If the RollJam is attached to the car or hidden near a garage, it can repeat its jamming and interception indefinitely no matter how many times the car or garage door’s owner presses the key fob, replaying one code and storing away the next one in the sequence for the attacker. Whenever the RollJam’s owner comes to retrieve the device, it’s designed to have a fresh, unused code ready for intrusion. “It will always do the same thing, and always have the latest code,” says Kamkar. “And then I can come at night or whenever and break in.”

Kamkar says he’s tested the proof-of-concept device with success on on Nissan, Cadillac, Ford, Toyota, Lotus, Volkswagen, and Chrysler vehicles, as well as Cobra and Viper alarm systems and Genie and Liftmaster garage door openers. He estimates that millions of vehicles and garage doors may be vulnerable. But he says he believes the problem is rooted in the chips used by many of those companies: the Keeloq system sold by the firm Microchip and the Hisec chips sold by Texas Instruments.

WIRED reached out one-by-one to each of those companies. All but a few have yet to respond. Liftmaster and Volkswagen declined to comment, and a Viper spokesperson said it’s trying to learn more about Kamkar’s findings. Cadillac spokesperson David Caldwell wrote in an email that Kamkar’s intrusion method “is well-known to our cyber security experts,” and he believes it works only with prior model year vehicles, “as recent/current Cadillac models have moved to a new system.”

Kamkar isn’t the first, as Cadillac implies, to invent the RollJam’s method of jamming, interception and playback. Security researcher Spencer Whyte wrote in March of last year that he’d created a similar device. But Kamkar says his refined RollJam is designed to better automate the attack Whyte used, without the need to attach the device to a laptop. And while Whyte appears to have kept the code for his tool under wraps, Kamkar plans to release his on Github, timed to his DefCon talk Friday.

Kamkar also says that Cadillac may be correct that its newest vehicles aren’t subject to the attack. The latest version of Keeloq’s chips, which the company calls Dual Keeloq, use a system of codes that expire over short time periods and foil his attack. In fact, Kamkar says his goal with RollJam is to demonstrate to car and garage door companies that they need to make that upgrade to expiring codes, or leave their customers vulnerable to interception attacks like the one he’s demonstrated.

After all, Kamkar points out, two factor authentication systems like Google Authenticator or RSA’s SecurID use codes that expire in seconds, while millions of car owners still protect their vehicles with vulnerable systems whose codes never expire. With those precedents in traditional internet security, car makers should know that using rolling codes without an added code expiration measure no longer suffices to keep their products secure. RollJam is intended to definitively demonstrate that lesson.

“This is throwing the gauntlet down and saying, ‘here’s proof this is a problem,’” says Kamkar. “My own car is fully susceptible to this attack. I don’t think that’s right when we know this is solvable.”