> In this case, the real weakness was that the immobilizer protocol allowed the car to start without message authentication, the CAN-related message injection thing was a sideshow.
Right ? Because the messages are not authentified, once the car stolen, the thieves can even remove the immobilizer and put a DIY with a set of keys when they send the car in a container, to make it 'ready to ride' ouf-the-box
Right ? Because the messages are not authentified, once the car stolen, the thieves can even remove the immobilizer and put a DIY with a set of keys when they send the car in a container, to make it 'ready to ride' ouf-the-box