The Chainlink

New CPD bike theft push?

Within the last two days friends have mentioned seeing CPD pulling cyclists over and checking their bikes out to see if it was stolen.  One incident were some bike cops checking the serial number and photographing it for someone riding a carbon fiber bike with high end carbon wheels and clipless while wearing gym clothes and running shoes.  The second was someone getting pulled over by a police cruiser twice while ghost riding a bike to deliver it.  

Is this a new thing? Has the CPD started caring about bike theft and is taking steps to combat it?

Views: 2072

Reply to This

Replies to This Discussion

Permalink Reply by Kevin C Dormant on October 14, 2013 at 1:54pm

Bike thefts from September 2010.

Here's something you don't see every day. Thief(s) broke into car on street, retrieved electric garage door opener, opened garage in alley, stole two bikes:

http://chicago.stolenbike.org/node/190386
http://chicago.stolenbike.org/node/190385

Permalink Reply by S on October 14, 2013 at 2:50pm


The rolling codes are supposed to prevent that.  The code that's sent changes over time so doing a replay attack is ineffective since the old code that was used is no longer valid.


Tom Dworzanski said:

If you're near someone using her garage door opener you can easily capture and replicate the signal.

Permalink Reply by Tom Dworzanski on October 14, 2013 at 10:10pm

Yea but without serious encryption these systems wouldn't be overly difficult to compromise. Kind of like the good-old days when everyone had a WEP wifi network. Better than nothing I guess.


S said:


The rolling codes are supposed to prevent that.  The code that's sent changes over time so doing a replay attack is ineffective since the old code that was used is no longer valid.


Tom Dworzanski said:

If you're near someone using her garage door opener you can easily capture and replicate the signal.

Permalink Reply by S on October 15, 2013 at 11:41am

I'm not sure where you see the need for serious or any encryption at all.  The rolling codes just depend on the remote and the garage opener having the same numeric seed initially and then using a psuedo-random number generator to generate new random numbers at a predetermined rate.  The whole point is that knowing what the remote sends to the opener doesn't help you after about a second or so since the opener is now using a different code and you need to use that code in order to get it to do anything.  

Tom Dworzanski said:

Yea but without serious encryption these systems wouldn't be overly difficult to compromise. Kind of like the good-old days when everyone had a WEP wifi network. Better than nothing I guess.


S said:


The rolling codes are supposed to prevent that.  The code that's sent changes over time so doing a replay attack is ineffective since the old code that was used is no longer valid.


Tom Dworzanski said:

If you're near someone using her garage door opener you can easily capture and replicate the signal.

Permalink Reply by D on October 15, 2013 at 11:57am

On reflection, I think the guy must have picked the lock on the side door to my garage.  We were only using the "convenience lock," not the bolt.

But, in any event, here is a stolen bike report from my neighborhood with the "brute force attack on garage opener code" meme.  LInk

Permalink Reply by Duppie on October 15, 2013 at 12:01pm

This whole business about copying garage door codes sounds a very much like an urban legend.

When I leave in the morning I pass by a small dozen garage doors before the end of the alley. I regularly (2-4  times a year, I guess) an open garage door with no one around (and typically no car in the garage).

Leaving without properly closing the garage door appears a much more realistic scenario as starting point for theft from garages.

S said:

I'm not sure where you see the need for serious or any encryption at all.  The rolling codes just depend on the remote and the garage opener having the same numeric seed initially and then using a psuedo-random number generator to generate new random numbers at a predetermined rate.  The whole point is that knowing what the remote sends to the opener doesn't help you after about a second or so since the opener is now using a different code and you need to use that code in order to get it to do anything.  

Tom Dworzanski said:

Yea but without serious encryption these systems wouldn't be overly difficult to compromise. Kind of like the good-old days when everyone had a WEP wifi network. Better than nothing I guess.


S said:


The rolling codes are supposed to prevent that.  The code that's sent changes over time so doing a replay attack is ineffective since the old code that was used is no longer valid.


Tom Dworzanski said:

If you're near someone using her garage door opener you can easily capture and replicate the signal.

Permalink Reply by Tom Dworzanski on October 15, 2013 at 12:43pm

I guess encryption could just make it harder to break. Without encryption you get a lot more potential holes. Just a few thoughts:

1. I'm guessing the codes don't have too much entropy coming from a little remote control so it would be relatively easy to brute force your way in. Without encryption, it's easy to know exactly what you're dealing with.

2. Depending on the complexity of the code generation (which again I assume is nothing special) seeing a series of codes (Wikipedia says they might send out 256 at once) could provide enough to determine the next few codes.

3. Perhaps the next few codes are part of the 256 you caught in #2 since the remote has to send out future codes in case of an unreceived click.

4. If someone has the remote physically (from an open car parked on the street), he might be able to somehow extract the seed/salt (which is probably printed in some form on the label to make for easy remote replacement/repair) and to generate codes.

5. Or maybe he can just determine how to generate codes based on the 256 codes and do #4.

I don't know, these are just some random ideas. I don't really know much about these openers so I may be wrong on all counts. (Also, I was also a business major; this is hobby stuff from high school so take it with a grain of salt -- no pun intended.) I guess no matter what, rolling codes are better than static ones. To me the biggest threat to a rolling codes system though is the off switch because people prefer to use the programmable buttons on their dash to open the garage door rather than the bulky remote.

S said:

I'm not sure where you see the need for serious or any encryption at all.  The rolling codes just depend on the remote and the garage opener having the same numeric seed initially and then using a psuedo-random number generator to generate new random numbers at a predetermined rate.  The whole point is that knowing what the remote sends to the opener doesn't help you after about a second or so since the opener is now using a different code and you need to use that code in order to get it to do anything. 

Permalink Reply by h' Zerocats on October 15, 2013 at 1:57pm

Paging all old people.... late 60s sit-com.... plot centered around someone accusing someone else of leaving garage door open....

name the show, and explain how this was solved.

Permalink Reply by David Barish on October 15, 2013 at 2:52pm

I cheated and used the Interweb but did see this episode in black and white nearly a half century ago. It was alleged to be witchcraft.

http://www.imdb.com/title/tt0523152/

Permalink Reply by Tom Dworzanski on October 15, 2013 at 3:14pm

How was it solved???

Permalink Reply by h' Zerocats on October 15, 2013 at 4:36pm

Anyone remember?

Tom Dworzanski said:

How was it solved???

Permalink Reply by Lisa Curcio on October 15, 2013 at 6:28pm

h'--remember a single episode of Bewitched?  Even my husband does not remember and he still watches the reruns!

RSS

Groups

© 2008-2016   The Chainlink Community, L.L.C.   Powered by

Disclaimer  |  Report an Issue  |  Terms of Service