Keyless Car Entry Systems May Allow Anyone To Open And Steal Your Vehicle
Hands-free car-entry systems that allow people to unlock their car doors without the need to push any buttons on the fob or car provide great convenience; at least during the winter, many people even store key fobs in their coats and do not even physically handle the fobs on a regular basis.
Cars that allow such access typically utilize proximity to determine when to let people open their doors; when a corresponding fob (and, ostensibly the car’s owner) is close to a locked vehicle that vehicle will allow itself to be opened.
Unfortunately, however, people have begun marketing for sale devices that allow criminals to exploit a technological vulnerability in these systems, and crooks have been seen using “mystery devices” to open cars equipped with hands-free car entry systems. Once in a car, crooks can steal whatever is in it, and, while most of the recent issue has been just that, they can also potentially connect a device to the vehicle’s diagnostic port in an effort to download sufficient information in order to create a key to drive and steal the vehicle, a problem about which the British police are now warning.
Anyone wishing to protect the contents of his or her car (and, perhaps, the vehicle itself) might want to act.
While there have been various suggestions as to how keyless entry systems can be hacked, and various techniques have been discussed at conferences, the current issue seems to be the following:
The communications between your key fob and car are intended to take place only when the fob is near the vehicle (usually “near” means within approximately a yard or so from the vehicle), thereby ensuring that the car can be opened only when the owner is nearby. A relatively simple device that physically boosts the wireless signal between fobs and cars, however, enables communication to take place between at least some manufacturer’s fobs and cars when the two are much further apart. By leveraging such a signal booster, a criminal can trick a car into thinking that the fob is close by even when it is much further than a yard away; some reports claim that devices for sale online may work to open cars even if their associated fobs are as far away as the distance of an entire football field!
So, if your car is parked not far from your home – on your driveway or in a parking spot nearby – someone who wants to break into your vehicle can potentially use the device to allow the car to “see” the fob located in your house as if the latter were much closer to the vehicle (a process that takes place almost instantaneously) and then open your car door as if you were standing next to the vehicle. The same is true for someone who enters your office parking lot while you are at work, or approaches your car in a restaurant parking lot while you are at dinner. Walls and the like may sometimes interfere with a thief’s attempts – but they often don’t; there are enough reports of successful break-ins to undermine any claim that they are a sufficient defense.
Car manufacturers could easily correct this problem by requiring people to press a button on the fob to activate it (although such a solution clearly reduces convenience, and may be rejected because of such), or by adding technology to vehicles to determine the distance the fob is from the car rather than just relying on weak signals that are not supposed to travel more than a short distance.
In the meantime, if your car has a feature that allows disabling the proximity feature and using a button on the fob to unlock your car, it may be wise to take advantage of this feature. If not, the easiest way to address the risk of unauthorized access to your vehicle may be to simply to keep your car fob wrapped in aluminum foil (which blocks the relevant communication signals) and to open the foil slightly when you want to use the fob. Any fobs not normally used and stored at home can be wrapped as well. Want a cleaner look than a fob wrapped in foil? Put the fob in a “Faraday Bag” as sold on Amazon and at other retailers.
Unfortunately, however, some very bad alternative ideas as to how to prevent criminals from breaking into people’s cars with signal boosters have been floated around in the media in recent days; I mention two here in order to advise people NOT to follow them. A New York Times piece suggested that people store their key fobs in their home freezers. Besides the fact that this approach will do nothing to prevent cars from being broken into at work, a mall, or anywhere else besides home, it is also problematic because the temperatures in the freezer can temporarily or permanently damage the fob (either on their own or by causing condensation problems). But freezers are not the worst idea that has been mentioned: Some have suggested that people store their key fobs in their microwave ovens; besides not addressing the issue when people are parked at locations other than their homes, storing anything that is not microwave-safe in a microwave oven is a terrible, hazardous idea. Someone may attempt to use the microwave without noticing the fob in it – which can not only destroy the fob, but create a dangerous situation as well.
Suggestions such as those made by Scotland Yard — of parking your car somewhere well lit and under video surveillance, and of using a steering-wheel lock — may reduce your vehicle’s attractiveness as a target and lower the likelihood of its being stolen, but, ultimately, such strategies are often inconvenient, impractical, and not foolproof, and clearly do not address the core problem.
On many occasions over the last decade, I have recommended that people store their a car keys on their night tables as the panic button can be used as a makeshift alarm in case of an emergency. I still suggest keeping your keys there, but, if you are worried about someone entering your car (for example if it is parked on the street or in a driveway rather than a garage) just keep them in an easily-openable piece of aluminum foil.
Please Note: I originally wrote an earlier version of this article for Forbes over five years ago. In recent days, however, I have heard of multiple incidents in which people were harmed because they were unaware of relevant information discussed in this piece. And, clearly, many people regularly utilize cars and associated key fobs that are not new. As such, I am republishing the article…