Gone in 60 seconds--the high-tech version

inventor00 · May 7, 2006

http://news.com.com/Gone+in+60+seconds-the..._3-6069287.html

Gone in 60 seconds--the high-tech version
By Robert Vamosi
Special to CNET News.com

Published: May 6, 2006, 6:00 AM PDT

Let's say you just bought a Mercedes S550--a state-of-the-art, high-tech vehicle with an antitheft keyless ignition system.

After you pull into a Starbucks to celebrate with a grande latte and a scone, a man in a T-shirt and jeans with a laptop sits next to you and starts up a friendly conversation: "Is that the S550? How do you like it so far?" Eager to share, you converse for a few minutes, then the man thanks you and is gone. A moment later, you look up to discover your new Mercedes is gone as well.

Now, decrypting one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car--making the hack tempting for thieves. The owner of the code is now the true owner of the car. And while high-end, high-tech auto thefts like this are more common in Europe today, they will soon start happening in America. The sad thing is that manufacturers of keyless devices don't seem to care.

MattD · May 7, 2006

<div class='quotetop'>QUOTE(inventor00 @ May 7 2006, 07:48 AM) [snapback]251059[/snapback]</div>

http://news.com.com/Gone+in+60+seconds-the..._3-6069287.html

Gone in 60 seconds--the high-tech version
By Robert Vamosi
Special to CNET News.com

Published: May 6, 2006, 6:00 AM PDT

Let's say you just bought a Mercedes S550--a state-of-the-art, high-tech vehicle with an antitheft keyless ignition system.

After you pull into a Starbucks to celebrate with a grande latte and a scone, a man in a T-shirt and jeans with a laptop sits next to you and starts up a friendly conversation: "Is that the S550? How do you like it so far?" Eager to share, you converse for a few minutes, then the man thanks you and is gone. A moment later, you look up to discover your new Mercedes is gone as well.

Now, decrypting one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car--making the hack tempting for thieves. The owner of the code is now the true owner of the car. And while high-end, high-tech auto thefts like this are more common in Europe today, they will soon start happening in America. The sad thing is that manufacturers of keyless devices don't seem to care.
[/b]
Click to expand...

Thanks for posting this...does anyone know the specifics of the Prius keyless system, is it exposed to the same vulnerability -- as an owner, I'm concerned!

ScottY · May 7, 2006

<div class='quotetop'>QUOTE(Matt Domenici @ May 7 2006, 11:18 AM) [snapback]251067[/snapback]</div>

Thanks for posting this...does anyone know the specifics of the Prius keyless system, is it exposed to the same vulnerability -- as an owner, I'm concerned!
[/b]
Click to expand...

This was posted couple of times... http://priuschat.com/index.php?showtopic=1...51&#entry249251
And also explained here... http://rfidanalysis.org/
From rfidanalysis.org...

By today's standards, a 40-bit key is unacceptably short: advances in computing power have made such keys succeptable to brute-force key guessing attacks.[/b]
Click to expand...

Late model Toyotas (I assume that includes the Prius) use TI-RFID (Texas Instruments Radio Frequency Identification) system. And it offers a 40-bit encryption length. As we all know, standard computer encryption is 128-bit long. Even with 128-bit encryption, we often hear in the news that government agency and corporate websites being hacked. If you are concerned like I am, write to Toyota. I did, their response was

Thank you for contacting Toyota Motor Sales, U.S.A., Inc.

We apologize for your concerns with the engine immobilizer system on your 2006 Prius.

Your feedback is appreciated. It is through comments such as yours that we are able to review and improve our vehicles.

Your email has been documented at our National Headquarters under file #200603220644. If we can be of further assistance, please feel free to contact us.

Toyota Customer Experience [/b]
Click to expand...

SteveS · May 7, 2006

<div class='quotetop'>QUOTE(ScottY @ May 7 2006, 11:16 AM) [snapback]251082[/snapback]</div>

This was posted couple of times... http://priuschat.com/index.php?showtopic=1...51&#entry249251
And also explained here... http://rfidanalysis.org/
From rfidanalysis.org...
Late model Toyotas (I assume that includes the Prius) use TI-RFID (Texas Instruments Radio Frequency Identification) system. And it offers a 40-bit encryption length. As we all know, standard computer encryption is 128-bit long. Even with 128-bit encryption, we often hear in the news that government agency and corporate websites being hacked. If you are concerned like I am, write to Toyota. I did, their response was
[/b]
Click to expand...

Crap.

Gone in 60 seconds--the high-tech version

inventor00 Active Member

MattD Member

ScottY New Member

SteveS New Member

About PriusChat

Quick Navigation

Like us on Facebook

Buy us a beer!

Useful Searches

Gone in 60 seconds--the high-tech version

inventor00 Active Member

MattD Member

ScottY New Member

SteveS New Member