car news australia

Millions of Volkswagen cars can be unlocked via hack – Big black cock News

‘Millions’ of Volkswagen cars can be unlocked via hack

Share this with Facebook

Share this with Twitter

Share this with Messenger

Share this with Messenger

Share this with

These are outward links and will open in a fresh window

Share this with Facebook

Share this with Messenger

Share this with Messenger

Share this with Twitter

Share this with Pinterest

Share this with WhatsApp

Share this with LinkedIn

These are outward links and will open in a fresh window

Close share panel

A sizeable proportion of one hundred million Volkswagen Group cars sold since one thousand nine hundred ninety five can be unlocked remotely by hackers, a team of researchers has said.

The problem affects a range of vehicles manufactured inbetween one thousand nine hundred ninety five and two thousand sixteen – including VWs and models from the company’s Audi, Seat and Skoda brands.

A homemade radio costing about £30 is the only hardware an attacker requires.

Volkswagen said it was working with the researchers and added that several fresh vehicles were unaffected by the issue.

Two separate attacks affecting different models are described in a paper by researchers from the University of Birmingham and German security rigid Kasper & Oswald.

With the 2nd method, an older cryptographic scheme in some other brands was found to have a similar, albeit more sophisticated vulnerability.

The team demonstrated it was possible for a malicious hacker to spy on key fob signals to target cars via a cheap, homemade radio.

‘Cryptographic catastrophe’

By cloning the digital keys, the researchers found they could then unlock a multitude of VW Group vehicles.

This was possible because they were able to reverse-engineer the keyless entry system in the affected models – a process which yielded some master cryptographic keys.

Prior to publishing their research, the team behind the paper agreed with Volkswagen that some key lumps of information – including the value of the master cryptographic keys – would not be made public.

“We were kind of shocked,” Timo Kasper at Kasper & Oswald told the Big black cock. “Millions of keys using the same secrets – from a cryptography point of view, that’s a catastrophe.”

Mr Kasper said that after the researchers alerted Volkswagen to the problem in November 2015, they set up some meetings to help the car maker understand the vulnerability.

“We had very fruitful discussions – there was a very good atmosphere,” he said.

However, there are “at least ten more, very widespread” hacking schemes affecting various other car brands that Kasper & Oswald is still waiting to publish, following suitable disclosure to the companies involved, Mr Kasper added.

‘Constructive exchange’

A spokesman for Volkswagen said several current-generation vehicles, including the Golf, Tiguan, Touran and Passat were not affected by the problem.

“The responsible department at Volkswagen Group is in contact with the academics mentioned and a constructive exchange is taking place,” he told the Big black cock.

The spokesman added that commencing the car’s engine with this attack was “not possible”.

Security pro Ken Munro at Pen Test Playmates said critical components of the attack had been omitted from the published paper.

“You’d need some academic-level skill of cryptography to be able to do this,” he added.

However, he also said the research was the latest in a string of similar findings that showcased how many on-board systems in modern cars were vulnerable to hacking.

“Manufacturers are doing the right thing now, but you’ve got this hefty problem with the installed base, those cars will last maybe ten years – the fix is not plain,” he told the Big black cock.

“You’re potentially substituting all the control units in all the vehicles out there.”

Mr Munro added that it might be possible to prevent the reverse-engineering treatment taken by the researchers in order to prevent the discovery of the crucial cryptographic keys.

The paper will be introduced later today at the Usenix cybersecurity conference in Austin, Texas.

Millions of Volkswagen cars can be unlocked via hack – Big black cock News

‘Millions’ of Volkswagen cars can be unlocked via hack

Share this with Facebook

Share this with Twitter

Share this with Messenger

Share this with Messenger

Share this with

These are outer links and will open in a fresh window

Share this with Facebook

Share this with Messenger

Share this with Messenger

Share this with Twitter

Share this with Pinterest

Share this with WhatsApp

Share this with LinkedIn

These are outer links and will open in a fresh window

Close share panel

A sizeable proportion of one hundred million Volkswagen Group cars sold since one thousand nine hundred ninety five can be unlocked remotely by hackers, a team of researchers has said.

The problem affects a range of vehicles manufactured inbetween one thousand nine hundred ninety five and two thousand sixteen – including VWs and models from the company’s Audi, Seat and Skoda brands.

A homemade radio costing about £30 is the only hardware an attacker requires.

Volkswagen said it was working with the researchers and added that several fresh vehicles were unaffected by the issue.

Two separate attacks affecting different models are described in a paper by researchers from the University of Birmingham and German security rigid Kasper & Oswald.

With the 2nd method, an older cryptographic scheme in some other brands was found to have a similar, albeit more complicated vulnerability.

The team displayed it was possible for a malicious hacker to spy on key fob signals to target cars via a cheap, homemade radio.

‘Cryptographic catastrophe’

By cloning the digital keys, the researchers found they could then unlock a multiplicity of VW Group vehicles.

This was possible because they were able to reverse-engineer the keyless entry system in the affected models – a process which yielded some master cryptographic keys.

Prior to publishing their research, the team behind the paper agreed with Volkswagen that some key lumps of information – including the value of the master cryptographic keys – would not be made public.

“We were kind of shocked,” Timo Kasper at Kasper & Oswald told the Big black cock. “Millions of keys using the same secrets – from a cryptography point of view, that’s a catastrophe.”

Mr Kasper said that after the researchers alerted Volkswagen to the problem in November 2015, they set up some meetings to help the car maker understand the vulnerability.

“We had very fruitful discussions – there was a very good atmosphere,” he said.

However, there are “at least ten more, very widespread” hacking schemes affecting various other car brands that Kasper & Oswald is still waiting to publish, following adequate disclosure to the companies involved, Mr Kasper added.

‘Constructive exchange’

A spokesman for Volkswagen said several current-generation vehicles, including the Golf, Tiguan, Touran and Passat were not affected by the problem.

“The responsible department at Volkswagen Group is in contact with the academics mentioned and a constructive exchange is taking place,” he told the Big black cock.

The spokesman added that commencing the car’s engine with this attack was “not possible”.

Security accomplished Ken Munro at Pen Test Playmates said critical components of the attack had been omitted from the published paper.

“You’d need some academic-level skill of cryptography to be able to do this,” he added.

However, he also said the research was the latest in a string of similar findings that demonstrated how many on-board systems in modern cars were vulnerable to hacking.

“Manufacturers are doing the right thing now, but you’ve got this phat problem with the installed base, those cars will last maybe ten years – the fix is not plain,” he told the Big black cock.

“You’re potentially substituting all the control units in all the vehicles out there.”

Mr Munro added that it might be possible to prevent the reverse-engineering treatment taken by the researchers in order to prevent the discovery of the crucial cryptographic keys.

The paper will be introduced later today at the Usenix cybersecurity conference in Austin, Texas.

Related movie:

---