Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Car RFID Security System Cracked

michael posted more than 9 years ago | from the nothing-to-worry-about dept.

Security 383

jmichaelg writes "The NY Times reports that the security chip in new auto keys has been cracked. A team at Johns Hopkins have found a method to extract the 30 bit crypto key that tells your car that the physical key in the ignition switch is the correct key. Texas Instruments has sold some 150 million security chips that are stored in the car key. The devices are credited with reducing car thefts of some car models by 90%. Stealing a crypto key requires standing next to the victim and broadcasting a series of challenges to the key and capturing the responses. The team claims an iPod-sized device would suffice to steal the crypto key in under a second. They advise wrapping your keys in foil when you're not using them. TI admits the team has cracked their code but denies there's any problem."

Sorry! There are no comments related to the filter you selected.

Umm.. (2, Funny)

QangMartoq (614688) | more than 9 years ago | (#11511749)

"TI admits the team has cracked their code but denies there's any problem"

No problem? Come again?

Re:Umm.. (3, Funny)

LiquidRaptor (125282) | more than 9 years ago | (#11511773)

Well, theres not much of one, I mean they still need to burn it to a chip or somehow get that same signal over the wire, plus they also need to have the key to start it. I mean, modern cars arn't exactly easy to hotwire(not saying a pro can't do it fast). Basically this stuff means that the hightech thieves have a possible tool, but hitech thieves account for very little actual theft. Most autotheft is more of the smash and go, or the steal the keys and run.

Re:Umm.. (1)

JPriest (547211) | more than 9 years ago | (#11511910)

Now it might only reduce theft of some models by 89.995%, looks like it is back to the drawing board. Also, the RFID chips are powered by static from the ignition, so you would have to stand really close (about 3 inches) to someone with your little key cracking kit to get the correct key.

Quite so. (4, Insightful)

Saeed al-Sahaf (665390) | more than 9 years ago | (#11511780)

No problem? Come again?

Lot's of things are possible. Will any statistically significant number of people try this? And how many will be successful? Not many. It's still safer than a regular key system, people should lose sleep over more realistic problems.

Re:Quite so. (1)

seifried (12921) | more than 9 years ago | (#11511873)

The problem with this is that it allows a criminal to remotely "view" your key and cut an exact copy so to speak without physical contact. Walk through a crowded resteraunt, then pick a nice car outside and go for a drive. Of course a criminal would never do something illegal like.. er.. wait. Maybe they would. Guess what, the cars with this system are also the cars that tend to cost a bit more and are more desirable for theft (especially when you look at parting up a Mercedes or BMW).

Re:Quite so. (0)

Anonymous Coward | more than 9 years ago | (#11511878)

No, it allows you to steal the RFID.

They'd still have to hotwire it.

Re:Quite so. (4, Informative)

spuzzzzzzz (807185) | more than 9 years ago | (#11511897)

No. They need the RFID chip in addition to the physical key. So they would have to wander through the restaurant, crack the crypto key, fabricate their own and work out which car it belongs to before they could try to steal the car normally. It's just an extra layer of security on top of the normal ignition key.

Re:Quite so. (0)

Anonymous Coward | more than 9 years ago | (#11511918)

Yeah, but they're in your car. Nice stereo you have in there.

Re:Quite so. (0)

Anonymous Coward | more than 9 years ago | (#11511925)

Oh, wait this is not about the remote car things...gotcha.

Re:Quite so. (0)

Anonymous Coward | more than 9 years ago | (#11511926)

No. They need the RFID chip in addition to the physical key.

No. Have you ever seen one of the keys in question? The keys are plastic, and are not contoured like traditional keys. The business end of these keys is just a block. They car doesn't know which physical key has been inserted.

With these keys, it is all in the RFID.

Re:Umm.. (1)

Anonymous Coward | more than 9 years ago | (#11511783)

The goal is to make the car harder to steal, not impossible. That goal was met.

If the goal was to make the car impossible to steal, they failed miserably long before this.

Given the choice between this, and a regular ignition, I'd choose the RFID enabled one any day.

Re:Umm.. (0)

Anonymous Coward | more than 9 years ago | (#11511784)

> No problem? Come again?

It's marketing speak, and it's enough to lessen the worries of some people. Look at statements by Microsoft when confronted with evidence that out of 100 vulnerabilities revealed last year, 30% remain unpatched and leave critical holes in the operating system.

"We believe Windows XP provides the securest operating system for home users today".

It does comfort many people regardless of the truth, and that's all the company cares for. Comfortable users are paying users.

You claim ignorance on the part of the masses? (0)

Anonymous Coward | more than 9 years ago | (#11511919)

TI isn't saying "not a problem" for marketing purposes...they're saying it because it _isn't_ a problem.

Keys are, and have never been anything but, a deterrent. Embedding challenge/response technology into the key is another deterrent. _ANY_ security you add to an object that, by its nature, is designed to be mobile is nothing more than a deterrent!

There is a reason why safes are usually abnormally heavy and cemented to the floor.

Re:Umm.. (3, Funny)

Wesley Felter (138342) | more than 9 years ago | (#11511785)

There's no problem because TI engineers can steal whatever cars they want...

Re:Umm.. (0)

Anonymous Coward | more than 9 years ago | (#11511806)

Just wondering, but how can I already be modded redundant?

And as to the FP, I wasn't even trying.. Should have bought a lottery ticket today, lol

Re:Umm.. (1)

spac3manspiff (839454) | more than 9 years ago | (#11511866)

There isnt a problem,

The system can be hacked in theory, however it simply isnt pratical for the theif to go through the trouble. They can always throw a brick in your window. So what do you mean, come again?

Re:Umm.. (0)

Anonymous Coward | more than 9 years ago | (#11511954)

A thief who has the technical knowledge to pull this off is unlikely to be stupid enough to pursue car theft as a career option.

I love you Dikky (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11511751)

Dikky 3

From jewbird.

GNAA.

I knew it! (5, Funny)

Sensible Clod (771142) | more than 9 years ago | (#11511752)

Good thing I always keep my keys wrapped in tinfoil.

Re: I knew it! (5, Funny)

Black Parrot (19622) | more than 9 years ago | (#11511790)


> Good thing I always keep my keys wrapped in tinfoil.

I just carry mine under my hat.

Re: I knew it! (0)

Anonymous Coward | more than 9 years ago | (#11511946)

Do you wear a tinfoil hat? -- (+1 funny) || (-1 flamebait)

Re:I knew it! (1)

p!ngu (854287) | more than 9 years ago | (#11511859)

Yeah, what kind of a primitive fool doesn't carry a roll of tin foil around everywhere they go?

At long last... (2, Funny)

bwcarty (660606) | more than 9 years ago | (#11511756)

I have an excuse for the tiny tin foil hat or my car key.

the good news. (4, Funny)

JVert (578547) | more than 9 years ago | (#11511757)

Folks there is nothing to worry about, nothing to see here-OH MY GOD WHERE IS MY CAR?

don't you mean... (2, Funny)

raehl (609729) | more than 9 years ago | (#11511813)

Dude, where's my car?

My sig (3, Funny)

xstonedogx (814876) | more than 9 years ago | (#11511894)

Fortunately for me, my sig is RFID enable... oh crap.

oh no... (1, Funny)

Anonymous Coward | more than 9 years ago | (#11511758)

nice, now I wonder what the team did with the ipod device... I sure hope they're not around my house, near my car which has the encryptic device... oh wait!!! Ahhh! Got 2 go...

And? (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11511760)

Thieves go for the easiest target.

Should they hotwire a car they need to steal an RFID code for, or the one (Like mine, sadly) that you just have to hardwire... or jam a screwdriver in the ignition and twist...

You know the world is coming to an end when... (4, Funny)

PurpleFloyd (149812) | more than 9 years ago | (#11511761)

You know the world's coming to an end when a team of security experts from a respected institution advises wrapping your car keys in tinfoil so the Bad Guys can't intercept the secret signal!

Re:You know the world is coming to an end when... (0)

Anonymous Coward | more than 9 years ago | (#11511808)

That's 'cause Tin foil is WORTHLESS!

The real metal to use is copper foil! They all laughed, but I'm the only one left free of their mind control!

HRK... uhh... I mean... Eat at McDonalds. And Drink tap water... Flourine is good for you!

Re:You know the world is coming to an end when... (0, Redundant)

Desert Raven (52125) | more than 9 years ago | (#11511893)

Yeah, but at least it's convenient, you can just keep your keys in your hat.

30 Bit Key? That's like soooo 1990 (3, Insightful)

Bonker (243350) | more than 9 years ago | (#11511762)

Seriously, who makes any kind of security device with only a 30-bit key any more?

Re:30 Bit Key? That's like soooo 1990 (2, Funny)

digitalchinky (650880) | more than 9 years ago | (#11511772)

Someone made 150 million of them!

Re:30 Bit Key? That's like soooo 1990 (2, Insightful)

LnxAddct (679316) | more than 9 years ago | (#11511792)

Yea, it doesnt matter if they were cracked or not... Its only 1,073,741,824 possible keys. Sit in a car for an hour or so with a key wired to a pda or computer and you can just try every combo.
Regards,
Steve

Re:30 Bit Key? That's like soooo 1990 (0)

Anonymous Coward | more than 9 years ago | (#11511815)

As an engineer, I would design my car to blow the C-4 under the driver's seat in the event that some n00b h4xx0r tried the 1000'th key in a consecutive minute.

Re:30 Bit Key? That's like soooo 1990 (1)

Caeda (669118) | more than 9 years ago | (#11511816)

Yea, it doesnt matter if they were cracked or not... Its only 1,073,741,824 possible keys. Sit in a car for an hour or so with a key wired to a pda or computer and you can just try every combo. Regards, Steve Except for the fact that after the first wrong key the car is programmed to automactically self destruck the fuel pump, lock the brakes, diable the transmission, disengage the steering column and take the electrical and computer systems offline... You then have to take the car to a dealer and have half of it replaced and hand unlocked... And that's just on a saturn from 3 years ago! So maybe you wouldnt get so far with that brute force attack?

Re:30 Bit Key? That's like soooo 1990 (0)

Anonymous Coward | more than 9 years ago | (#11511840)

You got a link to back -any- of that up?

Re:30 Bit Key? That's like soooo 1990 (0)

Anonymous Coward | more than 9 years ago | (#11511865)

Link to back what up, a car disabling system? It's called a car manual. Read it some time. If you don't have a new enough car go sit in a dealership and read it. Or just open the trunk of some cars and read the big yellow plastic tag that's usualy sticking out from the carpeting on one of sides... On the lower level for what you can buy and install yourself.. http://www.carwondersinc.com/alarms.htm That auto-disables ignition, electrical and fuel pump.

Re:30 Bit Key? That's like soooo 1990 (0)

Anonymous Coward | more than 9 years ago | (#11511891)

Also don't take such actions out of proportion of how easy they are to do. Fuel pump? Probably just has a fuse that can be overloaded easily to turn off the pump if a signal is recieved with the wrong code. Brakes? They're already computer controlled and hydraulically assisted, a car could probably have a lock on the hydraulics that locks the brakes from use, same with the gas pedal and clutch as well since they're both now linked by chips and hydraulics instead of a physical line. Steering? Well, it't not like they make cars without power steering these days, so there's already something on it that could be locked up... Once its all done it would only make sense for the electronics to shut off so recovery attempts would have to be physical...

Re:30 Bit Key? That's like soooo 1990 (1)

Caeda (669118) | more than 9 years ago | (#11511904)

A link! Haha... I bet you've never even seen the "Abandon Your Car" light. Such a funny little light too.

Re:30 Bit Key? That's like soooo 1990 (4, Funny)

Lehk228 (705449) | more than 9 years ago | (#11511863)

no that's just stuff that happens randomly when you buy a Saturn.

Re:30 Bit Key? That's like soooo 1990 (2, Funny)

belmolis (702863) | more than 9 years ago | (#11511833)

They probably gave in to pressure from the NSA, which didn't want the encryption to be too hard to break. Those NSA folks like to joyride.:)

Re:30 Bit Key? That's like soooo 1990 (0)

Anonymous Coward | more than 9 years ago | (#11511973)

Daimler Chrysler systems use 80 bit encryption (still TI though).

first post! (0)

Anonymous Coward | more than 9 years ago | (#11511764)

Ha, how did that happen?

Avi is a friend of mine, the folks at Johns Hopkins are doing some very impressive work (as you'll recall, he and Adam Stubblefield, his grad student, were the ones who took on Diebold in the electronic voting fiasco). Good for you guys and the whole team there at ISI!

Proof of concept today, Theft tool tomorrow? (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11511766)

I understand the White Hat concept, but too many of these "finds" get corrupted by professional criminals and soon are standard equipment for these people.

Do we need to give crooks ideas?

Re:Proof of concept today, Theft tool tomorrow? (1, Insightful)

Anonymous Coward | more than 9 years ago | (#11511934)

implicit is that is the notion the crooks havent already worked this out. there are large organized car theft rings and they are not stupid.

I saw that movie too! (0)

Anonymous Coward | more than 9 years ago | (#11511966)

I liked the part where Vin Diesel flipped the hemi at the end.

Man, movies are cool!

Re:Proof of concept today, Theft tool tomorrow? (2, Insightful)

Mazem (789015) | more than 9 years ago | (#11511980)

Poor security schemes deserve to be cracked, and the companies that support them ought to lose business accordingly. I don't support car theft, but the company that produces these chips are the real theives - recieving payment for security that they don't provide.

While in the short term White Hat hacking may be detrimental to security, in the long run it is a driving force behind innovation.

Gee, I'm shocked. (1)

Black Parrot (19622) | more than 9 years ago | (#11511776)


Encryption scheme broken... whooda thought it.

But this may be the funniest thing I've ever read on Slashdot:

> They advise wrapping your keys in foil when you're not using them.

The More Appropriate Question... (5, Insightful)

Caeda (669118) | more than 9 years ago | (#11511781)

Isn't who the heck uses such a small secutiry key, but who the heck makes one that broadcasts at all? A metal key in a metal ignition has no reason to broadcast its code through the air!

Re:The More Appropriate Question... (0)

Anonymous Coward | more than 9 years ago | (#11511899)

A metal key in a metal ignition has no reason to broadcast its code through the air!

Well, then you have to worry about wear & tear on the metal contacts to read the key. There is a certain elegance in a rfid solution. Too bad they didn't use a bigger key length.

Re:The More Appropriate Question... (2, Interesting)

Donkey5555 (720467) | more than 9 years ago | (#11511933)

Didn't some cars have a plain keyless switch on the dash you can use with the actual key still in your pocket? I think this might be the reason for the RF.

beside the point? (1)

Bill Dog (726542) | more than 9 years ago | (#11511782)

I don't think the "chip in a key" was necessarily intended to foil the professional auto thief, or someone otherwise that determined. Your car can always be flat-bedded away (alarm systems with pitch sensors probably help here). But it'll keep your next door neighbor's kid's punk friends from taking your car for a little adventure, without having to hassle with a Club.

Tinfoil hats (3, Informative)

Anonymous Coward | more than 9 years ago | (#11511786)

You know, I'm starting to wonder if there was something to all those old sci-fi movies and tv shows where the characters were all wearing shiny tinfoil-like clothes. Perhaps in the future we will all be wearing stuff like that to prevent others from wirelessly stealing our keys/wallet/identity, etc.

Re:Tinfoil hats (1)

Txiasaeia (581598) | more than 9 years ago | (#11511943)

Dude, in the future They will be manufacturing the tin foil, and let me tell you, it will not have the same beam-reflecting qualities that current tin-foil does. It'll be shiny Saran Wrap, which we all know is utterly useless when it comes to Their various beams (mind, credit card, etc.) That's why I'm stockpiling *real* tin-foil now, to give to my grandkids.

Spring Fashion (1)

jamesjameson (783298) | more than 9 years ago | (#11511789)

No worries, I'm sure TI will get together with the GAP and come out with some hip new metal key boxes...

DUH (0)

Anonymous Coward | more than 9 years ago | (#11511795)

Keyless entry has never been about security, it is just an excuse for people to show off their indicators...

Interesting point (4, Informative)

Saint Aardvark (159009) | more than 9 years ago | (#11511797)

Dan Bedore, a spokesman for Ford, said the company had confidence in the technology. "No security device is foolproof," he said, but "it's a very, very effective deterrent" to drive-away theft. "Flatbed trucks are a bigger threat," he said, "and a lot lower tech."

All you'd have to do is put a towing company logo (or something made-up and likely-looking), and who'd say anything?

And take your time getting ready to leave, because the very worst that'll happen is that someone'll come back early and bribe you into leaving.

Re:Interesting point (0)

Anonymous Coward | more than 9 years ago | (#11511921)

Plus don't forget, towing companies are not required to report to police that they have made a tow until an hour *after* the tow. This is generally due to car Repo-ing where there are very short windows to re-claim cars from their owners.

Well... (1)

Caeda (669118) | more than 9 years ago | (#11511803)

Guess we finally found a good use for those magnetic key storage boxes. :) Best of all, they stick to tinfoil hats... (tinfoil, not aluminum foil so don't even go there)

Think this through (0, Flamebait)

Dancin_Santa (265275) | more than 9 years ago | (#11511809)

Criminals are dumb. They never would have figured this out on their own. Really. They just want to get into a car and get it to a chop shop before the cops catch them.

By giving this information to the world, these researchers have made the security of the owners of these cars just a little more tenuous.

Thanks a lot, assholes.

Re:Think this through (0)

Anonymous Coward | more than 9 years ago | (#11511830)

Yeah. Now those same highly unmotivated people you were just talking about are going to design a custom PCB, write some software, and build a capture device, find you, stand next to you, go home and wait for their TI sample key-chip to arrive, flash it with the captured info, go BACK to your car and hotwire it, whilst holding the flashed chip near the ignition, and THEN steal your car.

Re:Think this through (0)

Anonymous Coward | more than 9 years ago | (#11511844)

No, someone who thinks they can make a buck by taking these designs and selling them in one of those corner stores where you can buy 'illegal' brass knuckles, and other 'illegal' items will do so, because the hard part of figuring out the system is done for them.

The logic behind why your car is safe (1)

fireboy1919 (257783) | more than 9 years ago | (#11511810)

Consider these assertions:
1) Cars are large and easy to track.
2) There are smaller, less traceable things to steal.
Because of 1 and 2, anyone who steals cars is stupid.
Stupid people can't figure out how to create this circumvention, so your car is safe.

The only problem with this logic is that smart people are more than willing to sell things to stupid people to help them increase the depth of their stupidity.

Re:The logic behind why your car is safe (1)

autocracy (192714) | more than 9 years ago | (#11511848)

Your engine, transmission, water pump, brake calipers, body panels... your car is worth a ton when it's in pieces. Good luck hunting them all down.

Re:The logic behind why your car is safe (2, Informative)

Anonymous Coward | more than 9 years ago | (#11511868)

You've never parked a $30,000 car in or around NY City, have you? Every day, dozens of cars are stolen, and either chopped or loaded onto some form of transport and shipped somewhere else. I know people that have had it happen, and one person, it's happened twice. The police can't catch them, or don't care. If you have a car that is "wanted", then it's gone. And it doesn't have to be expensive, or new. Mitsubishi mid-range SUV, several years old was one, and a Sebring convertible, 1 year old was the other. Both in the lower east side of Manhattan, but it happens everywhere. For these 2 cars, both were gone from the street during mid-day in less than 30 minutes' time.

Re:The logic behind why your car is safe (1)

xgamer04 (248962) | more than 9 years ago | (#11511890)

Consider these assertions:

1) Cars are valuable
2) Cars are mostly homogenous

The reason cars are stolen is that they're not unique. They are probably one of the more valuable non-unique things that can be stolen easily.

Re:The logic behind why your car is safe (1)

spac3manspiff (839454) | more than 9 years ago | (#11511895)

It's really funny seeing it first hand,

I had parked my car in the university parking lot and was walking to class. I then see a cop talking to some student.
I overhear the cop saying, "So you mean for me to belive that you were in the front seat of the car and you wanted to return the car to the owner?".
Student, "Yes"
Officer, "The owner reported you breaking in the car, now put your hands behind your back".

Hmmm... (3, Funny)

the pickle (261584) | more than 9 years ago | (#11511812)

Does this mean I might no longer have to pay the dealer $80 each for duplicate Honda Odyssey keys? Because that would be nice.

p

Re:Hmmm... (0)

Anonymous Coward | more than 9 years ago | (#11511838)

Does this mean I might no longer have to pay the dealer $80 each for duplicate Honda Odyssey keys? Because that would be nice. You never had to do that to begin with. Most places require by law that they give you the key code if you ask for it so that you can have the key made at any place with an encoder... And by the way.. 80!!!!. My god, honda really screws you over don't they. Chevy charged us 25$

Re:Hmmm... (1)

Jeff DeMaagd (2015) | more than 9 years ago | (#11511858)

How often do you lose the keys? I can't say I've ever lost a set of keys like that.

Keep it up (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11511814)

I opened this in the Honolulu Craigslist and would have ignored it but I happen to be a little supersticious. Sorry in Advance!

You've opened it?!
Good luck - you have just been D****Wished!
Tonight at midnight, your true love will realize they love you.
Something good will happen to you at 1:00-4:00pm tommorow, it could be anywhere.
Get ready for the biggest shock of your life.
If you break this chain, you will be cursed with relationship problems for the next 10 years.

Re-post this somewhere else within the next 15 minutes....

Re:Keep it up (0)

Anonymous Coward | more than 9 years ago | (#11511869)

I already had relationship problems for 10 years.

Re:Keep it up (0)

Anonymous Coward | more than 9 years ago | (#11511875)

You've opened it?!
Good luck - you have just been D****Wished!
Tonight at midnight, your true love will realize they love you.
Something good will happen to you at 1:00-4:00pm tommorow, it could be anywhere.
Get ready for the biggest shock of your life.
If you break this chain, you will be cursed with relationship problems for the next 10 years.

Start chewing! (1)

AnimeKid (726135) | more than 9 years ago | (#11511818)

...more gum! Just remember to save the wrapper for your keys and not the gum when you're done! Who knew chewing gum could actually provide an additional benefit? And best of all...we get to take part in the routine ritual of chewing gum and enjoying it!

Better Idea (1)

dahl_ag (415660) | more than 9 years ago | (#11511826)

See, I knew RFID was a bad idea. These automakers should should have followed Lexus' lead and used something secure like bluetooth instead.

Oh... wait... Nevermind [slashdot.org]

Well.... (3, Informative)

Culexus (686962) | more than 9 years ago | (#11511827)

I worked as a locksmith for awhile and getting those keys made is expensive to say the least. Plus you need a transponder machine to encode a key with the correct information. And they don't come cheap. Where I live it's usually over a $100 to get a new transponder key made and some dealerships charge around $60-$70 to make you a new one.

Re:Well.... (1)

phobos13013 (813040) | more than 9 years ago | (#11511969)

Jez, at those prices i in the mindset of a car jacker would never consider stealing a $20,000 vehicle... the economies of scale just dont overwhelm the cost-benefit ratio enough.

bio key (0)

Anonymous Coward | more than 9 years ago | (#11511832)

This is why the key should have a fingerprint recognition system on it that generates an eliptical encryption key who's pair has to be typed in manually on the door keypad before car-entry can even take place. Once the user is inside the car, you can make the algorithm more complex...

Fords, Toyotas and Nissan owers, be aware (1)

helioquake (841463) | more than 9 years ago | (#11511842)

Basically if your car with an immobilizer uses the unit from TI, you car is at risk. It's not clear which type will be affected, but the article says Fords, Toyotas and Nissans use this cheapo 30bit encryption key.

Thank god I paid more to get an Acura, instead.

Re:Fords, Toyotas and Nissan owers, be aware (1)

questionlp (58365) | more than 9 years ago | (#11511970)

Remember that Ford Motor Company also own Volvo, Jaguar and some other luxury vehicle companies. Toyota owns/makes Lexus and Nissan owns/makes Infiniti. With that in mind, I wonder (it doesn't explicitly say in the NYT article) if those luxury cars are also affected along with the standard Ford, Toyota and Nissan cars.

Simple solution... (2, Funny)

ari_j (90255) | more than 9 years ago | (#11511845)

I'm already wearing a tin-foil hat, and it has a hidden inside pocket. Voila, problem solved!

Thinkgeek (1)

Lord_Dweomer (648696) | more than 9 years ago | (#11511852)

"The team claims an iPod-sized device would suffice to steal the crypto key in under a second."

And cue Thinkgeek slashvertisement in 3...2...1...

Re:Thinkgeek (1)

Zeb-9000 (829101) | more than 9 years ago | (#11511952)

I think tomorrow we will see a new DIY: How to build a 30-bit key catcher that doubles as a wi-fi hot spot detector into a tin of altoids. 1. First, consume the altoids 2. ????? 3. Profit! and of course, In Soviet Russia, Key broadcasts you!

But... but... (1)

jd (1658) | more than 9 years ago | (#11511857)

If it's wrapped in tin-foil, how will people cook it in the microwave?

Re:But... but... (0)

Anonymous Coward | more than 9 years ago | (#11511861)

you must be from the south...

Dang, that was quick... (1)

the_skywise (189793) | more than 9 years ago | (#11511864)

Okay, who had 3 months on the betting pool!

I wonder if a 40 bit key is a power-related problem with the key (IE can't adequately transmit a longer key with the small amount of power available) or just a "40 bits is enough security for anyone" problem or "law enforcement says don't use anything they can't crack" problem...

not more theft but cheaper generic keys (1)

SumDog (466607) | more than 9 years ago | (#11511882)

On top of still actually needing an imprint of the key to gain entry of the car! So really you'd need to stand next to the person, have them somehow give you the key long enough to make an imprint and then fabricate your own to steal their car.

I don't see the rate of theft for cars going up anytime soon. Instead I think what we'll see is that it will be easier and cheaper for people to get backup copies of their keys made, instead of having to shell out $20 ~ $80 at the dealership for them.

Re:not more theft but cheaper generic keys (0)

Anonymous Coward | more than 9 years ago | (#11511944)

I don't see the rate of theft for cars going up anytime soon.

I do. I'm going to go steal a Mercedes!

RFID cards as bad as cell phones w/ EM waves (1)

Palal (836081) | more than 9 years ago | (#11511884)

Do you really want all those EM frequencies going through your body? I sure as heck don't! Not enough studies have been done to prove/disprove anything. I guess putting them in tinfoil may have another benefit. I'll see what Wagner says about that.

For real geeks (2, Informative)

dmitriy (40004) | more than 9 years ago | (#11511888)

Those of us who ever tried to figure out what a certain poorly-documented register on an ASIC really does, and enjoyed it, please read on:

http://www.rfidanalysis.org/DSTbreak.pdf [rfidanalysis.org]

this isn't a big problem... (1, Informative)

Anonymous Coward | more than 9 years ago | (#11511889)

Even with a key cloner, you have to be within a few inches of the key.

And they point out that far more cars are stolen with a flatbed truck.

The only risk is when someone has access to both the chip and the key, like a valet parking service.

Really ISN'T a problem (2, Interesting)

dhj (110274) | more than 9 years ago | (#11511903)

Ok, so anytime encryption is cracked it lessens security and this is definitely bad publicity for TI. However, this will not have car theives coming out in droves to steal cars that utilize "smart" keys. Here is what's required to defeat these keys:

The theif must know who the owner of the car is.

The theif must get close to the owner to challenge the key and crack its code.

The theif must break into the car, and hotwire the car as he would to steal any other car (he still doesn't have the physical key).

We're talking about car theft here. Stealing cars isn't like the internet where you can "ping" a huge range of potential targets in seconds. Theives will still pass over the smart key cars and move to the ones they can steal without stalking the car's owner. I think TI can safely deny that there's a problem without being compared to Microsoft.

--David

I am preparing my paper on cracking door locks (1)

Dancin_Santa (265275) | more than 9 years ago | (#11511911)

It is well known that the locks that hold doors closed, including both the main door knob as well as deadbolts, are the primary means of securing one's home. However, these only provide the illusion of safety and security.

Various means exist to circumvent these door locks. The easiest of these, trying the windows of a house, is already handled by the addition of locks for the windows, but since most windows are not made of unbreakable glass, these are still at risk. Also, the door itself is a weak point, being made typically of wood, it is easily defeated with a strong kick.

Some people go so far as to leave a spare key near the door in case they forget it or get locked out. This key is a fundamental user error and while it does not make the use of a door theoretically less secure, it does appear as a risk factor in real-life systems.

The upshot of this is that doors do not provide the level of security that they give the illusion of providing. This may lead a user to have the false impression that their house is safe because they have installed 'strong' locks such as deadbolts, etc. This is not safe behavior.

Door locks should not be used for home security. In fact, their use puts the homeowner at risk, due to being lulled into a sense of false security. Though an alternative does not exist, it is not recommended that locks be used to secure your home.

30 bit key? (0)

Anonymous Coward | more than 9 years ago | (#11511931)

Might as well be a 2 bit, cheap-ass key now.

hey cool (4, Funny)

cruel_elevator (533309) | more than 9 years ago | (#11511942)

First, it was suggested that you wrap your newfangled passports in tin foil. Now it's car keys. I guess it's time for Calvin Klein, Gucci, DKNY and other designers to release their line of tin-foil clothing. Or how about clothing with pockets reinforced with tin foil?

Wait, that sounds like a profitable idea. /me runs off to patent office.

Tech has been available for years--to "locksmiths" (0)

Anonymous Coward | more than 9 years ago | (#11511945)

Check top of page 4 of this ad [kaba-ilco.com] for a product that has been available for years. No reason why this thing couldn't be modified to send a higher-powered signal to read a key that's not inserted into its cradle...say, a key being held by someone you're following who is walking away from their new car toward the mall...

just spent 40$ for a car key! (0)

Anonymous Coward | more than 9 years ago | (#11511964)

which I guess is cheap for a rfid car key. Its a 2000 honda accord. and now its cracked? son of a b...well at least I still get the insurance discount.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?