Reply to post: Re: "A direct causal link is difficult..."

Auto manufacturers are asleep at the wheel when it comes to security

Alan Brown Silver badge

Re: "A direct causal link is difficult..."

"There is a particular make and model that is currently the target of choice as all you need to do is break a side window, plug your dongle into the ODBC socket, start the car, and drive off. A few seconds max."

Just say it: BMW - this one is well known and old hat.

Thefts involving electronic replication of the remote keying and "keyless" (ie, no insert and turn) pushbutton start ignition systems are the new normal. This started about 15 years ago with high-end Mercedes, etc and has been spreading. Renaults were proven vulnerable about a decade ago but noone wants to steal and export a Renault (Renault's response was to reduce the range of the electronic entry and keyless ignition systems to less than a metre, not to beef up the security)

Manufacturer "upgrades" of keyless system crypto are 20 years behind the attacks. Manufacturer defences of the internal comms systems' security is even worse than that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020