Hackers can unlock your car with little effort more than a laptop

''In every action, there is equal and opposite reaction''....Newton third law.I have been asking myself,when,how and who is going to get it right in the world of technology?The harder you work, more embarrassment you get from hackers.Everyone including me believes with security on your vehicle, you are atleast ninty percent free from car theft.unfortunately,the confidence has been compromised by those groups of hackers who now generate more revenue from hacking.
Cars with remote locking can be hacked with off-the-shelf equipment costing just £600 that “effectively defeats the security of keyless entry”, according to a computer expert.

 Cars with remote locking can be hacked with off-the-shelf equipment costing just £600 that “effectively defeats the security of keyless entry”, according to a computer expert.

Silvio Cesare, who works for security firm Qualys, plans to give a talk at the Black Hat security conference in Las Vegas this week describing experiments where he successfully unlocked his own car using a cunning technique.

By using a software-defined radio, which allows a computer to transmit or receive an enormous range of frequencies used by everything from Wi-Fi to wireless key fobs and Bluetooth devices, he was able to experiment with listening to signals sent by his car keys and eventually emulate them.

However, even ageing cars use a system of rolling codes that improve security by changing the message needed to unlock the door every time it is used. Therefore he had to send vast numbers of potential codes in the hope that he would eventually stumble upon the correct one.

In a video posted of such an attack, the car’s door is eventually unlocked after several minutes of being barraged with potential unlock codes at a rate of several each second.

Cesare said: “If someone’s parked their car in a garage overnight, something like this is definitely plausible.”

There are severe limitations to the hack he managed to perform, however. For one thing his car – the make and model of which he has asked to be kept secret – is ten years old and may not represent the state of the art in remote security.

It also requires that the attacker is present when the car’s owner uses the remote key fob at least once, in order to extract the unique descriptor code that it transmits along with any command to lock or unlock the doors. And because it is a “brute force” attack which sends massive numbers of signals in the hope that one will be correct, rather than a more pinpoint technique, it can require that the attacker stays within range for up to two hours in order to unlock the car.

He is also yet to test the technique on any model of car except his own, but suspects it will work on others of a similar age. And once a potential thief is inside the car they still need to face an extra challenge in starting the engine if they want to steal it, although the contents of the vehicle are obviously at risk by that point.

Nonetheless, the information could be widely used by criminals, so Cesare has promised to keep it under wraps: “Criminals could hire researchers to replicate this attack. But they won’t be getting it from me.”

Source:http://www.telegraph.co.uk/technology/news/11013062/Hackers-can-unlock-your-car-with-little-more-than-a-laptop.html