Posted on 08/12/2014 10:12:12 AM PDT by dennisw
Sophisticated criminals are able to reprogramme blank key fobs to start cars
This was not an ordinary car theft but car hacking a worrying new sort of crime which sees thieves use a hand-held electronic device to exploit a glitch in the keyless ignition systems used in most top-end vehicles.
Over the past few years, tens of thousands of wealthy owners of keyless BMWs, Range Rovers and Audis have become victims.
All recent BMWs didnt come with a traditional ignition key, but with a plastic fob containing a computer chip and security code.
When the fob is placed in a slot on the dashboard, the code is detected by the cars central computer, allowing the driver to start the engine at the press of a button.
In some models, you dont even have to put the fob into the dashboard slot: simply having it in your pocket or handbag will do the trick.
Keyless cars are supposed to be convenient and more secure. In practice, though, they are anything but.
Last month, police in Londons Kensington and Chelsea warned owners that their keyless ignition systems were vulnerable to theft.
For enterprising criminals, it didnt take long to find a way of exploiting the technology of keyless cars.
When you buy a car fitted with this technology, you are issued with a keyless ignition fob programmed by the manufacturer with a unique 40-digit code. Place the fob on the dashboard, or just climb into the car with it, and the cars onboard computer will detect the code. If it matches the one in its memory, the driver is allowed to start the car.
However, the computer is capable of doing more than just checking the code. It can also re-progamme a blank fob with a new code.
(Excerpt) Read more at dailymail.co.uk ...
Yes. True. You wouldn't believe how many passwords I've seen just written down next to someone's computer.
Actually, anymore, your manual transmission-equipped vehicle is about the biggest theft deterrent there is. Unless the thieves are proficient in stealing the high-end sports-car stuff (in which case, your car is not on their radar), they are likely not going to be familiar with the operation of a manual transmission.
A few weeks ago, I walked out of the store, approached my Highlander, and pressed the button on the fob. Nothing happened! Dead battery! Luckily I had an actual key. Got in and drove to a battery place.
2am? Dead battery? No key? What do you do?
a hundred million is only 9 digits (000,000,000) the fobs typically use 40 digits
There could also be a valet mode, that limits the time/miles driven, of course, any time you make something theft-proof, the thieves get more ingenious. It's sad, really, that they put so much into this stuff, that, if applied to a law-abiding profession, may actually pay off more in the long run.
Keys had the same problems, there are only so many ways to cut a key. Heck old GM cars all had the same key style for millions of cars a year. about 1 in 1500 cars would work. About 1 in 50 when they got real worn...
There was a story a long time ago about some lady who had been shopping at the mall, came out, and found several kids sitting in her car, doors open, car running, listening to music. She came unhinged, pulled out her CCL weapon and started after them, yelling at the top of her lungs. Kids bolted. It wasn’t until she had the cops on the phone, and she’d calmed down a little and was trying to give them directions to where she was, that she realized it wasn’t her car. By then, the kids had called the cops, too, to report the crazy lady with the gun who had tried to carjack them. Too funny.
It’s not just the car thieves that get more ingenious but the car itself gets more complicated and thinks of ingenious ways to break. The dealers will generally fix things like that for free as part of recalls (I just had two free software upgrades for my 6 year / 120k miles car. But you still have to get it there without it shutting off or stalling (which mine was doing).
Those fobs are a pain. I have seen several cars forget the codes and refuse to start until the car and fobs were reset by a dealer. I wish it was possible to buy a new car stripped down the basics without all the hi-tech frills.
The PIN thing works until you have to have the vehicle serviced. If you forget to give the service writer the PIN or give them an incorrect PIN your vehicle can not be serviced and will sit right where you left it.
Now, you have given your PIN to the service writer who has to give it to the porter to move the car and also the technician who will be doing the work. Now there are three people that know your PIN.
Could be an override for dealers, but with all things this complicated, they can be breached. It's a balancing act, for certain. The reality is, if someone wants your car bad enough, they're going to get it.
Yes. I knew a guy with a bug who put a series of switches in line with the ignition circuit. You put the key in, turned to run, then flipped the switches to the proper positions then hit the button next to them. Pretty ingenious, as once the car was running, he could flip them all to the same position to prevent getting the pattern. But, like all things, it could be bypassed in a few minutes' time (really, how many iterations were there - the switches had two positions each, and there were five of them, so it'd be 32 iterations to bypass, about 2 minutes with deliberation).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.