Anyone know how this is done? Maybe brute forcing the keyless entry? Maybe damaging the antenna/preamp with something high-powered would work if there's a fail safe feature to unlock the car in that event?
I've recently seen a presentation about attacks on a widely used system used in current cars.
There are a couple of different ways that are significantly better than brute force (as in: works against real cars in seconds to a few minutes). (Though since key length is only 48 bit, even brute forcing might be practical.)
I'm pretty sure I've had this happen to me [1]: both my Chevy and Jeep were broken into on the same night without damage.
Knowing nothing about how it was done, I'd just assume the security was really bad [2] and the box simply emitted all possible combinations. Has any industry ever taken security seriously before the first major breach?
Our solution is to never store anything of value in the car.
[1] Pretty sure because almost never leave a car unlocked. Two cars unlocked is even more unlikely.
[2] By way of example, unlocking my Chevy with its fob routinely set off a car alarm for a different car. That tells you right there that the car alarm receiver has zero security.
The typical attack in the past involves two devices, one by the car and one by the key. But that attack only works on proximity fobs for obvious reasons.
I read last year the (Texas?) police had some similar devices in there possession. The ones the article talked about listened to lock frequencies and could then work out the unlock frequency from it. So the criminals would scan car parks waiting for people to lock cars that where brought in, wait for the person to leave, then approach the car and unlock it with the captured frequency.
I have no idea if thats what all these devices are, or how legit the article was, but seems legit to me.
