Volkswagen Created A 'Backdoor' To Basically All Its Cars... And Now Hackers Can Open All Of Them
from the backdoors-are-bad-m'kay? dept
And... for our latest example for why requiring companies to build backdoors into encryption or similar technologies is a bad idea comes from automaker Volkswagen. Researchers are now revealing that approximately 100 million VW vehicles can be easily opened via a simple wireless hack. The underlying issue: a static key used on basically all of the wireless locks in VWs.The researchers found that with some “tedious reverse engineering” of one component inside a Volkswagen’s internal network, they were able to extract a single cryptographic key value shared among millions of Volkswagen vehicles. By then using their radio hardware to intercept another value that’s unique to the target vehicle and included in the signal sent every time a driver presses the key fob’s buttons, they can combine the two supposedly secret numbers to clone the key fob and access to the car. “You only need to eavesdrop once,” says Birmingham researcher David Oswald. “From that point on you can make a clone of the original remote control that locks and unlocks a vehicle as many times as you want.”In other words, VW created a backdoor, and assumed that it would remain hidden. But it did not.
This is exactly the kind of point that we've been making about the problems of requiring any kind of backdoor and not enabling strong encryption. Using a single encryption key across every device is simply bad security. Forcing any kind of backdoor into any security system creates just these kinds of vulnerabilities -- and eventually someone's going to figure out how they work.
On a related note, the article points out that the researchers who found this vulnerability are the same ones who also found another vulnerability a few years ago that allowed them to start the ignition of a bunch of VW vehicles. And VW's response... was to sue them and try to keep the vulnerability secret for nearly two years. Perhaps, rather than trying to sue these researchers, they should have thrown a bunch of money at them to continue their work, alert VW and help VW make their cars safer and better protected.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, cars, encryption, hackers, research
Companies: volkswagen
Reader Comments
Subscribe: RSS
View by: Time | Thread
What's the harm?
[ link to this | view in chronology ]
Re: What's the harm?
[ link to this | view in chronology ]
Simple solution
[ link to this | view in chronology ]
Re: What's the harm?
TERROR!
Ahem.
[ link to this | view in chronology ]
Re: What's the harm?
[ link to this | view in chronology ]
going after the criminals
>>the crime!
First, we need to criminalize the addition of backdoors. Then, we go after those that either intentionally add the backdoors or abuse official powers to coerce companies to add backdoors. Finally, lock said criminals up, as appropriate. As for the lock holding the criminals in cells, no backdoors and whether or not the key is thrown away depends on how many people have security undermined by said backdoors.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Good thing though, I am sure it is easy to just update your fob and car with the upcoming security update!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Not what you think.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Look at it another way
If Apple would be as cooperative as VW, then the police / FBI could search your phone too.
And VW's backdoor unlock technique would never be abused. Hear that Apple! (sarcasm)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Simple, really
[ link to this | view in chronology ]
Re: Simple, really
[ link to this | view in chronology ]
It's easier and cheaper to pay lawyers to suppress unwelcome news...
[ link to this | view in chronology ]
VW needs to nerd harder
[ link to this | view in chronology ]
[ link to this | view in chronology ]
One good thing!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Nerd Harder
VW did NOT nerd hard enough.
[ link to this | view in chronology ]
if it isn't broke don't fix it.
Using the same key for every car is silly from a security point of view. However when designing and manufacturing a product you can't only consider security as the most important thing.
If they used different keys that would also mean needing to maintain different copies of the firmware or at least track which car has which key. Manufacturers also might need to have access to keys. Then if VW has to issue a recall for a firmware update it becomes a bigger hassle for repairmen, owners, manufacturers.
In the end maintaining multiple keys over 20+ years might be more expensive than issuing out a blanket update later on or replacing the car's parts if needed.
Security costs money but the company might lose more than money if crap hits the fan.
I think in this particular case VW was just being lazy because it hadn't been broken for so long they figured it was okay.
Just some stuff to consider.
[ link to this | view in chronology ]
Re: if it isn't broke don't fix it.
Ummm, no.
[ link to this | view in chronology ]
Re: if it isn't broke don't fix it.
[ link to this | view in chronology ]
Re: if it isn't broke don't fix it.
Any digital keys would require no significant additional database storage. And you can bet your boots that they do indeed retain (digital) key information. Any changes to the key (or fob) required by firmware updates would be retained as well ... and the firmware update would be added to the record for your car.
As the data is stored per-car, the firmware portion of the key can be varied per car as well.
Remember that this attack captures the "user" portion of the key via the fob. So long as the firmware key is not varied per-car, a simple dictionary attack will crack the car open easily.
Heck, if the key size is small enough, you can brute force it even if they vary it per-car. Especially as you have the fob's key already.
... or you can simply gain access to the manufacturer's database and game over, man.
Whose bright idea was it to make your car radio controlled in the first place?
[ link to this | view in chronology ]
Re: Re: if it isn't broke don't fix it.
"So long as the firmware key is not varied per-car, a simple dictionary attack will crack the car open easily."
This isn't correct. Most remote car unlockers use a rotating key system or a computational exchange, specifically to foil dictionary attacks or attackers sniffing the unlock signal to reproduce it. There are a few different ways this is done, some better than others, but the net effect is that a different key is needed for each unlock.
[ link to this | view in chronology ]
Re: Re: Re: if it isn't broke don't fix it.
[ link to this | view in chronology ]
Re: if it isn't broke don't fix it.
They already do that, as each car comes with a unique key for the purchasers use.
[ link to this | view in chronology ]
When tech fails sometimes you have to KISS
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I believe they call it the trunk...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Want to find out if your used car is stolen?
CarDotCheck is a UK Car History Check Web Portal, that specialises in generating car history reports for used cars such as outstanding finance, written-off, keeper history, <a href="https://cardotcheck.co.uk">stolen car check</a> and much more.
Visit: <a href="https://cardotcheck.co.uk">Stolen Car Check</a>
Find out if your car is stolen
[ link to this | view in chronology ]