Teen remotely unlocks and starts car using $15 worth of electronics components


Well, it’s a good thing that RadioShack is going out of business.


I feel like we’re not getting even close to the whole picture here. Or at least, that the $15 was to maybe assemble a radio interface, but the actual hack required said interface be attached to a (much more expensive) computer. Because that’s stupid cheap, and Radio Shack parts are comparatively expensive.


purchased at RadioShack

Whew. We are safe.


What 15 year old kid doesn’t already have access to a computer?

One night, he went to Radio Shack, spent $15 on parts

He made it out of a banana plug and a diode grab-bag?


… “IP-infringement-related terrorism charges are pending.”


There’s an old white guy in a suit at RadioShack headquarters with a printout yelling, “We’re not done yet! Now, you listen to me! I want trading reopened right now. Get those people back in here! Turn those machines back on! Turn those machines back on!”


Where “mind-blowing” = “inevitable” and/or “completely predictable”


A car prowler was caught on video using one of these in north Seattle. There didn’t appear to be a computer involved in unlocking the doors and getting into the car to take whatever was in there. The car wasn’t stolen though, and they didn’t do a light show with the headlights, so maybe that part requires more computing.

The only thing that Delphi was shocked by was that it took so long for this to happen.


Good thing I drive a 15 year old ghetto sled POS. Sure it has hail dents and some rust but nobody can remotely hack into it. Heck, even my own unlock key fob barely works and I often resort to the old-timey method of unlocking it by actually putting the key in the slot.


A computer doesn’t have to look like “a computer” these days - it’s hard to buy a phone that’s not a computer anymore. You buy a $10 computer that fits in an Altoids tin with enough room to spare for the $4 of batteries that power it. The control interface for that computer can be a single button on the side of the tin, that engages the “unlock car doors” routine.


They shouldn’t have been surprised at this at all (I know I know). Car makers have never taken security seriously, because it’s inconvenient. Like anyone else on the Internet of Easily Hackable Things.

Tesla’s probably the only one.

1 Like

Only in the sense that if it hadn’t happened, no one would have written the article.

Not that I think any company’s product’s security is as good as that company thinks or wants, but I do think that most teenagers attempting something like this would fail. We just don’t read their stories.

1 Like

In what way has Tesla implemented car OS security that the Big X haven’t?

Windshield wipers turned on and off. Doors locked and unlocked. The
remote start feature engaged. The student even got the car’s lights to
flash on and off, set to the beat from songs on his iPhone.
She described the breach as more of a nuisance attack, and emphasized
that, in this case, no critical safety functions, like steering, braking
or acceleration, were compromised. But the incident underscored just
how vulnerable cars have become.

Wow, I call bullshit, If I’m driving 70mph down a highway at night and my lights start flashing on and off I call that a major breach in a critical safety function.

It sounds to me that this wasn’t as much of an eye opener as the article claims, they still think their cars aren’t entirely vulnerable to attackers in a manner that could easily cost lives. Yet more “I don’t understand the risk so there is no risk” behavior from a large company with a vested interest in not recognizing when they have created a major security problem.

1 Like

autoblog.com really needs to get its shit together, every browser I’ve tried on Mac can only play the commercial and not the content. Didn’t work with IE in Windows either. I don’t have this issue with any other websites at all.

Video of it works here though:


and that 14 yo boy’s name… was Ghost Dog.

This topic was automatically closed after 5 days. New replies are no longer allowed.