Using iPhone as a key?

[IrwinJ]

It's the same attack as is being used for key fobs. A wave of Tesla's have been stolen here with that repeater attack. They remove the SIM so it can't be tracked. After that they rip it for parts.

Best way to deal with that is enabling pin-to-drive, or for Porsche -- pin-to-login. Or just don't use comfort access and such.

Please explain - what is pin to logic and how is it enabled?

Sponsored

 

[porsche_coyote]

There *are* wireless technologies that thwart replay/relay attacks, specifically ultra-wideband location and ranging. These are a part of the next-generation mobile key specification that's being deployed by the Car Connectivity Consortium.

This is what the next generation of 'phone as key' systems will use. The nice thing is that these systems won't require you to even take the phone out of your pocket. BMW and Apple have already publicly committed, and a *lot* of newer cars are coming with the requisite hardware installed (including my wife's VW ID.4). Whether they'll support it is another question...

 

[daveo4EV]

Please explain - what is pin to logic and how is it enabled?

Tesla has the option to require a numeric PIN on the main screen once you are inside the car to get it to move…(similar to Porsche's option to require a PIN to login to your porsche connect account -which people don't use since they enable "auto-login")

so even if you managed to unlock the car and get inside - before you can shift into drive/reverse/neutral you have to enter a PIN on the main screen…

it's an option you enable in Vehicle Security settings.

 

[IrwinJ]

Tesla has the option to require a numeric PIN on the main screen once you are inside the car to get it to move…(similar to Porsche's option to require a PIN to login to your porsche connect account -which people don't use since they enable "auto-login")

so even if you managed to unlock the car and get inside - before you can shift into drive/reverse/neutral you have to enter a PIN on the main screen…

it's an option you enable in Vehicle Security settings.

Yes I’ve got a PIN. So if my settings are such that I don’t have to enter my PIN each time I want to drive then my car is at risk of being hacked/stolen??

 

[daveo4EV]

for Porsche yes and most other cars

in your Porsche your PIN is not protecting your vehicle - it's protecting your vehicle's connection to Porsche's computers for access to your data (like saved navigation addresses) and other "personal" data protected by your PorscheID - your PorscheID does not _YET_ protect/gate/authenticate anyone's ability to "drive" the vehicle - all you need to drive a Porsche (or any other vehicle) is physical access and the abilty to start the car and engage the tranmission…

Tesla goes a bit further - in that even with a Phone/RFID card and physical access to the vehicile - you have the option to setup a PIN that will plrevent the car from being driven/started until the PIN is entered…so if someone steals your RFID card - and walked to your car in the parking complex, gets in- they will NOT be able to drive until they enter the assigned PIN…so if you have this setting enabled - you need two things to drive a Tesla:

1. RFID-card/Paired-phone
2. knowledge of the PIN

to my knowledge there is no such required PIN to drive feature in Porsche's fleet yet - simple possession of the FOB (or a clone of the FOB) is all you need to access the vehicle and drive away…

FOB's are not actually that secure…theives know how to hack all the automotive FOB's from every manufacturer

the question for this thread "phone as a key" - is are phones yet "perfect" and "secure" - the answer is "no" - but they are better than traditional "fobs" from a security point of view…but still can be hacked…

there is technology on the horizon that would make phone's as car key about as secure as chip-credit cards - which are pretty good…but again not perfect

there is NO perfectly secure technology -but we can rank existing solutions as "more" or "less" secure than one another - my quick ranking would be - less secure first - more secure last

can phone as key with bluetooth be hacked? Yes.
it is more secure than a FOB? Yes - vastly more secure.

is there a car that can't be hacked/stolen on the general market today? No!

are there cars that are harder to hack/steal than other cars on the market today? Yes!

below is my ranking of "how secure" is it - and you also need to consider "active" vs. passive to gain access - passive means you do not need to remove the item from your pocket/purse - these are generally proximty based - and it''s going to be hard for anything that is "passive" to ever be consider "hack proof" or secure - but people don't like active, because you have to take your FOB/phone/token/key out of your pocket/purse, but it's more secure because you have to "do somehting" to make it work. Generally speaking "active" tokens will be harder to "hack" than passive ones…

less secure (1)

1. physical key - active - can be cloned
2. physcial FOB - active - can be cloned
3. phone-as-key via bluetoothLE - passive - can not be cloned
4. phone-as-key via NFC (BMW) w/Express pass "enabled" - passive - can NOT be cloned
5. phone-as-key via bluetoothLE w/PIN-2-start required (Tesla) - passive/active - can not be cloned
6. phone-as-key via NFC (BMW) w/FaceID-TouchID required - active - can not be cloned
7. future designs that we'll have in the next 3 to 5 years…passive/active, can not be cloned, can not be relay'd

more secure (7)

you can only rank security as "more/less" - you are never done…so it's a matter of degree and effort required to overcome the security measures - perfection will not be achieved, but that doesn't mean it's not worth dumping really really bad designs and continuing to make improvements…nearly all the phone-as-key technologies in production today are way way way better than simple keys or FOB's from a security point of view, but there are still some attack vectors…there always will be.

 

[daveo4EV]

Yes I’ve got a PIN. So if my settings are such that I don’t have to enter my PIN each time I want to drive then my car is at risk of being hacked/stolen??

your PIN has NOTHING to do with the ablity to hack/steal your Taycan - it protects your data associated with your PorscheID - it has nothing to do with the physical access to your car or it's ability to be driven.

if I clone your Taycan's FOB (easy peasy if I get the right gear) - I get to drive your Taycan away…done, end of story.

 

[daveo4EV]

your PIN has NOTHING to do with the ablity to hack/steal your Taycan - it protects your data associated with your PorscheID - it has nothing to do with the physical access to your car or it's ability to be driven.

if I clone your Taycan's FOB (easy peasy if I get the right gear) - I get to drive your Taycan away…done, end of story.

now what the PIN in the Taycan WILL do - is that when the thief clones your FOB while you are at lunch and gets in your Taycan - he will not get to access the preset "home" address in the porsche nav and get directions to your home - and I also believe (but am not sure) it prevents access to homelink - so while your car will still get stolen - he won't know where you live, and he won't be able to open your garage-door/gate to gain access to your property…

also recent destinations is really really personal and valuable information - so the PIN protecting that is also highly desirable.

but the PIN in Porsche right now is about privacy and personal data (some of which is quite valuable - home/work address for example) - but has NOTHING to do with protecting the vehicle itself.

 

[IrwinJ]

your PIN has NOTHING to do with the ablity to hack/steal your Taycan - it protects your data associated with your PorscheID - it has nothing to do with the physical access to your car or it's ability to be driven.

if I clone your Taycan's FOB (easy peasy if I get the right gear) - I get to drive your Taycan away…done, end of story.

Got it. So how does somebody clone my fob if it’s in my pocket and never leaves it?

 

[daveo4EV]

Got it. So how does somebody clone my fob if it’s in my pocket and never leaves it?

thieves have radio receivers that can copy your FOB radio signals when you use it - they sit in parking lots "snarfing" all the FOB signals and then they replay the signals pretending to be your FOB…there is software and hardware that allows thieves to clone vehicle FOBs when they are used by simply "listening in" on the FOB<--->Vehicle exchange - and then they have a copy of your FOB for later…

if it's wireless it requires a large amount of effort to "secure" - FOBs/Vehicle manufactures don't invest enough in these devices to make them secure - they are "secure" enough that the level of effort requires some hardware/software/sophistication to pull off a FOB clone/attack - but it's far from impossible, and organized activities have enough resources to "break" vehicle FOB security…

https://carbuzz.com/car-advice/are-keyless-entry-cars-at-greater-risk-of-theft#:~:text=This involves stealing the key fob signal and,access cars that come with their own app.

This involves stealing the key fob signal and creating a clone key fob. A nearby key fob code grabber intercepts the signal when locking or unlocking, allowing the thief to retransmit it later.

consumer grade devices that don't cost a lot of money and don't have a lot of computer power made to a fixed price point and do all their work via proximity and wirelessly are most likely _NOT_ secure and _EASY_ to hack. Making this whole system truly secure requires more advanced consumer hardware (making the fob orders of magnitude more expensive) and more advance hardware in the vehicle (again increasing costs) and more complex/expensive to "fix" in the face of lost FOB's and replacment FOB's.

your FOB is not secure, it's easily hacked/copied, there is very little you can do to stop it, and the only reason your car isn't getting stolen is the FOB's are sufficiently secure and require enough hardware/software/technical sophistication that most thieves don't have the resources, time, knowledge to pull of the attack and beside they can steal someone else's car that was left unlocked…but your FOB is _NOT_ a secure device - and it's relationship with your vehicle is also _NOT_ secure…

both the Tesla BluTooth approach and the BMW NFC approach are way way way way more secure than the millions of FOB's that have been shipped for the past decade - but are not perfect or flawless - and open to at least the signal relay attack - but do in fact shut down some previous attacks - so there are fewer ways in which they are not secure.

oh and the attack posted earlier about the blutooth stuff - it's called a signal relay attack - and your FOB is suspectible to that also but your Tesla app and it's secure keys running on your phone via BluTooth can't be cloned like a FOB can…so while the phone as key approach still has some of the same faults as FOBs from a security point of view - it actually has improved this space and is whittling down the set of open attack vectors - about the ONLY attack that works for Tesla Bluetooth approach is signal relay - all the other existing FOB based attacks won't work…

from the article I linked…

Each key fob is designed to emit a signal when in close proximity to its corresponding vehicle. This commands the vehicle to unlock its doors without the need to insert a key. Thieves need only use a wireless key fob scanner outside the car owner's house or at a nearby table in the restaurant. The device captures the emission and relays it to another device in the hands of an accomplice near the car, which is why this method is known as signal relaying.

so again phone as key is better - but not yet perfect.

if someone wants to steal your car your FOB isn't going to stop them - and they can find equipment to defeat the FOB or impersonate the FOB pretty easiliy…so yeah - not secure for decades now…the phone based stuff is the first real glimmer of major progress in this space, because you're carrying around a supercomputer in your pocket and you have one of those anyways - so now the auto people don't have to provide a FOB-supercomputer - rather they can make you bring your own supercomputer (your phone), and then we make the whole unlock the car thing depend on deep dark cryptography magic that secures SSL/Bank transaction and military secrets and make it computationally impossible for anyone else to impersonate your phone - and then we make the car "Prove" it's the same phone - and only your phone can answer that challenge - and boom we have a secure FOB - all it took was a portable supercomputer that can also take pictures, gps, biometric sensors, acceleramators, a 7/24 internet connection, and operating system that is fully functional, and a team of computer scientist at several companies improving the softare and the hardware continuously, and do voice and video calls, banking, payments via NFC, and can run cyrptography that world war 2 era ciphers are childs play to break...matching the feature of a smart phone is impossible if it's not your business - and the ONLY way to make this stuff truly secure is the entire feature set of a modern smart phone - FOB's never had a chance…

your phone is powerful enough to "be secure" - there is motion in the industry to move this way - it is currently and will continue to be way way way way more secure than ANY FOB ever could be - and your previous FOB's "security" was a joke or non-existent because it does not have the computation power to actually be secure…so it's not.

 

[IrwinJ]

thieves have radio receivers that can copy your FOB radio signals when you use it - they sit in parking lots "snarfing" all the FOB signals and then they replay the signals pretending to be your FOB…there is software and hardware that allows thieves to clone vehicle FOBs when they are used by simply "listening in" on the FOB<--->Vehicle exchange - and then they have a copy of your FOB for later…

if it's wireless it requires a large amount of effort to "secure" - FOBs/Vehicle manufactures don't invest enough in these devices to make them secure - they are "secure" enough that the level of effort requires some hardware/software/sophistication to pull off a FOB clone/attack - but it's far from impossible, and organized activities have enough resources to "break" vehicle FOB security…

https://carbuzz.com/car-advice/are-keyless-entry-cars-at-greater-risk-of-theft#:~:text=This involves stealing the key fob signal and,access cars that come with their own app.



consumer grade devices that don't cost a lot of money and don't have a lot of computer power made to a fixed price point and do all their work via proximity and wirelessly are most likely _NOT_ secure and _EASY_ to hack. Making this whole system truly secure requires more advanced consumer hardware (making the fob orders of magnitude more expensive) and more advance hardware in the vehicle (again increasing costs) and more complex/expensive to "fix" in the face of lost FOB's and replacment FOB's.

your FOB is not secure, it's easily hacked/copied, there is very little you can do to stop it, and the only reason your car isn't getting stolen is the FOB's are sufficiently secure and require enough hardware/software/technical sophistication that most thieves don't have the resources, time, knowledge to pull of the attack and beside they can steal someone else's car that was left unlocked…but your FOB is _NOT_ a secure device - and it's relationship with your vehicle is also _NOT_ secure…

both the Tesla BluTooth approach and the BMW NFC approach are way way way way more secure than the millions of FOB's that have been shipped for the past decade

oh and the attack posted earlier about the blutooth stuff - it's called a signal relay attack - and you're FOB is suspectible to that also but your Tesla appl running on your phone via BluTooth can't be cloned like a FOB can…so while the phone as key approach still has some of the same faults as FOBs from a security point of view - it actually has improved and is whittling down the set of open attack vectors - about the ONLY attack that works for Tesla Bluetooth approach is signal relay - all the other existing FOB based attacks won't work…

from the article I linked…


so again it's better

if someone wants to steal your car your FOB isn't going to stop them - and they can find equipment to defeat the FOB or impersonate the FOB pretty easiliy…so yeah - not secure for decades now…the phone based stuff is the first real glimmer of major progress in this space, because you're carrying around a supercomputer in your pocket and you have one of those anyways - so now the auto people don't have to provide a FOB-supercomputer - rather they can make you bring your own supercomputer, and then we make the whole unlock the car thing depend on deep dark cryptography magic that secures SSL/Bank transaction and military secrets and make it computationally impossible for anyone else to impersonate your phone - and then we make the car "Prove" it's the same phone - and only your phone can answer that challenge - and boom we have a secure FOB - all it took was a portable supercomputer that can also take pictures, do voice and video calls, banking, payments via NFC, and can run cyrptography that world war 2 era ciphers are childs play to break...

your phone is powerful enough to "be secure" - there is motion in the industry to move this way - it is currently and will continue to be way way way way more secure than ANY FOB ever could be - and your previous FOB's "security" was a joke or non-existent because it does not have the computation power to actually be secure…so it's not.

Very interesting. so I can’t Porsche create a phone app that utilizes Bluetooth as does Tesla so that people can use the more secure phone app and leave their fob at home? Surely that wouldn’t involve the big hardware investment that you alluded to.

 

[daveo4EV]

Very interesting. so I can’t Porsche create a phone app that utilizes Bluetooth as does Tesla so that people can use the more secure phone app and leave their fob at home? Surely that wouldn’t involve the big hardware investment that you alluded to.

they could - we as customers have to ask - why haven't you? it's not their focus is proably the answer - they will get it "for free" when the VW group adds it to their supply chain and software base…

and the car's computer has to be more like a Tesla and less like a PCM computer that drains the 12V battery

there is nothing stopping them (other than time, effort, opportunity cost, marketing/engineering priority) - but they didn't want to go it alone - so they are going to wait until it's "free" as part of the base components in the vehicle supply chain…and ride that wave…so not anytime soon…

this is why the BMW stuff is exciting - it's not just BMW doing it - it's a published standard every automaker could adopt - BMW and others are just the first to adopt it…it will trickle into the rest of the industry and then we'll all have it - but Porsche will not be the first - not their focus.

 

[gnop1950]

If you keep your FOB in a Faraday pouch it cannot easily be cloned. I keep all of our car FOBs in a Faraday box when we are home and in a key fob Faraday pouch whenever I get out of the car. This reduces your exposure to possible hacking considerably. Just as I keep all of my credit cards in an RFID blocking wallet. It just seems common sense these days.

 

[daveo4EV]

https://www.macrumors.com/2022/05/17/genesis-gv60-car-key-ultra-wideband/

Genesis Now Selling GV60 With Ultra Wideband Car Key Integration

The GV60 supports the Ultra Wideband implementation of Car Key, allowing drivers to unlock and start their vehicles without needing to take their ‌iPhone‌ out of their pocket or bag.

 

[gnop1950]

Car FOB relay attack for those that are unfamiliar. Keeping your keys far in a Faraday box when you are home may also help prevent battery drain, as discussed in a different thread.

 

[IrwinJ]

If you keep your FOB in a Faraday pouch it cannot easily be cloned. I keep all of our car FOBs in a Faraday box when we are home and in a key fob Faraday pouch whenever I get out of the car. This reduces your exposure to possible hacking considerably. Just as I keep all of my credit cards in an RFID blocking wallet. It just seems common sense these days.

How serious a problem is hacking of keys? I checked out the faraday pouch, and it’s not small. I’d rather not have to stick it in my pocket when I’m out and about.

Sponsored