This Hacker Can Mimic a Car Key Fob
If you put a computer in it, hackers can get in
While remote unlock, remote ignition and keyless operation can make driving just a little bit more cushy, every time engineers replace metal with electromagnetic waves they create a new window for hackers to get in. And they do get in. Over at Wired, Andy Greenberg reports on how one hacker figured out how to capture and mimic the signals from his car's remote key fob.
In just a few minutes—or up to a few hours if he's particularly unlucky—hacker Silvio Cesare's technique lets him force his way through the remote key's security systems and take control of the car's doors and trunk. Cesare used to approach to repeatedly hack his own car, but says the approach would probably work on any older car with a keyless entry system. Wired explains how it works:
Cesare’s hack uses a tool known as a software-defined radio, a device that can digitally emit or pick up a wide band of frequencies from FM to bluetooth to Wi-fi. With that super-versatile transmitter attached to his laptop, along with a cheap antenna and amplifier, he was able to transmit the same frequency as the key fob. He then used that frequency to perform a “brute force” attack—–cycling through thousands of code guesses at a rate of two to three a second until he found the one that successfully unlocked the car.
Threats to your car's security, of course, don't need to be nearly so high-tech. A crowbar or a brick is infinitely more efficient.
Yet there is a certain value to being able to enter and exit a car at will—to pop the lock without a trace and lock it again when you're done. Especially if similar systems spread beyond just the car. Take, for instance, keyless home locks and security systems. Cesare sees his hack mostly as a warning to car manufacturers, says Wired, though it should really serve as a reminder to all of us: if you put a computer in something, hackers will eventually find a way in.