A Honda car behind a gate, with its turn signals shown blinking as it's being unlocked by a portable device implementing the hack in question. Text under the car says "Rolling Pwned".

Unlock Any (Honda) Car

Honda cars have been found to be severely¬† vulnerable to a newly published Rolling PWN attack, letting you remotely open the car doors or even start the engine. So far it’s only been proven on Hondas, but ten out of ten models that [kevin2600] tested were vulnerable, leading him to conclude that all Honda vehicles on the market can probably be opened in this way. We simply don’t know yet if it affects other vendors, but in principle it could. This vulnerability has been assigned the CVE-2021-46145.

[kevin2600] goes in depth on the implications of the attack but doesn’t publish many details. [Wesley Li], who discovered the same flaw independently, goes into more technical detail. The hack appears to replay a series of previously valid codes that resets the internal PRNG counter to an older state, allowing the attacker to reuse the known prior keys. Thus, it requires some eavesdropping on previous keyfob-car communication, but this should be easy to set up with a cheap SDR and an SBC of your choice.

If you have one of the models affected, that’s bad news, because Honda probably won’t respond anyway. The researcher contacted Honda customer support weeks ago, and hasn’t received a reply yet. Why customer support? Because Honda doesn’t have a security department to submit such an issue to. And even if they did, just a few months ago, Honda has said they will not be doing any kind of mitigation for “car unlock” vulnerabilities.

As it stands, all these Honda cars affected might just be out there for the taking. This is not the first time Honda is found botching a rolling code implementation – in fact, it’s the second time this year. Perhaps, this string of vulnerabilities is just karma for Honda striking down all those replacement part 3D models, but one thing is for sure – they had better create a proper department for handling security issues.

The Honda Takedown: How A Global Brand Failed To Read The Room

Perhaps the story of the moment in the world of 3D printing concerns a Japanese manufacturer of cars and motorcycles. Honda has sent a takedown notice requesting the removal of models starting with the word “Honda” to the popular 3D printing model repository site Printables. It’s left in its wake puzzlement, disappointment, and some anger, but what’s really going on? Perhaps it’s time to examine what has happened and to ponder what it means for those who put online printable parts and accessories for cars or any other item manufactured by a large corporation.

If You Make Something, What Rights Do You Have?

Soichiro Honda with his 1964 Formula 1 car
Soichiro Honda, famous for being an engineer rather than a serial litigator. Roderick Eime, CC BY 2.0.

The story is that as far as we can glean from reports online, the takedown notice was sent only to Printables by the European arm of Honda, and was pretty wide-ranging with any Honda-related model in its scope. Printables complied with it, but as this is being written there are plenty of such models available from Thingiverse and other model repository sites.

Anyone who makes a career in content creation has by necessity to have a working knowledge of copyright and intellectual property law as it’s easy for the unwary to end up the subject of a nasty letter, so here at Hackaday while we’re not lawyers this is a subject on which we have some professional experience. What follows then is our take based on that experience, our view on Honda’s motivation, and whether those of you who put up 3D models have anything to worry about. Continue reading “The Honda Takedown: How A Global Brand Failed To Read The Room”

Hackaday Links Column Banner

Hackaday Links: April 17, 2022

There are plenty of stories floating around about the war in Ukraine, and it can be difficult to sort out which ones are fact-based, and which are fabrications. Stories about the technology of the war seem to be a little easier to judge, and so stories about an inside look at a purported Russian drone reveal a lot of interesting technical details. The fixed-wing UAV, reported to be a Russian-made “Orlan,” looks quite the worse for wear as it’s given a good teardown by someone wearing Ukraine military fatigues. In fact, it looks downright homemade, with a fuel tank made from what looks like an old water bottle, liberal use of duct tape to hold things together, and plenty of hot glue sprinkled around — field-expedient repairs, perhaps? The big find, though, is that the surveillance drone carried a rather commonplace — and cheap — Canon EOS Rebel camera. What’s more, the camera is nestled into a 3D printed cradle, strapped in with some hook-and-loop tape, and its controls are staked in place with globs of glue. It’s an interesting collection of hardware for a vehicle said to cost the Russian military something like $100,000 to field. The video below shows a teardown of a different Orlan with similar results, plus a lot of dunking on the Russians by a cheery bunch of Ukrainians.

Continue reading “Hackaday Links: April 17, 2022”

Hacker Claims Honda And Acura Vehicles Vulnerable To Simple Replay Attack

Keyless entry has become a standard feature on virtually all cars, where once it was a luxury option. However, it’s also changed the way that thieves approach the process of breaking into a car. After recent research, [HackingIntoYourHeart] claims that many modern Honda and Acura vehicles can be accessed with a simple replay attack using cheap hardware.¬†

It’s a bold claim, and one that we’d love to see confirmed by a third party. The crux of the allegations are that simply recording signals from a Honda or Acura keyfob is enough to compromise the vehicle. Reportedly, no rolling code system is implemented and commands can easily be replayed.

Given these commands control features like unlocking the doors, opening the trunk, and even remote starting the vehicle, it’s a concerning situation. However, it’s also somewhat surprising. Rolling code technology has been around for decades, and makes basic replay attacks more difficult. Range extender attacks that target keyfobs sitting inside homes or gas stations are more common these days.

Whether Honda has made a security faux pas, or if there’s something more at play here, remains to be seen. If you’ve got more information, or have been able to recreate the same hack on your own Honda, be sure to let us know.¬†

Empty Parking Lot

Pandemic Chip Shortages Are Shutting Down Automotive Production

Once upon a time, the automobile was a mostly mechanical beast, but no longer. Advanced electronics have weaved their way into the modern car, from engine to infotainment and climate control to the buttons now sprinkled throughout the passenger cabin. The gains in amenity and efficiency can’t be sniffed at, but it leaves manufacturers reliant on semiconductor suppliers to get cars out the door. Over the past year, it’s become much more complicated — with many automakers having to slow production in the face of integrated circuit shortages that can be traced back to Spring of 2020. Continue reading “Pandemic Chip Shortages Are Shutting Down Automotive Production”

A Motorcycle Dashboard Straight From The ECU

Classic motorcycles are the wild west of information displays. Often lacking even basic instrumentation such as a fuel gauge and sometimes even a speedometer, motorcycles have come a long way in instrument cluster design from even 20 years ago. There’s still some room for improvement, though, and luckily a lot of modern bikes have an ECU module that can be tapped into for some extra information as [mickwheelz] illustrates with his auxiliary motorcycle dashboard.

This display is built for a modern Honda enduro, and is based upon an ESP32 module. The ESP32 is tied directly into the ECU via a diagnostic socket, unlike other similar builds that interface with a CAN bus specifically. It can monitor all of the bike’s activity including engine temperature, throttle position, intake air temperature, and whether or not the bike is in neutral. [mickwheelz] also added an external GPS sensor so the new display can also show him GPS speed and location information within the same unit.

[mickwheelz] credits a few others for making headway into the Honda ECU. [Gonzo] created a similar build using a Raspberry Pi and more rudimentary screen but was instrumental in gathering the information for this build. If you’re looking for a display of any kind for your antique motorcycle which is lacking an ECU, though, we would suggest a speedometer made with nixie tubes.

Electrifying A Honda NC50 Express

[Quasse] bought a 1978 Honda NC50 Express moped with the intention of fixing it up and riding it, only to find that the engine was beyond repair. So, they did what any self-respecting hacker would do: tear out the motor and replace it with an electric one. It’s still a work in progress, but they have got it up and running by replacing the engine with a Turnigy SK3 6374 motor, a 192KV motor that [Quasse] calculated should be able to drive the moped at just over 30 miles per hour. Given that this was the top speed that the NC50 could manage on gas power, that’s plenty fast.

Continue reading “Electrifying A Honda NC50 Express”