Hackers Can Clone Tesla Key Fobs in Seconds | SecurityWeek.Com:
[...] The attack described by KU Leuven researchers has four major phases. In the first phase, the attacker obtains the targeted vehicle's identifier, which is transmitted periodically. The identifier is then used to impersonate the vehicle and send two challenges to the key fob.
The response pairs are captured and the 40-bit encryption key can be recovered, allowing the attacker to impersonate the fob and unlock and start the car.
An attack can be conducted using Proxmark 3, a $400 tool designed for RFID analysis, from a distance of 1 meter (3 feet). However, experts believe the distance can be increased to up to 8 meters (26 feet) if purposely build antennas and transmission hardware are used.
This research focused on the PKES system used in the Tesla Model S. However, the analyzed PKES system is made by Pektron and is used by several other manufacturers, including McLaren, Karma and Triumph, which means their vehicles could be affected as well.
Tesla has worked with the researchers to implement measures that should prevent attacks, but none of the other companies responded to attempts to report the flaws.
[...] In general, these types of attacks can be prevented by keeping the key in a special box or pouch that blocks RF transmission. However, this defeats the purpose of the keyless entry and start system.
The researchers do not plan on making public any of the tools they have developed, but a paper containing technical details will become available soon.
(Score: 3, Insightful) by bob_super on Tuesday September 11 2018, @06:23PM
When I was in Southern Europe, cops didn't bother to look for cars, which didn't have GPS then.
The expensive ones were likely on their way to Eastern Europe / Africa / Middle-East. Those which were not were either already in pieces, or would be found when a random person would complain about some abandoned post-joyride wreck.
Car thief was a much easier job then.