I read through multiple threads and articles on the Model S security and the various iterations it went through and I’d like to make sure my understanding is proper.
First, there is the ability to clone a key fob. V1 keys are 40 bits and easy to clone. V2 keys are 80 bits and, while a previous implementation was really a 2x40bits, it is now a proper 80 bits one that should make it resistant to cloning. Depending on your usage (where you live, etc.) this might or might not be much of an issue. V1 holders must buy v2 keys if they want one. Keeping your keys in a faraday cage (metallic box, aluminium sheet, etc.) prevents the hack.
Then there is the relay hack whereby a hacker can use an antenna to get close to your fob and put another relay near your car, essentially mimicking the key being close to the car, and opening the car. That is an issue with both v1 and v2 fobs. To prevent it, you can use the faraday cage trick, put a PIN on your car (to restrict usefulness of attack) or disable the opening of the car upon key detection.
What’s not clear to me now, is, considering a hacker got into your car (using the previous trick for example), can they use the OBD2 port to get it to start despite a PIN code for example? Is there any use in putting a OBD lock? Any advice there?
Any other advice?
Thanks
First, there is the ability to clone a key fob. V1 keys are 40 bits and easy to clone. V2 keys are 80 bits and, while a previous implementation was really a 2x40bits, it is now a proper 80 bits one that should make it resistant to cloning. Depending on your usage (where you live, etc.) this might or might not be much of an issue. V1 holders must buy v2 keys if they want one. Keeping your keys in a faraday cage (metallic box, aluminium sheet, etc.) prevents the hack.
Then there is the relay hack whereby a hacker can use an antenna to get close to your fob and put another relay near your car, essentially mimicking the key being close to the car, and opening the car. That is an issue with both v1 and v2 fobs. To prevent it, you can use the faraday cage trick, put a PIN on your car (to restrict usefulness of attack) or disable the opening of the car upon key detection.
What’s not clear to me now, is, considering a hacker got into your car (using the previous trick for example), can they use the OBD2 port to get it to start despite a PIN code for example? Is there any use in putting a OBD lock? Any advice there?
Any other advice?
Thanks