I’ve been saying for a while now that car companies have to get serious about security in cars in the light of some high profile hacks in the last year that show that cars are very vulnerable to being pwned by hackers. I’ve even proposed a “Patch Tuesday” type of scheme to make sure that security fixes and improvements get into the hands of drivers. Here’s another example of why this is required:
ADAC, the German Automobile Club, is sort of the AAA of Germany. Recently, the group revealed the findings of some auto security tests they’d run to bring attention to how easy it is for thieves to exploit keyless entry systems and steal cars, despite the fact that the vulnerability has been known for years.
The technique involves cars equipped with keyless entry transmitter keys. Normally the key, which uses a radio signal, must be just a few feet away from the vehicle. The ADAC researchers figured out that with some inexpensive equipment, they could pick up the radio signal from a nearby keyless entry fob and extend it several hundred feet. The equipment cost ADAC roughly $225.
Once inside, the researchers (or thieves) would be able to start and drive the car away, as most automakers allow the engine to keep running and the car to drive even after the keyless entry fob goes out of range. ADAC used the technique on several cars in Europe, including Audis, BMWs, GM products, Fords, Kias, and Toyotas.
I’ll add Hyundai to the list as my 2016 Tucson will stay running if the key fob is removed from the car and you can drive away with it. That seems to me to be a #fail as I cannot think of a use case where this should be the desired behavior. I would be very interested to see what, if anything car companies do to address this issue as clearly this is something that needs to be addressed and soon.
Like this:
Like Loading...
Related
This entry was posted on April 7, 2016 at 9:41 am and is filed under Commentary with tags Cars. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Cars With Keyless Entry Transmitters Vulnerable To Theft
I’ve been saying for a while now that car companies have to get serious about security in cars in the light of some high profile hacks in the last year that show that cars are very vulnerable to being pwned by hackers. I’ve even proposed a “Patch Tuesday” type of scheme to make sure that security fixes and improvements get into the hands of drivers. Here’s another example of why this is required:
ADAC, the German Automobile Club, is sort of the AAA of Germany. Recently, the group revealed the findings of some auto security tests they’d run to bring attention to how easy it is for thieves to exploit keyless entry systems and steal cars, despite the fact that the vulnerability has been known for years.
The technique involves cars equipped with keyless entry transmitter keys. Normally the key, which uses a radio signal, must be just a few feet away from the vehicle. The ADAC researchers figured out that with some inexpensive equipment, they could pick up the radio signal from a nearby keyless entry fob and extend it several hundred feet. The equipment cost ADAC roughly $225.
Once inside, the researchers (or thieves) would be able to start and drive the car away, as most automakers allow the engine to keep running and the car to drive even after the keyless entry fob goes out of range. ADAC used the technique on several cars in Europe, including Audis, BMWs, GM products, Fords, Kias, and Toyotas.
I’ll add Hyundai to the list as my 2016 Tucson will stay running if the key fob is removed from the car and you can drive away with it. That seems to me to be a #fail as I cannot think of a use case where this should be the desired behavior. I would be very interested to see what, if anything car companies do to address this issue as clearly this is something that needs to be addressed and soon.
Share this:
Like this:
Related
This entry was posted on April 7, 2016 at 9:41 am and is filed under Commentary with tags Cars. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.