YOUR car is always listening. Not for your voice, like the Amazon Echo or Siri, but for an electronic signal, such as the coded “unlock” signal from your electronic key fob.
If it’s a newer car model, you might not have to press any buttons; just approach your car and the doors will unlock automatically. In some cars, the engine will even turn on.
Wirelessly unlocking your car is convenient, but it comes at a price. Criminals can easily intercept the key fob’s signal and open your car without setting off any alarms. If you have a true keyless car model, they might be able to just drive away. Let’s look at how criminals pull this off and what you can do to keep your car safe.
How your car’s security system works
As you’ve probably noticed, you can’t just open your car with any old radio signal. You need your specific key fob to do the job, and there’s a reason.
A key fob uses a computer chip to create a unique code that it sends to your car’s security system. The car also has a chip that uses the same algorithm to generate codes. If the codes match up, the car opens. There’s a bit more to it, but those are the basics.
How criminals attack #1
Since each key fob/car security pair is unique, and each one can create billions of codes, hackers shouldn’t stand a chance. But it turns out that a popular system from Megamos Crypto isn’t as secure everyone thought.
Researchers at Radboud University in the Netherlands and the University of Birmingham found that by intercepting the wireless signal just twice, they could narrow down the possible combinations from billions to just 200,000. After that, a computer can figure out the code in just half an hour and unlock the car.
In a real-world application, a thief could sit on a street and gather wireless signals as car owners enter and exit their vehicles. Then overnight they could steal a number of cars.
Still, it takes a skilled car thief or hacker to carry out this kind of attack, so the odds of it happening to you are slim. But thanks to always-on key fobs, there’s another risk that’s much more likely to happen.
How criminals attack #2
Always-on key fobs present a serious weakness in your car’s security. As long as your keys are in range, anyone can open the car and the system will think it’s you. That’s why newer car models won’t unlock until the key fob is within a foot of them.
But for less than $100, criminals can get an amplifier that detects key fob signals from up to 300 feet away and then transmits them to your car. In other words, your keys could be in your house, and criminals could walk up to your car and open it. This isn’t just a theory; it’s actually happening.
Steps to stop car thieves
Fortunately, there are some simple steps you can take to keep hackers from stealing your signal. You can buy a signal-blocking pouch that can hold your keys.
If you don’t want to spend any money, you can stick your key fob into the refrigerator or freezer. The multiple layers of metal will block your key fob’s signal. Just check with the fob’s manufacturer to make sure that freezing your key fob won’t damage it.
If you’re not hot on freezing your key fob, you can do the same thing with your microwave oven. (Hint: Don’t turn it on.) Stick your key fob in there, and criminals won’t be able to pick up its signal. Like any seasoned criminal, they’ll just move onto an easier target.
Since your key fob’s signal is blocked by metal, you can also wrap it up in aluminium foil. While that’s the easiest solution, it can also leak the signal if you don’t do it right. Plus, you might need to stock up on foil. You can also make a foil-lined box to put your keys in, if you’re in a crafting mood.
You should also be aware that this kind of signal stealing isn’t a problem just for car key fobs. Newer passports and other I.D. cards contain radio frequency identification chips that enable criminals to use a high-powered RFID reader to steal your information from a distance.