- cross-posted to:
- hackernews@lemmy.bestiver.se
- cross-posted to:
- hackernews@lemmy.bestiver.se
You must log in or register to comment.
So, only criminals will have them?
Dang, there went all my legitimate plans for signal jamming.
Like banning kitchen knives because somebody got stabbed with one once.
More like banning USB sticks because between 2011 and 2021 KIA and Hyundai removed engine immobilizers from their car designs to save a few dollars which allowed their cars to be started by turning the ignition with literally anything.
Not removed - never added to the US designs. They were added afterwards to models being sold in places that require them.
And nothing will be done about cars being sold with faulty security. We had methods of preventing these attacks in the last millennium.
Typical BBC reporting of anything technical.
Keyless repeaters and signal amplifiers scramble the signal from remote key fobs inside people’s homes, enabling criminals to unlock cars.
No, they don’t. The situation described is a relay attack on keyless entry/start. Jamming is used in a two stage attack, where the device intercepts the first signal and stores it without allowing the car to ‘see’ it by jamming. The user then tries a second time.
This time the signal is intercepted the same way, and the first signal is played back to the car from the device. The second signal is stored and can be replayed later to bypass a rolling code setup.
It’s very niche and the stored signal quickly becomes obsolete anyway.
Sophisticated electronic devices used by criminals to steal cars are set to be banned
Making or selling a signal jammer could lead to up to five years
Jenny Simms said the possession, manufacture, sale and supply of signal jammers had provided an “easily accessible tool for criminals… for far too long”.
These devices have no legitimate purpose
Basically, fuck you if you happen to have or build a Software Defined Radio (SDR). Again with the UK ‘clamping down’ on something that does have plenty of legitimate use.
I use an F0 for toying with my own equipment, as an interface for my smart devices and as a general purpose keyfob. I may be arrested just for possessing it.
The crims will not care a jot and this only serves to restrict/annoy legitimate users.
The fault and solution lies with the manufacturers who implement insecure tech, and with the users who blindly sacrifice pounds of security for ounces of convenience.
An SDR is not a signal jammer and the flipper zero can’t clone a rolling code remote.
An SDR can be made to jam, even if that is not the normal purpose. Just like a kitchen knife can be used to murder people, instead of its normal culinary purpose.
Of course an F0 can’t clone a rolling code as-is. I never said it could. But it can harvest and replay a single or multiple consecutive codes just fine, providing the original key is not used in the meantime. Only need physical access to the key while it is out of range of the vehicle.
This alone puts the F0 on dangerous ground as an “electronic device (such as a signal jammer) for use in theft of a vehicle or theft of anything in a vehicle”
People have locked out their original keys by messing with this before.
The point is that our laws are reactionary, vague, and open to too much interpretation.
If someone gets shit stolen out their car and I happen to be nearby, then I will become suspect merely through possession. Even without intent.
“These devices have no legitimate purpose, apart from assisting in criminal activity, and reducing their availability will support policing and industry in preventing vehicle theft which is damaging to both individuals and businesses.” She added
Yeah how about fuck off with this nonsense.
I’m sure the people stealing cars will be right on that…
Next they’ll ban stealing cars
I won’t speak to how the UK does things, but in the US this would make for an easier criminal charge.
It can be difficult to prove that someone stole (or is about to steal) a car, or broke in to steal the contents. This is especially true if they weren’t apprehended in or with the vehicle itself. But if they are arrested on suspicion, and one of these devices is found on them, they can very easily be prosecuted for possession of criminal tools. It’s similar to how we normies can’t legally own a lockpicking kit unless we’re locksmiths.
back to stealing bikes I guess
So now only criminals will be able to steal peoples cars. Well done.
They wont even be banned (which would be stupid) Its on the owner to proof they have it for legitimate reasons. The end result will mean the devices will be more hidden in everyday seeming devices. And if they do eventually ban them fully that legal local technological knowledge will be dragging behind criminal innovation.
You want these devices out there to increase awareness of their existence and to pressure manufacturer to make their devices more safe.
Example: Remember how Tesla can remote (un)lock cars? Exploit waiting to happen and the potential ban on encryption is going to make it so much worse.
Ostrich politics.
As if that would stop them. The problems are at this side, it is the complete ignorance and disregard of operational security in the automotive industry.
The article seems very non-technical. From what I read about the Flipper Zero, Playback attacks aren’t supposed to work on modern cars that use rolling codes. The only way the attack can work is if you intercept the signal from the keyfob while also preventing the keyfob’s signal from reaching the car. Much easier said than done.
Grab some keys out a bag in the office while the owner isn’t looking.
Grab a code (it’s out of vehicle range, being inside).
Go to the car park, replay the code and loot the car.
You’d be caught quickly, but it’s doable.
If you already have access to the keys why bother with anything else?
You might not have access to the keys for a long period of time.
Only need a moment to take a code and leave the keys there. If the car isn’t otherwise monitored, theft of contents without keys would be trivial.
You’re probably getting busted anyway, but the concept is there.
All these new police powers, but do we even have enough police to use them? Lmao
