'Digital Key' Standard Uses Your Phone To Unlock Your Car (engadget.com) 158
The Car Connectivity Consortium, a mix of major smartphone and automotive brands, has posted a Digital Key 1.0 standard that will let you download a virtual key that can unlock your vehicle, start the engine and even share access with other drivers. Engadget reports: Unsurprisingly, the technology focuses on security more than anything else. Your car manufacturer uses an existing trusted system to send the digital key to your phone, which uses close-range NFC to grant access to your ride. You can't just unlock your car from inside your home, then, but this would also force would-be thieves to be physically present with your phone when trying to unlock your car. Apple, LG and Samsung are among the phone brands in the group, while car brands including BMW, Hyundai and the Volkswagen group are also onboard. There's also talk of a version 2.0 spec that will promise more interoperability between cars and mobile devices in the first quarter of 2019.
That is surprising (Score:5, Insightful)
The way things are in this industry at the moment, that is incedibly surprising to me...
Re: That is surprising (Score:3)
It's unsurprising that they used the word "security" in their product just like everyone else with an open AWS machine.
Whether it is secure or not is yet to be seen. At least you can't remotely drive the cars. Else someone will design a game where you drive a car onto a boat. And we get a few million cars stolen one night.
Re: That is surprising (Score:2)
Label it the âoeCar/Boat Challengeâ on YouTube and thousands of teens will be duped into commiting grand theft auto overnight. Afterall, they dont seem to think for themselves anymore. Theyve been turned into lemmings and indoctrinated into GroupThink. Nobody even uses the expression âoeIf everyone else jumped off a bridge, would you?!â Because, they probably would. See Tide Pod challenge for a perfect example of this.
Re: (Score:2)
"If everyone else jumped off a bridge, would you?" Because, they probably would.
Wouldn't you? If I'm standing on a bridge and everyone starts throwing themselves into the water, I'll probably assume that there's something motivating them. Doubly so if my friends are jumping, because I know my friends to be rational people. No matter where I am, if "everyone" begins fleeing, I'll probably flee too.
Re: (Score:2)
My latest car is the first one I've owned that just has the key fob, that if present allows start of the car with a button.
I guess it is from decades of muscle memory, but even after I push the button to turn it off, before I get out, my right hand reaches over near the steering wheel to grab the keys.
I don't suppose I'll ever get used to it.
I'm guessing with fobs, much like this cell phone option...if you run out of batteries, you are SOL if you need
Re: (Score:2)
even after I push the button to turn it off, before I get out, my right hand reaches over near the steering wheel to grab the keys.
I'm on my first keyless car too. It still distresses me to close the locked car door after exiting without a set of keys in my hand. I ALWAYS looked at my keys as I closed the door and I never locked my keys in the car. But then, when I get to about 15 mph I still reach toward the console to shift into second even though it's been probably a decade since I've driven a manual transmission.
Re: (Score:2)
Well, thankfully, I can still say that I've never owned a car with an automatic transmission, I'm manual only!!
Re: (Score:2)
I have an older vehicle that has a key with a built in remote, and a transponder chip, which ensures it will start the car even if the battery is dead. I don't need to try to pry off part of the door handle either. The vehicle "auto cranks", and can be used with a push-button start, but I know that for someone to steal the car, they need to have a chip presence, and bypass the physical Strattec lock. Not impossible, but a lot harder to steal than a thief using a device that makes someone's transponder ke
Re: (Score:2)
Re: That is surprising (Score:2)
About a year ago, I got a car with a fob. I actually like it better than a key.
It won't let me lock the car from the door handle button if the fob is inside. It will allow me to lock the car with it still running but beeps a warning. It won't start without the fob in the front seats.
The single door handle & step lights go on if I get close while it is parked. The door unlocks with the handle button. All doors unlock and step lights turn on for all if double pushed. The hatch opens if the fob is behind i
Re:That is surprising (Score:5, Insightful)
Actually phones have increased security for things like mobile payments. Rather than just a contactless tap or easily observed PIN, you have a fingerprint unlock or arbitrarily long password.
Let's think about the security implications of unlocking/starting your car with your phone instead of the key. The key is probably just as vulnerable to theft since you have to have it on you, but has no authentication mechanism at all. No fingerprints, no passcodes, just having it unlocks and starts you car. So even if you disable authentication on your phone it's still no worse than the key.
Modern car keys use radio comms, so no loss there. Actually the wireless comms used for mobile payments are even more secure, being extremely short range and using a well tested standard algorithm instead of the manufacturer's own concoction. Never roll your own security if you can help it.
So all in all using your phone as a key seems like it can only be a net win. We have established that phones can securely keep secret tokens, as require for contactless payments.
Re: That is surprising (Score:2)
Except having a physical key requires actually having the key in your posession. Some cars are more suceptible to hotwiring and slimjims, but thats the least common way cars are stolen and its pretty obvious when observed. I suspect with this that someone will discover a flaw in the API that allows any user to bypass authentication and execute the unlock feature. Its the same reason i dont have digital locks on my house. Why make it easy on them?
Re: (Score:2)
Except having a physical key requires actually having the key in your posession.
Not the case with lots of new cars. Increasingly, they're all moving to RF keys, as AmiMoJo said. This is super convenient, since it means that you just have to have the key in your pocket and to be able to open the door and drive. But it also opens the keys up to relay attacks, where the key may be miles away from the car but a pair of transceivers relays the signal.
FWIW, I'm working on digital car keys for Android as well. I own most of "hardware-backed security" for Android at Google, which means most
Re: (Score:2)
Rather difficult to trace the key without having it in your possession, in which case you already HAVE the key, so why are you copying it? (unless some idiot posts a picture of their keys I suppose).
Basically your "friend" sounds like an asshole that abused the trust shown them by people who probably considered them a trustworthy enough friend to lend their keys to. Or maybe just an utterly unscrupulous valet. Either way the only thing the duplicate key grants them is less suspicion for their crimes.
Besid
Re: (Score:2)
Re: (Score:2)
I didn't - in fact if you'll notice I mentioned it right at the end of the first sentence.
Re: (Score:2)
Actually phones have increased security for things like mobile payments.
Sure, until you drop them.
(or sit on them, or whatever...)
I wouldn't want my money and car to be locked up using something so fragile.
Re: That is surprising (Score:2)
That fingerprint authentication is bullshit. A few years ago I discovered that my daughter added her fingerprint to my authentication just so that she didnâ(TM)t have to type in the pin number to unlock my phone. She was 10. Then they started rolling out fingerprint purchases out of the App Store. They didnâ(TM)t even have the foresight to require you to enter in your Apple ID and password to add a new fingerprint. They simply record your phone to be unlocked from a simple pin. And there in lie
Re: (Score:2)
That fingerprint authentication is bullshit. A few years ago I discovered that my daughter added her fingerprint to my authentication just so that she didnâ(TM)t have to type in the pin number to unlock my phone. She was 10. Then they started rolling out fingerprint purchases out of the App Store. They didnâ(TM)t even have the foresight to require you to enter in your Apple ID and password to add a new fingerprint. They simply record your phone to be unlocked from a simple pin. And there in lies the fundamental flaw. What good is all this super security if the mechanism to add new trustees has no security. And there in lies a fundamental flaw. What good is all the super security if the mechanism to add new trustees has no security?
There was a a gaping, almost impossible to fix flaw in that ecosystem. That would be you.
Letting a 10 year old access your phone, and allowing her unsupervised access to boot is the biggest security flaw.
And you deciding to blame it on Apple just shows that you'll defeat anything they can come up with
Re: (Score:2)
To add a new fingerprint you need to enter the unlock code for the phone. Your daughter had this so thatâ(TM)s how she did it. You let her.
In order to enable Touch ID for App Store purchases (which is off by default as far as I know) you need to type in your Apple ID password. Either you did that or she knows the password.
Not sure how much more protection you can expect.
Re: That is surprising (Score:2)
Incorrect. And a pin code is not as secure as appleID password. I have figerprint purchases turned off. And every single fucking time I buy anything, the goddamn thing tries to turn it back on. Where is the âoefuck you, I said fucking NO 12 times agoâoe button? However, is it too much to ask for appleid password to alter the authentication method? I have to give this password to do an update or authorize a purchase, But a simple pin number is all that is required to add new accounts??? That
Re: (Score:2)
Sorry.. I just don't see what you're seeing.
I turned off Touch ID purchases on my phone just now.
In order to turn it back on I need to enter my apple ID password.
I just went and bought something in the app store. Entered my Apple ID password. It didn't ask me to turn on touch ID for purchases.
To add a new fingerprint it is *not* sufficient to simply have the phone unlocked. In order to access the "Touch ID and Passcode" page of the preferences you need to enter your passcode *again*. This is how it's al
Re: (Score:2)
This is not how it has always been. Not with regard to adding new fingerprints. How do I know? Because my daughter does not have the faintest clue what my appleID is, hell my wife doesnt even know. Its not my email account for damn sure. She is 15 now. This happened back on my 5S. As far as asking to turn on touchID for purchases, every - single - time I get a purchase request (family sharing where kids have to request permission to get an app) and I authorize it, it constantly nags me to turn on touchID a
Re: (Score:2)
Re: That is surprising (Score:2)
Then why dont they ask for a PIN code when making a purchase? After all, you seem to think itâ(TM)s so fucking secure, I did, by the way, mention it was âoeyears ago âoe. It was actually just a four digit numerical value back then. It wasnt until around thr iphone6 that they switched to even 6 digits. Apple clearly established two levels of security; one being higher than the other one. The PIN code has ALWAYS been considered less secure and unacceptable for financial authorizations. If
Re: (Score:2)
Re: (Score:2)
https://www.youtube.com/watch?v=zz_UotC0JR8 [youtube.com]
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The smartphone isn't the weak link here - it's car manufacturer's "existing trusted system." I suspect it'll be much easier for a bad actor to trick the manufacturer into sending a key to their smartphone than it would be for them to walk into a dealership and convince them to make a copy of a key that isn't already in their possession.
Tesla's process requires you to send a copy of your registration and ID to get your vehicle associated with your Tesla account, which allows your phone to unlock and even drive the car without a key. The documentation is sent via email (assuming you're not buying from Tesla directly, in which case it would be easier), but I'm told they also validate the information against the public data from the state (at least in the US), so it seems reasonably good. The same paperwork would get a dealership to make a ke
Re: (Score:2)
Re: (Score:2)
Let's think about the security implications of unlocking/starting your car with your phone instead of the key. The key is probably just as vulnerable to theft since you have to have it on you, but has no authentication mechanism at all. No fingerprints, no passcodes, just having it unlocks and starts you car. So even if you disable authentication on your phone it's still no worse than the key.
But I know that no malware is going to creep onto my key from the internet. If my phone gets hacked, they can exfiltrate the codes, or disable my access and hold me for ransom.
Re: (Score:2)
"$80 to $50. As a phone and a video camera, the iPhone 6s isn't obsolete and I use it to make my videos on youtube. As a Sprint very special customer for 20+ years, Sprint will always give me a new iPhone for free if I decide to stop using the 6s as a phone in the next several years."
Not to rain on your parade, but if you really pay between 50 and 80 bucks a month, all the players will give you a new phone.
Re: (Score:3)
Re: (Score:2, Offtopic)
You're bragging about digging through the trash for used lottery tickets.
I don't know if you're subtly trolling or if you're actually clueless enough to think that other people will envy you in some way.
Re: (Score:2)
You need to get out of the house more often.
Re: (Score:2)
How about NO? (Score:3)
That if, if I manage to drink enough whisky. Maybe the self-driving car can pick up some for me. Hell, just add photo-recognition to it -- if it doesn't look like me or my wife trying to enter the car, just start it up and drive off. For bonus points get a picture of the perp. For EXTRA bonus points, make sure that same picture has the front tire of the car sitting on them. Or rear tire, I'm not picky, and there's already a camera back there anyway.
What was wrong (Score:3)
Re:What was wrong (Score:5, Insightful)
The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around.
Second: a key is single factor authentication. Phones can be multi-factor (you need the phone and a password for instance). Keys are also difficult to revoke. If you lose the key, you need to physically change the lock in order to get a new bitting.
Another advantage of phone-based authentication is that you can transmit a token remotely to someone else if you want to give him access to you car. Basically the equivalent of putting car keys in someone's mailbox, but you get to keep your own key, and you don't need to actually go put it in the mailbox.
Saying "what's wrong with a key" is like saying "what's wrong with cash". There are many compelling arguments for cash over credit cards and the like, but cash isn't without issues.
Re: (Score:2)
The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around. Second: a key is single factor authentication. Phones can be multi-factor (you need the phone and a password for instance). Keys are also difficult to revoke. If you lose the key, you need to physically change the lock in order to get a new bitting. Another advantage of phone-based authentication is that you can transmit a token remotely to someone else if you want to give him access to you car. Basically the equivalent of putting car keys in someone's mailbox, but you get to keep your own key, and you don't need to actually go put it in the mailbox.
Saying "what's wrong with a key" is like saying "what's wrong with cash". There are many compelling arguments for cash over credit cards and the like, but cash isn't without issues.
All those arguments can be made against the phone though? Cash or card is a choice, and as long as this is then that's ok.
Re: (Score:2)
The biggest issue is that that's something you need to have on you. Not having a key is one less thing to carry around.
Damn man - that' a hellava first world problem. Not to mention just how much space does a key take up?
As well, there is a really big flaw in a phone based system.
Batteries. Now I don't abuse my batteries, but from gas station and convenience store displays of batteries to plug into your dead smartphone, and my experience with my son and his phone that is always on the verge of dying, and his girlfriends and now wife.....
What exactly do you do when you want to get into your car, and you pull out a dead
Re: (Score:2)
Damn man - that' a hellava first world problem. Not to mention just how much space does a key take up?
Way too much. I just bought a new car and that key is bigger than all my other keys combined, ring included. It is at least twice bigger than the key of my previous car, which performed the same function, and wasn't especially small either. I understand a big car key can be seen as a status symbol but come on, it is an entry-level compact car, not something to show off with.. But that's an other subject... And yeah, definitely a first world problem but it goes well with cars with first world prices.
Oh, one quick note.Many (most) modern car keys are two factor. You have the mechanical key, then there is a lot of stuff inside the key handle that the car senses. Merely copying the key won't work..
That's n
Re: (Score:2)
Damn man - that' a hellava first world problem.
And? We happen to live in the first world. I don't go hungry, I don't have a lack of clean drinking water, I'm secure in my life, so what? Give up? Never seek any further improvements?
Speaking of first world problems, just how many 3rd world countries will be rolling out top of the line BMWs with fancy unlocking mechanisms from your iPhone X? Maybe we should stop developing all technology and luxury goods as they are all solutions to first world problems.
Re: (Score:2)
I agree that there's nothing wrong with a key. However I can see that this phone based system could be better than the "key fob, not really a key" that new cars seem to come with. The problem I've found is that since you just have to have the fob somewhere in the car, it's pretty easy for that fob to end up with the wrong person. So for example, my wife and I drove somewhere in two cars, then drove around for a while in the newer car. She ended up with the fob even though I was driving, and then almost took
Re: (Score:2)
Sigh (Score:4, Interesting)
- Doesn't solve any existing problem.
- Creates new problems all of its very own.
Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all), "I locked my phone in the car", "Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car", "Previous owners of the car can just walk up to it with their phone to unlock it", etc. etc. etc.
Re: (Score:2)
Also creates jobs in a system where every human need is already addressed but the social model is "work work work work".
Re: (Score:2)
"I locked my phone in the car"
Presumably they prevent that in the same way that they prevent you locking the key in the car. I've done it a couple of times and the car just beeps to let me know the key is still inside.
"Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car"
Proven to be groundless fears by many years of using NFC payment systems like Android Pay and Apple Pay.
"Previous owners of the car can just walk up to it with their phone to unlock it"
At least you can just unpair their phone from the car's screen, unlike if they keep the old key which requires expensive reprogramming.
Not least "your battery runs flat, but you need to open it to jump-start it"
You use the backup key. There is a slight loss of functionality here, in that you mig
Re: (Score:2)
"I locked my phone in the car"
Presumably they prevent that in the same way that they prevent you locking the key in the car. I've done it a couple of times and the car just beeps to let me know the key is still inside.
What if I want to lock my phone in the car? This might sound like heresy to the under 35 set, but some of us are not welded to our smartphones. There are times, like going to a restaurant, that the phone is off, or better, left in the car.
You use the backup key..
But you've seen the posts. Having to carry that yuge key is a major imposition.
To me, the technology is okay except that it adds three problems two likely, and one less so:
First - the dead smartphone battery. Common
Next - Just adding a layer - So we had a key. Now
Re: (Score:2)
There are times, like going to a restaurant, that the phone is off, or better, left in the car.
My phone has both an "off" and a "mute" button.
the dead smartphone battery
Just add a USB port on teh OUTSIDE of the car. Then you can charge the car from USB as well!
Re: (Score:2)
USB port on the outside is a good idea for charging a phone. It can't pass enough power to charge a car battery at any good rate of speed, though.
Also, imagine having to wait 5 minutes till your phone gets up and running when it's 40F, raining, and you're in a dark parking lot in a less-than-safe area. Give me a fuckin key or key fob that "just works" already!
Re: (Score:2)
and you can buy the kit to open any car for $20k
I think I'll just use this rock I found lying by the side of the road instead.
Re: (Score:2)
That won't start the car, I'm fairly certain.
Re: (Score:2, Insightful)
Not least "your battery runs flat, but you need to open it to jump-start it"
1. Err this is a solved problem and has been for pretty much every "keyless" car on the market. There's always a secondary means of entry available to owners.
Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal
2. Err this is a solved problem and has been since the dawn of encryption.
Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k
3. Err See #1
My phone got a virus and now anyone can open my car
4. Err See #1
Previous owners of the car can just walk up to it with their phone to unlock it
5. Err just like you can* access my Facebook account from my previous phone after a factory reset?
*You can't.
etc. etc. etc
Oh no, please continue. I'm enjoying reading one nonsense statement after another.
Re: (Score:2)
Re: (Score:2)
As I do not have a keyless car (I do not even have a car) could you please tell me what the solution is?
Well the good news is that no-one has a keyless car. Which is kind of my point. Just because it looks keyless doesn't mean that manufacturers haven't taken your very scenarios into account since the dawn of the keyfob.
If the technology is too difficult for you to manage, how about you carry the key.
But in any case there sure as hell isn't some nightmare scenario where you need to get your car towed to some mythical garage that has some mythical $20000 piece of magic gear to get in your car.
Re: (Score:2)
Re: (Score:2)
>2. Err this is a solved problem and has been since the dawn of encryption.
Solved yes - whether the solution is actually *used*, or even *known*, by the people rolling their own "super secure digital key" is a completely separate question.
As for 3 and 4, I fail to see how #1 is relevant to either. Sure, there's other ways into the car, but any keyless entry system adds an additional attack surface, one that's notoriously hard to make secure from automated attacks even for groups of digital security expe
Re: (Score:2)
Solved yes - whether the solution is actually *used*
So go steal a car. I mean pretty much every single car out there uses keyless entry already. FYI, yes it is used and keyless entry has been resistant to replay attacks since the damn 90s.
As for 3 and 4, I fail to see how #1 is relevant to either.
I fail to see how 3 is not identical to 1, but in any case I misread 4. But someone was able to directly link a car with the phone owner, compromise the specific device directly, and then use it to access the car? What else are we afraid of. Aliens! Aliens can remotely trigger my phone to unlock my car and then they can get
Re:Sigh (Score:4, Interesting)
- Creates new problems all of its very own.
Beyond your examples, it provides a way for phone manufacturers to know when you are operating a vehicle, under the assumption that the phone used to unlock and start is the drivers. Once they have that information, how will they use it? Turning off texting and other messaging apps would certainly help solve the problem of idiots who text and drive, but how else can that information be used? What other services will be disabled if the think you are driving? Siri already won't let me open the garage door when it thinks I am driving, even if I am in my own driveway.
Re: (Score:2)
If the manufacturer is monitoring every phone to the extent you suggest, they already know that, since they can safely assume you're not out for your morning jog at 70 mph....
Re: (Score:2)
If the manufacturer is monitoring every phone to the extent you suggest, they already know that, since they can safely assume you're not out for your morning jog at 70 mph....
It's to so much the manufacturer collecting the data but now they have a positive trigger on the phone that can be used to allow other actions as part of a workflow. Some can be positive like disabling texting, NFC could also allow auto emergency calls if an accident is detected, etc. Is the information already available by inference since if the GPS sees you go at 15 MPH they can assume you are in a car; this just verifies who is most probably driving. On the negative side, it could trigger auto tracking f
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
- Doesn't solve any existing problem.
Really?
Leaving my house requires me to carry three main things; a smartphone, my wallet, and keys. If a solution could eliminate the need for 33% of the tools necessary for survival in a modern world, I'd sure as shit call that problem solving. What are you forced to leave the house with every day? Any reason all locks in your life could not be converted to electronic? (don't pretend those shitty consumer-grade locks really protect you either, a $50 set of bump keys and an hours worth of learn-to-lockpi
Re: (Score:2)
Re: (Score:2)
your battery runs flat, but you need to open it to jump-start it
That's assuming there is no backup system, and that your battery really is flat, not just unable to start the engine. Jump starting modern cars is not recommended anyways, but thankfully, flat batteries are also becoming less common (better power management).
I locked my phone in the car
Not a new problem, you can lock your keys in the car too.
Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal
That's a long solved problem. All serious authentication systems use challenge-response techniques now and sniffing won't help you unless you break the underlying crypto.
Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k
Any locksmith can open you
Re: (Score:2)
- Doesn't solve any existing problem.
- Creates new problems all of its very own.
Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all), "I locked my phone in the car", "Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal", "Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k", "My phone got a virus and now anyone can open my car", "Previous owners of the car can just walk up to it with their phone to unlock it", etc. etc. etc.
Yep, a solution to a problem no-one has.
Beyond your points, there is no single standard for NFC... Hell, we cant even get the full standard for Bluetooth in every phone as manufacturers pick and choose what bits they want.
Add to this in the UK, there has been a spate of car thefts that have used buttonless "proximity" keys to simply open the door. The key may not work for you more than 3ft away so people think they're safe until the criminals simply use a signal repeater, open the door and drive off w
Re: (Score:2)
Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all)
This is a problem with lots of new cars, not really related to this digital key question.
"I locked my phone in the car"
As with RF key fobs, the car should refuse to lock unless the phone is outside the car.
"Someone sniffed the NFC transaction from across the street- NFC is short-range-powered, but long-range-ordinary-radio-signal"
A complete non-problem. Cryptography. Relay attacks are an issue, though.
"Every garage has a way to open that car if the system should fail and you can buy the kit to open any car for $20k"
That's already true.
"My phone got a virus and now anyone can open my car"
Your phone having a virus can't affect it in any way, since it's not the phone's main processor or OS that do the unlocking, it's a separate secure element.
"Previous owners of the car can just walk up to it with their phone to unlock it"
No, this is a huge advantage of digital keys. It will be trivial to invalidate previo
Re: (Score:2)
Sigh.
"This is a problem with lots of new cars"
Yes. It doesn't solve it.
"As with RF key fobs, the car should refuse to lock unless the phone is outside the car."
Yes. It doesn't solve that. And RF range detecting the fob IN the car? That's dubious. Most cars that do this operate on the "you can't lock the door without the key in your hand" principle, not magically detecting that you left the key in the car and "not auto-locking"
"A complete non-problem. Cryptography. Relay attacks are an issue, though."
Co
Re: (Score:2)
Not least "your battery runs flat, but you need to open it to jump-start it" (so either all the doors open, or you can't get into it at all)
This is a problem with lots of new cars, not really related to this digital key question.
Most if not all the smart key solutions I've seen have a mechanical key hidden in the fob, so you can always at least open the car.
Definitely not all. I've had a couple of rental cars recently which didn't (Toyota or Nissan, I believe -- I don't pay much attention to my rentals) and my Tesla's key fob doesn't. The Tesla doesn't even have a keyhole; I didn't bother looking at the rental car doors, so I can't say about those.
With the Tesla, if your key fob battery is dead, you can still unlock the car by placing it in a particular spot at the base of the windshield, and you an still drive it by placing the key at a particular spot ins
Re: (Score:2)
Single Point of Failure (Score:5, Interesting)
So now when my phone gets stolen/broken/lost/runs out of battery, I have no way to call for help OR to start my car. Bonus points if the phone charger is locked inside the car-that-won't-start. Extra bonus points if you don't carry any method of payment aside from mobile payment.
Re: (Score:2)
Re: (Score:2)
Isn't a physical key a single point of failure?
In theory, yes.
In actual practice, not so much.
I'm pretty old and have never lost my car key.
Or maybe I'm just more careful than the average idiot.
Re: (Score:2)
It depends... are you regularly losing / breaking / running out of power, on your phone?
Re: (Score:2)
Doesn't have to happen regularly to be a problem. Can you honestly tell me that you've NEVER had your phone get lost, broken, or run out of power? I can honestly say I've never lost or broken a key on my keyring.
Re: (Score:2)
Previous phone? Ran out all the time. Current phone? Never. And I've never lost one or broken one.
I honestly don't understand how people lose/break their phones all the time. Put a case on it, and keep it in your front pocket or purse/bag so you don't sit on it. It's really not that difficult. With water resistant phones becoming more common, even dropping one in the toilet isn't a death sentence anymore.
With wireless charging now and far better power management, I don't run out of power. I just toss my pho
Re: Single Point of Failure (Score:2)
Well one typically has two, so there is always some means, albeit inconvenient, of regaining access. The upside is while it might be single point of failure, its typically a fails-safe design. Ive never seena factory recall because a car was allowing anyone with any key to access it. Failures happen. Its murphys law. Designing to fail in a safe position is engineering design crteria.
Re: (Score:2)
Re: (Score:2)
Bonus bonus points if you bother following the saying "Don't put all your eggs in one basket."
Dumbass.
Re: (Score:2)
great! (Score:2)
i'm sure it will be as secure as the keyless systems they have in place now.
can't wait for my car to be stolen.
Re: great! (Score:2)
Just dont buy a Toyota Camry if it has the feature. I guess its the massive amount of these cars in existence, but its one of the most stolen cars. It doesnâ(TM)t draw as much attention if youâ(TM)re driving a stolen Camry then, letâ(TM)s say, a Corvette. If youâ(TM)re driving around in a stolen Corvette, and you look as though you donâ(TM)t have enough money to rub two nickels together, you are probably going to get stopped and questioned.
No Cell Service, No Car? (Score:2)
So... we live out in a rural area where there is no cell service. Does this work without access to the net?
What if the net goes down as has happened? Everyone's locked out of their cars?
Seems like a bad idea made worse.
Re: (Score:2)
So... we live out in a rural area where there is no cell service. Does this work without access to the net?
Yes.
What if the net goes down as has happened? Everyone's locked out of their cars?
It doesn't require -- or even use -- Internet.
Because... (Score:2)
Re: (Score:3)
Re: (Score:2)
More by unwieldy shape, and the fact that they tend to rapidly settle to the very bottom of any pocket or bag, and then remain there until used to open a lock. Unlike phones which tend to be removed every few minutes by many people, and then be re-inserted while sitting down so that they occupy a far more precarious position.
(Whether people who use their phone at the movies deserve to be locked out of their car for their crimes is a separate issue)
Re: (Score:2)
Meanwhile, in the Land of Elon ... (Score:2)
Re: (Score:2)
My thought exactly.
This sounds like other manufacturers seeing what Tesla has done and deciding to do it themselves.
From a technical standpoint, I believe Tesla relies on Bluetooth, not NFC, but I'm not clear on much that matters. Bluetooth probably does a better job of working without having to pull your phone out.
I'm still waiting for Tesla to add this feature to the S and X lines.
Nope (Score:2)
Re: (Score:2)
Why bother with a phone? PIN/fingerprint. (Score:2)
Use a PIN keypad on the driver's door to get into the car. Ford/Lincoln had this in the 80s. Require PIN + fingerprint auth to actually drive the car. Store a hash of all data locally and allow for local management. Fingerprints should be able to be added for a certain amount of trips to allow valets or service people to drive.
It shouldn't require a manufacturer's server as an intermediate -- manufacturers go out of business, stop supporting services, etc. I'd hate to own a 12 year old car (newest car
What if you don't have or want a smartphone? (Score:2)
Also, can this be totally disabled, so no one can wirelessly unlock your car?
Re: (Score:2)
Re: (Score:2)
Also, manual transmissions are somewhat of a new fangled anti-theft device.
Soon the day will come where car thieves won't know what to do with a key.
Heaven help them when they get into my truck and have to deal with the stick shift, transfer case, differential locks and manual choke.
Re: (Score:2)