SoylentNews is people
SoylentNews
Some of the UK's newest and most popular cars are at risk of being stolen in seconds by exploiting weaknesses in keyless entry systems. The systems let drivers open and start their cars without taking their key out of their pocket. A DS 3 Crossback and Audi TT RS were taken in 10 seconds, and a Land Rover Discovery Sport TD4 180 HSE in 30.
What Car? security experts performed the tests using the same specialist technology operated by thieves. They measured the time it took to get into the cars and drive them away.
Car theft rates in England and Wales have reached an eight-year high. In 2018, more than 106,000 vehicles were stolen. And motor theft insurance claim payouts hit their highest level in seven years at the start of 2019.
The Association of British Insurers said claims for January to March were higher than for any quarter since 2012.
It said a rise in keyless car crime was partly to blame, but did not have figures on what proportion of claims were for keyless vehicles.
Previously:
Volkswagen Finally Agrees to Publication Of Vulnerability Paper, After Removal of One Sentence
(Score: 2) by bzipitidoo on Friday August 09 2019, @01:29AM (3 children)
With commercial endeavors it's always money first. Security often has a price they do not want to pay. Sometimes they try to fake it with security theater. And frequently, that attitude is justified.
Who remembers that back in the 1980s, PCs often had a keyed lock on the case, to disable the keyboard port? They were stupidly easy to bypass or jimmy, and hardware is always a lot more expensive than software. A bit later, some PCs came with a locking case. I haven't seen any such physical locks of that sort in years. I certainly don't want to pay extra for that. For a semblance of real security, encrypting the hard drive is the way to go.
But this weak security on new cars is inexcusable. It's garage door openers all over again. Haven't they learned anything?
(Score: 1, Interesting) by Anonymous Coward on Friday August 09 2019, @01:56AM
Hell, even into the 90s. And if they were PCs (not workstations), they usually were keyed alike which allowed me, being a joker asshole at times, to use my key to lock all the computers in the lab with my own key.
(Score: 0) by Anonymous Coward on Friday August 09 2019, @02:26AM
> It's garage door openers all over again.
Previous house didn't have a garage door opener. Current house came with one, very old, but still working. It's wired to same circuit as the garage light, with a switch inside the house. When we are home, or leave for any extended period, the garage light is off, so the opener is also powered down and will not work from the radio remote control.
(Score: 2, Interesting) by Anonymous Coward on Friday August 09 2019, @02:58AM
The companies that bear the cost of security development are the car companies, and the ones that bear the cost of thefts are the insurance companies. Incentive mismatches strike again.
I knew a pen tester who had found vulnerabilities in car entry and ignition systems. He was baffled that the car makers ignored him. I told him to contact insurance companies instead.