Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Terr_ 6 days ago

I sometimes imagine how much of this could be avoided if the communication signals weren't (a) broadcast or (b) a imperceptible to humans.

If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.

If the signals were audible sound, you'd know when someone was jamming it.

In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.

pch00 6 days ago | parent | next [-]

> If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.

You could even take it a step further for extra safety: the door handle could have a slot that requires a specifically shaped piece of metal to be inserted. Only a piece of metal with the correct shape would allow the lock to be opened.

kube-system 6 days ago | parent | next [-]

> Only a piece of metal with the correct shape would allow the lock to be opened.

This has been attempted but unfortunately this algorithm is vulnerable to the #ScrewdriverHammer attack.

skinner927 6 days ago | parent | prev [-]

Science fiction

meindnoch 6 days ago | parent | prev | next [-]

>If the signals were audible sound, you'd know when someone was jamming it.

This would be very popular in East Asia. They love everything that beeps. Rice cookers play a melody, pedestrian crossings play a melody, garbage trucks play a melody. Japan is the country of beeps.

JKCalhoun 6 days ago | parent | prev | next [-]

> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.

Yep, that's the simplest fix. Key is required in the door to open/unlock.

You'd think too that a firmware update to the car could enable that behavior. I mean most cars still have a physical lock on at least the driver's side door as a "back door" to getting into the car if the fob is non-operational.

cnst 5 days ago | parent [-]

The problem is that the overwhelming majority of cars are effectively abandonware on this metric.

This is exactly the benefit of the free software, and why having your own ability to fix, recompile and reinstall the software, is essential, even on things such as cars where you may think it's not needed or is too complex to handle.

misswaterfairy 6 days ago | parent | prev [-]

> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.

Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?

I would be surprised if automotive manufacturers used separate rolling code keys for locking and unlocking.

Terr_ 6 days ago | parent [-]

> Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?

Yes, what I meant is that such symmetry is not strictly required, and breaking the symmetry opens up ways to enhance security (of unlocking when you arrive) while keeping most of the convenience (of locking while leaving.)

For example, imagine "Lock" is a typical broadcast from anywhere within X meters, but "Unlock" requires touching the fob to an infrared port, and they use independent codes.

a96 6 days ago | parent [-]

Peugeot used to have infrared keys. Several people who thought their central locking was glitchy have been surprised to learn that pointing the key at the side window makes it work every time.