Mazda Switches To USB Keys

kv9 writes "The new Mazda Sassou while being 'cool and promoting a positive state of mind' has a most important feature, that every geek will love. Instead of the classic key it uses a usb flash drive for starting up. The key can also be used to transfer things like driving instructions or music to the car's hard drive."

great, another point of failure

[hqm]

Now you don't have to lose your keys, just have to get them in salty water, or rub your feet on the carpet and touch them, or ....

Start the clock

[Limburgher]

How long before someone hacks it to:

A: Start multiple cars that they own

B: Start other people's cars

Security?

[BlackCobra43]

How secure is this compared to a traditionnal key?

Really, "keygens" could be given a whole new meaning...

Oh great.

[GMFTatsujin]

Considering that my USB key just died yesterday after about a year of use, taking lots of yummy files with it, my heart THRILLS at this news.

Concept car only.

[CerebusUS]

Cool idea, but wake me when you can actually buy one.

This is a BAD idea.

[Tuxedo Jack]

What if someone uses something like Ghost to dupe the USB key to a key of their own? Unless this is a chip-based key, it won't be secure at all - and I don't know about you, but I don't want someone going to Best Buy and buying a $20 USB key to dupe my car key onto.

Drives? Hard Drives?

[Lead Butthead]

The key can also be used to transfer things like driving instructions or music to the car's hard drive.

So when the drive crashes, what happens? Are the vehicles owner permitted to make "archival" copies of the drive content? What sort of information are kept on these hard drives? Can the content of the drive be used against the owner in some way? Questions, so many questions...

Re:This is a BAD idea.

[Piquan]

As opposed to today, where they can go into any hardware store and buy a $1 blank and $3 service to dup your key onto another key?

If by "Mazda switching to USB keys"

[spyrral]

...you mean Mazda experimenting with using USB drives as a key in a concept car, then yes.

Re:Grant theft Auto

[Timesprout]

As opposed to some kid with a screwdriver.

Re:Hot Wiring: No Match for a Thief

[stupidfoo]

I'd be interested to see them do this on a relatively new BMW or Mercedes or a myriad of other luxury cars because you can't just "hotwire" them. No matter what wires you twist together nothing is going to happen.

Re:great, another point of failure

[Saven Marek]

...or take them to work. many many it workplaces ban the bringing of usb keys into the premises just as they do cell phones and ipods because of being a security risk.

so you can't drive this car to work people

Re:great, another point of failure

[Anonymous Custard]

How about running over it with a grain truck when the ambient temperature is -40 (celsius or fahrenheit, your pick)? I can do that with my keys right now and they still work.

At -40 I'd be more worried about that little car even working than about crushing your keys.

Keys in Secure areas

[Sir_Stinksalot]

Now I won't even be able to take my car keys into secure areas. It's bad enough that every cdr I take in can never come out but now my keys too!

Why do you assume the connector will be the same?

[Anonymous Coward]

Don't assume the connector will be the USB-A connector you find on PC-compatible thumb drives.

They could add USB functionality to a traditional key form, if they wanted to.

Re:great, another point of failure

[over_exposed]

If I had mod points, they'd be yours. I know a lot of places who disallow things like that. If the key can hold music, it can hold "company secrets" and all sorts of nasty things you want to sneak past a company firewall.

Re:Hot Wiring: No Match for a Thief

[pezpunk]

touch a lead from the battery to the starter case and the car [i]will[/i] start. USB won't stop that.

We don't need software to start cars

[John Seminal]

How long before someone hacks it to:

A: Start multiple cars that they own

B: Start other people's cars

Not that long. By having USB devices to start cars, soon hackers will be doing more than writing viruses and "testing" websites. They will be stealing your car.

But this is a larger problem than meets the eye. If software is used to start a car, how long until government gets creative? What kinds of algorthims can be put in the car computer?

• If there is a gas outage, the new flash only allows the car to be driven 100 miles per week, then you can't start it until next week?
• Since there is an algorithm that makes each car unique, how long until the car broadcasts its VIN number to anyone who wants to listen? Will cops knock on your door because you parked in a mall, next to a store that had shoplifters?
• How long until my car decides I am driving to fast, and calls the police to mail me a ticket. Before you write this off as never_gonna_happen, consider that many highways now have radar guns attached to cameras, and they mail out tickets in the mail.
• And how long until a bank robber and hacker changes your flash to mask the car that robbed the bank. Imagine the extra people the police will need to hire to straighten out the messes. And imagine how many more tickets they will need to write to pay for those new employees.

The only good thing for software like this is we can keep track of kids. We can program cars that are started with certian USB keys, that the car will stop if it drives to a certain area. For example, we can have zones the car is not allowed to enter. We can also have software on the computer, to know what family member has the car, and where they are. Maybe we can even set up cars, so if the 16 year old daughter is going out with her friends, that the radio really listens to what is going on in the car to make sure she is not picking up a 18 year old drop out weed head. And if we hear something we don't like, we can drive to where the car is with out shotgun and have an old fashioned lynching.

Re:great, another point of failure

[halr9000]

So perhaps it would wake up the eyes of your employer and their draconian policies? Just a thought. I know this won't work for every company (like banks), but if I were the CIO of a company, I'd just make HR policies with strict punishments and train the employees on those policies. Then you can treat your employees like adults instead of children.

Re:great, another point of failure

[ivan256]

Such workplaces will have to come to grips with the fact that they'll need to trust their employees instead of enforceing draconian policies. After all, they need to trust their employees anyway, since policies like that are impossible to enforce, and any determined employee will find a simple way around the policy anyway.

Re:great, another point of failure

[Overzeetop]

Hope you never need to work in a classified environment. In that case its not a company thing, but a national security thing. And, no, humans as a group cannot be trusted.

whoo!

[Zebra_X]

planned obselecence reaches a new milestone. really how long is that key going to *really* last. 10 years? i don't think so...

Re:whoo!

[The Cisco Kid]

Yeah but its easy enough to make a backup.. In fact.. Hrm.. Your corner hardware store is going to need some new tech at its key-copy counter.. (At least for the non-geeks that need their keys copied)

Re:We don't need software to start cars

[AKAImBatman]

How long until my car decides I am driving to fast, and calls the police to mail me a ticket. Before you write this off as never_gonna_happen, consider that many highways now have radar guns attached to cameras, and they mail out tickets in the mail.

It's important to note that this sort of thing is far more ubiquitous in Europe than it is in the US. The US laws about entrapment, personal property, and privacy tend to preclude these sorts of measures.

Re:Security?

[owlstead]

Well, they needed to get to the chip first, then they would have a pretty good microscope (not your default kind of thingy) and they their attack might work. But nowadays most of the keys are stored encrypted with another (symetric) key that is not stored in main memory. Other kinds of memory are much harder to read. Note that this article has been published in 2002 and still smart card IC's get a CC AEL4+ rating. Not to say that there are no problems - attacking a chip with this attack has a much higher success rate than attacking an RSA key with any length over 512 bits. But this attack would at least be rather much for a car thief, even one that has a big criminal network behind it.

usb = worst connector ever

[libra-dragon]

Take a look at any usb port and notice how scratched up the surrounding area is. This connector is an abomination. It seems I'm always putting the usb plug in upside down. Of course I can't be sure if it's upside down or just misaligned... Looking at the plug for the logo doesn't seem to help much --I had a laptop that had the ports upside down.

I doubt anyone can blindly plug in a usb device and achieve better than 90% accuracy. As for the keys to my current car it's ambidextrous, although not the case for my previous car. My proposal for USB 3.0 is to use the connector from an Atari 2600.

Re:Key? What key?

[phoenix321]

It's not about mechanical or other devices, it's about WEAR and TEAR after heavy use. The Prius keyfob almost never leaves your pocket, the car unlocks if you're near and locks if you walk away, fine.

The Mazda on the other NEEDS that USB stick plugged in to run. And then you have all sorts of people in the world who simply need to unlock/start/stop/lock their car a dozen times per day. Which means after a typical working year around 2500 plug-ins and pull-outs. If those USB devices, plug and socket, aren't built a hundred times stronger than your garden variety USB port and stick, the car key will never survive more than 2 years. No matter how clumsy you are (and most people are clumsy at least one or two days per year), the socket will wear out, the connection leads will lose contact or static electricity kills something inside. Remember the little shocks you sometimes get when touching a car? Static electricity. Some cars deliver more static electricity than others I suppose, but mine zaps me all the time. Not to mention isolating shoe soles on synthetic carpeting. Zapp. You watched Office Space? Good.

Morale of the story: things that are sensitive to static electricity and not hard wearing shouldn't be used as everyday access tokens for important things like cars and house doors. Make all the electronics inside a wireless keyfob and everything's fine. No wear on the connectors, no point of contact for static electricity. Everything else is bust and is in danger outside the dry home or office environment.

Re:Hot Wiring: No Match for a Thief

[zakezuke]

If they REALLY wanted to do it they could still "hotwire" the newer cars by bringing a seperate matching key/column computer and splicing it into the car but why bother with this hassle when you can just tow?

If you are in the business of chopping up cars, this is reasonable. But if you are just some jackass who wants to take a joy ride... hot wiring, or hunting around for the magnetic extra key box box is a better solution.

Re:usb = worst connector ever

[rampant poodle]

Right about that. I always thought that the PS2 connector was a dumbshit design. Then along came USB. One of the elegant points of a metal key is it is reasonably self aligning. Most modern car keys are symmetricly cut and will work in either of the two possible positions.

Re:Hot Wiring: No Match for a Thief

[petermgreen]

or they just point a gun at the drivers head and tell them to hand over the keys.