Thursday, April 20, 2006

What a surprise... a security system that does everything except secure its target

My friend Ben has been battling with the manufacturer of his car for some weeks now. He took it into a garage for a routine service and, whilst checking out a fault he had reported, they disconnected the battery. This reset his radio, which meant he had to enter a security code before he could use it again.

The only problem was: he doesn't have the security code and the garage that sold the car to him has gone out of business.

The new garage wanted to charge him a lot of money to "obtain" the code from the third party that is the custodion of the security numbers.

Being the geek that he is, he wrote a script to generate every possible combination and printed them out. He drove around with this list in the car and began to try each one in turn. He calculated that this would take him four years, since there is an enforced one-hour lockout between each bad attempt.

I nonchalantly asked at the weekend if there were any "dodgy sites on the internet" that he could go to - in the same way that one can unlock a cellphone that has been blocked from accessing any network other than the one that originally provided it.

Eventually, Ben downloaded a piece of free software and tried it out. He entered the radio's serial number and it printed out a code immediately. It worked. His radio is unlocked!

I suppose I shouldn't be surprised but it does make one wonder why purchasers consider such systems to be a selling point. They are nice revenue generators for the third-parties and do nothing to thwart a professional thief. All they do is inconvenience the person they are sold as helping. Bizarre....


Ben said...

A function mapping serial number to unlock code is a bad idea because once it has been discovered for one radio you can unlock any such model. Rather better would be for the radio company to generate a random number for each radio manufactured. (Okay, it's possible someone might have stolen their random number database to write the unlock program, but that seems a little unlikely!)

This has led to a whole industry, which you can find by googling for radio unlock. A friend of a friend makes a living from this, and it appears to be endorsed by the radio manufacturers as they apparently supply the codes.

It could also actually help crooks, since having a working code might make a radio of otherwise dubious provenance appear legitimate; after all, as the Customer Care advisor pointed out, they make sure that only the owner of the radio knows the code by charging for it and asking for proof of ownership of the vehicle.

Richard Brown said...


What a stupid way to do things.