Karsten Nohl of Security Research Labs, a white-hat hacker, believes that a recent spike in car theft is due to a break in the car immobilizer security systems; thieves are able to re-mobilize the immobilized vehicles. My question is: how long until someone builds a TV-B-Gone for car engines that lets you stop cars with the click of a button?
Juels says that these cracks were possible because the proprietary algorithms that the firms use to encode the cryptographic keys shared between the immobiliser and receiver, and receiver and engine do not match the security offered by openly published versions such as the Advanced Encryption Standard (AES) adopted by the US government to encrypt classified information. Furthermore, in both cases the encryption key was way too short, says Nohl. Most cars still use either a 40 or 48-bit key, but the 128-bit AES - which would take too long to crack for car thieves to bother trying - is now considered by security professionals to be a minimum standard. It is used by only a handful of car-makers...
What's more, one manufacturer was even found to use the vehicle ID number as the supposedly secret key for this internal network. The VIN, a unique serial number used to identify individual vehicles, is usually printed on the car. "It doesn't get any weaker than that," Nohl says.
Criminals find the key to car immobilisers
(Image: Invalidka - Soviet car for disabled people, a Creative Commons Attribution (2.0) image from dittaeva's photostream)
Reason's December issue celebrates the magazine's 50th anniversary with a series of commissioned pieces on the past and future of the magazine's subjects: freedom, markets, property rights, privacy and similar matters: I contributed a short story to the issue called Sole and Despotic Dominion, which takes the form of a support chat between a dishwasher […]
At times this week, wildfires made San Francisco's air the worst in the world, and the city's stores have largely sold out of the N95 filter masks that make the air barely breathable, leading to at least one enterprising Uber driver selling the masks out of his car (at a substantial markup: $5 each, compared […]
Amazon is already known for providing dangerous working conditions, anti-union activities and treating their blue collar workforce like a disposable commodity. Since they’re already screwing folks at work, it must have seemed like a natural progression to screw them at home too. From Politico: Amazon’s plans to expand into Long Island City may cost Mayor […]
Ever wondered what it takes to make the transition from amateur photography to a full career? If you answered “a better camera,” you’re half right. Before you get the equipment, get the know-how to use it with the Hollywood Art Institute Photography Course & Certification. Taught by experienced pros, this course is geared towards shutterbugs […]
Anyone can learn piano, but don’t tell that to the bored kids who had to endure hours of “Chopsticks” and similar drills in their music lessons. Today, there’s a better way. Pianoforall lets you jump right in to discover what makes music fun, leaving you eager to learn more. In a simple but innovative approach, […]
There are two times you never want to just “eyeball” it: Conducting brain surgery and matching shades of paint for your walls. Whether you’re painting or repainting, make sure you’re never just “close enough” to the color you want. Not when the Nix Mini Color Sensor can scan and match any color perfectly. Small enough […]