This legislation is about as smart as banning phones to prevent vishing. In this day and age, you'd think most radio-frequency tag and key systems would have some protection from simple replay...
This legislation is about as smart as banning phones to prevent vishing. In this day and age, you'd think most radio-frequency tag and key systems would have some protection from simple replay attacks. As the article notes, cars are mostly protected against replay these days, and the proposed legislation doesn't do a thing to prevent signal amplification from an exposed key fob.
A friend demonstrated that a Flipper can be easily used to open everything from garage doors to hotel room doors through plain capture and replay. It could trivially read the RFID chip in a multihospital security ID card I had. This friend also demo'ed some add-on software that could brute-force Wi-Fi passwords quickly (with enormous rainbow tables), but it required a rather conspicuous amount of processing power. Nice for pentesting, not so useful for petty crime.
The Flipper is compact, inexpensive, easy to use, versatile, and even whimsical. It's a delightful networking toy. I can attest that it has legitimate uses for everyone from RF hobbyists to professionals in security and wireless networking. It's not hard to build from scratch with off-the-shelf components and software, and most of the "threats" posed by low-power Flipper-type RF attacks have already been obsolesced by newer standards.
How about making car (and other) manufacturers take security a little more seriously instead? I'd love to see some liability for manufacturers and vendors that force obsolescence, don't provide updates or leave known vulnerabilities unpatched.
Car manufacturers have kind of already gotten the memo about keyless entry vulnerabilities. The recent high-profile Kia and Hyundai thefts involve a (dumb!) physical USB port vulnerability which...
Car manufacturers have kind of already gotten the memo about keyless entry vulnerabilities. The recent high-profile Kia and Hyundai thefts involve a (dumb!) physical USB port vulnerability which has nothing to do with Flippers.
It's actually even dumber than a USB port vulnerability. Those kias lack immobilizers, which is the thing that made hotwiring cars obsolete. Back in the day, all you had to do was take the...
It's actually even dumber than a USB port vulnerability. Those kias lack immobilizers, which is the thing that made hotwiring cars obsolete. Back in the day, all you had to do was take the steeling column apart, strip the two wires that went to the ignition, touch them together, and the starter motor would engage, starting the car. Immobilizers added an additional check that looked for a chip in the key that would send a specific code to the ECU to start the car, so you could no longer just bypass a simple circuit. Because of this, car manufacturers stopped hardening the ignition switch as much because it wasn't necessary. If someone could bypass that circuit it wasn't a big deal because it's much, much harder to fool the immobilizer.
Kias have the worst of both worlds. A dead simple, flimsy ignition switch, and no immobilizer. All stealing one requires is popping an easy to remove cover off, then turning a small tab that the key cylinder is supposed to engage with. It just so happens that USB type a connectors, (the male end) are almost the perfect size for this. It could be just about anything though; a needle nose pliers, a set of tweezers, even your fingers if you're strong enough. It's pretty bad.
Agreed. Profit Vulnerability discovered Drag feet until legal requirements are on the horizon Lobby for nonsense to diffuse responsibility and cover legal butt <--- we are here Cry and moan and...
Agreed.
Profit
Vulnerability discovered
Drag feet until legal requirements are on the horizon
Lobby for nonsense to diffuse responsibility and cover legal butt <--- we are here
Cry and moan and whine about the legal responsibilities until government funds are granted to fix it
Get some pretty good years of profit by dragging it out this long
I'd love security to become more of a purchasing decision for people. We have all sorts of widely accepted industry bodies for safety, efficacy, reviews and so on for products. If I'm buying a new...
I'd love security to become more of a purchasing decision for people. We have all sorts of widely accepted industry bodies for safety, efficacy, reviews and so on for products. If I'm buying a new game I can look at the score that IGN gave it. If I'm looking for a new blender I can look at the ny times or good housekeeping. If I want to know how repairable an alliance is I can go to ifixit. Manufacturers use this as a competitive advantage. Honda or whoever can say "we had the best sedan according to car and driver!"
None of these publications look at security though. It's not a market differentiator. It would be in consumers best interests, and probably insurance companies best interests to fix that. If there was a widespread, well known and trusted organizations that did pentesting and assigned a security score to products, that companies could then compete on, everyone wins in that scenario.
I honestly do think banning the flipper zero would be effective in curbing these sorts of attacks in the short time to be honest. Most car thieves are not the brightest people in the world, so if they can no longer watch a tiktok video and see "this 150, dollar thing will let you steal cars" it prevents 90% of key fob replay attacks, but it's only a matter of time before some other easy wireless pentesting tool is created that fills the void.
It's not really a long term fix, and it obviously does nothing to stop thieves who have a couple more brain cells to run together.
What an absolutely absurd thing to try to outlaw. You know what else can skim hotel cards? The phone that everyone reading this has in their pocket. My last phone had an IR blaster and could...
What an absolutely absurd thing to try to outlaw.
You know what else can skim hotel cards? The phone that everyone reading this has in their pocket. My last phone had an IR blaster and could change channels at some bars too, but oddly nobody thought it was a big enough deal to try to ban cell phones.
The flipper is a neat little hobbiest device to learn how things work. It isn't particularly powerful and it has almost no capabilites that your average smartphone doesn't have.
This legislation is about as smart as banning phones to prevent vishing. In this day and age, you'd think most radio-frequency tag and key systems would have some protection from simple replay attacks. As the article notes, cars are mostly protected against replay these days, and the proposed legislation doesn't do a thing to prevent signal amplification from an exposed key fob.
A friend demonstrated that a Flipper can be easily used to open everything from garage doors to hotel room doors through plain capture and replay. It could trivially read the RFID chip in a multihospital security ID card I had. This friend also demo'ed some add-on software that could brute-force Wi-Fi passwords quickly (with enormous rainbow tables), but it required a rather conspicuous amount of processing power. Nice for pentesting, not so useful for petty crime.
The Flipper is compact, inexpensive, easy to use, versatile, and even whimsical. It's a delightful networking toy. I can attest that it has legitimate uses for everyone from RF hobbyists to professionals in security and wireless networking. It's not hard to build from scratch with off-the-shelf components and software, and most of the "threats" posed by low-power Flipper-type RF attacks have already been obsolesced by newer standards.
How about making car (and other) manufacturers take security a little more seriously instead? I'd love to see some liability for manufacturers and vendors that force obsolescence, don't provide updates or leave known vulnerabilities unpatched.
I think that's what this is: make a big splash to make sure their car manufacturing buddies get off the hook
Car manufacturers have kind of already gotten the memo about keyless entry vulnerabilities. The recent high-profile Kia and Hyundai thefts involve a (dumb!) physical USB port vulnerability which has nothing to do with Flippers.
But it's so easy to blame those meddling kids...
It's actually even dumber than a USB port vulnerability. Those kias lack immobilizers, which is the thing that made hotwiring cars obsolete. Back in the day, all you had to do was take the steeling column apart, strip the two wires that went to the ignition, touch them together, and the starter motor would engage, starting the car. Immobilizers added an additional check that looked for a chip in the key that would send a specific code to the ECU to start the car, so you could no longer just bypass a simple circuit. Because of this, car manufacturers stopped hardening the ignition switch as much because it wasn't necessary. If someone could bypass that circuit it wasn't a big deal because it's much, much harder to fool the immobilizer.
Kias have the worst of both worlds. A dead simple, flimsy ignition switch, and no immobilizer. All stealing one requires is popping an easy to remove cover off, then turning a small tab that the key cylinder is supposed to engage with. It just so happens that USB type a connectors, (the male end) are almost the perfect size for this. It could be just about anything though; a needle nose pliers, a set of tweezers, even your fingers if you're strong enough. It's pretty bad.
Agreed.
Profit
Vulnerability discovered
Drag feet until legal requirements are on the horizon
Lobby for nonsense to diffuse responsibility and cover legal butt <--- we are here
Cry and moan and whine about the legal responsibilities until government funds are granted to fix it
Get some pretty good years of profit by dragging it out this long
I'd love security to become more of a purchasing decision for people. We have all sorts of widely accepted industry bodies for safety, efficacy, reviews and so on for products. If I'm buying a new game I can look at the score that IGN gave it. If I'm looking for a new blender I can look at the ny times or good housekeeping. If I want to know how repairable an alliance is I can go to ifixit. Manufacturers use this as a competitive advantage. Honda or whoever can say "we had the best sedan according to car and driver!"
None of these publications look at security though. It's not a market differentiator. It would be in consumers best interests, and probably insurance companies best interests to fix that. If there was a widespread, well known and trusted organizations that did pentesting and assigned a security score to products, that companies could then compete on, everyone wins in that scenario.
I honestly do think banning the flipper zero would be effective in curbing these sorts of attacks in the short time to be honest. Most car thieves are not the brightest people in the world, so if they can no longer watch a tiktok video and see "this 150, dollar thing will let you steal cars" it prevents 90% of key fob replay attacks, but it's only a matter of time before some other easy wireless pentesting tool is created that fills the void.
It's not really a long term fix, and it obviously does nothing to stop thieves who have a couple more brain cells to run together.
What an absolutely absurd thing to try to outlaw.
You know what else can skim hotel cards? The phone that everyone reading this has in their pocket. My last phone had an IR blaster and could change channels at some bars too, but oddly nobody thought it was a big enough deal to try to ban cell phones.
The flipper is a neat little hobbiest device to learn how things work. It isn't particularly powerful and it has almost no capabilites that your average smartphone doesn't have.