http://www.bbc.co.uk/news/technology-37057689

 

A sizeable proportion of 100 million Volkswagen Group cars sold since 1995 can be unlocked remotely by hackers, a team of researchers has said.

The problem affects a range of vehicles manufactured between 1995 and 2016 - including VWs and models from the company's Audi, Seat and Skoda brands.
A homemade radio costing about £30 is the only hardware an attacker requires.

Wonder if there are any reported cases of this being used yet.

Edited 12 August, 20169 yr by vrsTom

zzzzzzzzzzz - it's a transmitter fob - it can be spied on and hacked - so???

zzzzzzzzzzz - it's a transmitter fob - it can be spied on and hacked - so???

So even if it's as dismissible as that, which I don't agree, the constant negative headlines basically saying VAG is lying (environment, safety and now security) has an impact.

I'm not buying another VAG again anyway after a combination of SUK "suking", poor mpg, poor build quality and the emissions issue having a possible impact on resale values but for those who do want another VAG car I would suspect the common perception (whether factual or not) of VAG no longer being good quality trustworthy etc will have a big impact on sales and residuals.

Transmitter fobs have been hackable for years with the correct scanning kit. Trouble is, getting the car to start without the key is a separate issue, as the transponder needs to handshake with the receiver in the steering column.

zzzzzzzzzzz - it's a transmitter fob - it can be spied on and hacked - so???

 

So it's potentially putting a hell of a lot of vehicles at risk, including yours. It's 90s security technology that seems to have only recently been defeated and potentially affects many other car manufacturers as well.

 

So even if it's as dismissible as that, which I don't agree, the constant negative headlines basically saying VAG is lying (environment, safety and now security) has an impact.

I'm not buying another VAG again anyway after a combination of SUK "suking", poor mpg, poor build quality and the emissions issue having a possible impact on resale values but for those who do want another VAG car I would suspect the common perception (whether factual or not) of VAG no longer being good quality trustworthy etc will have a big impact on sales and residuals.

 

To be fair, other manufacturers were/are probably using similarly 'weak' systems, but VW group is the bigger target (in Europe at least). I suspect other manufacturers systems developed in the 90s like VW's may turn out to be vulnerable as well.

Transmitter fobs have been hackable for years with the correct scanning kit. Trouble is, getting the car to start without the key is a separate issue, as the transponder needs to handshake with the receiver in the steering column.

 

True, but the researchers seem to have done it with a £30 Arduino board - which is a more recent development.

 

Yeah the immobiliser/transponder is another layer of security, but even if a thief couldn't start the car it still makes it easy to steal possessions from the car and much easier to release the handbrake & break the steering lock to be able to move the car more easily.

Sorry but I really can't get too worked up about this - ANY security system can be hacked given the right knowledge.

 

If someone is prepared to go to the expense and effort required just to get into my 2007 Skoda (or any other car that operates a similar system for that matter) then there's not a lot I can do about it is there?

 

There are a lot of much more desirable vehicles out there that have much more desirable contents in them than mine (given I leave bugger all of value in it), so I'll take my chances.

 

The risks of it actually happening to me are miniscule.   And if it does then it does...   it would be exactly the same issue with any other vehicle (ie most of them) that use similar / the same security systems so why have they singled out VAG - just jumping on the bandwagon as far as I can see.

I thought the transponders had already been hacked?

So that's what the VAG boffins moved on to after cracking the missions cheat ?

There was a spate about 4yrs ago of of mk3 (2011 ish)focus cars being emptied of contents around dublin with no signs of forced entry - locks all okay, alarms working normally etc

common belief was that a group had hacked the remote central locking system and were simply opening the doors with something as described above...

This is making news as its a chance for some fresh VAG bashing (some of it deserved admittedly) as the emmissions carp has gone quiet and other manufacturers have been fou d out too.

Edited 12 August, 20169 yr by mac11irl

There was a spate about 4yrs ago of of mk3 (2011 ish)focus cars being emptied of contents around dublin with no signs of forced entry - locks all okay, alarms working normally etc

common belief was that a group had hacked the remote central locking system and were simply opening the doors with something as described above...

This is making news as its a chance for some fresh VAG bashing (some of it deserved admittedly) as the emmissions carp has gone quiet and other manufacturers have been fou d out too.

Focus & Transits.

We're again seeing vans emptied without any damage and still locked when owners come out to them in the morning. Last time the local newspaper reported any before the latest spate must be over 12 months.

Then you have BMW which can be driven away without keys.

Not sure who makes the VAG or Ford alarms, but iirc BMW are still Sigma?

Mine was done a few months back. I left my satnav in the glovebox with the mount and charger etc. All taken but around £20 in cash that was in the compartment under the headlight switch was left and undisturbed.

So my Mk1 Octy with central locking with no RCL is one of the most secure VAG cars on the planet, what a machine!  :sun:

More on that

http://www.thecarconnection.com/news/1105508_latest-worry-for-volkswagen-owners-wireless-hack-can-unlock-millions-of-audis-porsches-vws#src=10065

This is the second published attack on VAG group key fobs.

 

I've seen the attack demo'd and it's trivial to unlock VAG cars 

 

http://theconversation.com/why-there-must-be-freedom-to-publish-flaws-and-security-vulnerabilities-46419