Spybuster Tip # 823: Store Your Car Key Fobs in a Metal Can

Thieves have perfected the art of stealing the code from that key fob sitting on a kitchen counter or hung on a hook by the door. And tools that make theft fast and easy can be purchased on the internet. Worse, the latest theft devices allow criminals to amplify a vehicle's radio signal so that thieves can better access and copy the key fob signal to steal a vehicle...

The Relay Attack, a two-person attack, is when a thief walks up to the victim’s home with a piece of equipment that captures the signal from the key fob and then transmits the signal from a car key fob. "An accomplice waits nearby at the car door, usually with another device, to open the car when the signal is received," the AARP website said. The copied signal can fool the car into starting the ignition.

Spybuster Tip #823: Store your car key fobs in a metal container when not in use.

Your other fobs are at risk too. Learn more here.

Fob-U-Less Auto Theft on the Rise ...and a solution!

As predicted in 2011, and documented in previous Security Scrapbook posts, it is time to remember where to keep your car key fob overnight... in a closed tin (cost $0.93). ~Kevin

CA - Auto theft on the rise in Toronto area, and a security expert thinks he knows why...
According to Markham automotive security specialist Jeff Bates, owner of Lockdown Security, wireless key fobs have a role to play in many recent car thefts, with thieves intercepting and rerouting their signals — even from inside homes — to open and steal cars.

...many of these thieves are using a method called "relay theft."

Key fobs are constantly broadcasting a signal that communicates with a specific vehicle, he said, and when it comes into a close enough range, the vehicle will open and start.

"The way that the thieves are getting around this is they're essentially amplifying that low power signal coming off of the push start fob," he said.

"They will prey upon the general consensus that most people are leaving their key fobs close to the front door of their home and the vehicle will be in the driveway."

The thief will bring a device close to the home's door, close to where most keys are sitting, to boost the fob's signal.

They leave another device near the vehicle, which receives the signal and opens the car.

Many people don't realize it, Bates said, but the thieves don't need the fob in the car to drive it away. more

Many thanks to our Canadian Blue Blaze Irregular (WM) for this latest alert!

Fob-a-dobba-zap-botta-boom! Your car is mine.

Car thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key, according to new research that will be presented at the Network and Distributed System Security Symposium next month in San Diego, California.

The researchers successfully attacked eight car manufacturers' passive keyless entry and start systems—wireless key fobs that open a car's doors and start the engine by proximity alone...

The researchers suggest things that car owners and manufacturers can do to protect themselves. Car owners can shield their keys when they're not in use, to prevent attackers from communicating with them. Alternatively, manufacturers could add a button to fobs that would allow owners to deactivate and reactivate them...

David Wagner, a professor of computer science at the University of California at Berkeley who has studied the cryptographic systems used in keyless entry systems, doesn't think the research ought to make car owners anxious. He says "there are probably easier ways to steal cars." (more)

Spybusters Tip #543 - On "High Tech" Car Burglars

The news media is overflowing with reports of "High Tech" car burglars. They appear to be opening locked cars while holding a "black box" which "has police all over the nation stumped as to how it works."

Here, at the Spybusters Countermeasures Compound, we believe the black box is nothing more than a radio signal jammer. 

The thief is nearby when the person locks their car using a wireless fob. They interfere with the locking signal and the car never really locks. Once the owner walks away, they strike.

Spybusters Tip #543: When locking your car, make sure you test that it is really locked before walking way. This is especially important if you see anyone nearby. (sing-a-long)

Spy Trick # 482 - Keyless Car Break-in Mystery Solved

If you have a wireless key fob for a car with a remote keyless system, then you might want to start keeping your keys in a freezer or other Faraday Cage to protect it from high-tech thieves, who can use a $17 power amplifier to break into your vehicle.

Cars with keyless entry systems are capable of searching for a wireless key fob that is within a couple feet of the vehicle, but car thieves can use a $17 "power amplifier" to boost the key searching capabilities, sometimes up to around 100 meters, and pull off a high-tech car break-in. more extra spy credit

How to Kill A Keyless Car Remote

Owners of some new Nissan motor cars are being advised to keep their mobile phones away from the keyless-ignition fobs which are used to start their cars, as the phones can "wipe" the fob memory. The problem is limited to the 2007 Altima and G35, and the problem can be avoided by keeping mobile phones at least an inch away from the fob.

The Tennessean newspaper said that if owners send or receive calls while their phones are touching the fob, there's a chance the fob's electronic code could be erased. Once erased, the fobs cannot be reprogrammed, and owners can restart their engines only by using the spare fobs sold with their cars, a Nissan spokesman told the newspaper.

Nissan expects to be able to issue new fobs within a few months, and is currently replacing damaged fobs free of charge. (more)

Spybusters Tip #847: Stop Car Theft via Key Fob Signal Intercept

By simply wrapping your key FOB in aluminum foil you can prevent a thief from intercepting the signal. 

If you park your car outside at home then you might consider using a foil-lined container or placing your keys in a coffee can.

I’m going to start wrapping mine in aluminum foil when I travel and stay in a hotel. If you doubt that this issue is a serious threat then watch How Thieves Unlock A Car. more

A big thank you to our Blue Blaze Irregular ensconced in Illinois for alerting us to this tip. ~Kevin

Car Key Fobs — Wireless = Useless

...a team of researchers from the University of Birmingham and the German engineering firm Kasper & Oswald plan to reveal two distinct vulnerabilities they say affect the keyless entry systems of an estimated nearly 100 million cars. 

One of the attacks would allow resourceful thieves to wirelessly unlock practically every vehicle the Volkswagen group has sold for the last two decades, including makes like Audi and Škoda. The second attack affects millions more vehicles, including Alfa Romeo, Citroen, Fiat, Ford, Mitsubishi, Nissan, Opel, and Peugeot.

Both attacks use a cheap, easily available piece of radio hardware to intercept signals from a victim’s key fob, then employ those signals to clone the key. The attacks, the researchers say, can be performed with a software defined radio connected to a laptop, or in a cheaper and stealthier package, an Arduino board with an attached radio receiver that can be purchased for $40. “The cost of the hardware is small, and the design is trivial,” says Garcia. “You can really build something that functions exactly like the original remote.”

...they were able to extract a single cryptographic key value shared among millions of Volkswagen vehicles. By then using their radio hardware to intercept another value that’s unique to the target vehicle and included in the signal sent every time a driver presses the key fob’s buttons, they can combine the two supposedly secret numbers to clone the key fob and access to the car. “You only need to eavesdrop once,” says Birmingham researcher David Oswald. “From that point on you can make a clone of the original remote control that locks and unlocks a vehicle as many times as you want.” more
original paper

The Case of the Flacid Fob

Researchers from Ruhr University Bochum, Germany, presented a complete break of remote keyless entry systems based on the KeeLoq RFID technology. The shown vulnerability applies to all known car and building access control systems that rely on the KeeLoq cipher. "The security hole allows illegitimate parties to access buildings and cars after remote eavesdropping from a distance of up to 100 meters" says Prof. Christof Paar. "Eavesdropping on as little as two messages enables illegitimate parties to duplicate your key..."

A KeeLoq system consists of an active Radio Frequency Identification (RFID) transponders (e.g., embedded in a car key) and a receiver (e.g., embedded in the car door). Both the receiver and transponder use KeeLoq as encryption method for securing the over-the-air communication.

KeeLoq has been used for access control since the mid-1990s. By some estimates, it is the most popular of such systems in Europe and the US. Besides the frequent use of KeeLoq for garage door openers and other building access applications, it is also known that several automotive manufacturers like Toyota/Lexus (Chrysler, Daewoo, Fiat, GM, Honda, Volvo, VW, Clifford, Shurlok, Jaguar, etc.) base their anti-theft protection on assumed secure devices featuring KeeLoq.
(more)
(Hacker video explaining KeeLoq. Minutes: 36:18 - 41:35)
(How to Steal Cars - A Practical Attack on KeeLoq)

Three Very Amazing Video Cameras

• Fog Penetrating,
• X-Low Light,
• Car Key Fob CamCorder

View the short movie clip of this tricky fog-busting CCTV camera. Amazing!

Now, take a look at their extremely low-light level camera. Sit down... 0.00009 lux F1.4, 570 lines resolution, B&W. Basically, this is a camera which allows you to 'see in the dark' as long as it is not totally dark. Add a few IR LEDs in the area and voila, it's daytime!

Their latest... A car key-fob covert camera which records (3.1 megapixels still and 460x480 movie) up to 90 minutes (with time/date stamp) then downloads into your computer via USB. Yes, it records the sound, too.
(more)

SpyCam Story #628 - How to Push a Perv's Hot Button

An on-line review via The Nerd Gereration

"This is the coolest spy gadget I have ever used. This tiny keychain fob poses as an automatic door unlock/panic for a car. In actuality it is a tiny albeit powerful camera capable of snapping photographs at 640 x 480 resolution and recording video in AVI format. I figured the photos and video I got with this little device would be blurry and useless in real world spying practices.

I took the camera out on a couple secret missions and compiled a plethora of photographs and video files. When I arrived at my home base I plugged the device into my computer and downloaded the files from the 4 GB micro SD card (a small cable allows xfer without worrying about a card reader).

I was absolutely floored with the quality of images and video this camera took!  

I figured the video would not have any audio, but there it was! Crisp and clear! How is this possible? Technology my friends… and it’s awesome." (more)

Security Director Alert — Use of these inexpensive, yet high-quality devices in restrooms, employees showers and changing areas is now a serious workplace issue. The lawsuits are just beginning to roll out.

You are the deep pockets in this scenario, and just one spycam can spawn dozens of employee lawsuits.

FREE Security White Paper - "Surreptitious Workplace Recording ...and what you can do about it."   

Solution — Your organization needs to show pro-active due diligence. Conduct periodic inspections of your facilities. Call us for further advice and pricing.

"I reprogrammed a car fob, Mr. Cheney. Now I control you."

by Chris Soghoian...
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.

The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...

By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)