According to security researchers, the key fob is extremely hackable, and, in addition, it is convenient. In terms of digital security, the car key fob does not have the greatest reputation when it comes to safety. As of late, law enforcement agencies have complained about an increase in car thefts involving hackers, most of which are attributed to the use of the key fob, which often functions as the weakest link in the chain of events.
Exploring the Remote Keyless Entry System
Its Numerous Vulnerabilities
During the 1970s and early 1980s, car doors had the same characteristics as normal. Users were able to unlock them only with a specific key. Suddenly, in the 1990s, the key fob emerged. It was suddenly possible to aim a piece of plastic at their vehicle, press a button, and presto, their vehicle could be unlocked.
To accomplish this seemingly magical process, a radio transmitter embedded in the key fob was used to communicate with a receiver that was located inside the vehicle, which caused the fob to disarm the car's locking system and disarm it. In the technical sense, key fobs are a part of the vehicle's remote keyless system, or RKS, which operates at a wide range of radio frequencies. Different key fobs can work at different frequencies in different countries.
In America, all key fobs operate at a frequency of 315 MHz, though there are a few slight variations from country to country. It may be convenient to open a car using electromagnetic waves, but this can also bring up some insecurity as well. If radio signals are not protected, then they can be intercepted. The signals of key fobs, when they were first invented, were not sufficiently protected, but, in recent years, car manufacturers have endeavoured to provide cryptographic protection for them.
However, they are not necessarily as hard to defeat as they seem at first glance. They can be tricked if users do not know what users are doing. It is common for modern cars to have a rolling code system, which uses a pseudo-random algorithm that generates a pseudo-random code that is within a predetermined range. To overcome these protections, hackers have found creative methods and hardware to get the codes needed to backdoor cars and redeploy them against them with new tactics.
How straightforward is the car key fob hack, in reality?
There are a lot of scenarios in which someone could successfully hack into a car via a compromised key fob, which is a convoluted process, to say the least. It is true that while intercepting radio signals may seem outwardly easy, they are difficult to carry out when it comes to the actual execution of such a digital attack, even though it might seem that way.
During a YouTube show in which one amateur hacker attempted to hack into a car, he discovered that defeating rolling codes requires substantial effort and patience, as one hapless amateur discovered.
It is all dependent on the type of car users are dealing with as well as the kind of attack that they are dealing with, according to Bill Budington, an encryption expert and a technologist at the Electronic Frontier Foundation.
Unlike the cases of car thefts that are reported to Gizmodo, Budington says that he has not read about many cases where cars have been stolen outright, but that's not to say it isn't possible. The answer to that question simply depends on the model of the car and the degree of hackability it possesses," he added.
There are several ways of exploiting fobs that do not have a pseudo-randomized code system such as those that were designed without one. As these fobs use the same code over and over again, virtually any attacker would have to take care of simply capturing the code, copying it, and then re-deploying it after the code is captured. Man-in-the-middle attacks are also known as "replay attacks." Cheap, off-the-shelf “hacking tools” can be purchased over the Internet that allows a similar kind of interception and replication scheme to be carried out.
"Fifteen or twenty years ago when the cars were being developed, they were not being built with advanced attack scenarios in mind”, Budington mentioned.
As a result, there probably is not much users can do to avoid such situations, and unfortunately, there is not much they can do. This is a well-known issue in the car industry, and until car manufacturers decide that they care about the vulnerabilities in these vehicles, they will continue to exist.
Those who suffer from paranoid dreams about rogue hackers stealing their car might want to consider putting their key fobs inside a Faraday cage if they dwell on this kind of fear. Amazon offers many of these types of products for sale, which are indeed available for purchase. However, this is of limited use, which makes it less useful than it could be.
A potential solution to safeguard key fobs from hackers attempting to intercept signals while they are idle, whether at home or in a pocket, involves the use of a protective cage. However, adopting this measure would necessitate users consistently keeping their key fobs enclosed, except during active use. It's important to acknowledge that despite this precautionary measure, key fobs would remain vulnerable during the unlocking process, particularly susceptible to attacks similar to the RollJam technique.