{"id":38,"date":"2007-11-07T14:00:31","date_gmt":"2007-11-07T14:00:31","guid":{"rendered":"http:\/\/leirdal.net\/blog\/?p=38"},"modified":"2007-11-07T14:00:31","modified_gmt":"2007-11-07T14:00:31","slug":"denial-of-service-attacks-with-a-new-twist","status":"publish","type":"post","link":"https:\/\/www.leirdal.net\/blog\/archives\/38-denial-of-service-attacks-with-a-new-twist.html","title":{"rendered":"Denial of Service attacks with a new twist?"},"content":{"rendered":"<p>BBC recently gave us a nice little <a href=\"http:\/\/news.bbc.co.uk\/2\/hi\/uk_news\/england\/kent\/7073935.stm\" target=\"_blank\">story<\/a> about electronic car keys. <a href=\"http:\/\/www.schneier.com\/index.html\" target=\"_blank\">Bruce Schneier<\/a> has covered the <a href=\"http:\/\/www.schneier.com\/blog\/archives\/2007\/11\/denialofservice.html\" target=\"_blank\">story<\/a> as well. The gist of the story is that a lot of people had trouble opening and starting their cars in one particular parking lot. People started checking different causes for this and long suspected a rouge wireless broadband unit or something like that. It finally turned out to be another car, belonging to a commuter, with the same lock system that was sending out signals, and thus blocking the signals for all the other users. <\/p>\n<p>This tells me two things.<\/p>\n<ol>\n<li>It is possible to block the usage of electronic keys by jamming the frequency range<\/li>\n<li>It seems that the frequency range for wlan and for car-keys are pretty close and maybe even the same.<\/li>\n<\/ol>\n<p>If they use the same bandwidth I suspect that we will see a lot of young boys with laptops blocking frequencies in a car park near you, soon.<\/p>\n<p>It seems that the car industry has avoided the attention of hackers so far. Or just touched the borders of them. One of the <a href=\"http:\/\/www.schneier.com\/blog\/archives\/2007\/11\/denialofservice.html\" target=\"_blank\">comments<\/a>&#xA0; from Bruce Schneier&#8217;s blog put it quite well.<\/p>\n<blockquote>\n<p><em>&quot;I had an interesting &quot;debugging&quot; session a few years ago when my car battery went flat if the car was parked outside my house for more than 36 hours. Anywhere else, no problem. It turned out my new weather station transmitted on the same frequency as the keys and kept the computer awake!! <\/em><\/p>\n<p><em>There&#8217;s lots of other car-related problems: when Land Rover first introduced the latest shape Range Rover, the tyre pressure monitoring system got confused if another identical vehicle passed you in the street. <\/em><\/p>\n<p><em>I&#8217;ve also heard of a radio signal based fuel level monitor. Combined with an engine management system that would stop the engine before you run out of fuel to prevent expensive catalyst damage, that suggests some interesting car-jacking opportunities. <\/em><\/p>\n<p><em>Press the remote key on someone&#8217;s 1999 Range Rover 100 times and they won&#8217;t be able to open the car. <\/em><\/p>\n<p><em>Renault Megane&#8217;s can be unlocked and started with a MiFare 4k card &#8211; trivially clonable if you look at rfidiot.org. <\/em><\/p>\n<p><em>The car industry hasn&#8217;t begun to feel the pain of poor security yet.<\/em><\/p>\n<p><em>Andy Cunningham&quot;<\/em><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>BBC recently gave us a nice little story about electronic car keys. Bruce Schneier has covered the story as well. The gist of the story is that a lot of people had trouble opening and starting their cars in one particular parking lot. People started checking different causes for this and long suspected a rouge [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[13,11],"tags":[517,515],"class_list":{"0":"post-38","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-security","7":"category-technology","8":"tag-security","9":"tag-technology","10":"czr-hentry"},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1xqPf-C","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":30,"url":"https:\/\/www.leirdal.net\/blog\/archives\/30-fingerprints-as-identification.html","url_meta":{"origin":38,"position":0},"title":"Fingerprints as identification","author":"leirdal","date":"2007-10-26","format":false,"excerpt":"Bruce Schneier had a blog entry about the security of partial fingerprints yesterday. His main point is that there has been a ruling in an US court recently that partial fingerprints cannot be used in a murder case. He links among else to the news-article (update: link removed, not longer\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":52,"url":"https:\/\/www.leirdal.net\/blog\/archives\/52-encryption-and-security.html","url_meta":{"origin":38,"position":1},"title":"Encryption and security","author":"leirdal","date":"2007-11-19","format":false,"excerpt":"Maybe it's not as secure as you think. According it this article and the following post on Slashdot, Hushmail has been caught red-handed in backstabbing their own marketing. \"The only way to decrypt or unscramble Hush messages is by using your passphrase when you open up your Hushmail account. Carnivore\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":122,"url":"https:\/\/www.leirdal.net\/blog\/archives\/122-are-you-documented.html","url_meta":{"origin":38,"position":2},"title":"Are you documented?","author":"leirdal","date":"2008-10-31","format":false,"excerpt":"In the future: You will be able to rewind your whole life. Everything you have ever done, ever said, ever seen and ever heard will be reviewable, analysable, searchable and last, but not least, available. We are getting closer to something a lot of people are calling the documented generation.\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":83,"url":"https:\/\/www.leirdal.net\/blog\/archives\/83-the-blind-men-and-the-elephant.html","url_meta":{"origin":38,"position":3},"title":"The blind men and the elephant","author":"leirdal","date":"2008-04-14","format":false,"excerpt":"As we should've expected (and maybe did?), the dispute around ODF and OOXML is gearing up. There are probably some out there that thought that NOW this issue is dead. We have two formats, what more is there to discuss. Well, a lot it seems. There are open letters in\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/technology"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":72,"url":"https:\/\/www.leirdal.net\/blog\/archives\/72-semantic-web-and-topic-maps.html","url_meta":{"origin":38,"position":4},"title":"Semantic web and Topic maps","author":"leirdal","date":"2008-01-22","format":false,"excerpt":"A colleague of mine has his own blog focusing mainly on Semantic technology. If you are interested I recommend you to read this entry(it's in Norwegian though). It's a reply to a comment in Computerworld late last year. I've translated some of the more interesting points. \"The Web was never\u2026","rel":"","context":"In &quot;Internet&quot;","block_context":{"text":"Internet","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/internet"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1909,"url":"https:\/\/www.leirdal.net\/blog\/archives\/1909-online-webinars.html","url_meta":{"origin":38,"position":5},"title":"Online webinars and IT Trends","author":"leirdal","date":"2014-08-29","format":false,"excerpt":"If you know where to look there is an amazing amount free training or talks online. I recently attended a free Webinar from Gartner called \u201cTen Trends and Technologies to Impact IT Over the Next Five Years\u201d by Raymond Paquet. I found it interesting, mainly because it matches what I\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/www.leirdal.net\/blog\/archives\/category\/technology"},"img":{"alt_text":"Theme Geometry","src":"https:\/\/i0.wp.com\/www.leirdal.net\/blog\/wp-content\/uploads\/2012\/09\/5D32728-20120903.jpg?fit=1200%2C800&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.leirdal.net\/blog\/wp-content\/uploads\/2012\/09\/5D32728-20120903.jpg?fit=1200%2C800&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.leirdal.net\/blog\/wp-content\/uploads\/2012\/09\/5D32728-20120903.jpg?fit=1200%2C800&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.leirdal.net\/blog\/wp-content\/uploads\/2012\/09\/5D32728-20120903.jpg?fit=1200%2C800&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.leirdal.net\/blog\/wp-content\/uploads\/2012\/09\/5D32728-20120903.jpg?fit=1200%2C800&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts\/38","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/comments?post=38"}],"version-history":[{"count":0,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/posts\/38\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/media?parent=38"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/categories?post=38"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.leirdal.net\/blog\/wp-json\/wp\/v2\/tags?post=38"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}