Security experts: Remotes are hackable on many vehicles

AP file photo

RANKFURT, Germany (AP) — A group of computer security experts say they figured out how to hack the keyless entry systems used on millions of cars, meaning that thieves could in theory break and steal items without leaving a broken window.

The experts say that remote entry systems on millions of cars made by Volkswagen since 1995 can be cloned to permit unauthorized access to the car’s interior.

The same experts say another system used by other brands including Ford, General Motor’s Opel and Chevrolet and Renault can also be defeated.

In a paper to be delivered Friday at the Usenix security conference in Austin, Texas, the authors say a thief could use commonly available equipment to intercept entry codes as they are transmitted by radio frequency, and then use that information to clone another remote so the car could be opened.

Volkswagen said its latest models such as the Golf, Tiguan, Touran and Passat were not affected. It said it was having a “constructive exchange” with the experts aimed at improving security technology.

“The bar for theft prevention is constantly being raised, but ultimately there is no comprehensive guarantee for security,” the company said in a statement.

The paper leaves out key details on how to perform the hack but says the codes can be intercepted with commercially available equipment.

“It is unclear whether such attacks… are currently carried out in the wild by criminals,” the report says. “However, there have been various media reports about unexplained theft from locked vehicles in the last years.”

The report did not establish the exact number of cars that use the vulnerable systems.

General Motors said that it “does not consider this item to be a significant risk to customers due to the technical sophistication of the demonstration and the very limited circumstances under which the demonstration can be carried out.”

The company added that “the issue in question does not impact the operation of the vehicle or the safety of its occupants.”

The report authors said that insurance companies might have to accept that car theft scenarios that would otherwise be considered insurance fraud have a higher probability of being genuine. The only surefire countermeasure, they said, would be to stop using the remote and fall back on the mechanical lock using the conventional metal key.

The authors are Flavio Garcia, David Oswald, and Pierre Pavlides from the University of Birmingham School of Computer Science and Timo Kasper from German security firm Kasper & Oswald GmbH.

WFLA.com provides commenting to allow for constructive discussion on the stories we cover. In order to comment here, you acknowledge you have read and agreed to our Terms of Service. Commenters who violate these terms, including use of vulgar language or racial slurs, will be banned. Please be respectful of the opinions of others and keep the conversation on topic and civil. If you see an inappropriate comment, please flag it for our moderators to review.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s