Weak security in our daily lives (in English): basically, you can use a de Bruijn sequence to break into a car with keyless entry in what might be a non-ridiculous amount of time. I'm referring to the sort which have five buttons marked 1/2, 3/4, 5/6, 7/8, and 9/0, and a five-digit PIN that has to be entered. This trick takes advantage of the fact that the circuitry only remembers the last five buttons pressed, so if you press, say, 157393, then the car will open if the correct code is either 15739 or 57393. It is in fact possible to arrange things so that each key you press, starting with the fifth, completes a five-digit sequence that hasn't been seen before.
Of course, you shouldn't do this.
Via microsiervos (in Spanish).
Subscribe to:
Post Comments (Atom)
5 comments:
They really don't make you wait a few seconds after you enter an incorrect code? I know that most automatic gates and burglar alarms do, exactly to defeat this kind of attack.
I don't know. I haven't actually tried this. I don't have a car. And I'm not going to walk around and try this on somebody else's car, because it would look kind of suspicious.
You still have to enter a little over one digit per code, though, so that's an average of about 50,000 button presses to break into one car. Probably perfectly tractable automatically, but if you're doing that, why not just transmit the codes in sequence?
Sorry, I forgot, there's only 5 buttons, so therefore 5^5=3125 combinations, or about 1600 button presses on average. Yes, that certainly does seem tractable.
look at the buttons with wear marks on them, and that further reduces the possibilities.
If you cannot tell visually which buttons have been previously pushed (worn, finger oils or glove marks left) try 12345, then 54321, and if it is a residential, rural, or sparsely populated sub-urban setting, try the zip code. That's what I used to help my relatives get into my aunt's Lincoln after she lost her keys and Alzheimer's set in a few years ago.
Post a Comment