All your cars are belong to us

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
bone;n3546979 said:
it wouldn't stop them from lifting your car on a flatbed and taking off either
And having your car in a concrete slab doesn't stop someone from jackhammering into the wall and taking out that way. Or helicoptering it out of a locked parking lot. Or bribing a guy who works at Mercedes dealership to make you duplicate keys. It's all about risk mitigation and deterrents, if you have to open a garage to get at my car vs just driving off with one that is in a driveway you are going to go with the other car.
Blind_Io;n3546978 said:
"In this shocking footage" - shows a slide show of photos
"Store your keys in a metal tin" - why? So thieves don't have to use the signal jammer? How would storing the keys in a metal box prevent someone from using a duplicate key?
That music gave me ear-cancer.
I think the guy who wrote this is wrong, from what I remember of the stories when this came out first it's not a signal jammer but rather a signal amplifier that takes the signal of the keyfob and amplifies it enough for the car to think that the k
 
Last edited:

jack_christie

Well-Known Member
Joined
Aug 1, 2006
Messages
4,154
cleveland.police.uk

23/03/2018
|
Warning Following Thefts of Keyless Vehicles



Police are issuing a warning after a spate of thefts of keyless vehicles in Cleveland. Ninety vehicles have been reportedly stolen since December 2017, resulting in 27 people being arrested in connection with the thefts.



Ford Fiestas are the main model to be stolen with the figures mounting up to nearly half, but various other models have also been taken . Each of the cars was reportedly taken with the use of a device which allows security features to be bypassed and the vehicles to be taken without a key/fob.

Officers are warning all drivers to be aware of the device and to ensure the below crime prevention tips are followed to prevent further vehicles from being stolen:

• Review your car security. Consider a good quality steering lock for your vehicle. Look for a model which is ThatchamTM approved. This is a great visual deterrent to a thief.
• Contact your dealer and talk about the digital features in your car. Have there been any software updates you can take advantage of?
• Check if your keyless entry fob can be turned off. If it can, and your dealer can also confirm this, then do so overnight.
• Store your keys in a Secured by Design approved key shield. Keeping your keyless entry fob out of sight is not enough. Consider purchasing a keyless fob blocking bag. Try your local car accessories store or search ‘Faraday Bag’ on the well-known shopping sites.
• When parking your vehicle consider using a car park with the Safer Parking Award, signified by a blue tick symbol. When returning to your car - be aware of your surroundings and who is hanging around.
• Ensure your car is locked, all windows are shut and all valuables are removed before leaving your vehicle unattended
• Be vigilant. Keep an eye out for suspicious activity in your neighbourhood and report anything unusual to Police on 101 (999 in an emergency)

Two thirds of the stolen vehicles have now been recovered.

Out of the 27 arrests, 6 of the men arrested were each charged with theft of a motor vehicle, 16 men aged between 15 to 49-years-old have all been released pending investigation and 5 of the men arrested were released without charge.  
https://www.cleveland.police.uk/news/newsall/appeal22865.aspx
 

GRtak

Forum Addict
Joined
Sep 6, 2008
Messages
18,507
Location
Michigan USA
Remote fobs aren't much better. Automakers need to start taking the security aspect of cars seriously.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Remote fobs are way more difficult for a thief. Unless they are specifically casing out your car and record the exact moment you lock/unlock it or got their hands on the algorithm that the manufacturer uses to make their rolling codes they cannot simply unlock it. Moreover a remote fob will unlock the car but you still need a key to start it, so now you also need something that will fit the lock AND transmit the code to the car.

With a "keyless" entry all you do is amplify the signal and drive off. It's also pretty much impossible to secure, you don't need to care about encryption, rolling codes, IFF signatures or any of that bullshit, you literally take a known good signal and amplify it enough for the car to think that the fob is inside. Best way to secure it would be to have to insert the fob into a slot inside the car where it makes physical contact, like you know a key.
 

jack_christie

Well-Known Member
Joined
Aug 1, 2006
Messages
4,154
Tesla has security bounty program and responded to the researchers. McLarenAuto, KarmaAutomotive, and UKTriumph use the same system and ignored them.

Security flaws in Tesla and McLaren keyless entry found
https://www.wired.com/story/hackers-...conds-key-fob/

https://www.autocar.co.uk/car-news/n...ss-entry-found

https://www.theverge.com/2018/9/10/1...spoofing-relay

High-end vehicles are often equipped with a Passive Keyless Entry and Start (PKES) system.

We have completely reverse engineered the PKES system used in the Tesla Model S. Our research shows that this system is using the outdated proprietary DST40 cipher.
https://www.esat.kuleuven.be/cosic/f...dern-supercars

 
Last edited:

GRtak

Forum Addict
Joined
Sep 6, 2008
Messages
18,507
Location
Michigan USA
I think you need to go back and read through this thread a bit. That one is fairly easy to get by. The hard part is that you need to cut the key, but that can be bought from a dealership stooge without morals.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
GRtak;n3553364 said:
I think you need to go back and read through this thread a bit. That one is fairly easy to get by. The hard part is that you need to cut the key, but that can be bought from a dealership stooge without morals.
You need either the physical access to the key itself or get the key profile from dealership. Neither is anywhere near as simple as walking up to a car with a repeater, or in Tesla's case a small war driving device and driving the car off while it's owner is eating some pie. Also neither getting a key from dealer or physically stealing it is hacking...
 

GRtak

Forum Addict
Joined
Sep 6, 2008
Messages
18,507
Location
Michigan USA
Isn't there an RFID code you need from the key fob for it to work too? If not, it is not just the dealership that has the key info by the way. It is pricey, but locksmiths can also get that info, and once again, one with loose morals can cut the key.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
There is a code for the immobilizer but:
1 - it requires extreme proximity to read it
2 - still can't cut a key without access to the original unless you are a dealer.
3 - that's still not hacking

The only things that are 100% secure are those that are 100% inaccessible, a car can be put on a flatbed and stolen that way, in fact that happened to a former colleague of mine literally right from his driveway. However the amount of effort it takes to steal something with a regular key is significantly higher than the amount it takes to steal anything with a proximity key.
 

GRtak

Forum Addict
Joined
Sep 6, 2008
Messages
18,507
Location
Michigan USA
I still think you need to go back and reread some of this thread. Those close proximity keys can be read from some distance.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Again, it's irrelevant as any car that doesn't use proximity keys (there were some that didn't have a push button start but you could just turn a plastic "key") will require a physical key to start and unlock the steering lock. And again I am not saying it's impossible to steal a car that uses a physical key just that it is significantly harder than amplifying/cloning a radio signal.

It is also worth noting that with proximity keys/remote fobs like Teslas you would have the keys to the castle as soon as you broke through the security on any single vehicle. To make it worse seeing as how multiple makes are likely to share same supplier you might actually have access to several makes of cars by breaching only one single fob. You can completely industrialize car stealing process as our friends from the UK learned already, something that is not possible with physical keys.
 

Blind_Io

"Be The Match" Registered
DONOR
Joined
Apr 5, 2006
Messages
21,563
Location
Utah, USA
Car(s)
06 Nissan XTerra Off Road, 00 VFR800, 07 ST1300
Well, it's not as possible to scale to that today. As I recall GM was producing cars for about a decade with an absurdly small number of key patterns, you had something like a one in eight chance of your key working in any given GM produced vehicle.
 

prizrak

Forum Addict
Joined
Apr 2, 2007
Messages
20,217
Location
No, sleep, till, BROOKLYN
Car(s)
11 Xterra Pro-4x, 12 'stang GT
Blind_Io;n3553393 said:
Well, it's not as possible to scale to that today. As I recall GM was producing cars for about a decade with an absurdly small number of key patterns, you had something like a one in eight chance of your key working in any given GM produced vehicle.
That is quite hilarious. You could literally "steal" a car by accident.
 

bone

"bangle for president"
DONOR
Joined
Jan 14, 2004
Messages
16,354
Location
belgium!!
Car(s)
Volvo V40 & Yamaha Banshee
a friend used to have renault 19, and bought a second one as parts car
he could open and start both cars with both the keys...
 
Top