Awesome Stuff: Smartphone Proximity Locks For Your Car

from the a-little-different dept

Sat, Apr 18th 2015 9:00am — Leigh Beadon

For this week's awesome stuff, we're trying out a slightly different format. Instead of gathering three new crowdfunded products, we're going to focus on just one and take a slightly closer look at its progress and prospects. Please let us know in the comments if you like this approach, or if you prefer the old format.

This week, we're looking at Loxet: a smartphone-controlled proximity lock for your car.

The Loxet is a device that installs in any car with a central locking system and, along with an accompanying iOS or Android app, allows you to lock and unlock the doors and control ignition access with your proximity to the car. It also bills itself as an advanced sharing system, allowing you to grant time-limited access to the car to other people.

The Good

For one thing, it's new. There are already plenty of proximity locks on the market, but they generally require a specialized fob on your keychain; there are already smartphone-controlled locks too, but they operate by button-press. Loxet appears to be the first smartphone-controlled proximity lock, or at least the first one that works with both iOS and Android (they make this latter claim on the Kickstarter page). The price also looks good — though all the super-cheap early bird deals are sold out, the standard Kickstarter price of $69 is still below the price of existing non-smartphone proximity lock systems, which tend to sit in the $80-200 range.

The Bad

The way Loxet operates seems like it might come with some inherent issues. The device uses Bluetooth Low Energy, and in order to achieve full proximity operation on both iOS and Android, they have to use apps that repeatedly scan for connected Bluetooth devices at a time interval you set. To realize the full hands-off, out-of-mind potential of the system, that time interval will have to be pretty short — and I suspect it will have a noticeable impact on your phone's battery life and performance, though just how noticeable remains to be seen. For the time being, there aren't any obvious alternatives to this approach, at least not without sacrificing some capabilities.

The Questionable

With any wireless locking system, there's always one big question: is it secure? The last thing we need is someone whipping up an app to hack into people's cars via Bluetooth. Loxet would surely claim, in good faith I don't doubt, that the system is secure — but I'd like to see them call in some independent security audits and put the software in the hands of some white hat hackers before telling people it's ready to keep their cars safe. In fact, there's actually a disturbing lack of security information and discussion on the Kickstarter page, especially for an app that claims it will allow car-sharing via e-mail, SMS and QR code. With just under a month left in the campaign, this is the biggest thing the Loxet team needs to address.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: awesome stuff, cars, proximity lock, security

12 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

orbitalinsertion (profile), 18 Apr 2015 @ 6:51pm

Why would i want my car to unlock every time my phone is in proximity?

What if someone get my phone?

For one thing, it's new. There are already plenty of proximity locks on the market, but they generally require a specialized fob on your keychain; there are already smartphone-controlled locks too, but they operate by button-press.

When I was a kid, we actually had to put a key in a lock and turn it. Uphill. Both ways. In fifty feet of snow.
[ link to this | view in chronology ]
Todd Shore (profile), 18 Apr 2015 @ 10:07pm

With a signal repeater you can bridge the distance between phone and car so that "proximity" is several hundred feet and security protocols don't need to be broken if transmission delay isn't computed.
[ link to this | view in chronology ]
- Anonymous Coward, 19 Apr 2015 @ 12:45pm
  
  Re:
  A good question is does the system use full crypto to identify authorized users or does it use something that someone else can copy from your phone and use it to unlock the door and simply repeat back to the car to impersonate your phone.
  [ link to this | view in chronology ]
  - MrTroy (profile), 19 Apr 2015 @ 9:43pm
    
    Re: Re:
    Maybe I lack imagination, but there isn't really any way to prevent something from being copied from your phone and used on their phone to open your car. At best, the phone's IMEI would be part of the key, which would require an attacker to need to spoof your phone's IMEI as well as stealing the key file.
    
    Even the car sharing seems like an easier problem to solve than the key copying.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 20 Apr 2015 @ 7:57am
      
      Re: Re: Re:
      True, but there are numerous methods for handling the use case where an unlock code is exposed at the moment that it's used (rolling codes, etc.).
      
      That's not to say this product does anything like that, though. Personally, I wouldn't trust a product like this without knowing a lot more abut its implementation.
      [ link to this | view in chronology ]
  - aldestrawk (profile), 20 Apr 2015 @ 7:32am
    
    Re: Re:
    What you are describing is a replay attack. The transponders used for locking/unlocking the car and for vehicle immobilizers already use encryption in a way to defeat a replay attack. The technique of using a repeater, or relay, device is different from a replay attack. With keyless entry, you don't have to have physical possession of the key to initiate the cryptographic handshaking. The key can sit in your house while the thief uses the relay device to fool the car into thinking the key is close by. The relay device just transmits the entire cryptographic handshake in both directions. Unless, there is a way to distinguish actual proximity from the use of a relay device, this same problem will exist for the smartphone + application.
    [ link to this | view in chronology ]
    - pixelpusher220 (profile), 20 Apr 2015 @ 7:40am
      
      Re: Re: Re:
      Exactly. Perhaps comparing the GPS locations of the car and of the phone may help.
      
      Or in the simplest case, are the 'relay' devices 1 way or 2 way? Having a back and forth handshake would at least require 2 way communication...or have something that requires a some delay that allows your phone to notify you and give you the option to say 'no' before it unlocks itself (and of course alert you that hey someone is unlocking your car!).
      [ link to this | view in chronology ]
Anonymous Coward, 20 Apr 2015 @ 8:50am

I don't understand the point of this. My last few cars have all been keyless entry to the point where you simple touch the door handle and it unlocks. And there is a small button on the handle you hit to lock as you walk away. The keys never come out of your pocket. Even cheap cars are starting to have these features. I guess maybe I'm not the target user, but this seems dumb.

ps: I like the old format of three ideas better than this one in depth.
[ link to this | view in chronology ]
- John Fenderson (profile), 20 Apr 2015 @ 8:55am
  
  Re:
  There are lots of cars on the market that don't have keyless entry systems. The target market would be the owners of those. I have to admit that personally, I have yet to own a car that has this ability -- but that's because I intentionally avoid buying new cars, and the majority of the used cars around lack this.
  [ link to this | view in chronology ]
Anup Kayastha, 21 Apr 2015 @ 5:41am

This is really awesome!
[ link to this | view in chronology ]
Emil, 6 Jun 2015 @ 5:29am

loxet save ? or not
I have seen the loxet layout of there PCB and it´s only a low energy module without any protection against unwanted connections or intruders. I however use the BTCAR of a brazilian company, BT Segurança, that has a buildin processor witch allow or disallow the liberation of the vehicle perfectly. It´s not the module that dessides if your car is able to be used but the proccesor with analizes the mobile phone qnd it´s ID before liberating your vehicle. Good security, if not the best. we are trying to brake it for some while but it is dificult. The casing is not so beautifull but it Works like a charme and is not build to pen doors , we have Keys and remotes for this. it keeps your car save by turning of the motor or imobilize your car. Perfect.
[ link to this | view in chronology ]
solidworks, 2 Aug 2015 @ 8:39pm

Re
Thank you.
It's awesome.
[ link to this | view in chronology ]