The future of how to steal a Z...
 

They've done a study in which they used relay attacks on keyless entry/start systems...

Full study:http://eprint.iacr.org/2010/332.pdf

Maybe this should go in DIY....

Too much to read at this time.

In "short" from another website:


Car thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key, according to new research that will be presented at the Network and Distributed System Security Symposium next month in San Diego, California.

The researchers successfully attacked eight car manufacturers' passive keyless entry and start systems—wireless key fobs that open a car's doors and start the engine by proximity alone.

Srdjan Capkun, an assistant professor of computer science in the system security group at ETH Zurich in Switzerland, who led the work, says he was inspired to investigate the security of keyless entry and start systems after buying a car that had one. Capkun and Aurélien Francillon and Boris Danev, both researchers in the same institution, examined 10 car models from the eight manufacturers. They were able to access all 10 and drive them away by intercepting and relaying signals from the cars to their wireless keys. While they could relay the signals from the key back to the car as well, usually they did not need to because the key transmits its signals up to around 100 meters. The attack works no matter what cryptography and protocols the key and car use to communicate with each other.

Normally, when a wireless key is within a few meters of the right car, it detects a low-powered signal that causes it to issue a command that opens the car enable the ignition. The researchers used a pair of antennas to transmit these signals from the car to the key when the key was farther away, tricking the car into opening without the ordinary authorization. One antenna needs to be very close to the car, and one needs to be within eight meters of the key.


The researchers came up with two versions of the attack. In one, they ran a cable from near the car to near the key and used it to transmit the signals. They conducted the other wirelessly. Francillon says that the materials for the wired attack cost about $50, and those for the wireless attack cost between $100 and $1,000, depending on the electronic components used.

The researchers tested a few scenarios. An attacker could watch a parking lot and have an accomplice watch as car owners as entered a nearby store. The accomplice would only need to be within eight meters of the targeted owner's key fob, making it easy to avoid arousing suspicion. In another scenario, a car owner might leave a car key on a table near a window. An antenna placed outside the house was able to communicate with the key, allowing the researchers then to start the car parked out front and drive away.

damm good info Xan, that is krazy tho; I'm hoping that additional research based on this new information will lead to new & safer solutions from car manufacturers.

Lojack early warning system

That is kinda scary

When I used to help out at a Ford dealer my shop manager told me a story.
He was a teacher at Lincoln Tech. and Mercedes Benz came with their new lines of cars.
The Mercedes guy was boasting about how amazing their keyless entry system is and that you can't ever steal their cars. He told me all you have to do is jack up the car so that the computer thinks that you got into an accident and it'll unlock the doors because that's a safety feature most cars offer these days.

Yea, but as criminals get smarter so does the inventors of a product.

Getting into a car and starting it is the easiest part of stealing a car. Not too huge of a concern for me.

On the old Mercedes ( not sure about the new models) you can cut a tennis ball in half, place over the lock cylinder and pop it. Doors will unlock. My old boss did it to his benz. Looks like I'll be adding Compustar to my Z.

Saw this coming years ago. If they can unlock your car or start it from a simple phone call to OnStar and the operator just hits a button from thousands of miles away, you gotta figure there's gonna be thieves who want to take advantage

I saw some news story that was warning against people using scanners in parking lots, and getting your frequency (i guess) when you lock your car with your fob as you're walking away. It gave the advice of: if you see anyone standing around in the parking lot as you're getting out of our car, hit the "lock" button on your door rather than using your fob.
I didn't pay as much attention as I probably should have because I already only use my button on the door (since my fob is generally in my pocket).

Also, as someone who has had a car stolen the old fashioned way (with the steering column ripped out), I'd more than appreciate the less damage being done to the car as possible in case it's found :icon17:

a real alarm with a starterkill ftw. if you open the door without deactivating the alarm, the alarm still goes off, rendering the car un-startable as well as sirens going off.

It works only occasionally on a few Benz's that used vacuum operated locks. Older Jaguars are vulnerable too, but it's really not much to worry about.




Yep, but very few would-be thieves know enough about what's happening to take advantage. A well set up crypto system would do wonders if you wanted to prevent it, but realistically, anyone who is bothering with sniffing the RF waves to get into my car can just have it.

Like always, dedicated people with the right setup can snag anything. Most people don't care enough about your 370z to go through that effort.

Insurance my friends. That's why we willingly pay thieves to help soften the blow when street thieves take our ****.