Tire pressure "transmissions are sent without any encryption or secure mechanisms and include a unique identifier.
-
@dangoodin @ghostsarespooky I'm not sure what you mean by "the idea". Here are slides and video from Jared's talk at ToorCon 2013 (which actually predates PortaPack): https://www.sharebrained.com/2015/01/31/tire-pressure-monitoring-system-tpms-talk/
I'll rephrase: To prevent TPMS from identifying my vehicle, do I use this kit to regularly change my TPMS? If not, how does this mitigation work?
-
I'll rephrase: To prevent TPMS from identifying my vehicle, do I use this kit to regularly change my TPMS? If not, how does this mitigation work?
@dangoodin @ghostsarespooky Ah, thank you. These tools (HackRF, PortaPack, Kismet) can monitor transmissions from sensors but do not provide any mitigation for privacy concerns.
-
@dangoodin @ghostsarespooky Ah, thank you. These tools (HackRF, PortaPack, Kismet) can monitor transmissions from sensors but do not provide any mitigation for privacy concerns.
OK, so it's just for tracking people's TPMS? It's not for changing your own?
-
Tire pressure "transmissions are sent without any encryption or secure mechanisms and include a unique identifier. This allows anyone with affordable equipment like a low-cost spectrum receiver and a standard off-the-shelf antenna to capture and track them throughout time and space."
@dangoodin This is not new.
For several *years* the local "catgirl intelligence agency" has got a SMS alert any time I drove within TPMS range of their house.
-
OK, so it's just for tracking people's TPMS? It's not for changing your own?
@dangoodin @mossmann 100%, TPMS devices (usually attached to the valve stems in the tires) have serial numbers baked in, there's no mitigation other than removing or replacing them.
At a quick glance, Jeremiah's video here looks like a decent explainer: https://www.youtube.com/watch?v=X7j4Of_u_fM
-
OK, so it's just for tracking people's TPMS? It's not for changing your own?
@dangoodin @ghostsarespooky Correct. As far as I know, the only mitigation is to physically remove sensors from your tires or to replace them with new sensors with different IDs. Each sensor (one in each tire) has a unique ID. When they are replaced, there is a process to register those IDs with the vehicle. This programs the vehicle to recognize new sensors; it does not program the sensors themselves.
-
R relay@relay.infosec.exchange shared this topic
-
@dangoodin @ghostsarespooky Correct. As far as I know, the only mitigation is to physically remove sensors from your tires or to replace them with new sensors with different IDs. Each sensor (one in each tire) has a unique ID. When they are replaced, there is a process to register those IDs with the vehicle. This programs the vehicle to recognize new sensors; it does not program the sensors themselves.
Sigh. removing the sensors may be viable. Do the sensors come with the tires (and hence change each time they're replaced)? Sounds like swapping out the sensors would be a lot of work for the average vehicle owner.
-
Sigh. removing the sensors may be viable. Do the sensors come with the tires (and hence change each time they're replaced)? Sounds like swapping out the sensors would be a lot of work for the average vehicle owner.
@dangoodin @mossmann @ghostsarespooky replacing the sensors would involve replacing the valve stem (since generally it's all integrated as one unit)
-
Tire pressure "transmissions are sent without any encryption or secure mechanisms and include a unique identifier. This allows anyone with affordable equipment like a low-cost spectrum receiver and a standard off-the-shelf antenna to capture and track them throughout time and space."
@dangoodin I guess if you need to drive, drive a 20th century car.
-
Sigh. removing the sensors may be viable. Do the sensors come with the tires (and hence change each time they're replaced)? Sounds like swapping out the sensors would be a lot of work for the average vehicle owner.
@dangoodin @ghostsarespooky I've never done it myself, but sensor installation, removal, and replacement are commonly done by tire shops. If you want to investigate how hard it is, you could call a shop and ask them how much they would charge for removal of all your TPMS sensors. Note that the vehicle would complain about the lack of sensor input after they are gone. This may be a permanent dashboard alert unless the vehicle has a way to disable it.
-
@dangoodin @ghostsarespooky This is a screenshot from a HackRF with PortaPack. TPMS decoding has been a feature since the introduction of PortaPack H1 by Jared Boone in 2014, and he gave some talks about TPMS at hacker cons around that time.
@mossmann @dangoodin @ghostsarespooky I'll be walking up and down in the parking lot with my #uConsole, won't I?
-
Tire pressure "transmissions are sent without any encryption or secure mechanisms and include a unique identifier. This allows anyone with affordable equipment like a low-cost spectrum receiver and a standard off-the-shelf antenna to capture and track them throughout time and space."
@dangoodin this has been a thing since forever tbh if it becomes that the identifiers are no longer the problem it will become the transmitters themselves, I dont think adding authentication and encryption to tpms is a good deal for consumers in the long run
-
@mossmann @dangoodin @ghostsarespooky I'll be walking up and down in the parking lot with my #uConsole, won't I?
@sassdawe @mossmann @dangoodin walking down city streets during rush hour is fun, too.
-
@dangoodin @ghostsarespooky I've never done it myself, but sensor installation, removal, and replacement are commonly done by tire shops. If you want to investigate how hard it is, you could call a shop and ask them how much they would charge for removal of all your TPMS sensors. Note that the vehicle would complain about the lack of sensor input after they are gone. This may be a permanent dashboard alert unless the vehicle has a way to disable it.
@mossmann @dangoodin @ghostsarespooky TPMS failure is also an advisory notice on a UK MOT. not critical, but will be on every MOT report in your service history which can affect resale value.
-
@mossmann @dangoodin @ghostsarespooky TPMS failure is also an advisory notice on a UK MOT. not critical, but will be on every MOT report in your service history which can affect resale value.
@gsuberland @dangoodin @ghostsarespooky Yeah, and I think in Canada, missing TPMS sensors would result in a failure of mandatory safety inspection, not because TPMS is strictly required of the auto manufacturers but because any safety feature provided by the manufacturer must be working. Similarly I believe that in some jurisdictions tire shops are not permitted to disable safety features on customer vehicles.
-
Very cool. Now I want to do it for my vehicle. How do I get started? Has anyone put together a how-to article?
@dangoodin @ghostsarespooky I'm pretty sure you have to deflate the tire, then remove the tire, then remove the old TPMS, then install the new TPMS, then remount and inflate the tire. Do that four times. Plus have the tool/method to set the IDs in your car. So if You have all the tools to do that probably $20/wheel. At local tire shop its more like $60/wheel.
I hav a tool to reprogram my car cost about $100. I have winter wheels/tires and summer set.
-
R relay@relay.mycrowd.ca shared this topic
