Thought your shiny new car looked pretty impregnable? Think again. Two researchers have shown that they can unlock a car - and even start the engine - using a simple text message.
The researcher explains how they can use an Android phone to carry out a technique they've dubbed "war-texting". The new technique relies on intercepting text messages, which many devices use to send commands or even firmware (permanent software programmed into a read-only memory) updates.
By setting up a local GSM network in the vicinity of a Subaru Outback, the team were able to intercept password authentication messages sent between the electronic key fob and the vehicle. What happens next is not exactly known, because the researchers haven't divulged all their secrets as a courtesy to the manufacturer.
However, what we do know is that intercepting those authentication messages allowed the team to understand the basic commands required to communicate with the security system of the car. Once they knew those details, they were able to send their own messages to the system in order to reverse-engineer the firmware - effectively learning how the entire device works.
The researcher explains how they can use an Android phone to carry out a technique they've dubbed "war-texting". The new technique relies on intercepting text messages, which many devices use to send commands or even firmware (permanent software programmed into a read-only memory) updates.
By setting up a local GSM network in the vicinity of a Subaru Outback, the team were able to intercept password authentication messages sent between the electronic key fob and the vehicle. What happens next is not exactly known, because the researchers haven't divulged all their secrets as a courtesy to the manufacturer.
However, what we do know is that intercepting those authentication messages allowed the team to understand the basic commands required to communicate with the security system of the car. Once they knew those details, they were able to send their own messages to the system in order to reverse-engineer the firmware - effectively learning how the entire device works.
No comments:
Post a Comment