Car thieves use the Relay Station Attack

Unfortunately We need to talk about security failures again.. On this occasion it is not a question of any intentionally installed back door as we commented a few days ago with the safety failure in the design of the processors, on this occasion we talk about car thieves who take advantage of the bad design of smart keys (or smart-keys) to take them away without even making a bridge or accessing the central.

It’s not the first time something like this has happened, New technologies or protocols that did not implement the minimum safety measures required have been published on several occasions, so then we had to put in extra layers and patches… for example we saw it with wifi networks: to think that you can have mobility within your company or home without depending on the network cable seems a great idea… but that means opening your perimeter and that from outside (even if it is stuck to the door) you can try to connect or attack our network. Once with the wifi going on and seeing that they were being attacked, it started working.

r in a form of Securize it, first WEP encryption, then WPA and finally WPA2, but all of them have been falling: When a protocol is designed without taking into account safety then it costs a lot Securize it, so the safety layer has to be included during the protocol design.

What are the smartkeys?

And that’s the same thing with smart keys in cars.. As you will know, some high-end cars have a special key type that does not need to be removed from the pocket: when you approach the car and touch the door handle automatically opens… then you enter the car and press the Start / Stop button and start… and when you get away from the car exactly the same thing happens, you touch the handle or you walk away from the car and it closes automatically. Super-comfortable! My car, for example, has this functionality and my wife gives her life when she carries the key inside the b

olso and a boy in hand, the baby in arms and two others around (yes, we have 4… we’ll talk another day of that: D). A few years ago it was only available in high-end models (the most attractive to robberies), but these days are popularizing and more and more cars have this functionality.

The point is that the Malotes have been investigating the vulnerabilities of this system and with a simple signal amplifier located near the key are able to detect the frequency and send it to another malote which is next to the car with a receiver. The car detects the signal as valid… and opens and starts, so you don’t need anything else to go with it. For you to get an idea, the material needed to amplify your key signal and receive it next to the car can cost about $30. It’s basically like this:

And although it might seem like a theoretical vulnerability, actually is already being used to steal cars, look, for example, at this video recorded by a security camera in England where they steal a Class C Mercedes:

https: / / www.youtube.com / watch? time _ continue = 1 & v = 8pffcngJq0 [/ embed]

As you can see in the video, one of the thieves uses a device to capture the signal from the smart key of the car through the window of the living room while the second is ready to receive the signal and open the car. Once opened, they have to repeat the attack so they can start it… but in total It doesn’t take a minute!. Reminds me of the movie ‘60 seconds‘by Nicolas Cage and Angelina Jolie (Angelina Jolie stealing cars… uf!)

Can we do something to stop them from stealing our car? Je…

And? what response car manufacturers give to this vulnerability? Well, some as funny as enter the key into a Faraday box so that the signal can’t get out of there (…). On other occasions, it is possible disable the system and open with the usual control when you are close to the car. Yes, a way of securize The service is quite surprising… although it’s funny if you don’t have this system in your car, but it’s not that funny.

One of the most sold for example is this from FobGuard available in Amazon:

But actually, What the fuck is it?, do not recommend that we put our key in a box or even on silver paper (I swear, a French manufacturer with a Lion in the logo has come to recommend this after the theft of a car), so I fear that there will be global complaints to manufacturers if they do not offer soon a solution to fix the vulnerability, simply by cipher the exchange of information would be enough for an attack of man- in- the- measure as this would not be possible or by replacing the opening system by

life-long bird with some other more secure and personal system like the mobile… if we already make mobile payments without taking the card and we find it safeWhy not use it to open the car too?