[LINK] Thieves using a $17 power amplifier to break into cars with remote keyless systems

[David Lochrin]

> Mr. Danev said that when the teenage girl turned on her device, it amplified the distance that the car can search, which then allowed my car to talk to my key, which happened to be sitting about 50 feet away, on the kitchen counter.  And just like that, open sesame.

Amplifying the car's interrogation signal would be easy but detecting the weak response from the "key" when it's some distance away must be difficult for the car's receiver, and the break-in device should it relay the signal.  The reported breakin with 50 feet between car & key isn't far, though it's further than I'd have imagined.

However I could imagine a break-in device which simply recorded the response when the owner was nearby and played it back when they were away, a form of man-in-the-middle attack.  Nasty...

Toyota do attempt to foil breakins which take advantage of keyless entry, for example by ensuring that the person opening the car has to operate the door handle on the same side as the key is detected and enforcing a delay between locking & unlocking.  But I can't imagine any protection against the device other than biometrics (not worth it) or "something you know" as well as "something you have".

David L.