ctOS? Shadownet?

Random things go here

Re: ctOS? Shadownet?

Post by Randoph on Mon Aug 11, 2014 5:01 pm
([msg=82744]see Re: ctOS? Shadownet?[/msg])

pretentious wrote:I actually want to build an electronic shim(probably the wrong word) at some point to unlock car doors by brute force. There's no lockout preiod that I'm aware of so hypothetically, I could just cycle through patterns?
I'll start with an infrared transmitter to fuck with people's TV's and I'll go from there 8-)

Yeah, I would love to do that as well, but I dont thulink I will be able to do so within the next 2 years or so...
Got a lot of learning to do
A little rebellion now and then ... is a medicine necessary for the sound health of government.
-Thomas Jefferson
User avatar
Randoph
Poster
Poster
 
Posts: 127
Joined: Fri Aug 08, 2014 2:48 pm
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by cyberdrain on Mon Aug 11, 2014 6:43 pm
([msg=82752]see Re: ctOS? Shadownet?[/msg])

Isn't that something like basic copy-paste with signals instead of text? I mean, I've seen TV sets even include a system out of the box for a simulated universal remote. HDMI has CEC and TV sets don't seem that well protected yet. I would think the car systems are a bit more sophisticated with encryption and different valid keys at certain times. Then again, I never did anything in that regard, so I might be wrong.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by pretentious on Tue Aug 12, 2014 2:45 pm
([msg=82765]see Re: ctOS? Shadownet?[/msg])

if anyone s curious about tv remote signals , fun fact. if you look at the transmitter through a video camera screen, you can see the bulb flash. The speed and simplicity of the mechanism is inspiring.

I haven't done *any* research yet into car remotes but as valuable as the item they're protecting is, I'm quietly confident that the security isn't that hardcore. in fact, I'll live up to my handle and say I bet it relies on intimation more than technology ;)
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1219
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by Randoph on Tue Aug 12, 2014 5:09 pm
([msg=82769]see Re: ctOS? Shadownet?[/msg])

I heard somewhere, that the older car remotes can be used to open several cars, I just assume that these older car remotes send out a specific kind if frequency , and that the car pick up these signals, for example, 140 Hz. But when there is a 2nd car wich also has a frequency of 140 Hz, this one can be opened with the same remote. What if you build something that tests 200 frequencies, would that work?
A little rebellion now and then ... is a medicine necessary for the sound health of government.
-Thomas Jefferson
User avatar
Randoph
Poster
Poster
 
Posts: 127
Joined: Fri Aug 08, 2014 2:48 pm
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by pretentious on Wed Aug 13, 2014 4:27 am
([msg=82774]see Re: ctOS? Shadownet?[/msg])

so now to stop talking out my ass.
http://auto.howstuffworks.com/remote-entry2.htm
Cars and the remotes use a specific random seed and have a rolling code.
Maybe could still be brute forced. a keyspace of 1.099511628×10¹² except the car door will accept any code within 256 generations of where it's at, so it's more like 4294967296. And if i read that right, the car will keep the same key until a valid one is found and they syncronise by going to the next one, It hypothetically could be done but my plans are now well and truely on the shelf haha.


@Randoph, haha that would almost be too easy :) I think I've seen newbie electronics kits that deal with frequency modulation.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1219
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by cyberdrain on Wed Aug 13, 2014 7:58 pm
([msg=82789]see Re: ctOS? Shadownet?[/msg])

Randoph wrote:older car remotes can be used to open several cars

Yeah, that's pretty much a given, security will only come into play once someone finds a way to show it's not secure at all. They learned though and as pretentious said, some can still be brute forced (the thing you suggested by going through 200 frequencies). As long as there's no limit to the amount of keys that can be sent, brute force will always work. Add a time-out after too many invalid attempts and people start complaining it takes too long to open their cars, so limiting the amount of keys that can be sent is usually not an option. Still, if you have to go through ever more combinations, it becomes increasingly harder.
pretentious wrote:Maybe could still be brute forced. a keyspace of 1.099511628×10¹² except the car door will accept any code within 256 generations of where it's at, so it's more like 4294967296. And if i read that right, the car will keep the same key until a valid one is found and they syncronise by going to the next one, It hypothetically could be done but my plans are now well and truely on the shelf haha.

Sounds a lot like the SecurID tags, where one secret seed shared between systems that feeds two random number generators (RNG) and a system that allows for drift in time between the two internal clocks. Too much drift between the RNGs internal clocks and people have to request a new key ('It doesn't work anymore, I think the battery died' 'Yeah, must be.' xD). The cars' system seems a bit simpler in design though.
Last edited by cyberdrain on Fri Aug 15, 2014 7:33 am, edited 1 time in total.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by pretentious on Thu Aug 14, 2014 6:30 am
([msg=82800]see Re: ctOS? Shadownet?[/msg])

cyberdrain wrote:
Randoph wrote:older car remotes can be used to open
pretentious wrote:Maybe could still be brute forced. a keyspace of 1.099511628×10¹² except the car door will accept any code within 256 generations of where it's at, so it's more like 4294967296. And if i read that right, the car will keep the same key until a valid one is found and they syncronise by going to the next one, It hypothetically could be done but my plans are now well and truely on the shelf haha.

Sounds a lot like the SecureID tags, where one secret seed shared between systems that feeds two random number generators (RNG) and a system that allows for drift in time between the two internal clocks. Too much drift between the RNGs internal clocks and people have to request a new key ('It doesn't work anymore, I think the battery died' 'Yeah, must be.' xD). The cars' system seems a bit simpler in design though.

first time I heard about these, I wondered how they keep sync. I'm pretty sure quarts timers can lose accuracy up to +-.5 seconds a day.
I bet it's an inside joke in the automotive industry :p I assume car keys take a bit of punishment.
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1219
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by cyberdrain on Thu Aug 14, 2014 2:15 pm
([msg=82809]see Re: ctOS? Shadownet?[/msg])

Actually, I don't work there, so I wouldn't know. People always assume something is either just broken or the battery/power died, there is nothing else. Anyways, bad joke, moving on. To keep in sync, SecureID tags employ a similar error margin, if the token is a few minutes old, it gets rejected, otherwise it's accepted. I should say those tags are used for two factor identification on computer systems, not cars as far as I know.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by pretentious on Fri Aug 15, 2014 1:49 am
([msg=82826]see Re: ctOS? Shadownet?[/msg])

cyberdrain wrote:To keep in sync, SecureID tags employ a similar error margin, if the token is a few minutes old, it gets rejected, otherwise it's accepted

A guy at my work has a security token that changes every 30 seconds(massive pain for him :P ), prvious post was the question I asked him haha. Answer was something like, no idea but the company that takes care of it must have some safeguards in place.
GPS satelites probably have this figured out so maybe these guys do too :P
Goatboy wrote:Oh, that's simple. All you need to do is dedicate many years of your life to studying security.

IF you feel like exchanging ASCII arrays, let me know ;)
Can you say brainwashing It's a non stop disco
User avatar
pretentious
Addict
Addict
 
Posts: 1219
Joined: Wed Mar 03, 2010 12:48 am
Blog: View Blog (0)


Re: ctOS? Shadownet?

Post by cyberdrain on Fri Aug 15, 2014 7:33 am
([msg=82830]see Re: ctOS? Shadownet?[/msg])

You know that there's a bit of a size difference between satellites and tokens, right? I mean, development of atomic clocks in those tokens that small will take a while and would be very expensive for something you just replace. Also (wiki): "Normal token clock drift is accounted for automatically by the server by adjusting a stored "Drift" value over time." I did not know that.
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


PreviousNext

Return to Off-Topic

Who is online

Users browsing this forum: No registered users and 0 guests