David Beckham – victim of RFID hacking and car jacking!

Posted: January 1, 2011 in Uncategorized
Tags: , , , , , , , , , , , , , , , ,
David Beckham - victim of RFID hacking and car jacking!

Going, going, gone – RFID car-jacking!

It’s the stuff of movies. A criminal gang that sets out to steal hundreds of cars, each in under 60 seconds, using the latest in high-tech gadgets to facilitate their heist.   But for David Beckham, Hollywood fiction became a reality when in April 2006 criminals used a simple laptop and RFID scanner to crack the electronic door locks of his BMW X5. Once the locks were cracked they then fired up the ignition and drove away – gone in just 15 minutes!

So how was this possible? After all the RFID industry has gone to considerable lengths to reassure us that ‘contactless’ chips and ‘smart keys’ are 100% secure, and not vulnerable to ‘skimming’.

John Holl, a journalist with Forbes Autos throws some light on the matter saying,

“…Back in 2004, when keyless technology was still new and touted as unbreakable and secure, Dr. Aviel D. Rubin, a professor of computer science at Johns Hopkins University, examined this possibility (with his students). Within three months they had successfully cracked the code embedded within the ignition keys of newer model cars, theoretically allowing them to steal the autos.”

“It was a trial-and-error process,”  Rubin said. “We wanted to see if it could be broken and found out that (surprisingly) it could!”

The technique requires a laptop, an RFID scanner and software capable of probing for encryption weaknesses. It only takes about 15 minutes for the software to explore millions of possible encryption answers, before finding the one that fits with the vehicle’s unique identity.  The thieves then submit an identical code to the vehicle, which allows them to ‘boost’ it.

15 minutes – it’s not long.  About the time it takes to park up, leave your vehicle and order at a restaurant, which seems to be what happened to the Beckhams.  And it just goes to show that no security system is 100% fool-proof, however peace of mind may soon arrive as British company RFID Protect hopes to manufacture RFID shielding sleeves that are specifically designed to protect a vehicle’s ‘smart key’ against unauthorised probing.

Original article at:

http://www.msnbc.msn.com/id/13507939/ns/business-autos/

NEWSFLASH: Update September 2012

This month sees AutoExpress reporting on a new twist to this story.  It transpires that BMW has at last accepted that there is an issue with its keyless entry systems on cars issued between 2007 and September 2011.  BBC’s Watchdog television programme highlighted a problem with certain models (specifically BMW X5 & X6) in June of this year, and since then a number of high profile cases have come to light.  One story in particular demonstrates the problem that BMW is now facing, because when London-based consultant Eric Gallina had his car stolen from outside his home he couldn’t understand how thieves had taken it.  Mr Gallina still had the two factory-issued master car keys in his possession, and there had been no evidence of vehicle break in (i.e. there was no broken window glass at the crime scene).

AutoExpress reported that Mr Gallina was told by police officers,

“…nine other BMWs with keyless entry had been stolen in the Notting Hill area within the past month and a half.”

Apologists for BMW have issued security guidance to owners of these models, although it is not clear whether an actual ‘fix’ for the problem is available at the time of writing.  According to AutoExpress BMW have issued the following advice,

“…[until the fix is available to all models], where ever possible park your car out of sight, in a locked garage, or under the cover of CCTV cameras.”

Easier said than done, and some will wonder whether this guidance from BMW has really been thought through, or goes far enough to address such a serious security flaw?

Original article at: http://www.autoexpress.co.uk/bmw/60264/bmw-owners-offered-fix-hi-tech-theft

Advertisements
Comments
  1. ahmad says:

    Dear sir
    I am intersted your product range, please send rate.

    Thanks

    Ahmad

  2. I am using a small metal box from a “SUCRETS” pastils for caugh box. Size: 3¼” X 2½” X 1″.
    I put in it my RFID Car Key and FOB enrolled in aluminium foil. (Key only)
    Is this method of doing be a good RFID Sheilding for my GM Passkey III+ System.
    Waiting for your comment.
    Paul Belanger

    • Contactless says:

      Hi Paul

      My best advice is to consult with the manufacturer (GM), although what you’re hinting at is a DIY Faraday cage; which ought to do the job. Be aware, that we have heard about a new generation of ‘jacked up’ high-power RF scanners hitting the streets – and some experts are claiming that even aluminium foil shields are not always going to be enough to prevent unauthorised access in such instances!!! It’s a case of shifting goalposts all the time, although taking some action is better than doing nothing I guess.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s