Three cryptography experts from a Dutch university have cracked the codes used to start luxury cars such as Audis, Bentleys, Porsches, and Lamborghinis, knowledge that could allow anyone with the right tools to wirelessly lockpick a $300,000 car. The researchers were preparing to publish a paper in August explaining the method used to penetrate Megamos Crypto, the algorithm-based system used to verify an owner’s key. However, Volkswagen’s parent, which owns the four brands, has secured an injunction against the scientists from a UK court.
Court stops scientists from publishing codes that could wirelessly lockpick Porsches
"The public have a right to see weaknesses in security."
The scientists argued that “the public have a right to see weaknesses in security on which they rely exposed,” but a judge ruled three weeks ago that “car crime will be facilitated” if the scientists publish the algorithm. Volkswagen had asked them to publish a redacted version without the codes, but they declined. Since then, the decision has become part of a wider discussion about car security.
The injunction is a temporary step in the case brought by Volkswagen, so it’s possible the decision could be reversed. In the meantime, we’ll be on the lookout for PhDs driving 911s.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
