- Feb 27, 2009
- Ruhr Area, Germany
- MX-5 ND & two bikes
Basically they used a relay attack - bridging the gap between car and key with special radio equipment (which isn't difficult to make) and relaying the signals between car and key over a distance. This allows a two-people team to steal a car: The driver stays by the car with one end of the radio bridge, the other follows the car owner with the second end. Car opens, thief enters, radio relay simulates the key being inside the car, thief drives away to safehouse.
The article mentions that they cracked every car they tried with the exception of Audis, but suspect this is only due to using the wrong radio frequency on their proof of concept.
Summary: Nothing new. "Keyless Go" systems are insecure because the principle they work on has a very obvious flaw. I don't know if and how that can be fixed by adding appropiate encryption, and the article doesn't focus on that.
My personal opinion: It's long overdue that insurance companies hit cars with "Keyless Go" features with higher premiums so people stop buying them until the carmakers close the gaping security hole.