What is Digg?Sponsored by Best Buy
Meet Keith: Best Buy Employee and Possible Singing Sensation. view!
www.youtube.com/bestbuy - One employee proves he has the chops and the passion to star in Best Buy's holiday campaign.
17 Comments
- rebug, on 10/12/2007, -0/+2The actual report (http://www.rfidanalysis.org/) is far more interesting than the dumbed-down CR version.
- vertigoblue, on 10/12/2007, -0/+1i digg the rfidanalysis.org...
that is cool - eurolite, on 10/12/2007, -0/+1Umm clearly none of you have any knowledge of how remote entry works. You can not simply just "record the transmission and replay it" that stopped working in the 70's and has become even more complicated since then. Remote entry uses 40 bit random rolling codes there is no way to predict what code it will use next as that's over a trillion combinations and that was only since 1997 it has been 10 years since then I have not researched the subject since then but I am willing to bet they use a lot more then 40 bit rolling codes these days probably 256bit or even higher. There is only one weakness in the system which is there are 256 codes that the transmitter will reset encase you are out of distance from the receiver and send the signal (the code will rotate) if you push the unlock/lock whatever button more than 256 times in a row out of the distance of your vehicle you will have to reprogram the receiver to acknowledge the transmitter. You can sit there and try to crack the code which can take years not to mention you have the luck of accidentally discovering the panic button transmission code first and setting off the car alarm.
- adml_shake, on 10/12/2007, -0/+1This makes me wonder if Car remote entry units are vulnerable to a replay attack-- Record the radio coming from a transmitter and play it back? I bet it works!
Yeah Mercedies had a problem with this a while back. Someone stole a bunch of cars by using a PDA to capture the unlock, start, and other signals while they were being test drove. Then they used a tv remote program and assigned each button a function and drove off with some. They got nabbed if I remember right. - mousky, on 10/12/2007, -1/+1Yet another poorly written high-tech article from an organization that knows very little about high-tech. Um, sorry Consumer Reports, but that is outright false. The decoder that these guys used required more than little electronic knowledge, cost over $3,500, took 2 hours. Where did the 15 minutes, inexpensive and little electronic knowledge come from?
No digg on this article but I would give a digg to rfidanalysis.org. - nymphetamine, on 10/12/2007, -0/+0aww...i thought this was a how-to kinda thing. im dissapointed but i still digg it.
- nosey2, on 10/12/2007, -0/+0Hi, good to see that others have looked at this problem, not sure of eurolite's comments though, ie
"if you push the unlock/lock whatever button more than 256 times in a row out of the distance of your vehicle you will have to reprogram the receiver to acknowledge the transmitter"
I am looking at a Fiat at the present and it certainly does send a new encryption with every button push, but I assumed that that the transmitted code was anencryption of the code# supplied originally with the key. This limits the possible # of variations of the key to 10000. I would suggest that the transmitted code consist of random # encrypted with the key code#. I would also suggest that if you could find the algorith to encrypt these two it would be possible to reverse the process as the receiver does and arrive at the original key code#. - YellowJKT, on 10/12/2007, -0/+0for $3500 and 2 hours, that's a good investment for free gas at today's prices :-)
- inactive, on 10/12/2007, -0/+0Whoa, that was one hell of a good digg. Nice job!
- inactive, on 10/12/2007, -0/+0This makes me wonder if Car remote entry units are vulnerable to a replay attack-- Record the radio coming from a transmitter and play it back? I bet it works!
- Anth, on 10/12/2007, -0/+0Lots of Fords use the space around 435MHz - I know this because there is an AFB in my town and one afternoon all the keyless entry systems for Ford vehicles stopped working - it was on the news and the gov't said that the spectrum Ford was using is actually owned by the Govt.
- inactive, on 10/12/2007, -0/+0Any good radio service monitor will be able to tell you the frequency of it. I used the one at work to check out my remote once... I believe it was around 400MHz, but it was a while ago. In any case, I think I'll try it now :) Then I'll post my results to be dug.
- CaptSnuffy, on 10/12/2007, -0/+0people have been doing similar stuff with remote entry for a while
- CronicusX, on 10/12/2007, -0/+0Coolio.
Digg This - rifter, on 10/12/2007, -0/+0Hrmm. Interesting indeed. Although I remember reading the older article a few months ago. I'd like to see something cracking bluetooth devices *from* a bluetooth phone.
I was walking around CompUsa yesterday and had remembered my phone used bluetooth. So out of curiosity I just started walking around the store and had my phone searching for bluetooth devices. I found about 3-4 laptops and about 2-3 PDA's that picked up my phone. I wasn't able to access them due to the nature of bluetooth setup. Also I wasn't able to see all the devices at the same time. I had to go to the PDA section for the PDA's and the laptop section for the laptops, which really shows the distance issue with bluetooth. - 21.0, on 10/12/2007, -0/+0nice, how do you get into the car though, need to hack the frequency of the little auto unlock things everyone has on their keyring :P
- 1337freek, on 10/12/2007, -0/+0this story is a bit old i remember reading this in the begining of the year
© Digg Inc. 2009
— Content created and posted by Digg users is