• Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA
Sunday, April 2, 2023
TheGreatNews.com
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE
No Result
View All Result
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE
No Result
View All Result
TheGreatNews.com
No Result
View All Result

This remote keyfob hack may leave the past decade of Hondas vulnerable

in NEW TECHNOLOGIES
Reading Time: 3 mins read
A A
This remote keyfob hack may leave the past decade of Hondas vulnerable
Share Share Share Share Share

Related articles

Garbage is sometimes a HIPAA violation

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

Security researchers and The Drive’s Rob Stumpf have recently posted videos of themselves unlocking and remotely starting several Honda vehicles using handheld radios, despite the company’s insistence that the cars have security protections meant to stop attackers from doing that very thing. According to the researchers, this hack is made possible because of a vulnerability in the keyless entry system in many Hondas made between 2012 and 2022. They’ve dubbed the vulnerability Rolling-PWN.

The basic concept for Rolling-PWN is similar to attacks we’ve seen before used against VWs and Teslas, as well as other devices; using radio equipment, someone records a legitimate radio signal from a key fob, then broadcasts it back to the car. It’s called a replay attack, and if you’re thinking that it should be possible to defend against this kind of attack with some sort of cryptography, you’re right. In theory, many modern cars use what’s called a rolling key system, basically making it so that each signal will only work once; you press the button to unlock your car, your car unlocks, and that exact signal shouldn’t ever unlock your car again.

But as Jalopnik points out, not every recent Honda has that level of protection. Researchers have also found vulnerabilities where surprisingly recent Hondas (2016 to 2020 Civics, specifically) instead used an unencrypted signal that doesn’t change. And even those that do have rolling code systems — including the 2020 CR-V, Accord, and Odyssey, Honda tells Vice — may be vulnerable to the recently-uncovered attack. Rolling-PWN’s website has videos of the hack being used to unlock those rolling code vehicles, and Stumpf was able to… well, pretty much pwn a 2021 Accord with the exploit, turning on its engine remotely and then unlocking it.

Honda told The Drive that the security systems it puts in its key fobs and cars “would not allow the vulnerability as represented in the report” to be carried out. In other words, the company says the attack shouldn’t be possible — but clearly, it is somehow. We’ve asked the company for comment on The Drive’s demonstration, which was published on Monday, but it didn’t immediately reply.

According to the Rolling-PWN website, the attack works because it’s able to resynchronize the car’s code counter, meaning that it’ll accept old codes — basically, because the system is built to have some tolerances (so you can use your keyless entry even if the button gets pressed once or twice while you’re away from the car, and so the car and remote stay in sync), its security system can be defeated. The site also claims that it affects “all Honda vehicles currently existing on the market,” but admits that it’s only actually been tested on a handful of model years.

Even more worryingly, the site suggests that other brands of cars are also affected, but is vague on the details. While that makes me nervously eye my Ford, it’s actually probably a good thing — if the security researchers are following standard responsible disclosure procedures, they should be reaching out to automakers and giving them a chance to address the issue before details are made public. According to Jalopnik, the researchers had reached out to Honda, but were told to file a report with customer service (which isn’t really standard security practice).


Credit: Source link

ShareTweetSendPinShare
Previous Post

Amor Fati: Nietzsche’s Formula for Greatness

Next Post

5 Steps to a Drama-Free Relationship

Related Posts

Garbage is sometimes a HIPAA violation

Garbage is sometimes a HIPAA violation

August 30, 2022

After the Supreme Court decided to end federal protection for abortion in June, many abortion advocates and lawmakers started agitating for the Biden administration to make...

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

August 30, 2022

JBL has just announced the Tour Pro 2 wireless earbuds, featuring adaptive noise cancellation and customizable ANC alongside a charging case with a 1.45-inch LED touchscreen...

Elon Musk says whistleblower’s testimony gives him more reasons to dump Twitter deal

August 30, 2022

Elon Musk says the disclosures of Twitter’s former security chief have given him new justifications to walk away from his $44 billion deal to buy the...

Logitech’s cloud gaming handheld leaks with Android apps and Switch-like UI

Logitech’s cloud gaming handheld leaks with Android apps and Switch-like UI

August 30, 2022

Logitech’s new cloud gaming handheld has leaked weeks after the company teased it was working on the new device. Logitech G and Tencent Games confirmed their...

Meta links Instagram’s NFT posts to Facebook as the market for ‘digital collectibles’ tanks

Meta links Instagram’s NFT posts to Facebook as the market for ‘digital collectibles’ tanks

August 30, 2022

Meta has been testing support for NFT “digital collectible” posts on Instagram since May, and if you’re among the expanding group of people with access, then...

Next Post
5 Steps to a Drama-Free Relationship

5 Steps to a Drama-Free Relationship

We Are Allowed to Age: Why I Don’t Care That I Look Old

We Are Allowed to Age: Why I Don’t Care That I Look Old

Can Tesla’s Stock Survive the Onslaught of Competition?

Can Tesla's Stock Survive the Onslaught of Competition?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Weekly Updates

blood

Unvaccinated Blood: Balancing Medical Necessity and Public Health Concerns

March 28, 2023
Breaking Barriers to Healthcare: Strategies for Improving Affordability

Breaking Barriers to Healthcare: Strategies for Improving Affordability

March 28, 2023
TheGreatNews.com

This is an online news portal that aims to provide the latest updates about mindset, well being, positive news, wisdom, purpose, new technologies, entrepreneur, green energy, success, good life and stuff like that around the world. Feel free to get in touch with us!

© 2021 - TheGreatNews.com - All rights reserved!

  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA
No Result
View All Result
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE

© 2021 - TheGreatNews.com - All rights reserved!