Someone should make one
My car has an intelligent key. It’s a fob with buttons and such. Anyway, my car can sense when I am around and I can just press a button on the door when I’m near it and it will open. Why don’t they make an app for your phone that does that? Then I can carry one less thing.
December 27th, 2010 at 6:44 pm
That would require the opening up of the key security. Not sure I want that to happen. I’d rather have to jump through the hoops, as that means anyone else has to also. I want that to have to happen.
December 27th, 2010 at 6:59 pm
*scratches beard*
Well, there are some problems with this. We’ll assume the frequency range used in the RFID chip in your keyfob is within the realm of the transmission capabilities of the phone. Which, it would be if they designed both pieces with this in mind.
You’d have to either train the car to respond to a new ID signal or clone your existing tag on your phone. Training the car I’m quite sure is possible but these aren’t usually very customer friendly tasks. Cloning your existing tag means the phone, or some other device in your grab bag, has to read the ID off the tag, and, well, I don’t reckon that hardware is already in there.
Then you’ve got battery issues. Your keyfob probably has a passive RFID chip in it. That’s why you don’t have to do anything with it for it to work. When you push the button to unlock the car the car blasts out a signal, it bounces off your fob, and the car can read the ID. If you tried this on a phone it’d have to constantly be listening for some “Show me your ID” signal which means powering up a radio receiver. Perhaps a different one than the one you’re using for main cell communication.
You’d probably have better luck finding a way to clone your existing ID and mount a passive RFID chip to your cell phone’s battery plate. Seems less messy.
December 27th, 2010 at 7:04 pm
The Nexus S has the circuitry to make this happen for most RFID cards. Already a group of Seattle hackers have the Nexus S reading the local transit’s RFID cards; there’s no technical boundary between where we are and replacing a wallet full of RFID cards with the phone you carry every day.
December 27th, 2010 at 7:05 pm
Don’t bluetooth devices very nearly do this? It would be much easier to put facial recognition on the forwards facing phone anyways. Combine that with voice recognition, and it would be as secure as the current PINs.
(Yeah, a picture and a recording could hack it. Someone going through that much trouble could also videotape you unlocking it and reconstruct the code. It would actually be easier on that droid doodle thing than on an iPhone, too.)
December 27th, 2010 at 7:20 pm
There is a phone standard for interaction with the RFID style credit card readers, and electronic keys are among the proposed applications. If I recall, it uses public key crypto. ISO 18092 if memory serves.
December 27th, 2010 at 8:28 pm
Not sure if it is what you want, but if you google ‘remote start’ and Android you can find systems to install that will let you control your car from your phone.
December 27th, 2010 at 9:43 pm
And I, thought I, was lazy. It’s a fucking key, how much more simple do you need to make it?
December 27th, 2010 at 9:49 pm
I’m not lazy. I just carry a lot of shit. I think I should be able to store all my credit card info on my phone too.
December 27th, 2010 at 11:09 pm
And with NFC, you can store credit card data too, and use the RFID scanners you see at the gas stations etc.
Probably next year. Europe already has it.
December 27th, 2010 at 11:12 pm
It’s called NFC or “Near Field Communication” and as stated above the Nexus S supports it. It can also be used for credit card transfers and the like. It’s coming, be patient Uncle! You must one those people who also mutters something about “when are we going to have transporters” at least once a week…like me.
December 27th, 2010 at 11:21 pm
I’ve seen an app that will automatically start the engine for you remotely…so I’m sure it exists. You may have to add some hardware to the car itself though…
December 27th, 2010 at 11:46 pm
The first premise or rule of data security is that if you allow physical access to the device (be that server, network cable plant, encrypted laptop, etc) you have already lost. If an adversary has physical access then whatever is necessary can be used to get the data. The best you can hope for is to slow the person down with a big key.
Surely public key encryption and such can be used to encrypt signals but blasting your physical plant to the world through WiFi or blasting your credit card identification through RFID is giving physical access to your resources to potential adversaries (i.e. burglars, car thieves, war drivers, etc. Witness the garage door opener signal scanners that were going around before rolling codes). War drivers (including Google) everywhere is clear evidence that exploiting a basic security violation by using WiFi is easy and commonplace. Encryption is attempting to make up for violating basic security rules.
December 28th, 2010 at 8:40 am
No, let’s not make it easier for bored teens to download programs from China or PRNK, hack into your car, take it for a joyride, and steal whatever is in it.
Because the penalty for wrapping somebody else’s car around a tree and selling a few pistols on violent felons on the street is misdemeanor probation.
Plus your insurance company will claim it doesn’t have to cover the loss because you didn’t safeguard your valuables properly.
December 28th, 2010 at 9:57 am
Check out the ECKey app at the iTunes store.
December 28th, 2010 at 10:27 am
I’m with Dusty Dog.
RFID is too easily intercepted. In the case it was on your phone all I would have to do is send the request ID ping and I have the code to your car. Of course same thing goes with the RFID credit card, key fob.
When it comes to security many of us are lazy and lax. Add this to those who are wilfully or unwilfully uneducated on the technology we use and assume that the designer is a security genius who has our most secure secrets and protection in mind and we are screwed. Think implanted chip. Wouldn’t it be easy if all we had to do was wave our hand at our car or the ATM. What comes with this consolidation of security. Break 1 code and you have it all.
The best security for RFID credit cards an key fobs is a faraday cage walled and pocket liner. Keeps the high tech scam artist out of your info as you are walking around in public.
December 28th, 2010 at 3:15 pm
Ugh, I misinterpreted it. Yeah, it would be pretty easy. Bluetooth for the medium, rolling keys for the recognition. Both are doable on any smartphone from the last five years.
December 29th, 2010 at 4:54 pm
What everyone else has already said about using your phone to start/unlock your car.
As for the credit card info in your phone (so you can use it instead of your card), the Japanese are already doing that and there’s been serious talk about bringing that functionality to the states. The biggest issue is that it scares the hell out of computer security folks. The cell phone providers are actually against the idea of keeping smart phones up to date. Remember that a lot of us are essentially carrying around small computers that never get security updates.
December 31st, 2010 at 4:02 pm
Go read some ESR – essentially, Google is en route to breaking carrier as hardware vendor paradigm.
And, essentially, what @Phelps said. As far as that goes, security is in the software, not the hardware. Rolling codes are nothing new.
December 31st, 2010 at 4:07 pm
Yes, I want my smartphone to replace my wallet and keys. One piece of hardware to protect, which can be remotely tracked and wiped if lost, password-protected (and ought to be fingerprint-swipe-protected; Dell did in 2005, fer crying out loud), and if all else fails revoked in software as well.