GM Volt Forum banner

1 - 19 of 19 Posts

·
Registered
Joined
·
1,264 Posts
Discussion Starter #1
https://www.wired.com/2017/04/just-pair-11-radio-gadgets-can-steal-car/?fbclid=IwAR2R_XqYGR0pAiGS10isQEljmmBbqEtlOpmwKwVu HPURkagXTzd2HMskUZg

FOR YEARS, AUTOMAKERS and hackers have known about a clever attack that spoofs the signal from a wireless car key fob to open a vehicle's doors, and even drive it away. But even after repeated demonstrations—and real thefts—the technique still works on a number of models. Now a team of Chinese researchers has not only demonstrated the attack again but also made it cheaper and easier than ever.

A group of researchers at the Beijing-based security firm Qihoo 360 recently pulled off the so-called relay hack with a pair of gadgets they built for just $22. That's far cheaper than previous versions of the key-spoofing hardware. The Qihoo researchers, who recently showed their results at Amsterdam's Hack in the Box conference, say their upgrade also significantly multiplies the radio attack's range, allowing them to steal cars parked more than a thousand feet away from the owner's key fob.

The attack essentially tricks both the car and real key into thinking they're in close proximity. One hacker holds a device a few feet from the victim's key, while a thief holds the other near the target car. The device near the car spoofs a signal from the key. That elicits a radio signal from the car's keyless entry system, which seeks a certain signal back from the key before it will open. Rather than try to crack that radio code, the hacker's devices instead copy it, then transmit it via radio from one of the hackers' devices to the other, and then to the key. Then they immediately transmit the key's response back along the chain, effectively telling the car that the key is in the driver's hand.

"The attack uses the two devices to extend the effective range of the key fob," says Jun Li, one of the researchers in the Qihoo group, who call themselves Team Unicorn. "You’re working in your office or shopping in the supermarket, and your car is parked outside. Someone slips near you and then someone else can open up and drive your car. It’s simple."

 

·
Registered
Joined
·
4,683 Posts
That is very interesting. Thank you for posting. The next line of defense is to keep your key fob in an RFI shielded pouch except when unlocking, starting and driving the vehicle. Some manufacturers, notably Tesla, have implemented an optional PIN security feature for their vehicles. It is kind of a PITA to have to enter the PIN each time you start the vehicle but then so is having your ride stolen.
 

·
Registered
Joined
·
135 Posts
Most new vehicles have touch screens. Multi-Factor auth? Manufacturers could add a PIN code or a pattern lock function.

Or perhaps add a palm vein sensor like this tech: https://www.fujitsu.com/jp/group/frontech/en/solutions/business-technology/security/palmsecure/sensor/

That's much more secure than a fingerprint sensor, a retina sensor or face recognition...

Imagine, you use the normal keyless access to get inside of your car, then use a voice command "Talk to the hand" and the car scans your palm ;) And only then you are able to drive away. Or integrate such a sensor to the the B-pillar, or wherever... Also, palm vein scanners need a hand that still has warm blood inside, or it won't work. So no car hacker can't hack your hand off to authenticate :p
 

·
Registered
Joined
·
2,615 Posts
They have to watch you get out of your car, follow you, and then get uncomfortably close to you for an uncomfortably long time. My suspicion is that anyone who's the least bit vigilant, is not likely to have this happen so easily.
 

·
Moderator
Joined
·
8,680 Posts
Test Fob proximity using some sort of response time, rather than signal intensity? That should knock the repeater attack out, since it can't possibly turn the correct signal around in time to pretend to be the fob right next to the car...
 

·
Registered
Joined
·
292 Posts
Fingerprint sensor on the start button and door handle


Sent from my iPhone using Tapatalk
 

·
Moderator
Joined
·
8,680 Posts
Fingerprint sensor on the start button and door handle


Sent from my iPhone using Tapatalk
That can probably work on the start button, though it will make borrowing a car more challenging. For a door handle, out in the rain, I have my doubts. I have yet to meet a fingerprint sensor that worked with a wet finger on a wet sensor.

Either way, it's new hardware that will presumably not be retrofitted into older cars, and there are no more new Volts.
 

·
Registered
Joined
·
4,683 Posts
Most of the fob repeater attacks, so far, appear to have been carried out while the vehicle is parked at home. Two or more thieves work as a team; one gets close to the residence, holding the repeater, moving to be near the actual key fob while it sits on a dresser etc. inside the residence while the second car thief is standing at the ready close by the vehicle waiting for the vehicle to unlock.
 

·
Registered
Joined
·
1,264 Posts
Discussion Starter #11
Thanks for posting an article from 2017.
There's just been a huge break in this story. The gadgets now only cost $9 each! :cool:
 

·
Registered
Joined
·
1,561 Posts
Unlocking the door and starting the car via the key fob are two distinct functions, and it is unclear from the article if the hacker device held by the actual car thief continues to work within the car itself, i.e., it may be able to unlock a Volt’s door, but can it be used to start the car?

A question that came up in a thread I was following a couple of years ago concerned the active range of the key fob. Could a Volt parked in an attached garage be unlocked and started by someone (by a thief or by a driver who forgot the key when leaving the house) if the key fob were sitting within the house, but close enough to the car to work (e.g., on the kitchen counter next to the garage, or in the bedroom above the parked car). I discovered that with my 2012 Volt, if my key fob is sitting on top of my Volt, I can then press the door handle buttons and unlock a locked car door. On the other hand, with the key fob on the roof, when I press the Start button, I get the No Remote Detected message.

I repeated this test today... No Remote Detected when I press the Start button and the key is 1) sitting on the car’s roof, 2) sitting on top of the outside mirror, driver’s side, or 3) held in my hand about 6-10 inches outside the open window.

However, if the key fob is sitting on the windshield wiper or elsewhere on the outside of the windshield, or sitting on the outside of the rear hatch window, the signal works and the car will start. If I then turn the car off and exit the car, when I close the door I get the three beeps to warn me that I left the remote inside the car(!).

IOW, it is unclear if these gadgets will fool the Volt into thinking the fob is inside the car or within "start the car" signal range through a window, and it certainly would seem that if the Volt can be started in this manner, once the thieves arrive somewhere and turn the car off, it can’t be restarted without the fob.
 

·
Registered
Joined
·
104 Posts
This touches on something I've been wondering about.

If a Volt were to be carjacked while running and the thief neglects to demand the key fob, how far will they get? Is there a difference between Gen 1 and 2 or model years?

I would hope it would detect the fob is no longer in the car and shut down after a short distance, but that doesn't sound like the case from the post above.

2019 Volt LT, Pacific Blue, Power Convenience Package, LT Driver Confidence Package, Comfort Package, nicknamed "Voltemort".
 

·
Registered
Joined
·
4,683 Posts
Not Volt related but last year my neighbor on my street had their Toyota Tundra pickup truck stolen; they said the truck had been locked. It appears the truck was specifically targeted by thieves. Of course in planning this theft the thieves could have had a duplicate key obtained from a Toyota dealer.
 

·
Registered
Joined
·
719 Posts
I would hope it would detect the fob is no longer in the car and shut down after a short distance, but that doesn't sound like the case from the post above.
I seem to remember (from someone who actually tested it on a gen1), that you can drive the car as long as you want without the key fob in the car.
It is only used to start the car, so as long as you don't shutoff the car, you can keep driving.
 

·
Registered
Joined
·
1,561 Posts
I would hope it would detect the fob is no longer in the car and shut down after a short distance, but that doesn't sound like the case from the post above.
Once your Volt has been started, it will stay on while you are driving until you turn it off.

I suppose it would be a safety hazard to do otherwise (e.g., unexpected shutoff while on the freeway).

Consider, too, an aging fob battery, rather than a car theft. I’ve had times when I’ve reached my destination in my 2012 Volt and pushed the Start/Stop button to turn it off, and the driver’s display flashed the message, No Remote Detected, Push Brake to Start Car (which gives you a chance to keep the car running so you can drive back home and get your key fob). In this case, it was a failing fob battery.

In such a circumstance I think it is possible I could, if needed, start the car again by placing the fob in the storage area on the dashboard. More often, when the message reads No Remote Detected, I push the door lock and door unlock button on the fob. To date, the fob battery still has had enough juice to activate the door locks. This activity seems to reestablish contact with the car, and I can then turn off the car or start it again normally. Removing the battery from the fob, rubbing with a clean cloth, and reinserting it also helps keep the battery working effectively.

During my original Volt test drive back in 2012, my salesman put the fob in the cubby by the shifter. I adopted that habit - fob in the cubby when I get in the car, taken out and put in my pocket when I get out of the car. That habit assures me I have my fob with me.

Others simply leave the fob in a pocket or purse, where the "inside the car" location is enough to start the car. This, however, can lead to unexpected consequences. For example, the driver husband keeps his fob in his pocket and his wife keeps her fob in her purse. They head off to work one day, he forgets his fob, but the fob in her purse allows the car to be started. When she gets out with her purse at her workplace and shuts the door, the triple-honk warning chime sounds (fob is removed from car that is running!). If that doesn’t remind him to check for his fob, he’ll drive to his workplace, turn the car off, and have no way to start the Volt at the end of the workday.
 

·
Registered
Joined
·
779 Posts
I'm not worried. The thieves in my area aren't smart enough. Except for the thieves that work in government. Nah, they couldn't do it either.
 

·
Registered
Joined
·
3 Posts
This has been happening a lot in my 'hood. No car thefts. Just ransacked cars, sometimes netting nothing of value. Just search youtube for "relay attack".

I keep my fob in a metal box similar to an Altoids box.
 

·
Registered
Joined
·
1,340 Posts
This is why Tesla implemented PIN To Drive, if you want it. I could see placing a switch somewhere inside the car that could disable the power to the passive entry antenna, on the Volt. You'd have to click unlock on the keyfob to get in, then flip the passive entry switch before being able to start the car. Leave the switch on for normal use, then flip it off if you're in a sketchy place.
 
1 - 19 of 19 Posts
Top