High-tech car theives

All modern key fobs are supposed to use rolling, one time passwords, making this impossible. Thats according to the manufacturers. Its entirely possible that they decided it was cheaper just to use a unique ID and hope no one noticed.

that's been the scheme since day one, how long does it take a fast micro to brute force a limited number

I wonder more about the "unlock your door with an iPhone and start it up from cross country yay!" cars

Osgeld:
that's been the scheme since day one, how long does it take a fast micro to brute force a limited number

The technique includes disabling key-less entry when a brute force attack is detected. (Which goes without saying that car manufacturers are not always the most reputable folks.)

Are they beemers?

The video I saw showed the thieves being unable to break into a Ford and I think a Dodge? I believe they were able to get into a BMW. Another thing of note, none of the cars were stolen using this technique, items were just stolen from them. Even on vehicles with keyless ignition. So it seems they cannot trick the ignition system, only the door lock and security system. They also always used the passenger side door.

I wonder if it could be something as simple as some unscrupulous mechanics, garage employees, or valets using that BMW technique to make their own keyfobs, then coming back later.

wizdum:
They also always used the passenger side door.

I suspect that's out of convenience rather than necessity. Bit difficult to rummage around with a steering wheel in the way.

From http://spectrum.ieee.org/tech-talk/computing/embedded-systems/cars-the-next-victims-of-cyberattacks:

Researchers at the University of California at San Diego and the University of Washington say that in their tinkering, they hit upon a cyberattack method by which thieves could cause large groups of cars to report their vehicle identification numbers (from which it is easy to determine the cars’ years, makes, and models) and GPS coordinates. Having learned where the most prized vehicles are parked, the technique would allow criminals to issue another set of commands that remotely bypass the cars’ security systems, unlock their doors, and start their engines. A similar technique, said the researchers, could be used to listen in on a driver’s phone conversations, or worse, to disable one or multiple cars’ brakes as they travel at highway speeds.

Also:
http://spectrum.ieee.org/riskfactor/green-tech/advanced-cars/hacking-cars-with-keyless-systems-feasible-and-practical-swiss-researchers-say

Maybe the TSA have insisted American cars have a master key override like they insist on for luggage locks and some bright spark has discovered this and got the master key?

I think we found it:

They could use a wireless relay to trick the car into thinking the keyfob is closer. A second criminal would have to stand within 50 feet of the car owner/key, something that's not that hard for small city apartments or inside stores.

Damn those thieves!

Darn! Only worked on the trunk. I was still able to open doors and start the car. I need a metal box I guess.

liudr:
Darn! Only worked on the trunk. I was still able to open doors and start the car. I need a metal box I guess.

I was kind of hoping that would work. I guess the only option is to pull the battery or try to see if there is a setting you can turn off on the car.

I was hoping too. Just the thought that someone with a portable antenna walking around my building could steal my car is scary.

liudr:
I was hoping too. Just the thought that someone with a portable antenna walking around my building could steal my car is scary.

What if you de-solder one of the legs of the battery holder, and wire it to a simple tactile button on the back of the keyfob? Then just hold that button down to power on the keyfob whenever you want to use one of the buttons. I should patent this, lol.

I watched a small segment about this on TV the other day.

What they do is is lay in wait for a person to arrive home, switch on a jammer and the electronics can't pick up any signal from all the noise, the victim gets out and proceeds indoors the thief then jumps into the car, does what he needs, plants a GPS and waits.

The thief then tracks the vehicle or (going by what i remember) gain access to the car some other way (once inside the car)

or that :slight_smile:

cjdelphi:
I watched a small segment about this on TV the other day.

What they do is is lay in wait for a person to arrive home, switch on a jammer and the electronics can't pick up any signal from all the noise, the victim gets out and proceeds indoors the thief then jumps into the car, does what he needs, plants a GPS and waits.

The thief then tracks the vehicle or (going by what i remember) gain access to the car some other way (once inside the car)

eNCA | Insurers Refuse to Cover "Jamming Theft" - YouTube

I don't think it could be either of those methods, as these criminals would just walk up to a car, put a device near the passenger side door, and the doors would unlock, and lights would flash. The jammer wouldn't make the lights flash, and the spare key programmer required them to break into the car the normal way first. I still think the relay hack is the most likely.

did you watch that?

cjdelphi:
Luxury car theft - YouTube

did you watch that?

Yeah, that requires access to the OBD port on the car, he even says "thieves have ways to get into the car, we can't show you that part". The car thieves I am talking about are often misidentified as the car owners, because they just walk up to the car and enter it. There's no fumbling around programming a new key. They have also hit cars that are side-by-side, so its unlikely that they were hit by a shady mechanic that made a copy of their key.