this post was submitted on 10 Feb 2024
378 points (96.3% liked)
Technology
59105 readers
3344 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Isn't that because it can desync the actual keyfob?
Nvm... Clicked the link. That's exactly why you shouldn't do that.
That is my understanding and why I haven’t ventured into that area with my personal vehicles yet.
Ah, so the cars still have shitty security implementations, only now it's in the direction of "car needs service if someone tries to playback a previous signal".
Though how does it work when you hit the button while out of range of the car?
It should be each fob has a private key that is used to generate a cryptographic hash of a random challenge string. Or hell, even give a rolling code a sequence number so they the car and fob can resync if necessary (I don't think this would break the security, since the sequence could be started at a number other than 0).
That sounds dangerously close to an open standard that would prevent charging $500 for key fobs.
Any open standard can be tweaked slightly to make it a closed propriety one!
Though I do wish open standards were enforced for cars. Instead of each car/platform essentially being a mini monopoly that third parties need to design for specifically if they want to compete.