an ongoing concern
 
Top Bottom