Honda is exposed to major security flaw: hackers can remotely unlock and even start the car

Time:2022-07-13 14:45:39Source:

On July 12, the Financial Associated Press reported that a large number of Honda vehicles had security flaws that allowed hackers to unlock the cars remotely.

In a statement to The Drive, a Honda spokesperson said: "We have investigated similar allegations in the past and found them to lack substance. While we do not have enough information to determine whether the relevant vulnerability reports are credible, The key fobs of the aforementioned vehicles are equipped with rolling code technology, and the vulnerabilities described in the report are unlikely."

Older vehicles use static codes when the owner unlocks the vehicle using the keyless entry system, which is not secure because anyone can capture and re-transmit the code signal to unlock the vehicle.Based on this, manufacturers employ rolling codes to improve vehicle safety.

The rolling code works by using a pseudo-random number generator (PRNG).When the paired key fob transmits a lock or unlock signal, the key fob sends a packaged unique code to the vehicle.The vehicle then checks the code sent by the key fob against the code generated by the PRNG in its internal database, and if the code is valid, the car approves the request to lock, unlock or start the vehicle.It is worth mentioning that since the user may not be in range of the vehicle to receive the signal when the user presses the key fob, the valid code will be a series of codes.When the vehicle is successfully unlocked with a valid code, in order to prevent hackers from capturing and replaying the code, its database will invalidate the previous valid code.

And because Honda didn't invalidate these used codes, hackers would be able to unlock the vehicle by capturing and replaying the code sent by the Honda's key fob, a vulnerability security personnel dubbed Rolling-PWM.

Statement: the article only represents the views of the original author and does not represent the position of this website; If there is infringement or violation, you can directly feed back to this website, and we will modify or delete it.

Preferredproduct

Picture and textrecommendation

Hot spotsranking

Wonderfularticles

Popularrecommendations