Technology

58144 readers

4513 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

[email protected]

489

Revealed: car industry was warned keyless vehicles vulnerable to theft a decade ago (www.theguardian.com)

submitted 6 months ago by [email protected] to c/[email protected]

128 comments fedilink hide all child comments

Experts alerted motor trade to security risks of ‘smart key’ systems which have now fuelled highest level of car thefts for a decade.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 6 months ago

For one, completely remove presence based unlock and start would be a good first move. They are inherently insecure, as they are much too easy to relay attack.

Next, alter fob controls to encrypt the communication with private/public keys tied to the specific car. This way, even if the fob communication is intercepted, the information is functionally impossible to reverse engineer.

Finally, implement two way communication. An initial handshake followed by the command. This would functionally remove any chance of a replay attack. Even if the handshake is recorded, the fob won’t send the command.

These three changes would essentially remove any chance of using a device like a flipper for entry. Yes, it would still technically be susceptible with a relay attack, but the chances are so slim as to be essentially impossible.