New car security

Heard a piece on R4 last week, about a "new" threat to car security, whereby thieves buy some sort of kit off t'internet, and then plug it into a cars onboard computer, which enables them to program a blank key, which they can use to start the car and drive it away. BMWs were mentioned, amongst others.

This lead to a rather suspicious debate about "why don't they check people buying this kit", which leaned towards another reason to crack down on the internet.

Now, is it just me, or is it not possible to have the on board computer require some sort of PIN before it dishes out any programming codes ? Especially if the PIN isn't supplied by default, and the owner has to request it from the manufacturer.

Or (as I suspect) is the whole "story" a masterpiece of sloppy journalism, and things are much more complex.

One woman they interviewed, who had a £50,000 BMW stolen said that as soon as they realised it was stolen (next morning, off the drive) they alerted the tracker company, who could find no trace of it - suggesting it had been exported immediately. Not a very good advert for trackers.

Reply to
Jethro_uk
Loading thread data ...

This.

Reply to
Huge

How do they get inside the car - and switch on the car's 'computer' - without an original key?

Reply to
Dave Plowman (News)

The impression I got was they either force the door, or break a window. The report stated that the cars computer has this functionality to allow a dealer to make a spare key in the event the owner manages to lose both. So presumably the cars computer can be connected to without the ignition.

The reason the kit is available to 3rd parties, is under EU rules, manufacturers have to make it available, so independent repairers can access it (OT but something to bear in mind when talking about the EU - would this have happened in the UK otherwise ?).

Does anyone remember the stink about the system FIAT used with the first Punto? You had 2 keys, and a 3rd master key, which was the only way you could program a spare key - even FIAT couldn't get round this. The upshot was that losing that 3rd key, and no spare meant the ECU had to be changed, at about £1K (back in the early 90s). Of course "Watchdog" found some muppet who managed to go out jogging with all three keys in his pocket, and then get all upset for camera that the car security was too good. Although IIRC that wasn't the strapline "Watchdog" used ....

Reply to
Jethro_uk

One of the techniques involves spoofing the service engineering SMS type protocol to trick the car into opening up and divulging all its secrets. Described in 2011 so probably now fixed by reputable makers.

formatting link
ways to make cars with trackers vanish seem to involve putting them into Faraday screened containers and unloading in a double screened dodgy garage typically under victorian era railway arches. There was a fair bit of carjacking expensive cars in Belgium when we lived there.

Reply to
Martin Brown

An ordinary shipping container makes an excellent Faraday Cage.

Reply to
GB

The floor is plywood on many containers. So they are not an excellent Faraday cage. However if the floor is on the ground the do greatly reduce the effectiveness of Tracker systems.

Reply to
Steve Firth

Probably not good enough.

Your mobile phone will probably ring OK if you put it inside your microwave oven and that isn't a bad approximation to a Farady cage.

ISTR some combination of container with aluminium foil, lead foil and chicken wire was used from what I recall of the Belgian prosecutions. The magic is in how to do the door seals for a real Faraday cage.

Reply to
Martin Brown

The trick is to bring you own "computer" with matching keys and swap it for the one fitted to the car.

Reply to
alan

I'd imagine that the crooks know where tracking devices are and can stop them. After all there is nothing you cannot hack if you wave lots of money under the noses of peopl who might have been involved in making or designing them.

Its hard to keep a secret, all you can do is keep changing things in the hope of staying one step ahead. I doubt the internet being there makes very much difference, there wre hackers and crooks long before it existed.

Brian

Reply to
Brian Gaff

And how do you change it without setting off the alarm?

I still think the best anti theft device is to get your own wheel clamp.

Brian

Reply to
Brian Gaff

Ah, just been thinking about this. It could be that there is a master key that will open all of a certain type of car, if so then all they really need is on of that cars computers and hack into it to see how this is done surely?

Brian

Reply to
Brian Gaff

Why would they put steel on the sides & top but not underneath?

(Or are you talking about containers that don't look like the ones I've seen?)

Reply to
Adam Funk

This was om Watchdog a few weeks ago. They showed that recent BMWs have a blind area in the alarm monitoring. It is possible to break a window and reach the OBD2 connector without setting off the alarm. Plugging in a system available freely on the internet allows the immboliser/alarm system to be programmed to accept an additional key. The new key can then be used to turn off the alarm and unlock the immobiliser, allowing the car to be stolen.

SteveW

Reply to
SteveW

I suspect he's seen a plywood floor lining and doesn't understand.

Reply to
Bob Eager

Hmm, might have a ply covered internal floor but given the loads they're used for and environments they're used in I would have thought that a wooden floor would be most unsuitable.

Tim

Reply to
Tim+

Watchdog did a report on this last year about the security weakness with BMW`s up to 2006. A device which was available to garages to programme new keys for Beemers was being bought by criminals and used to steal cars.The device cost I think about 6K but obviously a quick payback.Thieves break a window to get in,plug the device in and programme a new key and drive off. Watchdog bought one of these devices and had it being demonstrated in the report. Apparently police and everyone else were aware of a massive rise in car theft involving beemers and some force had actually written to owners to warn them.

Reply to
mark

This.

Reply to
Huge

I suspect you've never seen a container. The floors of the majority of containers are wood, underneath are steel crossmembers running the width of the container but these have gaps between them just like flooring joists.

formatting link
"Standard shipping container flooring usually consists of marine hardwood plywood made from Apitong or Keruing in 25-30mm thickness. It is occasionally varnished but with costs being kept to a minimum these days it will usually come in a plain finish and treated. Timber plank flooring can be seen on older containers but the trend these days is more towards plywood."

"The crossmembers running horizontally underneath the container which support the flooring take much of the load weight. However the gap between them means that whatever type of flooring is laid on top must be fairly strong,as the containers are rated to carry as much as 30 tons,"

Since seeing is believing, look at this:

formatting link

Reply to
Steve Firth

So the obvious conclusion is that BMW need to fix their substandard alarms.

Reply to
Steve Firth

HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.