Blahzay

From what I have read, the key for the 2006 IS is RFID based. Do you think its possible to clone it to another device? Something like a Mobil Speedpass or maybe a proxcard? I'd love to have a credit card sized "key" that I could just leave in my wallet. I never use the buttons on the fob anyway. I also seem to remember reading that the 2007 LS will have a card key.

I know there was a link to that "High tech gone in sixty seconds" article...and from reading it, it seems that cloning the fobs would be possible.

Just curious to see what everybody thinks.

kensteele

Of course it is possible. Not likely that any of us have the right equipment, but if you take your remote apart, you might be able to find the important pieces, remove them, and then place them into or onto the objects that you desire.

Blahzay

I was hoping to do it without disassembling the key...

kensteele

doubt. there might even be a law against cloning certain electronic codes. not that it should prevent you but it probably limits the availability of the such equipment.

Blahzay

Does the new LS use the same keyfob as the IS? If so, maybe Lexus would let IS, GS, or new ES owners buy replacement card keys programmed with the codes from their fobs...

tjp

There was an article on news.com about cloning these RFID based keys. It can be done with a laptop and a RFID developer kit. These kits are available from the RFID manufacturers. They include software and a RFID reader. Using these tools person can mimic either the car or a key and capture the data handshake and key challenge. Since the RFID manufacturers are onlys using a 40bit key the person then takes that data and can easliy crack it using a brute force method. A 40 bit ket is unheard of these days with 1024 bit keys being very common.
A guy in Germany was recently arrested with the above mentioned equipment and several "cracked" keys stored on the laptop. With the cracked keys, all he had to do was find that car again, and he would own it!

This situation has me very concerned about getting my car stolen. I live in the Silicon Valley area. There's a lot of high tech out here.

kensteele

I wouldn't lose any sleep over it lol.

tjp

That's the attitude the RFID company's take. Ahh, don't worry about it, they say.

As more cars come equipped with these, and the knowledge about how easy they are to carck gets out. I expect to see more illegal activity. David Beckham, the soccer player, has had his BMW X5 stolen twice by this method.
Here's the news.com article
http://news.com.com/Gone+in+60+secon...3-6069287.html

kensteele

heard the same thing years and years and years ago when we switched from hard keys to wireless rf remotes.

i wouldn't even give this not a second thought. rf id companies? naw, i don't thing about them and their attitudes at all.

it just simply isn't the way the criminals that you have to worry about operate. give it a few months, it will pass lol.

Reyngel

Here's the thing, though... there will never, ever be a car that can't be broken in to. You have to keep that in mind. To pose an analogy, think about bank ATM's. Can your average thief just walk up and steal money from it? No. But does that mean it's impossible? No. Someone with the right means, as rare as it may be, can potentially hack into the ATM with a laptop and steal money. But do banks freak out over it? Of course not. Because if common robbery ever became as advanced as that, bank ATM's would just cease to exist. The point being that there will always be superior technology, and alongside that, an even more superior human. But the odds of it happening are so incredibly minute that it shouldn't be a cause for alarm. So with regards to the hacking of car security systems via laptops, odds are you'll never ever even know a guy who knew a guy who knew a guy who had his car stolen that way, let lone have it happen to you.

Blahzay

That was the same article I was talking about in my original post. But the methods used don't necessarily have to be applied to stealing cars. I would consider it a valuable service if someone could clone the RFID info from my fob and put it onto a credit card or key tag sized device.

Nauticalx

Whiel it may be able to be cloned through brute force, forgive me if I'm wrong but that method would require free access to the source (key) for at least hours. Thieves cannot just scan your key through your pants and have it cracked. The only reason a key would be in someone's possession in the position to clone it would be if that person was a valet or stole your keys in which case they wouldn't need to to clone to steal the car.

I doubt its a problem otherwise they wouldnt be equipping credit cards with the same technology. An industry much more prone to duplication, fraud, and theft.

Big Andy

It's a bit unfortunate that you use bank ATMs as your analogy as there have been numerous frauds concerning them in the UK. The most common one is to use a card reader that fits over the standard ATM and clones peoples' cards when they try to use them. It is almost unnoticable. The user just thinks his card has been spat out and moves to another ATM. The thief then retrieves his card reader, makes a cloned card and empties that person's bank account. It's happening up and down the country at the moment. What I'm trying to say, whatever the technology someone will crack it.

uschardcor

^^ actually the new sysem of credit card authentication is gonna make for some very unhappy customers. basically the card companies are taking themselves out of the liability loop and leaving the card owner at fault for any non-approved transactions...

http://www.tomsnetworking.com/2006/0...it_card_fraud/

w/ rfid there is a multitude of implementations a manufacturer can use to deploy different types of security. its a simple framework that can have many devs build on top of it. we just finished piping rfid through gps for port cargo control and tracking in post-katrina new orleans.

as far as security of your car, and the guy living in silicon valley. yup there is a lot of technology out there. thankfully those who actually understand how to implement it typically have a decent amount of ethics. some on the other hand don't. and it sucks.

however with a system like this you won't get your every day impulse car thief spotting ur car and driving away with it. the theif would have to mark his target and take a little more initiative. basically its better than tthe systems we've had before and thats the least you can ask

kensteele

We had that problem already. There were even whole fake ATMs (not just the card reader) setup to do this. It's unfortunate the UK is now dealing with it but we've mostly solved this problem already in the US. It hasn't been eliminated totally but....well you know the deal.