We all knew it was only a matter of time before software hackers eventually turned to the comparatively low-hanging fruit of automotive security. The people who are consistently hacking ssl have turned their sights on the radio signals that allow one to open a car, and they have succeeded according to film footage in this article.
In the footage, people walk up with some kind of wireless key fob and open every vehicle of certain makes they point it at and steal lots of stuff without setting off any car alarm. Car manufacturers appear to be stumped, as do security experts. If there is a way to do this, the criminals that developed it aren’t sharing and they didn’t get it from some place like hackaday where exploits are discussed.
This is hard because the wireless key fobs use rolling codes to unlock the door which means that the thieves must circumvent the rolling codes or they must somehow record all of them. You cannot brute force these because I believe the rolling code cars will stop listening if you do.
The current thought on how this is accomplished is either a taser or a bug zapper or something putting out a big spike of electricity to act on the solenoid in the car’s door that operates the lock. Time will tell. Until then, don’t leave anything valuable in your car!
