'Millions' of Volkswagen cars can be unlocked via hack - BBC story

Alan_uk

A2OC Donor
Just saw this BBC website story: 'Millions' of Volkswagen cars can be unlocked via hack. http://www.bbc.co.uk/news/technology-37057689

The problem affects a range of vehicles manufactured between 1995 and 2016 - including VWs and models from the company's Audi, Seat and Skoda brands.

Based on the story the hack involves using a cheap, home-maded radio receiver to listen in to the key fob signal. Decoding and interpreting the signal needs some skill but no doubt web solutions will be available on the dark web. The real concern is that once decoded the researchers discovered that VW is using the same master cryptographic keys on multiple cars!!!!!

The researchers told VW of the problem back in November 2015. I hope they have a solution ready but probably not with all that dieselgate fiasco.
 
There will not be a fix, it can't be fixed that easily. This is an indication of the stupidity of car manufacturers, security through obscurity and a number of other factors, culminating in a phenomenally simple cryptographic implementation. Probably because of cost...

This is an extension of earlier work done from the same guy and that was published two years ago. Anything based on MQB platform - Golf VII, Octy III, Seat Leon - is not affected. You'll also need to be relatively close to the car in question to actually get the radio-transmitted code and then the crypto key, so it's not *quite* trivial.

if there's any more evidence needed of the stupidity of encryption backdoors between this and the Microsoft Golden Key loss, I don't know what it is.

- Bret
 
It might just be that the technology for these cars was designed MANY years ago and hackers have had plenty of time to develop ways and means over the years. AT the time it probably seemed to be secure enough. But technology has advanced so much in recent years that it is noit surprising that security loopholes have been found.

Steve B
 
Can they not unlock the doors that way, then connect a laptop to the obd and program a new immobiliser chip?


Sent from my iPhone 6 Plus using Tapatalk


Not really. you would need the correct software to extract the login code first, then you would need VCDS (or equivalent) to reprogram a new chip, but they would have to swap the old immobiliser chip for a new one and code that, but that would also leave them needing a physical key blade that fits the ignition lock as well. But if they had the key to start with they wouldn't need the hack to get into the car.

Nothing is impossible, but car thieves normally want to be in and out in minutes!

Steve B
 
It might just be that the technology for these cars was designed MANY years ago and hackers have had plenty of time to develop ways and means over the years. AT the time it probably seemed to be secure enough. But technology has advanced so much in recent years that it is noit surprising that security loopholes have been found.

Steve B
Disagree. It's my field, and this is a simple, clearcut case of skimping on the hardware, hoping that obfuscation is enough, and using court orders to gag researchers. The technology was not OK in the first place - using a fixed known key is stupid. This was bad cryptography from day one and accepted as such by management.

That it wasn't improved over the years isn't really a surprise when you add in that the car companies still figure they're building hardware.In the mean time, they are not. Do you trust the security of the network within the car? At least Tesla's realised they're a software company. There will be lots more stories like this in the near future...

- Bret
 
Well, I can't argue with the facts and it is ALWAYS better to have the facts than (my) assumptions.

Thanks for clarifying that Bret.

A clear and decisive post as usual, from you, much appreciated.

Cheers
Steve B
 
Not really. you would need the correct software to extract the login code first, then you would need VCDS (or equivalent) to reprogram a new chip, but they would have to swap the old immobiliser chip for a new one and code that, but that would also leave them needing a physical key blade that fits the ignition lock as well. But if they had the key to start with they wouldn't need the hack to get into the car.

Nothing is impossible, but car thieves normally want to be in and out in minutes!

Steve B

This isn't really correct, car thieves who do not nick the keys simply use a devices that plugs in the OBD port and codes a key they have hooked to there device in under 10 secs. If they need a blade they will force/barrel it, if no blade needed then they are all ready off and running.

As for grabbing the codes been around a long time now and this is also even worse with the systems that just need the keys to be close to the car to open and start as a signal booster will allow thief S into the cars when the keys are in a house some distance away.




Sent from my iPad using Tapatalk
 
This isn't really correct, car thieves who do not nick the keys simply use a devices that plugs in the OBD port and codes a key they have hooked to there device in under 10 secs. If they need a blade they will force/barrel it, if no blade needed then they are all ready off and running.

As for grabbing the codes been around a long time now and this is also even worse with the systems that just need the keys to be close to the car to open and start as a signal booster will allow thief S into the cars when the keys are in a house some distance away.




Sent from my iPad using Tapatalk
Looks like I am not having a good night tonight !!!!!

It takes a few minutes to read the codes, program an immobiliser and match the remote operation, using the official cables and software.
If they can do it in under ten seconds (and I don't doubt you) then where do I buy that kit!!!

Also, if they are going to use that kind of equipment then they are surely unlikely to do it to a 12 year old A2, they are much more likely to target more expensive cars (although I probably have that wrong too?) so our cars should be safe enough?


Steve B
 
It not readily available to those who wouldn't use it for criminal activities. If you get stopped with it on you, I would expect you will get arrested for some sort of going equipped offence.

It's generally used on high end Audis and BMWs but would obviously work on anything but as you say unlikely on our cars. I did buy a device sometime ago which I can just switch the immobiliser on and off in seconds on pre 2005 cars iirc for the grand sum of £7.

I have to say I don't remember the last time I heard an A2 being stolen if ever?




Sent from my iPad using Tapatalk
 
Went I bought my A2 11 years ago, then aged 8 months, I paid to transfer the tracker service. I then rang my insurance company expecting to get a discount (as per the tracker blurb). No way said the insurance company, A2 are not at high risk. 11 years later that will be even more true.

So, I'm not going to loose any sleep with my A2 over this latest VW issue. What with the rise in the internet of things, hacking everyday appliances will come increasing common. I've already disabled inward internet access to my devices.
 
Not really alarming news. Cars have always been vulnerable to theft, even now look at how many of the latest models with keyless entry are being hacked with owners having to resort back to things such as steering wheel locks to try and prevent theft.
 
Back
Top