Defending The Kingdom

Read the whole story at Threat Level, a Wired blog:

This doesn’t mean Dunkelman can just walk onto a parking lot and open any car that’s the same model of the one he cracked. He still needs to crack the unique key used to open the other cars. But because he already knows the 36 bits that are common to all of the keys for one model of car, it takes only a few seconds to crack those other keys. He can do this by reading the keys wirelessly — for example, while sitting next to a patron at a restaurant or standing near a car when an owner opens it and sniffing the communication between the digital key and the car. Once he has a key’s unique code, he can encode it to a chip in a remote device (which he can do in a couple of seconds in the field) and use it to open and steal the car.

Very interesting. I wonder how car manufacturers will react. Will they recall old keys? Supply an upgrade to the encryption system? Do nothing at all?

P.s. I know I promised to post about how to create great passwords, but that will have to wait until Monday.