this is bbc news, i'm martine croxall. the headlines at 8pm a passenger plane crashes in ethiopia, killing all 157 people on board. it came down soon after take—off. among the seven british citizens on board, one of them has been named asjoanna toole — for many of us, our car is one a un workerfrom devon. of the most valuable the foreign secretary, jeremy hunt, things that we own. warns mps that if they get crucial sometimes crazy to think that we just leave them votes wrong this week out on the streets but, they risk losing brexit. cars are crushed by scaffolding of course, that is because they are and a supermarket roof is ripped off built with good security. as strong winds batter but in the last few years we have southern england and wales. started to see this happening... newer cars with keyless aston villa footballer jack grealish is attacked entry have been fooled by a spectator as his side play by thieves with relay boxes. they stand outside your house local rivals birmingham city. and the box magnifies this week, the travel show the signal from your key fob, is in the texan state capital finding out about the campaign which may be sitting inside, to keep austin weird — that's coming up in half an hour so the car thinks the key fob on the bbc news channel. is closer than it really is and,

hey presto, they are off with your car. so many car owners have turned to third party car alarms, which promise to protect against this kind of attack. they are fitted to order and many offer the ability to remotely control your car using a smartphone app — which is handy... ..unless these can be hacked too. you probably do not want to see what is coming next but we are going to show you anyway. it is something we had hoped was not possible in real life but, worryingly, it is. the black range rover has been chosen and then tracked and is now the target for two hackers, who are waiting to make their move. the victim has no idea about what is about to happen, as first the car alarm goes off... car alarm sounding. ..and then the attackers take control of the door locks. get out of the car. give me your key. 0k, 0k. a new way to steal luxury cars to order?

get out off the car... well, we've actually set this up to show you how security researchers have discovered what is now possible. the victim can't restart the car, only the attackers can do that. it is one of several ways in which car alarms sold by two of the world's biggest brands in car security can now be used against their owners. so how can this happen? we have been given exclusive access to the labs where the research happen, and the security companies who failed their customers have been given seven days to put things right. more on that later but first let's take a closer look at what went so badly wrong. the test compromised

a vw and a range rover, but the failing have nothing to do with the car manufacturer, but rather these makes of alarms that millions of car owners have fitted to protect their wheels. clifford in the uk, also sold as viper in the us, is one of the market leaders and claims to prevent car—jacking. while pandora, raised in russia and sold in the uk, also fell short of its own audacious claims. the pandora alarm was claimed to be unhacklable but right now, i would not recommend these alarms. pandora has recently dropped that claim from its website. just as well. so the first primary reason that most people fit a third party after market car alarm, like the viper or the pandora, is to prevent the key—relay attacks that we have seen videos of, where two guys appear at your house, wave a magic box by your wall, and then are able to drive your car away.

so that's the first reason and the sort of additional security that comes with that. the second reason that people buy these is the remote start functionality and the remote start functionality could allow you to preheat a car before you get into it on a cold winter's day, have the ice gone off the windscreen, but also to cool the car down on a hot summer's day as well. the trouble is, some of these nice—to—have comfort features have been shown by the researchers to be the very reason why they were able to take so much control. the functionality we found a problem with is in the back—end systems. rather than asking for the information about my specific car, i could ask for any car. any car that this system is registered with, we can query that information, and that includes the person's name, full name, the location and find it real time on a map, we can get the model of the car, we can do the start—stop remotely, we can turn the panic

alarm on remotely. so i could look on the system and look for a nice lamborghini or a porsche, for example. and think, oh, i wonder where that is. is it in the uk, where i'm located? oh, yeah, it's just down the road from me. great, i am going to go and start that car if no—one is around, and unlock the doors and drive away. so who are these people with such superpowers? this is pen test partners, and it is one of a growing number of firms in the uk that are paid to break into security systems by the companies that run them. pen test has contracts with several car manufacturers, among other clients, who want them to find vulnerabilities. but when these guys have some spare time, well, they start testing other systems too. vangelis usually works from greece but he has come over to show me how he broke into the pandora alarm. pandora provides you with an account and we found a flaw that we could enumerate all the users.

and then we could change that user's e—mail, issue a password reset, and we would get the new passport on our changed e—mail, which we control. you basically reset the user's password and you got control? yes after changing his own e—mail to my corrupt email. and the system lets you do that? yeah, apparently. that is what we call an insecure direct object reference. can you show us how? yeah. i have written a script to automate everything. i am just using my own user id and this user id could be anyone's that is using pandora. so you are using your own id mainly to stay within the law, just to show us what's possible. yes. so now i am waiting

for the password e—mail. it will have the new password with my changed e—mail. and you could do this for any user out there of pandora? you changed their password, you've gained their account and then you're into the system. yes. so the system now is just waiting for the response from pandora. yes. that automatic e—mail that you get when you want to reset your password — you need to wait a few seconds. here it comes. yes. so you now have a new password. i can log into the system and i control mine — because i have provided my user id — but any user's vehicle. now, it is worth emphasising that these are just normal manual cars, they are not autonomous, theyjust happen to have the extra security devices fitted. now, we think it affects around 3 million cars on the road globally, and as far as we know, criminals have not used the vulnerability yet to steal a vehicle, but the fact it is even possible will no doubt be cause for some red faces among the big

brand names in the industry. in a statement, pandora said: directed, the parent company of clifford and viper alarms, said: for these professional security testers though,

the failings they found ought to be a wake—up call for the people paid to protect us. so we were shocked. we see all sorts of vulnerabilities like this but this one is right up there. it was manufacturers that made the mistake — they had the security flaw — but there is still something you can do as a consumer. please, make sure that you do not use the same password for your mobile apps as you do on other systems. why? because hackers will be trying passwords, they'll try steal them from other places and if that is the same password as your car alarm, you might wake up the next morning and find your car is gone. that was cam munroe finishing dan's piece. dan, i can't get over the fact that these are companies that work in the security industry and they put security holes in their own product. i know, i know. it is a face palm moment. they are playing it very cool with their reactions too, by saying nothing to see here. we fixed the problem.

thanks very much for letting us know. but really, we are paying hundreds of pounds to these companies to keep us safe and they left a backdoor wide open. this is one of the reason why the security researchers that did this piece of work gave those companies just seven days to get their acts in gear. normally it is about 30 days for disclosure — give them a bit more time, work out the problem is — but this needed sorting straightaway and in fairness they did a reasonably good job. so this is a story just about car alarms. we are not talking about vulnerabilities in the actual driving of the car itself. but cars are becoming more automated, aren't they? they are starting to control various parts of the journey. any evidence that there is any vulnerabilities in that technology? when you hear a story like this, you get nervous as things get more and more automated. the trouble is, there is a security company that's dropped the ball here. now, if that were to happen with a car in control of the steering wheel, or the speed at which it is

travelling while we are inside, you could imagine that the consequences would be much, much worse than the possibility of thieves pinching your car. yeah, 0k, dan, thank you very much. brilliant report. drive safe, i guess. that is it for the shortcut of click for this week. the full—length version is waiting for you right now on iplayer. and we are waiting for you on social media. wherever you go, we're there too. youtube, instagram, facebook and twitter @bbcclick. thanks for watching and we will see you soon.

good evening. he would have thought for some we would be waking up to a picture postcard setting with a dusting of snow this morning. some areas on higher ground is so several centimetres. this beautiful picture from kinross. england and wales had plenty of sunshine but we had gale force gusts of wind throughout the day. gusts in excess of 60 to 70 miles an hour across england and wales and that was strong enough to bring down some trees. plenty of isobars on the chart. the front that brought the rain, sleet and snow moved off into the north sea with the trail of showers lingering in the trail of showers lingering in the far north—west. they will continue overnight with rain, sleet and snow. the winds will ease down but it will be a blustery night across the country. but with clearer

skies elsewhere, it is going to be cool as well. a notable wind but temperatures into low, single figure so we could see a touch of light frost in some spots. a chilly start to monday morning and a blustery star but also a sunny one and monday is shaping up to be a lovely day. fools gold perhaps the sunshine, because it is all change from tuesday onwards. if you can make the most of it, do. monday will be a lovely day, breezy afternoon but plenty of sun. the highs across england and wales, nine to ii degrees. the cloud and the rain is gathering into the far west and another area of low pressure moving on from the atlantic and plenty of isobars associated with the low. the speu isobars associated with the low. the spell of heavy rain, perhaps an inch in places on west facing coasts as it moves steadily south and east. the rain will push its way into eastern england and south—east england by tuesday lunchtime. behind it, sunny spells and scattered showers but the winds will remain a feature, particularly into the far north—west. seven to 8 degrees in scotla nd north—west. seven to 8 degrees in scotland and eight to ten further south. it is on the southern flank of the slow as it tracks eastwards

into the north sea that we could see the most damaging gusts of winds, perhaps severe gales on exposed coasts, something to keep a close eye on. the weekend ahead looks stormy. severe gales around with heavy rain and also drier, brighter interludes.