DMCA breach?
If he sets foot on US soil, would they arrest him for DMCA breaches?
Silvio Cesare Silvio Cesare has probably spent enough on home alarm systems at hardware stores to buy a small pacific island. The Canberra hacker has over the last three years embarrassed manufacturers by buying remote alarms, baby monitors and locks from eBay and hardware stores and later developing replay attacks that allow …
Yup, it'll be basic 433mhz am signals.
2 quid gets you a set of tx/rx. another 2 quid gets you an arduino.
listen to the codes, repeat. job done.
this is how we can use arduino's to 'learn' to control remote power plugs, etc.
It's nothing new though.
Obviously fancier ones have rolling psuedo random codes, etc but I imagine many of them when reset start from the same seed too - so you just need to find the seed value to sync up.
The picture of 70% Nitric Acid is probably enough to get the SWAT teams knocking down your door at 04:00 in some parts of the world.
Isn't this one of the key components of Nitro Glycerin?
Yeah, I know it could be used to get that the circuits inside a chip but that won't stop the jackboots & ski-masked troops from raiding your abode.
Explosion for obvious reasons.
"Also, obviously, avoid coding in backdoors."
Ahhh yes, but the problem, I suspect, is that in this day and age so much is more-or-less commodity parts of the shelf. Or, if they are custom bits from a third-party vendor, they will still contain a common core of code.
Hell, even if you were an auto manufacturer wanting to build a better mousetrap, you'd likely run afoul of IP laws.
I reckon the real problem here is that: "Oh dear Mr Valued Customer, you have lost your car keys. Well tough shit, you need a new car 'cos we can't do anything about it." doesn't go down that well.
There has to be some mechanism available by which an authorised agent can bypass the security system to access all the ECU programming and initialise new keys, even without an old one, i.e. a "back door" of some sort. The problem is making that bulletproof.....
Isn't "Watch this x" a classic symptom of a clickbait headline?
"An Australian went to Black Hat, and YOU'LL NEVER GUESS WHAT HAPPENED"
"What this security researcher can do WILL TERRIFY YOU!"
Hint: If a headline tries to tell the reader what to do, or how to feel, it's clickbait shite.
"Isn't "Watch this x" a classic symptom of a clickbait headline?"
I just see the same sort of stuff that seems to happen eventually with most forms of networking as they are introduced into the wild.
("Hint: If a headline tries to tell the reader what to do, or how to feel, it's clickbait shite."
and yours is any different sort of shite?)
Some cars (mine, for instance) have a "dead lock" on them. Once it's been activated the doors can't be opened, even by pulling the handle from the inside. I found out how well this worked when I locked my sister in law in there for 10 or 20 seconds.
Yes you could still climb in through the window, but is a coded head unit and pair of sunglasses really worth all that risk of injury and effort of climbing through shattered glass?
...I had some nonce just pull the door window frame on an old mk3 Cavalier, but the 'expert' went for the passenger door (deadlocks were activated by turning the driver's doorlock an extra 90°). So, no joy for the crook, but luckily it all bent back into place without shattering the glass.
Same thing happened to my sister's FIAT Cinquecento - thief got away with a pack of mints and a pair of prescription sunglasses. When telling the police, she said they'd be on the lookout for someone with fresh breath and a headache...
Keys and locks have never been 100% secure but that is partly because we don't want them to be. We want them to be good enough to deter/delay 99% of people but still able to be broken when we loose the key. After all, it is FAR more likely that you will loose the key to your own car than someone will come along with $1000 dollars worth of kit and spend 30 minutes hacking it. In which case, I WANT there to be a back door.
But the problem is that this year's "$1000 dollars worth of kit and spend 30 minutes hacking it" gets repackaged into a box you can buy for $10 on eBay and only needs the time it takes to push a button; technology proliferation in the criminal community is fast because it's a money making business.
No matter what the security, cars still have windows that are easily shattered, as those that have mentioned the brick master key have pointed out. And no matter how secure a trunk lock, a beefy crowbar will still make short work of most of them a lot quicker than capturing a signal using electronics. Taking extraordinary measures to secure the door locks on a car is like hanging a high security lock on a door with a window pane in it. You can also buy "tryout" or "jiggler" keys from locksmithing sites that will open a lot of cars with mechanical locks too, and pretty much all cars still have at least one of these for an emergency. Not as elegant perhaps as pushing a button, but it works.
But more worrisome are exploits that can be used on a car that's in motion--if you can disable a car's engine or other systems, or otherwise cause events to happen that can jeopardise the safety of the car's occupants, these are the holes that need to be plugged. It's always been possible to steal many cars relatively easily, and while a nuisance, it doesn't affect public safety.
quote: "It's always been possible to steal many cars relatively easily, and while a nuisance, it doesn't affect public safety."
I'm guessing you're not familiar with the phrase "drive it like you stole it" then?
Cars stolen for resale are generally driven carefully so as not to damage them and reduce the value. Cars stolen for joyrides may injure or kill one or more people prior to becoming a burnt out wreck, and definitely do affect public safety.
The responsibility is on the idiot behind the wheel, but making it more difficult to steal in the first place helps reduce the number of idiots that manage to get behind the wheel.