Comment on What security purpose a Faraday bag has when it contain a vehicle keyfob
Death_Equity@lemmy.world 4 weeks ago
The fob doesn’t turn off.
The car is always calling out for a response and the key “hears” the call and responds with their agreed upon codeword.
A faraday is like plugging the key’s ears and putting a gag in its mouth. It can’t hear or say anything.
ReginaPhalange@lemmy.world 4 weeks ago
… Which means that if the hacker is near you when you park - there is a time period where the fob isn’t masked by the bag, because it is coming out of the ignition, and voulaa - you can record the key’s pong of the car’s ping, retransmit, and get in. Correct?
DABDA@lemm.ee 4 weeks ago
voilà
Death_Equity@lemmy.world 4 weeks ago
That is a possibility if you aren’t normally keeping it in the bag unless being needed in the moment.
It is far more common for the attempted theft to occur late at night because thieves avoid greater risk.
tuck182@lemmy.world 4 weeks ago
Modern fobs should be designed to prevent replay attacks (there should be something specific in the request that alters the response), so it shouldn’t be possible to record a response and then use it later.
lucullus@discuss.tchncs.de 4 weeks ago
This would be easily mittigates by the keyfob using a rolling code. The attacker can record the signal, so the car will also have received it. A replay of that specific code won’t work again. That is a principle used in cheap garage door fobs for many years. So I guess keyless fobs would have at least that level of security.
Better would be a cryptographic encryption using public/private key (already done in chip cards, so common technology). Though - looking at the dumb things car manufacturers did - I wouldn’t be surprised if they didn’t use private/public keys for this.