this post was submitted on 25 Feb 2024
518 points (97.4% liked)

Technology

59377 readers
4005 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] Kecessa@sh.itjust.works 173 points 8 months ago* (last edited 8 months ago) (7 children)

Looking at the numbers in Canada, the Conservative party would make us believe that car theft is at a level never seen before but the truth is there were proportionally more cars stolen back in the 70s, 80, 90s and sometimes even more cars stolen than now in actual numbers with less cars on the road.

I know it's gonna sound completely crazy but... Maybe it's going up because the economic conditions at the moment make some people desperate and no matter if cars were keyless or not, the same thing would have happened? 🤔

[–] madcaesar@lemmy.world 57 points 8 months ago (2 children)

Probably a mix of things. People are more desperate and cars have been artificially inflated in value. A fucking new kia is 40+k today

[–] Kecessa@sh.itjust.works 43 points 8 months ago* (last edited 8 months ago) (3 children)

Adjusted to inflation they've basically kept up on price for the equivalent model, but income hasn't followed inflation...

[–] Evkob@lemmy.ca 46 points 8 months ago (1 children)

Another point: for equivalent models. Car manufacturers over the past two decades have been dropping the more affordable sedans and such from their lineups, favouring their more expensive SUVs.

[–] ShepherdPie@midwest.social 1 points 8 months ago

Maybe domestic manufacturers but that's because they built terrible, disposable cars that nobody wanted.

load more comments (2 replies)
[–] criticon@lemmy.ca 24 points 8 months ago (2 children)

Out of all the brands you picked the one that actually has cheap models. A rio starts at 17k and a soul at 20k. Most of its vehicles, including SUVs are sub 40k

You're not going to be able to find base models these days, or if you do they'll come with a bunch of options already installed.

Dealers learned during the shortage that people will pay for the mid range ones if that was their only option.

Regardless, Kia is still a stupid choice to try to prove that particular point.

[–] Maggoty@lemmy.world 2 points 8 months ago* (last edited 8 months ago) (1 children)

Great now find it for that price at the lot.

[–] criticon@lemmy.ca 2 points 8 months ago (1 children)
[–] Maggoty@lemmy.world 2 points 8 months ago (2 children)

And it's going to be about 5k more the second you walk in the door because they advertise a price without add ons. They also don't sell one without add ons. Then by the time finance is done you'll be paying at least another 5k.

[–] criticon@lemmy.ca 5 points 8 months ago

You Cannot Reason People Out of Something They Were Not Reasoned Into 🤷

[–] sleepmode@lemmy.world 2 points 8 months ago

Side note, never ever sign the first offer. They call it “first pencil.”

[–] Shadow@lemmy.ca 16 points 8 months ago (1 children)
[–] ShepherdPie@midwest.social 5 points 8 months ago

I'm pretty sure the only companies that didn't include them as a standard feature until recently was Hyundai/Kia. Back in the 90s and 00s, Hondas were by far the number one stolen vehicle in the US and they had chipped keys.

[–] linearchaos@lemmy.world 12 points 8 months ago (1 children)

I mean, yeah for many decades car theft was worse. But it kind of got sorted out. Now with the current, honestly inexcusable vulnerabilities, theft has gotten worse again. There were a number of years with keyless cars they're just fine.

[–] Kecessa@sh.itjust.works 4 points 8 months ago

They weren't fine and people were stealing them, just not as much.

Keyless cloning isn't new.

load more comments (4 replies)
[–] redcalcium@lemmy.institute 65 points 8 months ago (1 children)

It's always been vulnerable, but dismissed because common criminals didn't have access to required tools and the technical know-how to defeat common keyless entries. But things has changed and many entities start selling tools on the cheap to defeat keyless system such as flipper zero flashed with honda rf capture, etc.

[–] WhatAmLemmy@lemmy.world 40 points 8 months ago (4 children)

So, when are car corporations gonna be held liable for selling products that are designed to be left out in public but are super easy to break into with cheap as fuck hardware?

[–] altima_neo@lemmy.zip 16 points 8 months ago

When the insurance companies decide to not insure those models and people stop buying them because they can't get them insured.

load more comments (3 replies)
[–] Darkassassin07@lemmy.ca 21 points 8 months ago* (last edited 8 months ago)

They've known far longer than that....

When was the invention of the immobilizer again? Oh yeah: 1919 104 years ago. With keyless entry being 1981 43 years ago.

Yet theres still cars on the road, built long after those creations, that you can start with a usb cable... (and that's just for the physical shape, not any sort of data)

[–] Xavier@lemmy.ca 21 points 8 months ago (1 children)

In Canada, car theft was a major problem before 2010 until engine immobilizers became mandatory since 2007 on all vehicles made in Canada

Then everyone got too comfortable. The regulatory bodies and car manufacturers were too focused pretending doing some work and publishing all the buzzword-of-the-day "accomplishments" they were doing while patting each others backs without explicitely requiring manufacturers to comply/implement immediately anything. Meanwhile, manufacturers were happy to integrate almost off-the-shelf "children's RC" car starter pack obfuscated through invisible/non-existent security and protected under dubious industrial secrets.

Obviously, criminals smelled the easy money. Starting around 2013 — mystery car unlocking device | 2015 — signal repeater car burglary, car thefts by relay attacks were known by automakers but ignored as one-offs, too technical, already dealt with by law enforcement to lets pretent it's not that big of a problem or leave it to the police. Meanwhile, insurance claim replacement vehicles are selling like hotcakes and it is "convenient" to ignore the problem.

The following years various reprogramming theft become known and finally CAN bus injection — new form of keyless car theft that works in under 2 minutes or in depth investigation by Dr. Ken Tindell, becomes so easy, so cheap and widely available that even kids uses them to gain Youtube/TikTok followers.

Car hacking was a becoming serious concern during the pandemic, but now it's simply ridiculous and as if current automaker included/provided anti-theft/GPS tracking were (un)knowingly made "defective".

Hence, everyone is playing catch up and blaming left and right on who is responsible for this in-slow-motion public safety disaster.

Brian Kingston, president and CEO of the Canadian Vehicle Manufacturers' Association, which includes Ford Motor Company of Canada, General Motors of Canada and Stellantis, said increasing the risk of prosecution is the most effective way to deter vehicle theft.

"And at the same time, providing more outbound inspection controls at the ports to prevent the flow of stolen vehicles to foreign markets by organized criminal organizations," he added.

New vehicle safety standards have been published (rushed?) recently. We will see if all the panic settles down like after 2007.

Moreover, the exponential prevalence of car theft also laid bare the incredibly poor and ineffective security at the various ports of Canada. Unsurprisingly, it has been a known constant devolution:

The devolution of port authorities in Canada has not been without debate over the past 70 years. This paper provides a brief introduction to the role of ports in Canada and then examines the history of port policy and devolution, concluding that past policies were considered to have failed due to their inability to respond to changing circumstances.

(A partial repost of my same reply for a similar thread about the Canadian Government rushing to look like they are doing something, please check my post history for the other thread)

[–] Pika@sh.itjust.works 3 points 8 months ago

I'm glad you added the bottom of that because I 100% was going to ask you where you found that because that looked familiar lmao

[–] ColonelPanic@lemm.ee 17 points 8 months ago (5 children)

Could anyone with more knowledge confirm, but couldn't they just do what some car companies are doing and have a system by which you can just disable keyless entry when it's parked up at night?

If I'm at home and my car is parked up where the key could potentially be repeated then I just disable it by locking the car using the key and tapping on the door handle, which disables just tapping the door handle to unlock it again, and only the unlock button on the key works. As far as I understand it resolves this issue, unless I'm missing something?

[–] bluGill@kbin.social 17 points 8 months ago (1 children)

That won't work for human reasons: few people will remember to lock the car that way at night-

[–] Suspiciousbrowsing@kbin.melroy.org 2 points 8 months ago (1 children)

That's a very simple process, I'm sure people would be more than happy to do that on available vehicles.

[–] mundane@feddit.nu 16 points 8 months ago (1 children)

Have you met any non-technical people?

[–] blanketswithsmallpox@lemmy.world 1 points 8 months ago

In my mom's basement? No.

[–] conciselyverbose@sh.itjust.works 10 points 8 months ago (1 children)

This seems a lot more complicated and much worse than just using actually cryptographically secure keys to verify that it's the real key.

[–] Ledivin@lemmy.world 1 points 8 months ago* (last edited 8 months ago) (2 children)

Or just not storing your key where it can be repeated 🤪 this attack is 100% mitigated by some distance or just fuckin' aluminum foil.

[–] piecat@lemmy.world 6 points 8 months ago

Sure, you could and probably should do that. But is that something the consumer should have to do?

At what point is a design flaw/defect the consumer's responsibility?

[–] Calcium5332@lemmy.world 6 points 8 months ago

You would need to put your keys in a faraday cage.

Distance doesn't matter, as they can just use a bigger antenna or better amplifier. You find footage of people using large loops of wire to capture the signal from the keys

[–] atrielienz@lemmy.world 10 points 8 months ago* (last edited 8 months ago) (1 children)

In theory (barring the bit where you could literally break into Hyundai cars of the last few years, plug a USB stick into them and drive away), it is technically easier to steal some older vehicles without keyless entry (any car that has a key but doesn't require that key to communicate with a security module). A criminal can (and some do) drill out the ignition lock cylinder, insert a blank one and then drive away with any thin bladed metal shank (flathead screw driver) as if nothing happened. Buy a new keying kit, and they take only a couple of minutes to install assuming they even care to do so (chop shop might care, joy rider won't, someone interested in rummaging through the vehicle and dumping it won't etc).

The keyless entry systems implemented on new cars work by having what's essentially like an RFID in the key that communicates with a security module or multiple modules in the car, and this transmission is pretty much always active and only checked by range. If the car is close enough to where you hang your keys by the door the car may pick up this signal, and in the case of vehicles with keyless entry where you just need to touch the door handle with the key nearby that would give the thieves entry to the vehicle.

They use the tech that Canada is trying to ban to intercept that signal and another piece of tech to basically repeat it so the vehicle thinks the thieves have the key. Then using a GPS blocking tool they can prevent the car from pinging their location. At that point the only thing stopping them from taking the vehicle is their ability to take it out of park or start it. The tech to start it is fairly cheap. Taking it out of park is pretty simple for most cars if you already have access to the inside (ICE vehicles especially because there is usually a transmission selector switch attached to a cable that directly connects to the shifter (automatic or manual).

I could roll a car down the street if it was level or a light grade by myself and I'm not a big person. If you drive a truck or an SUV and that selector switch is on the bottom or side of the transmission that's even easier and simpler to access (and doesn't even require a thief to have access to the inside of vehicle to put it in neutral). If the horn is accessible through a wheel well? A thief can just disconnect it and the alarm won't even sound. If they already have access to the inside of the vehicle a thief can just pull the horn fuse.

Automotive companies rely on the premise that there aren't enough dishonest people in the world with the technical know how to circumvent their security so cost to benefit analysis says don't worry about making it more secure until they're forced to. Either by public demand, or by government oversight and regulation.

[–] T156@lemmy.world 5 points 8 months ago (1 children)

They use the tech that Canada is trying to ban to intercept that signal and another piece of tech to basically repeat it so the vehicle thinks the thieves have the key

Although if the signal is vulnerable to a replay attack just like that, it was a woefully poor design to begin with.

It's why a lot of garage door systems don't use a fixed code, but something more like 2FA codes, where it changes each time it's used.

load more comments (1 replies)
[–] ThePrivacyPolicy@lemmy.ca 5 points 8 months ago

We just shut off our Toyota fobs every time we park, it's a few extra button presses on the fob but gives some piece of mind. Why they can't just put a simple power toggle on the fob that everyone could easily use when done is beyond me. Most people, Toyota employees included, didn't even know the fobs could be powered down with a button combo.

load more comments (1 replies)
[–] ShepherdPie@midwest.social 17 points 8 months ago (1 children)

Where's the evidence that this stuff is even happening at a high enough rate to even be noteworthy? It seems these articles come out every couple of years, always heavy on claims and light on facts, trying to drum up FUD based on almost nothing but chatter. Last time it was a single grainy night-time video of a couple cars in a driveway where you see the lights flash and theives open the car.

The article claims insurance rates are skyrocketing due to car theft, yet their own article from January they cite states that insurance rates have skyrocketed due to record high inflation.

The article claims police close these cases out in 24 hours which means they aren't even investigating the crimes to find out what happened. They also quote the police who stated that 'car crimes' are down 39% since 2010. Police aren't stating this is an issue.

They quote a couple manufacturers who have higher rates of stolen vehicles and all they state is that they take security seriously and are working on improvements. There's no admission or statement here that this is even occurring.

Finally the only remaining evidence is a paper written 12 years ago theorizing that this could be an issue. Hardly proof that it's currently occurring.

To me, it just sounds like people who've watched too many movies like Gone in 60 Seconds and don't understand technology very well who're screaming that the sky is falling.

[–] toynbee@lemmy.world 5 points 8 months ago* (last edited 8 months ago) (2 children)

While my car wasn't stolen, something very similar to this did happen to me. At the time, my wife and I kept our keys by the door. Our tenant did not, opting to keep the keys in her room. Sadly, my cameras didn't catch the person, but you can see their silhouette approach the driveway, then the lights on my wife's and my cars flash (exactly as you describe) before the person entered them and searched them. (This was during lockdown, so we weren't travelling anywhere and so fortunately didn't have anything of value in our car.) Our other friend's car did not open.

I'm not suggesting this is an epidemic or anything, merely that it's possible.

ETA: We only had one copy of our keys each and at no point did they go missing. The police did come to investigate (apparently it happened to at least several people on our street) but we never heard back. Presumably the person was not found.

[–] icedterminal@lemmy.world 8 points 8 months ago (1 children)

It's called a relay attack. Thieves just amplify the normally very weak signal and intercept communication. This allows them to unlock the door, and if push start, bypass the immobilizer to start the car. If a key is still required, this doesn't work for starting the car.

The general rule for key fobs is never keep them near the door where the car is parked. Place them on the opposite side of the house. If you want to, some suggestions around the web include making a homemade Faraday box to put your key fob in.

[–] toynbee@lemmy.world 3 points 8 months ago

Indeed - nowadays my keys are far from anywhere accessible from the outside. Thanks though!

[–] sleepmode@lemmy.world 2 points 8 months ago (1 children)

interesting. Usually they will try to start your car and take off using that signal boosting method.

[–] toynbee@lemmy.world 4 points 8 months ago

I think this individual was going for lower hanging fruit (and presumably hoping for lighter consequences if they got caught, though I'm not sure that's what they would have gotten).

In this case, after talking to neighbors, it seemed like they were just going down the street, briefly stopping at each driveway, breaking into whatever cars they could, quickly going through the glove compartment and center console, and stealing anything they perceived to be of value.

[–] Suavevillain@lemmy.world 8 points 8 months ago

Everything with more tech or smart isn't always better.

[–] autotldr@lemmings.world 5 points 8 months ago

This is the best summary I could come up with:


A device disguised as a games console - known as an “emulator” - is being exploited by thieves to steal vehicles within 20 seconds by mimicking the electronic key.

Police facing a spate of keyless car thefts in many neighbourhoods are closing some cases in less than 24 hours even when CCTV footage is available.

Jaguar Land Rover announced a £10m investment last November to upgrade security for commonly stolen models for cars built between 2018 and 2022.

The Observer investigation reveals other vehicles with similar security loopholes, with Hyundai confirming this weekend it working “as a priority” to prevent an attack on its cars by criminals “using devices to illegally override smart key locking systems”.

An article by Stephen Mason, a barrister specialising in electronic evidence and communication interception, in Computer Law and Security Review in April 2012 warned keyless systems could be “successfully undermined” and unless manufacturers improve the design cars would be stolen without forced entry.

Mike Hawes, SMMT Chief Executive, said: “Car makers continuously introduce new technology to stay one step ahead of criminals.


The original article contains 623 words, the summary contains 178 words. Saved 71%. I'm a bot and I'm open source!

[–] John_McMurray@lemmy.world 2 points 8 months ago* (last edited 8 months ago)

Literally any vehicle not made with more than 4 week old tech is subject to theft, the people who write articles and pass laws don't understand anything but near as I can tell. I've worked on cars all my life, but I lost interest after my early 20s on keeping up. I can steal any vehicle built before 2000 in a few minutes, getting into seconds pre 94. The "kids today" who've worked on modern cars all their life can do this to anything new fast, it's the old junk that might slow them down.

[–] stoly@lemmy.world 2 points 8 months ago

Business bros didn’t care, you say?

[–] citable6704@midwest.social 1 points 8 months ago

5 years ago, a 70-year-old towtruck driver/mechanic told me how he learned of the tools criminals can use to steal keyless entry vehicles. Anyone worth half their salt in the industry knows it's possible and how it's done and has known for a while.

load more comments
view more: next ›