Is Our Yeti Security Flawed?

[Llanigraham]

Whatever you say Graham. Clearly you are right and the thieves are using "magic" to gain entry to the car.

I'm sorry to have clearly told you such nonsense.

 

Have you looked at the circuitry inside a fob?

It is quite obviously a "switch".

If the fob was transmitting permanently how long do you think the battery would last? I'm still using the original battery in my 5+ year old car.

The KESSY system has a proximity system, where they sense each other over a very short distance. As I understand it the transmission is not "permanent" but "pulses".

[docc]

According to this piece on 'You and Yours' (http://www.bbc.co.uk/programmes/b066f7zk) you need to be in close proximity to the key (or have temporary access to it - such a car valet) for this to work.  No mention of its being restricted to kessy-style keyless access systems, though.

[ejstubbs]

That You and Yours segment is about the issue with the RFID chip that disables the immobiliser, same as the article linked in dgb400's post - ie if you can get in to the vehicle then the flaw would enable you to bypass the immobiliser, but it won't unlock the doors for you.  It's therefore nothing to do with gaining access to the vehicle's cabin, which is what 137699 claims to have happened when his friends' cars were ransacked (note: not stolen).

 

(Note that the article linked in dgb400's post is not quite accurate.  It says: "The paper recommends that owners of the models affected change the chip system to one that includes a random number generator."  Er, no it doesn't.  The recommendation it makes for vehicle owners is to lock access to the the RFID chip's memory, and on the more recent version of the chip to set a random PIN code before locking it.  No other change to the RFID chip involved.  This requires a compatible RFID reader, and the communications library used by the team which found the vulnerability.  A straightforward enough procedure: I'm sure everyone has a ~$400 Proxmark III RFID reader sitting in a cupboard somewhere at home just in case such a job needed to be done...)

 

I suspect that would only be with a Kessy system and even then the car would would be looking for a rolling code reply that is never repeated and could be one of millions of code replies so grabbing the code would prove fruitless.

 

This VW UK web page does state that KESSY uses rolling key codes.  Which is only to be expected, TBH, since the key-grabbing vulnerability has been known about in press-button remotes for at least 25 years, probably more, so you'd expect them to build the same protections into the keyless system.  Even so, 137699 says that KESSY was not involved with at least one of the cars.

 

Clearly ... the thieves are using "magic" to gain entry to the car.

 

Given that the technology cannot be bypassed in the way you describe then yes, they must be

 

More likely is that the CCTV doesn't actually show what people have interpreted it to show.  Why not post it (or a link to it) on here so that folks can have a look and see what they make of it?

Edited 29 August, 2015 by ejstubbs

[rog737]

Sorry but the fob does not transmit a code signal unless the button is pressed. 

It is a "dormant" circuit, not an active one.

 

Correct for the radio bit that opens the doors, but the RFID tag which is used by the immobiliser system is passive and powered by an inductive loop. You do not have to press any buttons to read this.

 

The paper that has been released shows it is relatively quick and easy to crack the encryption keys and bypass the system, but I would suggest your average thief is unlikely to have either the kit or the software necessary - at least for some time yet

Edited 29 August, 2015 by rog737

[g6zru]

Correct for the radio bit that opens the doors, but the RFID tag which is used by the immobiliser system is passive and powered by an inductive loop. You do not have to press any buttons to read this.

 

The paper that has been released shows it is relatively quick and easy to crack the encryption keys and bypass the system, but I would suggest your average thief is unlikely to have either the kit or the software necessary - at least for some time yet

That sounds logical to me, so even if Jonny Villain manages to crack the immobilizer code (how if it is passive?) he still won't be ble to get into the car. Also why would he bother with a Skoda when there are all those high value cars around that have an easy market?

 

Fred