The good news is it’s almost certainly impossible to drive the car away without the original key fob.
If this sounds like an old problem that carmakers have since fixed, you’re correct.
But the Rolling-PWN attack, as it is called, exploits built-in safety features to circumvent the security fix.
Zach Vessels / Unsplash
Modern cars use a rolling code system to prevent these replay attacks.
This means the old code is instantly useless as soon as its used.
This would lead to the car and key fob going out of sync.
Thus, the attacker can then bring up the car at any point thereafter.
The attack leaves no trace.
you’re able to see the hackin action at a Honda dealership here.
Should You Worry?
The attacker also has to be in physical proximity to it.
“This hack only allows remote start, which doesn’t allow you to drive the car at all.
But that doesnt apply to all Hondas.
According toJalopniks Jose Rodriguez Jr., some Honda models still use an unencrypted code that doesnt ever change.
This is a great metaphor for our computerized world today.
What a physical key lacks in convenience, it makes up for in many cases with security.
Were they really so bad?
