Wirelessly unlocking cars and garage doors is easy with $32 'RollJam' device

By Scorpus
Aug 10, 2015
Post New Reply
  1. Keyless entry systems can be pretty convenient, unlocking cars and opening garage doors by pressing a simple key fob's button. However they're not the most secure systems going around, and a can often be easily exploited through simple tools and clever hacks.

    Security researcher Samy Kamkar has built a simple, clever tool called "RollJam" that easily defeats keyless locks on cars and garage doors by exploiting vulnerabilities with the way they function. RollJam is built using around $32 of components and is smaller than a mobile phone, making it perfect for stealth attacks.

    RollJam is designed to defeat "rolling codes", a widely-used type of security implementation for keyless entry systems that changes the unlock code after each unlock attempt. In theory, if an attacker intercepts a code during transmission, a rolling code system makes the intercepted code useless for repeat entry attempts.

    The way RollJam defeats rolling codes is simple. When a person attempts to unlock their car with their key fob, for example, RollJam blocks the wireless signal from reaching the car using a pair of radios while simultaneously capturing the code with a third radio. The person will realize their car hasn't been unlocked, and so will use their key fob a second time.

    After the key fob is pressed a second time, RollJam blocks this signal, steals a second code, and re-transmits the first code it captured. The car accepts the first code and the person thinks everything is fine. Meanwhile, the thief using RollJam has a second unlock code stored and ready to use at a later date, and so long as the device is kept nearby, it can keep stealing and re-submitting codes until the thief wants to use it.

    RollJam can unlock cars from a range of manufacturers, including Toyota, Ford, Chrysler, Nissan, and Volkswagen, as well as several types of garage door and alarm systems. Many of these companies are aware of the issue, and are implementing new keyless entry systems that put a short expiry date on each code, thereby defeating RollJam.

    Since Kamkar has released details of this exploit to the public, it might even force these companies to upgrade existing systems, which without a hardware upgrade could remain vulnerable indefinitely.

    Permalink to story.

  2. nismo91

    nismo91 TS Evangelist Posts: 930   +33

    Seems like more newer cars are going "keyless" in the sense that you don't have to even press the keyfob anymore. as long as you carry the keyfob, it continuously transmit a specific frequency pattern that the car onboard unit will recognize it is nearby and it will then unlock the door when the driver activate it via the sensor behind the door's handle.

    would this device poses a risk to those newer cars? I mean we all know no car is 100% secure, but if one know using the handle is safer than pressing the button, then it's better to use it instead.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...