back to article Hackers remotely start, unlock Honda Civics with $300 tech

If you're driving a Honda Civic manufactured between 2016 and 2020, this newly reported key fob hijack should start your worry engine. Keyless entry exploits are nothing new. Anyone armed with the right equipment can sniff out a lock or unlock code and retransmit it. This particular issue with some Honda vehicles is just the …

  1. Anonymous Coward
    Anonymous Coward

    Good. Maybe someone will filch those annoying, loud, obnoxious rice burners the kids drive around here and strip them for parts. :)

    1. Snake Silver badge

      Re: kids

      Get off my lawn! [cough, hack, wheeze]

    2. Yet Another Anonymous coward Silver badge

      In addition to which they are probably getting the ethanol from corn rather than rice.

      Unless you meant it as a racist slur on Subaru/Mitsubishi in which case enjoy your high-fructose-corn-syrup / emulsified-high-fat-offal-tube burner pickup

  2. Aitor 1

    Replay attacks

    That cars are subject to replay attacks today when it was a know problem so many decades ago is just plain terrible, amazing.. in a bad way.

    1. ThatOne Silver badge
      Devil

      Re: Replay attacks

      Come on, a car stolen is a car its owner will have to buy again. It's a win-win situation (except for the owner, but who cares about him).

      1. Pascal Monett Silver badge

        Well, not Honda in any case.

      2. Anonymous Coward
        Anonymous Coward

        Re: Replay attacks

        "owner" hahaha

        What user of tech these days actually owns anything? They are leaseholders at best.

  3. CommonBloke
    Devil

    It's a feature, you guys!

    That's a totally intended for feature, not a vulnerability! If you ever need to lend your car to a family member, friend or someone else that lacks your keys, they can do so. See, car sharing feature!

  4. jollyboyspecial Silver badge

    Maybe somebody should invent some sort of alternative to all this RF stuff. Something radical like maybe a uniquely shaped metal token of some sort that you fit into some sort of receptacle in the vehicle designed to only accept that uniquely shaped token. You could use the same token to open all the doors and maybe start the engine too.

    Just random thoughts really...

    1. TimMaher Silver badge
      Pint

      Slim jim

      Or even a flat metal strip that can slide between the window glass and the door.

      You’d have to rip the starter wires out though. Bit messy.

      1. jollyboyspecial Silver badge

        Re: Slim jim

        There was a period when cars had physical locks as well as an RFID tag in the key. The security with them was pretty damned good. I had a late 90s Volvo with that set up and no remote fob until fairly recently.

        I watched an expert try to "steal" it once as part of a demo. Modern cars he was driving away in seconds. My old Volvo defeated him. He had to admit the only way he was opening the door was would be by causing serious physical damage - breaking the window being the easiest route. But even inside the car he was stumped. With the key in the house (the house was actually the police station where the demo took place) the range on that old RFID tag was so low he couldn't activate it. But even with the RFID tag right next to his reader although he couldn't manage to crack things enough to start the car within the 15 minute limit he'd been set.

        With access to the RFID tag - for example if the keys were right next to my front door he could fool the ECU into thinking the key was present, but the physical security was too much for him. He had to admin that in order to steal the car he would need to smash the window and then rip the steering column apart. Not just to hot wire the ignition switch, but to bust the steering lock.

        And that's all it takes. If the potential thief has a choice of cars they are always going to go for the easy target. Time taken stealing a car is time at risk of being caught in the act. Also there is the risk from failure. Fail to steal a car and you risk leaving physical evidence on the car which is just another way of getting caught. The thing is that most modern cars are pretty easy to steal so the thief is spoiled for choice. Back in the day of course it was GM products every time because you could steal one as quickly as if you had the key.

        Car security has gone backwards massively in the name of convenience. But I never found a physical key an inconvenience in the first place.

        1. Down not across

          Re: Slim jim

          Car security has gone backwards massively in the name of convenience. But I never found a physical key an inconvenience in the first place.

          I have. In cold weather. Remote unlock is nicer than try to thaw the barrel. Having said that, there is always a reasonable chance its not just the barrel that is frozen, and RKE doesn't help if the mechanism is frozen too.

      2. Flocke Kroes Silver badge

        Re: rip the starter wires out

        AFAIK, they only do that in films. For old cars, ramming a screwdriver into the ignition and twisting hard would often start the engine but will not defeat the steering lock - as partially competent thieves discovered with my car. The other problem with that method is it bends the electrical contacts so they no longer work reliably with the key.

        The fix was to run a wire from a side light to the coil. Insert the key and twist to release the steering lock, turn on the side lights to activate the ignition and use a long screwdriver to connect the starter motor to the nearby big positive connection. Make sure you still have the same number of fingers you started with and drive away. To stop the engine: turn off the side lights.

        [Do not try this with modern electronic cars. Only the old ones that you could build without microchips are this easy to hack after someone fails to steal it.]

    2. Prst. V.Jeltz Silver badge
      Facepalm

      uniquely shaped metal token of some sort

      People would never go for such a cumbersome method. Its been proven recently , presumably by marketing men , that even pushing button on key fob to remotely open the vehicle is far too much trouble so now we have keyfobs that open the door 24/7 for whoever wants to get in , (and have to be kept in a special faraday cage at night to stop them giving your car away) somewhat bending the definition of a lock , in my opinion.

      1. jvf

        How is the faraday cage idea supposed to work? Don’t you have to take the fob out to use it? Maybe it could be specially shaped with a hole in it to let the signal out? What a mess.

        1. John Miles

          The Faraday cage is to stop a relay attack where a range extender is used to fool the car into thinking key is close to it. One person waves an aerial around the front door of house where lots of people keep their keys and another by the car door, then some electronics picks up the fob's/car's signals and relays them each way enabling them to open door and start car.

          You Tube Link (at about 2 mins)

          1. werdsmith Silver badge

            No need for the Faraday BS anymore. Both my recent cars with keyless have a procedure to disable the transmission from the key, or ignore it if you need to make the car secure. All these demos seem to "forget" this.

            1. Jellied Eel Silver badge

              Are those 'permanent config changes though?

              I still don't get the benefit vs traditional keys, especially given the increased risks. Key management is easily learned. Also curious what challenges it gives law enforcement and firefighters. So removing keys from the ignition is a simple way to secure or make safe(ish) a vehicle. Suspect can't drive off, or it turns off risks like fuel pumps.

              I guess there are advantages as well, like being able to remotely disable vehicles. Or exploit proximity features to make driving safer. Honda tailgating you? Just push a button and put it into limp mode.

            2. Prst. V.Jeltz Silver badge

              No need for the Faraday BS anymore. Both my recent cars with keyless have a procedure to disable the transmission from the key, or ignore it if you need to make the car secure. All these demos seem to "forget" this.

              So the cost for the "convenience" of not simply pressing a button on the fob to unlock the car , like a sane person is to

              "run a procedure to disable the key" ?

              1. werdsmith Silver badge

                I don't know if you have keyless or not, but I prefer it to the old fashioned way.

                On my previous Toyota, a double press on the lock button would switch off the RF for example, when the car is being left outside overnight. On my present car, when you do whatever you need to do to lock it (there is more than one way) you simply do it twice and the RF field is disabled. To unlock the car when in this state, you simply press a button on the fob and the thing wakes up again.

                It's really no big deal. There's no "procedure".

    3. John Miles

      We had those back in 80s

      Back then some manufacturers managed to make their keys less unique than they should have been especially after a couple of years of use, such that you could open them with any key. Keys didn't stop huge numbers of hot hatches going awol in UK during the 80s either

      1. G40

        Re: We had those back in 80s

        Having lost 4 such vehicles to theft in the early 90s, it came as quite a shock to discover keys were not required for entry. You’d pull hard on the door handle to remove it, then flip the little plastic paddle that moved the lock. Bingo. Thanks Wolfsburg…

    4. nematoad

      "You could use the same token to open all the doors and maybe start the engine too."

      I agree with you about the uniquely shaped piece of metal but having that, let's call it a "key", open all the doors, filler cap and ignition is a very bad idea.

      My Mini Cooper S has a different key for each of those functions and that is generally thought that that adds to the security of the car. Lose one key, not nice but it happens, and you have only allowed access to one of the parts of the car.

      With one key to rule than all, lose that and you're stuffed.

      1. ThatOne Silver badge

        On the other hand I've never lost a key in my life (any key), so YMMV.

        I personally would rather not have to carry along a whole bunch of different keys for the car. I already feel like a prison guard with the 4 house keys, the 3 work keys and the 3 keys for the bike...

        1. jvf

          Me too. My high school nickname was “keys’. I walked around looking like the school janitor and it continues to this day. But, those keys opened up many interesting cars and fun places to hang out.

      2. Giles C Silver badge

        It most people will put all the keys on the same ring. Which sort of defeats that argument. For my kitcar I have an ignition key, fuel tank key and garage door opener. All on the same ring along with a house key so I only take a small bunch of keys with me when I am using that car.

        1. ThatOne Silver badge

          > It most people will put all the keys on the same ring

          I have all my house/work keys on one ring, and then a car ring and a bike ring. The first ring is always on me (never leaves my pocket), while I don't necessarily always need the other two (and certainly not both at the same time).

          So when I leave home I always have my house keys on me (if I start forgetting to dress I have bigger problems than being locked out), and if I plan on using a vehicle I also take the fitting keys. There too I won't get far if I forget them, at most to the garage but no further.

          1. Down not across

            I do the same. Each vehicle has its own keyring. Would be pointless to carry all the keys at all times, also the heavier the keyring, the more strain it puts on the ignition switch.

    5. Anonymous Coward
      Anonymous Coward

      RE: only accept that uniquely shaped token

      Make that only accept that uniquely shaped token or tokens that are shaped close enough.

      I used my truck key to help a couple at church get into their mini van. Same brand and the shape was close enough that a little jiggle of the key and I was in and they could reach their keys that had been locked inside.

      1. Neil Barnes Silver badge

        Re: RE: only accept that uniquely shaped token

        For an idea of the security available in key-operated locks, search Youtube for The Lockpicking Lawyer...

        1. stiine Silver badge

          Re: RE: only accept that uniquely shaped token

          An excellent idea. You did leave out the words 'lack of' before the word security, though.

    6. katrinab Silver badge
      Alert

      If you watch any of The Lockpicking Lawyer's videos, you will quickly learn that this doesn't make things any more secure.

  5. Nate Amsden

    almost never use remote key fob features

    Since I first heard about these kinds of attacks many years ago I almost never use my remote key fob(at least the buttons on it), of course I have to use it to unlock but I just make sure I am close to the car when I hit the unlock button(on the car not the key fob) so it can sense the proximity of the key fob to authenticate the unlock. I assume that is much harder to sniff out then pressing the unlock or lock buttons on the key fob from a distance anyway.

    1. Anonymous Coward
      Anonymous Coward

      Re: almost never use remote key fob features

      RF transmits as far as RF transmits. If they're in range, you're toast.

      I'd recommend buying a nice reliable beater with no electronics. :)

      1. Nate Amsden

        Re: almost never use remote key fob features

        I don't think it transmits far when used in this manor? because if the key is further away than a couple of feet even I think the door won't unlock(note am not pressing any buttons on the key fob to transmit anything just pressing the unlock button on the car door). And the car recognizes when the key is inside the car or not(fortunately as it prevents me from locking the keys inside the car which I have accidentally tried to do many times).

        1. Yet Another Anonymous coward Silver badge

          Re: almost never use remote key fob features

          >I don't think it transmits far when used in this manor?

          Not in this manor, It certainly wouldn't go sarf of the river guvn'r

        2. Jellied Eel Silver badge

          Re: almost never use remote key fob features

          I guess the risk is normally a function of the antenna design and receiver sensitivity. Especially if that's normally inside a 'convenient' sized pseudo-key. If you don't have those constraints, you could boost your range, especially if you're not to bothered about exceeding transmitter power levels.

        3. Kayakerdude

          Re: almost never use remote key fob features

          The transmission range of the keyfob is the same no matter whether it's triggered by a button press on the fob, or a challenge from the car.

          The car will often have multiple antennas - usually one in each handle, one in the boot, one in the center console, and one by the steering wheel - and the car will "verify" by comparing the signal strength seen by the antennas to the location of the pressed button, to give enough info whether to perform the desired action or not. If for example the keys are in the boot and someone presses the soft button on the driver door handle, the car will not lock as it's clear that the keys are not close to the driver's door. If all doors are closed and the in-boot antenna or center console antenna strengths are highest, the car will also not lock as the key is likely still in the car.

          My car's a 2011 Cayenne, and this is how the keyless-go is set up. As far as I can see, there's no longer a facility for a physical key to unlock the physical steering column lock or to disable the electrical locks, but the driver's door can definitely be opened with the physical key present and hidden in the keyfob. Without a successful challenge-response sequence, none of the major electricals will activate.

          As an amateur radio license holder, I legally own a few HackRFs, including one set up as a PortaPack with the Mayhem (!) firmware present. There's a specific module for car key store and replay, though very few cars are susceptible, as most have a rolling keycode.

    2. Snake Silver badge

      Re: almost never use remote key fob features

      I do exactly the same. Why expend the effort to dig for a key fob in your pocket, just to unlock the door, when you have to grab the door handle anyway? It simply doesn't make much sense to me o.O

    3. jollyboyspecial Silver badge

      Re: almost never use remote key fob features

      Buttons are getting more and more rare. It's almost twenty years since I drove a car where you never even had to take the keyfob out of your pocket. The RFID tag in that car was supposedly only effective when you were right next to the car. And we did find if I was standing two metres away somebody next to the car couldn't open the door. However I recently tried a modern equivalent and the doors would audibly unlock when I was more than six feet from the car and wouldn't lock again until I was twice that distance away.

      With an RFI reader a thief could easilly read that thing from outside your house unless you were to deliberately find the point in your house least accessible to RF to keep your keys. Or maybe invested in a lead box to keep them in.

      1. Giles C Silver badge

        Re: almost never use remote key fob features

        Someone I knew bought a car with this feature went out to check the car was locked with their keys in pocket - car unlocked itself.

        They walked away press the lock button and then walked back to check need I say more.

        1. werdsmith Silver badge

          Re: almost never use remote key fob features

          I don't know of a car that unlocks when you approach it where you can't disable that feature.

          Most need a touch on the door handle to actually activate the unlock.

          1. Giles C Silver badge

            Re: almost never use remote key fob features

            Which is what they did, locked the car walked up to it and tried the handle on the door at which point it opened as it should.

            I do the same on my car as I leave the house (not using the car) I check I haven’t left it unlocked by mistake.

            1. werdsmith Silver badge

              Re: almost never use remote key fob features

              Just set it to fold the mirrors in on lock.

    4. rcxb1

      Re: almost never use remote key fob features

      > I assume that is much harder to sniff out then pressing the unlock or lock buttons on the key fob from a distance

      You assume wrong. Advanced two-way radios like Cell Phones and Wi-Fi adjust their transmit power based on proximity, but simple RF devices like key fobs have no such intelligence.

    5. Emir Al Weeq

      Re: almost never use remote key fob features

      Nate, look for "relay attack" on Youtube and you'll see how distance between car and fob can be easliy overcome by relaying and amplifying the signals.

      Replay attacks aside, fob unlocking requires access to the fob whereas keyless is initiated from a button often left on a driveway.

      1. Kayakerdude

        Re: almost never use remote key fob features

        Relay attacks are also truly feasible on contactless payments, for exactly the same reasons.

        Only foiled by the requirement to enter the PIN on the terminal, or having enough contactless cards in the wallet that picking one signal out is nigh-impossible, or having a shielded wallet to start with.

        1. Emir Al Weeq

          Re: almost never use remote key fob features

          Indeed, which is why all of my cards have a slight cut in them to break the antenna. Inserting the card and entering a PIN every time is not a hardship in my opinion.

  6. the.spike
    FAIL

    Steering Wheel Lock Anyone?

    Back when I was a lad it was all the rage to have a big fat bar across your steering wheel to make sure that if someone got into your car, they couldn't actually drive it away.

    I've a feeling these will be making a comeback!

    I'd certainly be investing in one if I had a big fat expensive car. Or even one of those little Hondas..

    1. jollyboyspecial Silver badge

      Re: Steering Wheel Lock Anyone?

      There never was one of those that you couldn't pop the lock in under a minute. Doesn't matter how big and sturdy a security device is if you can open the lock with a ball point pen.

      1. Anonymous Coward Silver badge
        Alert

        Re: Steering Wheel Lock Anyone?

        Or saw through the steering wheel to remove it.

      2. Adrian 4

        Re: Steering Wheel Lock Anyone?

        The point of them wasn't to defeat thieves but to make them steal the next car instead of yours

        1. J. Cook Silver badge
          Alert

          Re: Steering Wheel Lock Anyone?

          That, and as an anti-carjacking deterrent- I know I wouldn't want to get smacked by one of those... :D

          Regarding keys: I know that at one point in the 70's, one of the US auto companies had 'regional' key sets, and therefore it was possible that the truck you bought in region A had the same keypath as one in region B.

          (a friend of mine used to be a fire fighter, and successfully performed this trick to move a truck that was blocking access on a call out one evening.)

          1. vtcodger Silver badge

            Re: Steering Wheel Lock Anyone?

            My dad was an LA city fireman. He told me once that their usual procedure when a car was blocking access was to bash out the side windows and run the firehose through the car.

            1. John Brown (no body) Silver badge

              Re: Steering Wheel Lock Anyone?

              That's just being nasty, because they can. That would take longer than just running the hose over the bonnet or roof, or even around the car.

              1. Anonymous Coward
                Anonymous Coward

                Re: Steering Wheel Lock Anyone?

                We'll let the family of four know their house burned down because it would have been "nasty" to break some fool's windows...

                1. John Brown (no body) Silver badge

                  Re: Steering Wheel Lock Anyone?

                  You really think running a fire hose over a car bonnet is slower than breaking a couple of car windows then feeding the hose through, hoping it doesn't get snagged? Have you seen firemen unrolling a hose in an emergency? Unless it's just the last few feet, then that's a big and heavy roll of hose to push through a car. It's far, far simpler and quicker to just go over it.

                  "We'll let the family of four know their house burned down because it would have been "more fun" to break some fool's windows... FTFY

                  Oh, and exactly why is the person who parked their car there a fool? Was this a marked fire hydrant? A marked emergency access route? The OP didn't say. Maybe the person who parked the car should have been expected to know there was going to be fire and parked in a different town? All the OP said was "blocking access", which covers a multitude of scenarios, 99.9% of of which could be totally innocent and reasonable for the person parking their car.

                  1. werdsmith Silver badge

                    Re: Steering Wheel Lock Anyone?

                    The images are on the web. The care is parked so close the the fire hydrant that it wasn't possible to get attachment on in the space available.

                    1. John Brown (no body) Silver badge

                      Re: Steering Wheel Lock Anyone?

                      Which pictures? The OP didn't specify any particular incident or even an actual situation.

                  2. Kayakerdude

                    Re: Steering Wheel Lock Anyone?

                    Radius of curvature of those firehoses when pressurised and flowing means the bend needed to get over the roof isn't as feasible as the direct route. There are specific reasons why the runs need to be as straight as possible as far as is possible.

                    If the direct route is through the illegally-parked car, tough on that car owner, but that's what one can expect when parking illegally - there are likely to be consequences.

                    1. John Brown (no body) Silver badge

                      Re: Steering Wheel Lock Anyone?

                      Which illegally parked car? The OP only specified a car "blocking access". Unless where you live, illegal parking is endemic, then a car "blocking access" for the Fire Service is most likely to be legally parked.

          2. Pirate Dave Silver badge
            Pirate

            Re: Steering Wheel Lock Anyone?

            If memory serves (and I admit, it is a very hazy), I recall reading long ago that at one point the US law required (?) there to be 10,000 unique keys (per manufacturer? per model? per year? I can't recall). That may also be old urban legend stuff. I just vaguely remember that a given key was supposed to have a 1 in 10,000 chance of working with any random car it would fit in. Please, take with a pound of salt.

        2. Peter Gathercole Silver badge

          Re: Steering Wheel Lock Anyone?

          I made the mistake of not putting the one I had on the wheel once but leaving it visible, in a late '80s Vauxhall Astra CDi (nice car, shame about the security).

          They broke in by breaking the sun-roof (although pressing the lock through the door would actually have been easier as I had already found out on another occasion), and then used the (unfitted) steering bar as a lever to break the column steering lock!

          I got to see the car again (it was joy riders) but the cost of repairs exceeded the value of the car several times over, so that was the end of it.

        3. drankinatty

          Re: Steering Wheel Lock Anyone?

          The purpose of a lock is to keep an honest person honest. I've still got 2 of these big red steering wheel locks somewhere in the garage closet. (an extra long one for the truck) Useful when living in a crime ridden city, not too much use in the country...

      3. MiguelC Silver badge
        Pint

        Re: Steering Wheel Lock Anyone?

        A neighbourhood kid bought an old Fiat Punto and was shown that to open his car's boot you just had to pull a cable underneath it. He then bought one of those locks and duly locked the steering wheel for the night. Next morning he found the car doors unlocked and the steering lock open and waiting for him on the driver's seat. Never found out who did it, but I'd buy him a pint for the laughs!

        1. rcxb1

          Re: Steering Wheel Lock Anyone?

          > he found the car doors unlocked and the steering lock open and waiting for him on the driver's seat.

          The obsessive-compulsive locksmith strikes again.

      4. John Brown (no body) Silver badge

        Re: Steering Wheel Lock Anyone?

        "There never was one of those that you couldn't pop the lock in under a minute. Doesn't matter how big and sturdy a security device is if you can open the lock with a ball point pen."

        On the other hand, it was a visible deterrent. The casual car thief would more likely go for one without it because there's a known extra time involved. And anyone prepared to take the time to fit it when leaving the car will less likely leave valubales in the car and have an alarm or other anti-theft features.

        It might be as much use, practically, as having a fake alarm box on your house wall, but it will most likely cause a thief to look for an easyer target. It won't stop the thief stealing a car, but it will more likely be someone else's car, not your.

        1. rcxb1

          Re: Steering Wheel Lock Anyone?

          > it was a visible deterrent. The casual car thief would more likely go for one without it because there's a known extra time involved.

          I guess that's true if all vehicles are equally valuable. Not so if it's a more valuable car that has the simple anti-theft bar in place.

          > And anyone prepared to take the time to fit it when leaving the car will less likely leave valubales in the car and have an alarm or other anti-theft features.

          Here, I'd assume the opposite... Someone installing a cheap bar on their steering wheel likely does NOT have a working anti-theft system, otherwise they wouldn't always bother with the hassle. Exceptions for vehicles found in long-term parking or other special scenarios.

          1. Danny 2

            Re: Steering Wheel Lock Anyone?

            "Not so if it's a more valuable car"

            I knew a software tester in a very poor area of Glasgow who bought a sports car, the only one in that postcode. Never had any trouble after that, everyone assumed he was a drug dealing gangster.

            Conversely, someone 'keyed' (scratched with a key) a whole line of very posh cars but skipped my wee Micra which they obviously pitied.

  7. Paul Hovnanian Silver badge

    Faraday pouch

    Or an Altoids tin.

    Only problem with these is that eventually you will have to take your keys out to use your car. And some ner-do-well hiding in your apartment garage with their sniffer grabs the code then. The tins do work well to prevent key fobs lying on your entry hall table from being sniffed through your front door.

    1. Warm Braw

      Re: Faraday pouch

      On the same basis, keep your car in a shipping container.

      1. Anonymous Coward
        Anonymous Coward

        Re: Faraday pouch

        I use a garage. It might not be rf proof but its got a hell of a door on it

      2. Handle this!

        Re: Faraday pouch

        Great idea. It will save the thieves having to place it into a container when they take it to the docks.

    2. Prst. V.Jeltz Silver badge

      Re: Faraday pouch

      These keys that are opening your car without being asked from the hallway are easily the dumbest invention Ive ever heard of .

      All because its too much trouble for the owner to push a button on the fob.

      1. Jellied Eel Silver badge

        Re: Faraday pouch

        Look on the bright side, it helps sell more cars. I guess insurers could intervene by refusing to insure insecure vehicles for theft.

        Like vanishing buttons, I miss real keys. Easy to get into the habit of locking, even with a fob and checking the door was locked. Proximity keys just seem dumb if locking means walking away and hoping it works.

  8. Snake Silver badge

    Money questions

    I question why the purchase of the $300 HackRF One is necessary. The fob is told to operate at 433mHz, and both cheap and a pence a dozen. All you should need to do it interface it with any Linux system who's driver can be set to "promiscuous" (which not too many people either use, or know about). Did that back in the day when I was fooling around with Linux but the WiFi refused to connect.

    1. Jellied Eel Silver badge

      Re: Money questions

      Hmm. Are you a geek, or just visiting? In my case, it's more an iWant than iNeed. Mainly because it looks like this gizmo + antenna switcher would cost a lot less and do more than my aging $10K+ spectrum analyser.

      1. Yet Another Anonymous coward Silver badge

        Re: Money questions

        >cost a lot less and do more than my aging $10K+ spectrum analyser.

        We spent $30,000 on the our LeCroy digital storage scope, it had it's own rack on wheels

        I just bought a $20 kit 1MHz DRO, with a color TFT screen, from chinese-crap-express

      2. Snake Silver badge

        Re: Geek

        Err, thanks for the downvote?

        Anyway, my point was being pragmatic: why would a thief spend $300 for a gizmo to do a job that, quite possibly, a $45 one might ($10 transmitter + $35 Pi)? I thought I was presenting an honest question, once considered.

        1. Anonymous Coward
          Anonymous Coward

          Re: Geek

          > why would a thief spend $300 for a gizmo to do a job that, quite possibly, a $45 one might

          Because I'm a thief, not a cheapskate.

        2. Jellied Eel Silver badge

          Re: Geek

          Downvote wasn't me. I take the view that thumbs are best used for reasoned debate, others may not have grasped what opposable thumbs are about.

          My reply was more that it's a neat gadget, and priced at an impulse buy level. Plus being more flexible, ie scan, capture, edit, replay etc. I guess once you've discovered a vulnerability, then you could turn it into a $45 kit & flog it on the 'net. Don't know there'd also be more risk of being caught 'going equipped' with a more specific kit.

        3. werdsmith Silver badge

          Re: Geek

          Anyway, my point was being pragmatic: why would a thief spend $300 for a gizmo to do a job that, quite possibly, a $45 one might ($10 transmitter + $35 Pi)? I thought I was presenting an honest question, once considered.

          It's not suggested that a thief needs a HackRF one (which is a lot less than 300), but this attack was deomonstrated using one. A researcher likely has one for loads of other tasks, including the work done to develop the hack.

          Yes, a thief could do the same with less equipment once the work of discovering the vulnerability was done.

        4. Kayakerdude

          Re: Geek

          Because the $10 transmitter firmware is not very likely to be able to differentiate the frequency in use, nor to control the output frequency.

          Your question is similar to this:

          "Why would anyone use a VGA projector when an LED torch will also provide light of the same colour"

          The HackRF has enough bandwidth to be able to get the detail of the transmission from the keyfob, where the ten dollar transceiver almsot certainly would not.

          (source:- am a HackRF owner, legally allowed to given I'm HAREC-certified.

    2. Paul Kinsler

      Re: the $300 HackRF One

      I like that you might buy the Hack RF one from somewhere calling itself "Wall of Sheep", but am disappointed that the Wall of Sheep is not in NZ.

  9. Prst. V.Jeltz Silver badge

    I dont understand how it is not now impossible to steal a car by spoofing the key , now that we have encryption both strong and one way - public / private key etc.

    1. Yet Another Anonymous coward Silver badge

      The transmitter would then need a 25c cortex M3 instead of a 10c cortex M0 - difficult to justify on a $30,000 car

      1. Prst. V.Jeltz Silver badge
        Paris Hilton

        The transmitter would then need a 25c cortex M3 instead of a 10c cortex M0

        I'm ready to admit i understood none of that !

        1. ghp

          They may be types of ARM processors, the M3 being more "expensive" and capable.

  10. jollyboyspecial Silver badge

    Water

    What always makes me laugh is when you see modern cars advertised as part of an active lifestyle. Ever tried taking a modern key fob surfing with you?

    1. ThatOne Silver badge
      Devil

      Re: Water

      Advertisement tries desperately to make you dream. That's why you see cars driving through breathtaking beautiful landscapes, or stylish, clean and most of all empty cities. All those sorts of things they will never see in their real life of creeping along, bumper-to-bumper, through some dirty and quite bland (if not obnoxious) and overcrowded city...

      1. Snake Silver badge

        Re: advertisement dreams

        (note: brackets [] to fill in specifics that I can't quote precisely)

        During the '90's, or Aughts but I can't remember exactly, there was this great TV ad that started with a safari clothing-outfitted adventurer, seemingly set in the Outback, doing heroic thing and taking dramatic acts of action. All the while constantly referring to the time on his high-end luxury watch on this wrist. The voice narrative describes all the daring-do!

        All perfectly in-line with beautiful luxury watch promotions.

        20 seconds of this high adventure later, a voice-over finally comes on, "What could you do with the [Radian] Deluxe Chronograph?"

        Seemingly ending a perfect luxury watch ad.

        But...

        then the male voice-over instantly continues. "Tell time. And that [$10,000] watch will cost you [$150,000] out of your retirement since you didn't invest it wisely."

        [Talk to our retirement consultants at Leroy Price]

        The concept was awesomely memorable.

    2. Flocke Kroes Silver badge

      Re: Water

      Even now there is often a mechanical lock on one door. In the UK it is likely to be on the passenger side. To replace an RF key you have to go to a franchise and pay monopoly prices but you may be able to get a purely mechanical only key for a sane price.

      1. Jellied Eel Silver badge

        Re: Water

        I saw a YT'er who's truck was broken into in a hotel car park. Driver's side door handle was levered out, exposing the locking latch. Dealer seemed aware of the problem, and fix was to get another passenger door handle kit and install in the driver's side.

    3. werdsmith Silver badge

      Re: Water

      What always makes me laugh is when you see modern cars advertised as part of an active lifestyle. Ever tried taking a modern key fob surfing with you?

      You would need to store it in the same place you store your modern cellphone, smartwatch, credit cards and ID.

    4. Ken Moorhouse Silver badge

      Re: Ever tried taking a modern key fob surfing with you?

      Store them in your charger.

      Yes, I did say "in".

      Ask Henri Charriere.

      1. Richard 12 Silver badge
        Holmes

        Re: Ever tried taking a modern key fob surfing with you?

        Takes up to 72 hours for them to come back out though.

        Also, ewww.

  11. Adrian 4

    pushbutton start

    What's with the current trend for pushbutton start/stop along with a nearby fob ? I remember them coming in with some flashy Renault but could never see the advantage. You still have to carry the fob and press the button. And to save the inconvenience of taking it out of your pocket you get all these security problems.

    If it ain't broke, don't fix it.

    1. Richard 12 Silver badge

      Re: pushbutton start

      In theory it's more secure, as it doesn't wear or require physical switch contacts that can be bypassed.

      In practice, the manufacturers took shortcuts.

      Though the RFID with pushbutton probably still is more secure, as they took shortcuts with the physical ignition keys too.

  12. Anonymous Coward
    Anonymous Coward

    Another reminder

    That locks are for honest people..

    1. Yet Another Anonymous coward Silver badge

      Re: Another reminder

      It did stop me stealing a VW polo.

      Neither me, nor the owner of the same colour car parked on the same dark street bothered to lock the door.

      Spent a long time trying to get the key to work before realising that there was a different selection of crap in the back of this car

      1. Sam not the Viking Silver badge
        Facepalm

        Re: Another reminder

        It's a long time ago, but one of our reps was travelling from Manchester to the deep south and stopped at a Motorway Services for a breather. Returned to the car, opens the door with his key, starts up, drives off, and after about 15 minutes thinks:

        "Someone's left their gloves on the back seat"

        "I don't wear a hat."

        "That's not my coat."

        "This isn't my car......."

        So he leaves the motorway at the next junction, returns up the motorway to the next junction after the services, returns down the motorway to the services and parks up next to a car that looks remarkably like the one he is driving.... Tries his key in the 'other' car. It opens. Gets in, recognises his own mess..... Drives off, leaving a car with an extra 75+ miles on the clock and no doubt a mystified owner and possibly a bemused traffic cop.....

  13. heyrick Silver badge
    FAIL

    send the same, unencrypted RF signal for each

    Wait, WHAT?

    I get that my toy car (limited to 45kph) is like that, but a proper and upmarket car using the same lame-ass technology? The same, even, to remote start the engine? That's just an embarrassing fail.

    By the way, what's with the expensive kit? These things run at 433MHz. I got a signal out of my scope by looking at mine using a 433MHz receiver salvaged from an old "weather display". I don't imagine it would take a lot to hook one up to something like an M0 or ESP32, run a timer, and just count ticks for when the output is on/off to later replay back to a 433MHz transmitter (though I've not bothered with this part). It might be more work (the fun part), but it's about a tenth of the cost.

    1. Richard 12 Silver badge

      Re: send the same, unencrypted RF signal for each

      As previously mentioned, that's the general-purpose hardware the researcher used.

      It's absolutely certain that there are cheaper, more specialised options. There's probably a packaged $50 kit by now.

  14. DS999 Silver badge

    There needs to be legislation

    Even as tech companies design stuff that's very strongly protected and still have slip ups / bugs that lead to constant exploits, you have non tech companies like Honda still thinking security via obscurity is a thing.

    If there was a law requiring some basic security measures in anything transmitting data over the air or they were 100% liable for all damages they'd quickly decide it is in their best interest to invest in at least trying to do it right. Imagine if Honda was on the hook for 100% of the loss for every stolen car, and sued for millions for a wrongful death resulting from an attacker being able to get in a car and hide in the back seat to kill you, etc. They would not have released something so poorly designed if they were.

    1. John Brown (no body) Silver badge

      Re: There needs to be legislation

      Imagine if your car insurence was hiked up because of this or something similar. And then you try to sue the manufacturer for the extra costs due to their cost-cutting on what should be a foreseeable outcome by "an expert in the field", which of course, they surely employ for something as important as the security of what for many people is the second most expensive thing they will buy during their lifetime.

      Most modern cars, these days, seem to cost in the region of double what I paid for my current house, admittedly that was about 35 years ago :-)

  15. IGotOut Silver badge

    Very quick way to fix this.

    All the insurance companies to go. "Sorry we won't insure it".

    It's pretty much how they killed the hot hatches in the 80s.

    1. General Purpose

      Re: Very quick way to fix this.

      "Yes, we did insure it last year but then CVE-2022-27254." That could get noisy fast.

    2. A random security guy

      Re: Very quick way to fix this.

      I work with insurance companies (not for) on security issues and, to tell the truth, they are not the bad guys. They are the people who are behind lots of the features like proximity sensors, lane assist/drift sensors, etc. They have number-crunchers who find patterns and force car companies to change their ways.

      For example, their lawyers must already be talking to Honda, telling them that they will not absorb the cost of any theft. And Honda may quietly cover the cost.

  16. Montreal Sean

    Static codes? Stupid.

    I had an after market alarm/remote door lock system I installed back in 2000 that used rolling codes

  17. Anonymous Coward
    Anonymous Coward

    “Blake Berry, and Sam Curry”

    Delicious

  18. Indexer

    Almost as good as a metal token

    My 2018 Civic LX came with a theft deterrent system.

    It's called a manual transmission.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like