Get ready for a lot more scary news about new hacking threats. DefCon is the biggest "white hat" hacking conference in the world. It's also the most prestigious platform for cybersecurity experts to reveal the latest weaknesses in our electronic gadgets. Ahead of the conference, which started Thursday in Las Vegas, one good guy hacker unveiled the first of what will likely be many very disturbing threats.His name is Samy Kamkar, and he's the same guy who uncovered a security flaw in OnStar that lets hackers lock, unlock and start your car. He's also the guy who hacked a child's toy into a universal garage door opener and created an algorithm that can open any Master combo lock. I showed it to you on my video page:Kamkar doesn't expose these flaws to make it easier for criminals to steal stuff. He's trying to help companies fix the holes in their security and raise awareness of security issues. His newest terrifying trick is a little gadget built out of $32 worth of electronics.It can open almost any car with a remote key-fob radio AND almost any garage door.
His tool is called "RollJam," and it beats one of the key security features of most electronic locks with a simple workaround.Almost all electronic car locks and garage doors use a system of rolling codes to prevent somebody from just duplicating the signal sent by your key fob or garage door opener. Every time you unlock your car or open the garage, the code changes and can't be used again. The next time it's a new code, then a new code, then a new code.RollJam works by first of all jamming the signal from your key fob or opener. Then it records the signal you tried to send, but didn't. The victim naturally assumes the signal just didn't go through for some harmless reason and presses the button again. This time, RollJam jams the signal again, records the new one, but also broadcasts the first signal it had saved. Your car unlocks and you think nothing is wrong.RollJam can do this more or less forever, no matter how many times you press the button. It's always one step ahead. Then, when you're not around, the hacker can come back, signal the RollJam to open the car or the garage door, and boom.
Kamkar has tried it with Nissans, Cadillacs, Fords, Toyotas, Volkswagen, Chrysler and more. He's also used it on Genie and Liftmaster garage door openers and Viper and Cobra alarm systems. The only drawback to RollJam is that it needs to be in proximity to your car or garage door. But it's small enough that it can be easily attached to your car or hidden near your garage door.Right now, the only way you'll notice is if it takes two presses on your button to unlock your car or open the garage door. But again, this could be caused by anything, not just a hacking gadget. How many times has that happened to you?Hopefully manufacturers take this into account and start beefing up their security. A spokesperson for Cadillac told Wired that they know about the method and recent models are protected. As it stands, there's no easy fix to this problem. You need to stay vigilant. Pay attention to your car and check it for electronic devices hidden, and also try and be aware if it takes two clicks to open.
Watch this video for more information about this serious security threat. Add a Hidden Garage Door Opener to Your Vehicle Are you tired of ‘chasing’ your garage door opener all over the interior of your car, or perhaps you have a need to keep it out of sight so it is not stolen? Today’s DIY video provides some nice inspiration for a ‘tied down’, hidden set up that is easy to manage and use! Garage Door Opener Hack! JOIN THE DISCUSSION (2 REPLIES) More Articles You Might LikeHack your garage door opener to make it safe and more practical! SUBSCRIBE on YouTube http://bit.ly/SubscribetoKipkayA while back the news was going around that your garage door could be hacked by little more than a children’s toy. While this technically was true that doesn’t mean that you need to run to the store and buy a brand new home security system or garage door remote, in all actuality the probability of your home being at risk is relatively low since the “attacks” began.
If your garage door opener works with a wireless remote and the system is around thirty years old or older you may be at risk and want to get things checked out to make sure your garage door is up to date with security and perhaps get it replaced. Otherwise it is simply good to know how your current garage door is safe from these kinds of attacks. The whole thing started with a device that was and is used to intercept radio signals and break into things like cars and homes through their garage doors. Garage doors in many cases are the main entrance home owners use to get in and out of their home, because they usually are driving and so it is just common sense. This means that breaking into a garage door essentially gets you full access to a home if there is no lock or security system on the secondary door. This can be incredibly dangerous for a home owner and their family and so is definitely worth looking into if you think your garage door may be at risk. In this article I’ll go through a little bit about how this hacking device works, the garage doors it worked on and how you can protect yourself and beef up your security a bit so that this type of thing won’t happen to you or your family.
In order to really understand how the device works to hack your garage door opener you need to understand how garage doors worked in the recent past. Originally there was simply a button inside and outside of your garage door which allowed you to operate the automatic garage door opener. This was simple enough and there were ways to secure that button but it is essentially pretty easy concept to grasp. Afterwards there came along a simple garage door opener radio control in which a certain frequency was used to open and close the garage door. This frequency was found to become repeated in many garage doors and so similar brands of garage doors could often be opened with garage door openers intended for other garages. This obviously posed a security risk and so rolling codes were implemented after a while and were used up to a few decades ago until the current system was implemented. This is obviously a simplified version of how garage door opener security history has gone, but it is pretty much all the information you need.
The rolling codes that were used for a few decades, and that are still used in some homes today operate with a system of codes that only the receiver and remote know. They run through these codes and they will only work when the garage door is “expecting” a certain code. Essentially there are a bunch of keys and a bunch of locks and they can’t be used in the wrong order. This seemed like a great way to protect the garage door openers from being hacked and it really did work for the most part as the codes change too often to run through all of the possibilities and it makes sure that the remotes don’t work with doors they shouldn’t. However, this type of garage door opener security system isn’t used very often and is now more of a security risk for cars than it is for homes as garage doors are installed with more recent security systems. This is certainly a simplified version of how these garage door openers work, but should make it simpler to understand how the hacking of the garage door worked.
The easiest way to think about it is if you had a bunch of numbered keys on a ring that all went to your garage door and the numbered key you needed to open it changed every time you used your garage door.The way that the hacking device worked was it jammed the radio signal that would go to your garage door and record the code that was used meaning that the first push of your button wouldn’t work. You would then have to push the button again sending out a secondary code which would be recorded by the device as it put out the first code meant for the garage door. This would open up your garage door with you being generally no wiser as the button worked on the second time instead of the first. This means that the second code that the device recorded is still the code that will be needed to open the garage door next making the device able to open your garage door with minimal fuss and the home owner thinking that nothing went wrong other than having to push a button twice. If you are looking for something similar to the analogy used above it is like taking two of the keys off the ring and then using one of them so that you think your the first key worked to open the door without any problems.
The device that is said to be capable of this is a jailbroken kids toy that consists of small radio receivers transmitters. It really can’t be called a kid’s toy anymore because of all the necessary modifications, but suffice it to say that it isn’t a terribly large or complex device. Thankfully the code that was originally released by the hacker was taken down after car manufacturers started to agree to beefing up the security on their cars, which was the main reason the hacker originally released the details. It is fairly small and about the size of a smaller cell phone, meaning that if it was near by to your home you probably still wouldn’t notice it unless it was in plain sight. In order for the device to work it needs to be within range of your garage and the remote in order to jam, receive and send out radio signals. The best way to approximate this distance is to think of the distance from which you can use your remote and it will most likely be about that same distance, because the device is rather small it could be hidden very easily, but as I said earlier this really isn’t something to get overly worried about because of the reasons previously stated.
However, if you are still worried about whether or not your garage door is vulnerable to this type of attack you can look at the manual, search online for your model and make or even maybe look on your garage door opener remote to see what type of security system your garage door opener is using. In order to make sure you are resting easy I will also do a quick rundown of how most modern garage doors are working so as to protect you from that type of vulnerability and worry. Modern garage doors are typically still using rolling codes but much more secure. The codes are not programmed into the devices but instead are generated and forgotten extremely quickly and are not repeated. This means that the garage door openers are always using new codes that were just generated, which means that codes can’t be recorded and saved for later use making it nearly impossible to use that sort of technology to break into a garage door. Going back to the earlier key analogy the most prevalent technology for modern garage doors is like having a key ring that makes a new key for a lock that was just made for it every time that you open or close your garage door.
This means a great deal of security has gone into the design and hacking it really would take much more know how, time and programming than a small toy with a few receivers and transmitters. If you are a real worrier talk to a garage door remote manufacturer and see if they have any doubts about the security of one of their garage doors with this technology.Your garage door is one of the largest points of entry in your house, and behind that big wall of metal you will often feel quite safe, but if you heard this sort of news you might start to doubt that. In reality the chances that someone will try and break into your garage door with his technique is very low, however that is no reason to dissuade yourself from checking what sort of security system your garage is running. Upping the security on your garage door opener system isn’t a bad idea if you are running an older system and most likely won’t cost you an insane amount of money if the rest of your system isn’t failing at all.