PDA

View Full Version : time to get a tin foil hat for your immobilizer-enabled key



googe
01-30-2005, 12:54 AM
http://www.mytelus.com/news/article.do?pageID=cp_tech_home&articleID=1831148


U.S. researchers say they cracked security system used in millions of cars

BALTIMORE (AP) - U.S. university researchers said Saturday they have found a way to crack the code used in millions of car keys, a development they said could allow thieves to bypass the security systems on newer car models.
The research team at Johns Hopkins University said it discovered the "immobilizer" security system developed by Texas Instruments could be cracked using a "relatively inexpensive electronic device" that acquires information hidden in the microchips that make the system work.

The radio-frequency security system being used in more than 150 million new Fords, Toyotas and Nissans involves a transponder chip embedded in the key and a reader inside the car. If the reader does not recognize the transponder, the car will not start, even if the key inserted in the ignition is the correct one.

It's similar to the new gasoline-purchase system in which a reader inside the gas pump is able to recognize a small key-chain tag when the tag is waved in front of it. The transaction is then charged to the tag owner's credit card.


Researchers said they were able to crack that code, too.

"We stole our own car and we bought gas stealing from our own credit card," said Avi Rubin, a professor of computer science at Johns Hopkins who led the research team.

Texas Instruments was recently given demonstrations of the team's code-cracking capabilities but the company maintains its system is secure.



Tony Sabetti, a business manager with Texas Instruments, said the hardware used to crack the codes is cumbersome, expensive and not practical for common thieves.

"I think the way in which it's presented as being inexpensive to do and quick and all the rest of that is an exaggeration," Sabetti said.

"And because of that, we believe the technology still is extremely secure for the applications that it's used in."

But Rubin said the code-breaking demonstrations illustrate developers did not pay enough attention to security.

"I think the implications are that it sets us back about 10 years ago where we were with car security," Rubin said.

In the seven years the technology has been in use, Texas Instruments has never had a reported incident where a car has been stolen or a gasoline-purchasing tag has been duplicated, company spokesman Bill Allen said.

The Johns Hopkins team, which was funded by Bedford, Mass.-based RSA Security Inc., recommended distributing free metallic sheaths to cover the radio frequency devices when they are not being used.

GQBalla
01-30-2005, 01:29 AM
hmm that is pretty scary....i wonder if this team will go around stealin cars now...:eek:

Seanith
01-30-2005, 02:45 PM
What a bunch of idiots.. i'm just surprised they didn't come out and say exactly how they are able to steal the cars :rolleyes: . Its annoying when researchers have finds like this. They just let everyone know whats up.

A_3
01-30-2005, 02:50 PM
Don't cancer and AID's still need to be cured.... but nooooo they're working on how to steel cars... :rolleyes:

1badPT
01-30-2005, 03:19 PM
This sort of research is done all the time because if it wasn't, sooner or later a smart thief would figure out how to do it. Who would you prefer having this figured out? A bunch of university profs with no reason to steal a car or gas or would you prefer it be a bunch of hackers who get away with your car completely without a trace. Security systems have and always will be tested, its the only way the systems improve.

googe
01-30-2005, 03:54 PM
right. disclosure is a must for things like this. theres nothing wrong with how they did it, its not like any details are public. if you dont go public, there is no hope of getting the manufacturer to address the issue. then what youre left with is a secret exploited by theives with no defense and theyll steal what they want at the push of a button all day long.

btw these are people in EE programs, who arent near qualified to even begin researching aids and cancer :thumbsup:

Seanith
01-30-2005, 06:08 PM
What i would prefer is instead of publishing their results for all to see, why not just go straight to those who can use the information to correct the shortfalls? I guess what i'm arguing about is the fact that we are reading about it here right now.. but whatever.

1badPT
01-30-2005, 06:53 PM
Thats exactly what they did :confused:

They haven't released a "how-to" to anyone but Texas Instruments (the company that makes the electronic engine immobilizer keys for Nissan, Ford and Toyota). What's public is the fact that the system has been defeated. The two sides disagree on how easy or cheap it is to defeat the system, but it has been done. Now its up to TI to make their system more secure or risk losing Ford, Nissan and Toyota as clients for their system.

Xtrema
01-31-2005, 11:33 PM
"How to" will be public in a matter of time. But with so many people/Info at risk, it won't be released in any official channels. Lawyers will have a field day with that.

Khyron
02-01-2005, 09:47 AM
You still need to have real close contact with the key, and like they said - some ass with a flatbed is a bigger problem.

Almost all security exploits are revealed to the manufacturer (like Microsoft) and given time to correct the issue. If the company starts dragging its feet, the exploit is made public to give pressure on the company. Some internet exploits were told to Microsoft 6-12 months before you ever hear about it.

Khyron

googe
02-01-2005, 10:06 AM
Originally posted by Khyron
You still need to have real close contact with the key, and like they said - some ass with a flatbed is a bigger problem.

Khyron

I dunno about that, getting contact with the key could be extremely easy in many cases. Example, have the sniffer device covertly in your inside coat pocket, high roller pulls up, go talk to him and act impressed with his car and for a few minutes youd be well within the range to grab it.

Working at a gas station, car wash, bag boy doing carry-outs on groceries, audio installer, oil change shop...the possibilities are endless. Even taking note of the driver before he walks into the store and "accidentally" brushing aganst him walking around shopping. Id be worried :)

Once you grab it out of the air, its a matter of walking over to the car, pressing a button, and it being handed to you as if you owned it...

Khyron
02-01-2005, 10:20 AM
Originally posted by googe
I dunno about that, getting contact with the key could be extremely easy in many cases. Example, have the sniffer device covertly in your inside coat pocket, high roller pulls up, go talk to him and act impressed with his car and for a few minutes youd be well within the range to grab it.

Working at a gas station, car wash, bag boy doing carry-outs on groceries, audio installer, oil change shop...the possibilities are endless. Even taking note of the driver before he walks into the store and "accidentally" brushing aganst him walking around shopping. Id be worried :)


As long as it stops the ghetto car thieves, it's still ok in my books. I mean, if you're going to that much trouble you might as well just jump the guy and take the key.

My worry is that now they've figured how to brute force the encryption, they might just find a way to extract one of the keys from the car instead of the key.


Once you grab it out of the air, its a matter of walking over to the car, pressing a button, and it being handed to you as if you owned it...

Ah but then he'd get owned by the compustar. :D

You're probably right though, a shielded holster will probably be on the market soon enough. I love the high-tech wars.

Khyron

Gripenfelter
02-01-2005, 12:06 PM
Or you can simply cut the yellow wire in the steering column on 1993+ F-bodies. :poosie:

GTS Jeff
02-03-2005, 04:37 PM
Originally posted by A_3
Don't cancer and AID's still need to be cured.... but nooooo they're working on how to steel cars... :rolleyes: research for the sake of research develops a lot of useful shit man. cisplatin, an anticancer drug, was discovered by scientists studying electrical effects on bacteria, a totally unrelated study.

1badPT
02-03-2005, 05:14 PM
Yeah I think most major advances in technology have been the result of epiphanies.

A_3
02-03-2005, 06:11 PM
Originally posted by googe


btw these are people in EE programs, who arent near qualified to even begin researching aids and cancer :thumbsup:


Originally posted by GTS Jeff
research for the sake of research develops a lot of useful shit man. cisplatin, an anticancer drug, was discovered by scientists studying electrical effects on bacteria, a totally unrelated study.

Agreed, I was being a tad facetious in my comment. It's a useful discovery and protects alot of cars from some bright crook who might come across the glitch first. Would have been pretty cool to be on that team researching that project.