TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

Key card thefts

Discussion in 'Canada' started by Buggle, Aug 4, 2018.

  1. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    I was read Elon talking about how some ppl are stealing signals from keycards and amplifying them to be able to use the walk up function and steal peoples cards. I was wondering -- is this weakness only with the key, or does it also extend to the Bluetooth phone connection. I imagine it isn't, but never heard any discussion of the phone, so want to clarify.
     
  2. chillaban

    chillaban Active Member

    Joined:
    May 5, 2016
    Messages:
    3,154
    Location:
    Bay Area
    It likely applies to the Bluetooth keys too. It boils down to the simple concept that if the car is relying on signal strength to determine you are nearby, then an attacker can always use a repeater to relay the signal from your key to the car.

    What is needed to avoid such attacks is time of flight checking — a relay signal still travels at the speed of light, so you can measure how far away the key really is.

    There’s a lot required to implement a time of flight check securely, and standard Bluetooth stacks might be too jittery to accomplish that. And the phone keys are fairly standard Bluetooth since they work with a variety of smartphones using public APIs.
     
  3. Koflach

    Koflach Member

    Joined:
    May 20, 2018
    Messages:
    462
    Location:
    Langley, BC
    I have a walled that has build in RFID blocking technology so it makes it harder for people to steal the signal from my CC, Debit, Nexus... I wonder if it would do the same with the Key Card.
     
  4. tomc603

    tomc603 Member

    Joined:
    Jul 28, 2017
    Messages:
    91
    Location:
    NH, US
    You're misinterpreted the story. The attack is a "relay" attack- Someone uses a high powered antenna attached to a computer that receives and re-broadcasts the bluetooth signal from your phone. Your car receives this bluetooth traffic and goes through the standard handshake and unlock procedure with the laptop acting as a middle-man so both devices can receive and send data to each other.

    This has nothing at all to do with the key cards, which are RFID. To best attack an RFID system, the attacker would clone (copy) the RFID keycard. This can be made more difficult in many ways by using some kind of cryptographically confirmed one-time code that is sent to the vehicle. Every time the card would be used, the code would be changed, making it harder to copy the keycard and its function. Not impossible, but harder.

    Bluetooth is the weakest link on any device right now, including a Tesla. If you keep your phone near your car when you're at home, or you're within a short enough distance that the signal could be repeated to the car, then turn your phone's bluetooth off when not using it.
     
    • Informative x 1
    • Like x 1
  5. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    yes it does.
     
  6. chillaban

    chillaban Active Member

    Joined:
    May 5, 2016
    Messages:
    3,154
    Location:
    Bay Area
    I honestly wouldn't worry about RFID blocking. RFID is a passive coil technology, the distance that RFID signals can be read is inversely proportional to the size of the reader's coil. Hopefully if someone is holding a 2 foot by 2 foot rectangular plate inches away from your butt to read through your wallet, you'd notice. If not, then please do worry about RFID relaying.

    Bluetooth is much scarier for relay attacks. Bluetooth signals from a phone in your pocket easily travels 30+ft in open air. So anyone within 30ft with what amounts to a wifi antenna can capture and then relay that signal.

    I really think Tesla should push-notify you every time that your car is unlocked by your phone key, much like how Apple Watch does when it unlocks your Mac. That doesn't solve the relay attack but at least makes you more immediately aware of something happening.
     
    • Like x 3
    • Informative x 1
  7. T3l5aFan

    T3l5aFan Member

    Joined:
    Jul 1, 2018
    Messages:
    119
    Location:
    Vancouver
    Push notify is a great idea. Also is there a passcode required to start a Model 3? Wouldn't be a bad second step verification.
     
  8. wayner

    wayner Active Member

    Joined:
    Oct 29, 2014
    Messages:
    3,233
    Location:
    Toronto
    Maybe we will soon have 2FA on our cars. Tesla texts us a code that we have to key in to start the car :)
     
  9. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    So this theft used Bluetooth or RFID?

     
  10. T3l5aFan

    T3l5aFan Member

    Joined:
    Jul 1, 2018
    Messages:
    119
    Location:
    Vancouver
    Relay with the FOB.
     
  11. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    So then someone doesn't have to stick a relay scanner on your butt? The other guy said this would be required for the FOB, where Bluetooth has a 30' range.

    I'm just trying to get the below clear in my head & having trouble --

    ......................................................................Bluetooth..................FOB/RFID
    Hackable via relay scanner?.....................…Yes/No...............…...Yes/No
    Preventable via blocker? ie -..................…...Yes/No.....................Yes/No
    https://www.amazon.com/MONOJOY-Blocking-Antitheft-Protection-Security/dp/B077SFPGNY/ref=as_li_ss_tl?ie=UTF8&qid=1533031401&sr=8-3&keywords=faraday+bag+key+fob&dpID=6183ZxqstzL&preST=_SY300_QL70_&dpSrc=srch&linkCode=sl1&tag=electrek-20&linkId=9df664fae4610b9d41ee3ca3a0289129&language=en_US

    If not preventable this way, then how? ie. Will placing phone x feet from any exterior entrance to your home prevent theft? I can for sure say my phone won't unlock my car unless it's not more than ~10 feet away. Same can be said for scanners?
     
  12. T3l5aFan

    T3l5aFan Member

    Joined:
    Jul 1, 2018
    Messages:
    119
    Location:
    Vancouver
    I lived in the UK and they said never to keep your keys near your front door because this was going on. They stand outside door where most people have their keys. Relay fob to scanner near car that tricks it into thinking its near.
     
  13. Ludalicious

    Ludalicious Member

    Joined:
    Feb 22, 2018
    Messages:
    240
    Location:
    Vancouver
    I must not be the only one who has full replacement insurance on my vehicle. This guy right here has zero concern about this issue.
     
  14. T3l5aFan

    T3l5aFan Member

    Joined:
    Jul 1, 2018
    Messages:
    119
    Location:
    Vancouver
    I here you, but it's good to avoid having to get to that point and just to deter theft overall so we can keep our insurance costs down.
     
  15. Ludalicious

    Ludalicious Member

    Joined:
    Feb 22, 2018
    Messages:
    240
    Location:
    Vancouver
    Ahahahahahah

    The first Tesla ever stolen in the US was in 2011. This provided a three-year window with no thefts, starting from the 2008 release of the Roadster.

    Between 2008 and 2013 the total number of stolen Teslas was 4. That means that only four cars were stolen between two models (the Roadster and S) and six years.

    LOL let's not get carried away here.
     
  16. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    Have you read the articles about Europe? It's a thing there, the thieves over there just haven't yet trained the ones over here. And it's not a Tesla specific issue. I also think given this is a hi-tech theft, using historical data to justify anything is pretty much irrelevant.
     
  17. T3l5aFan

    T3l5aFan Member

    Joined:
    Jul 1, 2018
    Messages:
    119
    Location:
    Vancouver
    Honestly, the criminals in North America are on amateur night but we are starting to see them adopt some of the hi-tech theft and it's only going to accelerate.
     
  18. tomc603

    tomc603 Member

    Joined:
    Jul 28, 2017
    Messages:
    91
    Location:
    NH, US
    SMS codes are considered insecure for 2FA. You need a token generator or some kind. SMS intercept is super easy, and it's done all the time these days to hijack accounts. Sorry for the bad news.
     
  19. Dr. J

    Dr. J Member

    Joined:
    Aug 23, 2017
    Messages:
    536
    Location:
    Fort Worth, Texas
    Because an anecdote and a YouTube video are way better!
     
  20. Buggle

    Buggle Member

    Joined:
    May 16, 2018
    Messages:
    396
    Location:
    Vaughan
    You know... all I wanted out of this post was basic information on what's hackable and what's not, how, and potential solutions for anything that is an issue. Sadly I've failed to get any of that. :(

    A solution for the FOB is that $10 sleeve from Amazon, but I'm no closer to figuring out anything regarding the Bluetooth.
     

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


    SUPPORT TMC