Car Thieves and Insurers Vote On Keyless Car Security

RockDoctor writes: The BBC reports that Britain's car thieves, rapidly followed by Britain's car insurance companies, have been expressing their opinions on the security of keyless car entry and/or control systems. The thieves are happy to steal them (often using equipment intended for dealer maintenance of the vehicles) and in consequence the insurance companies are refusing to insure such vehicles (or to accept new policies on such vehicles) unless they are parked overnight in underground (or otherwise secured) car parks. I guess I won't be considering buying one of those for another generation. If ever.

I wish I'd thought of that

[j2.718ff]

I've never been a fan of the keyless car design. But if I wanted a new car, I had little choice. And I knew I'd have no chance convincing car manufacturers to make a keyed version. All this time, I should have been making a fuss to the insurance industry instead.

Thank you insurance industry for making a sensible decision. Unfortunately, that may suck for anyone who owns such vehicles.

Re:I wish I'd thought of that

[beelsebob]

What I can't figure out is how incompetent the car industry's software engineers must be. The implication of this is that it's possible to clone a key based only on the signal it gives off. The implication of that is that they're sending out a static password.

I mean, why are these keys not just broadcasting an "I'm here" signal (possibly with a unique id), and then doing some challenge/response authentication ala SRP that can't have the key reverse engineered from the transmissions to actually perform the unlock.

How did the car companies think they could get away with such crappy security?

Re: I wish I'd thought of that

All your keys belong to us

Re:I wish I'd thought of that

You do know that cars with keys still get stolen?

Re: I wish I'd thought of that

[Moof123]

All your keys are belong to us.

Fixed that for you.

Re:I wish I'd thought of that

[reboot246]

Most people don't have a clue about getting into their car or starting their car when the battery in the car is dead or the battery in the key fob is dead.

There are nearly as many different schemes for such scenarios as there are car manufacturers.

Find out before the need arises.

Re:I wish I'd thought of that

[mythosaz]

The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key. It's the 2010's version of old master keys for tumbler locks.

Even the summary says thieves are using those reprogramming/recovery tools intended for dealers.

Re:I wish I'd thought of that

[WarJolt]

The only problem with keyless cars systems is that the car companies forgot to secure them. That can be fixed.

I'll flip it around on you. Here's my problem with traditional keys; They can be lost, they can be stolen, they can be copied and there isn't a way of logging access or revoking access. Many older vehicles can even be started(and stolen) with a minimal amount of knowledge and tools.

All your cars are connected to the internet or soon will be. If you work for Google you just swipe your badge and take a company car. If you lose your badge they can deactivate it remotely. Being able to revoke access to a car is incredibly powerful. We have 2 factor authentication for your google account. Why not your car?

Re: I wish I'd thought of that

All your key are belong to us. FTFY.

Re:I wish I'd thought of that

[PhrostyMcByte]

The implication of this is that it's possible to clone a key based only on the signal it gives off. The implication of that is that they're sending out a static password.

Not only is it possible, but it's in common practice. Aftermarket remote starters need to clone your keys. You can get a remote starter for basically any car. It's not like you need a dealer for it either, because car electronics places that install these things will be the ones cloning the keys.

Re:I wish I'd thought of that

[jd659]

I haven't heard of a car key that you can just easily clone. The code is never static.

Re:I wish I'd thought of that

[xaotikdesigns]

Until a computer system shows that you are late for your payment (whether it's true or not) and suddenly, you can't start your car anymore. Sure, they'll have that worked out within 2 business days, but you're stuck wherever you are until then...

Re:I wish I'd thought of that

[weilawei]

And master-keying a pin tumbler comes with the caveat that you multiply the number of keys which can open a given door. If you use multi-level master keying, you wind up with potentially dozens of key bittings that you didn't intend to allow but will also open such a lock.

Theoretically, we should be able to avoid that problem with a challenge/authentication protocol. Of course, I'm still skeptical of it being implemented well any time in the near future. For now, I'll stick with my crusty old sidebar wafer locks.

Oh yeah, any halfway competent locksmith (not these fly-by-night people) can open most of your physical locks without any real effort. The only reason they're drilling is to save a few minutes. And if we're talking about a car, it's usually faster to use some other sort of opening tool. Heck, my old Subaru, you could bend the window out with your bare hands and shove your whole arm in to unlock the door.

Locks keep honest people honest. They barely slow down a professional.

Re:I wish I'd thought of that

[drinkypoo]

Even the summary says thieves are using those reprogramming/recovery tools intended for dealers.

Mostly they aren't. They're using other tools which connect to the same interface. It's trivial (in theory anyway) to put your ELM327 into sniffer mode, and with it hidden inside of the car someplace connected to the diagnostic bus, the dealership will never know that you're logging. I can literally buy an off the shelf device for a hundred bucks that will read the immobilizer code out of my Audi, and it's not an Audi-approved tool. Or I can get the code with freeware and a ten dollar cable.

Re:I wish I'd thought of that

More to the point, dealers should not be able to unlock cars they aren't "authorized by the owner/bank" to service. Thus the conundrum.

The dealer devices are also being stolen in order to steal cars, nothing new there. Quit hiring children to wash cars.

You can buy a lot of these recovery tools off the usual piracy sites like Alibaba and eBay if you can grab them before they are removed by the car dealers sending a complaint.

What it comes down to is making the car recoverable without physically breaking into it. To do so should require a tool that physically disables the car transmission and puts the car into a sort of "Towing Neutral" until the key is replaced. The car can still have the parking brake engaged so it doesn't fly down the hill.

It shouldn't be a simple case of opening the car, plugging in a box and running away with the car. Some of the older Toyota Celica's had a "chip card" that you had to plug in in order to drive the car, this was back in like 1996. Perhaps that is what needs to happen, is that a physical fob that must be plugged into the car, and is unique to each car (and not keyed to the VIN) in order to reprogram it, otherwise only the doors can be opened with a dealer tool.

But as the situation always presents itself, keyless entry of any sort is useless if the key is lost, and you would be royally screwed if you lost the key while out shopping.

Going back to the entire "Apple Pay" thing. Recovering the car should work in a similar way. "Find my car", Starting the car should require a biometic that can only be programmed with the primary authorized device present.

But again, it goes back to how do we make sure that a dealer backdoor isn't stolen from a dealer and then used to steal cars? How do you prevent stolen cars from being re-stolen by other car thieves? Quite the conundrum.

Re:I wish I'd thought of that

[Lumpy]

"I haven't heard of a car key that you can just easily clone. The code is never static."

I have, most of the GM VATS chip keys were nothing more than a simple resistor.

http://vats.likeabigdog.com/

Trivial as hell and was broken BEFORE the system was released by GM, even though it was used from 1990-2005

Re: I wish I'd thought of that

The problem is if anyone has physical access the your done, talking about the car itself, the key doesnt need physical access only the right prox and you can clone it

Re:I wish I'd thought of that

Really? Unique key for every car, keyed to vehicle serial number or similar. Have a process where authorised entities can ask manufacturer for override key for a specific vehicle. Make that key only work once.

Process could be largely automatic, with some auditing.

Re:I wish I'd thought of that

[weilawei]

But again, it goes back to how do we make sure that a dealer backdoor isn't stolen from a dealer and then used to steal cars?

Heh. Heh. Heh.

Your keys are marked with a short numerical code on them. This is often also printed in various places on the car itself. You can go purchase the books (these days, software) which lists out the codes according to year, make, model, and code and what bitting goes with each one. You don't need to be a dealer or a certified anything to purchase them, at least where I'm from.

You thought this stuff was actually hard to get? My ribs hurt.. I'm going to go fall over now. It's textbook insecurity through obscurity.

Re:I wish I'd thought of that

zip car....

Look up Zipcar, they work in a similar way.

Re:I wish I'd thought of that

I mean, why are these keys not just broadcasting an "I'm here" signal (possibly with a unique id), and then doing some challenge/response authentication ala SRP that can't have the key reverse engineered from the transmissions to actually perform the unlock.

How did the car companies think they could get away with such crappy security?

Many cars actually implement the exact protocol you describe. But they are not secure at all. With such systems, you can just relay the signals between the key and the car, and the car will happily unlock the door even if the owner of the key is potentially some kilometers away.
So either you have a key fob where you have to actively push a button to open the car, or you need some kind of distance-bounding protocol that ensures that the key is in vicinity of the car by measuring the time it takes to respond to some query, and relating this to the speed of light to ensure that no attacker who is farther away could have sent the signal.

Re:I wish I'd thought of that

[AK+Marc]

I had a popular car (name withheld to provide obscurity). I only had copies of the keys (the keys are old, and the technical "originals" were long lost). They weren't working as well as they should. I called the dealer, no way to get a key made from the original template. So I took a picture of the key, and sent it to a place that re-cuts keys based on the key, but using the standard tumbler-stops to get the new-key fit. Worked much better.

Eventually my glove-box lock failed. Since it was a convertible, that was important (I left it unlocked always, so nobody would cut the top to get in, the glove box was always locked, and the faceplate for the radio was always removed). So I ordered a new lock. They took my VIN, and when the lock came in, it came with two brand-new keys, and the lock was already keyed to go with my old keys. So, just read the VIN off your neighbor's car, and order a replacement glove box lock mechanism, and you'll get two keys to his car. At least, that worked for me. Verified the locks were never re-keyed as well.

Re:I wish I'd thought of that

How can you secure an always-on (as opposed to pushing buttons) keyless car design? Especially with a gizmo that comes in two parts where the thief moves one part to get near your key, the other, your car... and it makes the vehicle think the key is right next to it. Once it is started, the jig is up, the vehicle can be driven, or just opened up and the contents removed.

This doesn't mean that this is impossible... but it might be good to have a button on the key so unlocking/driving the car is done by a deliberate action, where if proximity is faked, it doesn't matter.

Re:I wish I'd thought of that

The answer is a distributed two factor trust network.

If the key software/radio implementation is insecure all bets are off, but this is trivial to do right with public/private key cryptography between the key and car, as well as physical protection for the key (the point is not to make it impossible for a determined adversary but to make it economically not worth a thief's while to reverse engineer every key/car combination, for which fairly simple epoxy, shielding and acid layers should be sufficient).

A master key that can get around a lost customer key should only be necessary under very specific circumstances, such as resale, inheritance, repossession, law enforcement purposes and similar, for regular maintenance the owner can give his key to the mechanic. Remember, it's not worth the mechanic's while to reverse engineer either.

For these instances the manufacturer can set up a network of third parties (always a different entity than the dealer/precinct/etc. that needs the key in the first place). Every time someone needs a master key (not THE master key, master keys should be regionally distinct too so breakdowns in the infrastructure's security are compartmentalized) they themselves have to do a similar PK challenge/response to get at the second factor, thereby authenticating who they are and giving some control to the manufacturer as to who gets this power, when, for how long (can be remotely revoked) for what regions etc.

This of course will only work if the implementation is again set up properly to prevent social engineering type attacks, malware that penetrates networks and steals private keys, corrupt officials etc. The key though is distribution, spreading master key second, third, fourth etc. factors if necessary between several (redundant) parties to make abuse increasingly harder.

Heck, put it on the blockchain, the technology is sound, even if you hate the idea of self determination.

Re:I wish I'd thought of that

[AK+Marc]

Many older vehicles can even be started(and stolen) with a minimal amount of knowledge and tools.

GM was the last hold-out for two keys. One for the outside and one for the inside. The idea was that someone that managed to match one of the outside keys wouldn't be able to match the inside keys. And you didn't need a "valet key" because the ignition key was the same thing, though a valet couldn't then lock it in their lot, but one would assume they were safe.

Well, back in the early '90s, Texas A&M used lots of GM, and lots of students drove GM as well. So, a group tried all their door keys in the university cars. There was a list of keys to car pairings. Copies were made of the "golden" door keys. Then they gathered the large pool of student keys, and used the golden key for the car to open the doors, and tried all the ignition keys. More copies were made, and the result was that there was a group of students with keys to about half the university's cars, based on GM's shitty security, and using nothing more "high tech" than getting a key copied at Wal-Mart or such.

That knowledge was mainly used for amusment, not harm. Find 10 of the cars (all look identical). Then swap them. The employees would go out, find a university car parked where they left a university car, and find it didn't work with their keys. Much time lost, before they'd figure out they had the wrong car, then came the start of the search for their car. http://www.nytimes.com/1992/12...

Re:I wish I'd thought of that

[PPH]

So, just read the VIN off your neighbor's car,

Keep your VIN number covered up.

I have a neatly printed and laminated card that says "Bait Car #6" over mine.

Re:I wish I'd thought of that

I'd like to see someone get through a properly implemented Abloy Protec or Protec2 lock without just destroying it and the door in order to get in.

Re:I wish I'd thought of that

VIN number

Suffer from RAS Syndrome much?

Re:I wish I'd thought of that

[weilawei]

And that's a disc lock (not to be confused with a "disk"/wafer lock). Those aren't terribly common, although the price has come down significantly in the past couple years. I've got a couple on hand and the tools to pick them (yes, IAAL--I Am A Locksmith). And yes, they can also be picked, although it's a real bear, because they don't give you any feedback on whether or not you've spun the disc to the right position (they're built very similarly to a sidebar wafer lock in the sense that they use a sidebar to avoid giving you feedback). One of my bicycle locks is also a disc lock, works fabulously for gritty/dirty conditions that would murder a pin tumbler. They also have another vulnerability to speed things up, but this isn't a locksmithing forum and I'm too lazy to do your googling for you.

If I had a customer ask me to get in, I'd probably suggest drilling it. The price has come down enough to replace them.

Re:I wish I'd thought of that

[fustakrakich]

The kill switch is already there. It can work just as well for stolen vehicles, and I'm sure many people already use them. Of course none of that matters if your car is just loaded on the flatbed and taken straight to the chop shop.

Re:I wish I'd thought of that

[TheGavster]

Welcome to the future: http://blog.caranddriver.com/s...

Re:I wish I'd thought of that

[mysidia]

The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key.

No there doesn't.... they can have a frickin' lock control module mated to the keys which must be physically removed and replaced with a new unit paired to new keys, like various manufacturers have been doing with the immobilizer chips since the 2000s.

The "recovery" mechanism should involved forced entry.

Alternatively... a backup traditional lock on the trunk or a door that can be picked by a qualified locksmith but requires such skill that no ordinary thief could achieve it.

Re:I wish I'd thought of that

[weilawei]

Okay, I typed out a whole post, but this is laughable.

Most locksmiths (I Am A Locksmith) and thieves have the same goal, but for different reasons: get in, and get in quickly. (For the professional locksmith, time is money, and I can make more calls if I bust your lock open versus spending a few more minutes to pick it; for the thief, the longer you stand around, the more likely you are to be caught).

They'll just break out the drill if you make it too hard to pick quickly. Or the screwdriver. It's amazing what a long-handled flat-bladed screwdriver will do to your average pin/wafer tumbler lock...

The only way tools/knowledge get expensive is if you're into safecracking (oohhh.. so pretty...>/drool>). The idea that you can make a physical lock (crypto offers some quite nice advantages here) that the average locksmith is going to spend time picking but a thief won't is absurd.

I'll just tell the customer to replace it, unless they have some weird sentimental attachment and feel like paying me to stand there and pick it (I'm totally cool with that too). A disc (not to be confused with a disk tumbler) is a good option in the "hard-to-pick" category (though not unpickable by any stretch, and the Abloy Protecs have a serious flaw... you can google for it). They also take about 10 seconds to drill with the proper milling cutter. If that.

The closest thing to an unpickable lock is the one on some fortress phones which uses a ratcheting lever lock (so once you raise a lever, it will never come down any lower than that). It also doesn't give you any feedback, so if you screw up, it's back to the drill with you!

Re:I wish I'd thought of that

[Zynder]

Somebody made that wiki page up and the mods are too busy fighting over the guns or abortion articles to have noticed. That's got to be it. It's not a real syndrome.

Re:I wish I'd thought of that

[mysidia]

Keep your VIN number covered up.

Obstructing VIN = Violation of the law, possible Ticket.

Sufficient probable cause for police to force entry into the vehicle to investigate.

Suspicion of car theft, may result in you being detained.

"Any person who, individually or in association with one or more others, knowingly removes, changes, alters, or conceals any motor number, serial, or other identification number, decal or device affixed to a motor vehicle, trailer, semitrailer or motor vehicle part as required by federal law without the consent of the Department, shall be guilty of a Class 6 felony."

Re:I wish I'd thought of that

You need to be able to pair the key to the car. But that process has to be something "difficult" so that no stranger can just walk by, or even just sit in the car if the door happened to be left unlocked.

If the car sends out a challenge code based on a serial number salted with a time value, then thieves will attempt to use whatever contacts they have to figure out the algorithm.

Re:I wish I'd thought of that

[weilawei]

Basing your protocol's PRNG (I'm assuming that sort of design here, although it's by no means the only way to skin that cat) on a serial number is Bad Idea (#1). If you need to hide the algorithm, you've already lost. That's Bad Idea #2.

Something more along the lines of using public-key crypto for your CHAP is more sensible. The car spits out a one-time value and asks the key to encrypt it. Then, the car decrypts the result to verify it. (DISCLAIMER: I am NOT a cryptographer, just a hobbyist in this regard. There's about a million and one ways to screw this up, most of them non-obvious. Taking my advice for anything besides experimentation is downright stupid. Don't roll your own. Hire a professional to do the work.)

Re:I wish I'd thought of that

[Vermifax]

Most of the key reset procedures I've seen require inside access to the car, and if the thieves already have that, slaving a new key to the car is mostly a moot point.

Re:I wish I'd thought of that

The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key.

And for my ancient 2001 Honda that mechanism starts with the dealer installing a new "brain" in the car to go with new keys. Not only is that more secure, it brings higher dealer profit ... so why aren't they still using an approach with that requirement?

Re:I wish I'd thought of that

[green1]

In other parts of the world they're covered by default. In Japan for example there's never s vi visible from the outside. (I have a Japanese domestic market vehicle, the VIN is on a plate under the hood.

Re:I wish I'd thought of that

[rtb61]

The real problem is you need to be able to scare people sufficiently that they will allow the location of their car to be tracked 24/7 via systems already built in and paid for, with just some software changes required. So target the greediest ones and tell them they either have to give up their poseur convenience or their insurance or accept the vehicle can be tracked at any time. Of course the tracking will only be enabled when the vehicle has been reported stolen, uh huh. Once you have forced tracking on one sector of the market, the most afraid, you can then force it on the rest. After all they do it for phones and phones are not, well, death machines, so why not cars.

Re:I wish I'd thought of that

[mysidia]

They'll just break out the drill if you make it too hard to pick quickly. Or the screwdriver. It's amazing what a long-handled flat-bladed screwdriver will do to your average pin/wafer tumbler lock...

I suggest the use of a lever tumbler lock design with some defense of the lock surface using hard plate steel containing tungsten-carbide chips, randomization of placement, and false drill points where an entering drill will pierce a pressurized bladder triggering separate re-locking mechanisms to prevent the car from being started or the door from being opened.

Re:I wish I'd thought of that

[weilawei]

Forget it. They'll just smash the window and replace it, or haul it onto a flatbed and work on it at their leisure.

Lever tumblers aren't going to be my first choice for something like a car. Large mechanism for one that's difficult to pick, and not as robust as a disc lock. Drill points are available from the manufacturers. Not hard to get. Hard plate and ball bearings and chips are wonderful, but...again, better for safes. Also, auto lockies are going to hate you. Relockers? Same deal. That sort of thinking works better for safes, where you have an object which is purposely large, heavy, and bolted down to concrete. Modern cars already have immobilizers.

Electronic locks hold an immense amount of promise for the future of auto locks. They're not nearly so prone to dust, dirt, space, or cost. A proper implementation will take work, but I don't see it as being infeasible. Crypto done right is harder to get past than a physical lock, which will of course just shift the means of entry to something more appealing. Modern car thieves will use a laptop more than a lockpick. That's just how the arms race goes.

Re:I wish I'd thought of that

[PPH]

In which jurisdiction is this? What is the actual law cited?

Re:I wish I'd thought of that

> There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key.

The way to do it is the same as issuing SSL certificates. The manufacturer keeps the "master key" in a secure room, in a safe, on an encrypted USB key. When you need to issue a replacement keyfob, you put the USB key in a PC with no network access and "burn" a new keyfob. Then overnight the keyfob to the dealer. These things cost a ridiculous amount anyway (easily $300+ for a new keyfob) the extra cost for that level of overhead will be a drop in the bucket.

Re:I wish I'd thought of that

Protec keys are vulnerable to self-impressioning attacks. Without the electronic add-on, it's not secure.

Re:I wish I'd thought of that

[jd659]

Interesting, but the additional security to a physical key is not the "wireless" solution that is being discussed here. I'm still quite interested if there are any OEM wireless keys that actually don't use some type of rolling keys or challenge response.

Re:I wish I'd thought of that

[AaronW]

With my 2006 Prius I was told that if I lost both keys that the only way to recover was to replace the computer. If I had at least one key fob I could add more key fobs but it required having at least one fob.

My current car does not have a physical lock, making it all the more difficult to break in to. It can't be programmed over ODB either.

Re:I wish I'd thought of that

[ArmoredDragon]

Tesla's keyless design seems to work well enough so far.

Tesla owners are some of the most satisfied car owners in America, and now they have one more reason to love their Model S: They basically never get stolen.

In the last three years just four of the luxury electric cars have been stolen, MarketWatch reported. Three were reported stolen last year, none in 2012 and only one was stolen in 2011.

It's not like they are too rare for thieves to get their hands on. At least 20,000 were sold last year alone. The National Highway Traffic Safety Administration says cars are stolen at an average rate of about 3.56 thefts per 1,000 vehicles produced. The Model S, however, squeaks by with a 0.15 per 1,000 theft rate, making it the least-stolen vehicle in America. The second-lowest theft rate is that of the Hyundai Tucson, with 0.40 thefts per 1,000 vehicles, according to the Highway Data Loss Institute.

All that technology makes the Tesla tempting, but ultimately too difficult to steal. The Model S doesn't have any locks to pick, since the car opens and starts only when its corresponding key fob is near. Sure a thief could go to the trouble of hacking the car, but once they had it there isn't much they could do with it. Most cars are stolen and parted out in chop shops, and there simply isn't a market for additional Tesla parts.

http://autos.aol.com/article/o...

Re:I wish I'd thought of that

[drkim]

Locks keep honest people honest. They barely slow down a professional.

Damn straight.

Another thing people don't take into consideration is that about 40% of vehicle thefts are tow-aways.

That way they can work on the locks and security in the safety of their chop shops.

Re:I wish I'd thought of that

Modern car thieves will use a laptop more than a lockpick.

I think you mispelled brick.

Re:I wish I'd thought of that

[gsslay]

What is wrong with a physical key? Are they so big that people can't manage to carry them?

Keyless cars seem to be a fancy, insecure solution for a problem that barely exists.

Re:I wish I'd thought of that

[nukenerd]

Keep your VIN number covered up.

Obstructing VIN = Violation of the law, possible Ticket.

Sufficient probable cause for police to force entry into the vehicle to investigate.

That explains something. I am in the UK and have an American car. The VIN is visible in the windscreen, the first car I have ever known like that, and it puzzled me why. I thought perhaps to save opening the bonnet (sorry, hood) to quote it when ordering spare parts?

Perhaps because, in the USA, don't you physically change the licence plate every year? In the UK the licence plate is permanent and is all that the police nornally need to know. You could physically and illegally change the number plate for a false one, but so you could change my VIN in the windscreen - only looks like a strip of metal stamped with the characters.

Re:I wish I'd thought of that

Locks keep honest people honest. They barely slow down a professional. no those we put in congress, the nsa etc and they can just get a court order.

Re:I wish I'd thought of that

[RenderSeven]

... and then doing some challenge/response authentication

Power management. Ever tried to make a decent transceiver that runs for 3-5 years on a 2016 coin cell? Burst transmitters are easy enough, but receivers eat power. And everything else you assume is pretty much wrong too. Its not a static password, and its not possible to clone a key based on the signal it gives off. Now, you can do a man-in-the-middle replay attack with a jammer, maybe, and if you have the master key you can clone a key from two sequential transmissions, but thats different. And its been suggested that you can recover the master key from a side channel attack, but I havent heard that its been practically demonstrated outside the lab (yes Ive seen the papers but havent seen any evidence that master keys are in the wild at this time (someone correct me if Im wrong)). The biggest security 'flaw' seems to be the case where drivers press the remote 'lock' button 3 or 4 times because they like the sound of the horn.

"Incompetent" and "crappy" are pretty strong statements for something you know so little about. There is always room for improvements in a technology, but key fobs need to cost pennies to make, occupy a few square centimeters of PCB space, work reliably with cheap circuit components and few PCB design restrictions, transmit long ranges with truly awful power budgets, use an open standard (not dependent on obfuscation), and it does need a back door for a corrupt and idiot-based dealer network to override when people lose their keys. If you can come up with something better (and by that I mean actually design AND build something that can be mass produced) you will be fabulously wealthy. So get to work, read the KEELOQ spec, and profit.

Re:I wish I'd thought of that

[Bob+the+Super+Hamste]

It's amazing what a long-handled flat-bladed screwdriver will do to your average pin/wafer tumbler lock...

I am always shocked at how many people don't know that trick. I did that to an old fire chest I had that in all the moves I had lost the key and the fire chest was only $30 so it was the quick and simple route. Also if you damage the pins and tumbler enough just about anything will work as a key as those things wear out. The ignition on my old Bronco II was so worn I could use a small pocket knife blade in the key slot to start it. For security forget padlocks since the easy way around them has and always will be an angle grinder. Working at a U-Haul with a storage facility we were always dealing with units for non payment and eventually would auction off the contents. The day of the auction you go out with the angle grinder cut the lock, let the bidders have a peak shut the door, and sell it. A nice silicon carbide or diamond coated cutting wheel goes through those locks like a hot knife through butter, even these recommended locks.

Re:I wish I'd thought of that

[AmiMoJo]

I'm an engineer that has worked with these systems a little. In the end we decided not to use one, but I researched them in some detail anyway.

They usually use a rolling code, similar to 2 factor authentication systems used by Google and banks. The code is based on a PRNG, and the car and the key have the same seed. A new random code is generated every 30 seconds, and the car will accept recent or near future codes as well just in case the clock in the keyfob drifts significantly.

When you change the battery a capacitor keeps the keyfob's real-time clock running. Same when you disconnect the car battery.

The other option is to do a challenge-response using a secret key. The key can't be read out by any means, but it can be reprogrammed to a new one. That's what the deal/thief does, they write a new key into the car and their new keyfob. Similar for the rolling code version they just write a new PRNG seed into both.

Reprogramming requires physical access to the car, to get at the ODB-II debug port. The thieves use a jammer to prevent the owner locking their car, and rely on them not noticing that the lights didn't flash and the locks didn't go clunk. The car is then unlocked and they can access the ODB-II port. Alternatively, some models of BMW have an alarm that detects intruders using a PIR sensor, but you can force the window down and reach into the ODB-II port without triggering it. I guess they need to position the sensor so that people walking past the windows don't trigger it.

Re:I wish I'd thought of that

[AmiMoJo]

Drilling your way in won't help you steal the vehicle itself though, as all modern cars have an immobilizer. That's why this attack is so popular - instead of stealing a few quid's worth of CDs and change out of the glove box, they get the whole car complete with working set of keys, ready for a new VIN and transport to eastern Europe. The insurance companies end up paying out for a new car, hence their unwillingness to insure.

Re:I wish I'd thought of that

[nabsltd]

The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key.

Why?

If you have no key available for the car, the car's private key can (and should) be wiped and replaced with a new one, and the key fob given the matching public key. Again, this is assuming that the system uses public key encryption (which it should) and that you have physical access to the car.

Re:I wish I'd thought of that

The problem of lost keys isn't reason to make everyone cars vulnerable to a backdoor. If push comes to shove have the car manufacturer keep a list of the code(s) used for each individual car (preferably in a hard copy format, not digital), if someone looses their keys a dealer has to call, give the VIN, provide credentials & a reason for requesting the code. That code(s) can then be used in a dealer tool that can program a new key fob. That way if there is a breach it is limited to the few vehicles that have to request new keys from a dealer.

Re:I wish I'd thought of that

[wvmarle]

In case of the challenge/response, the car knows what response to expect on the challenge it sent out. So the car and the key basically do the same calculation.

The lost key situation is very simple: reprogram not only the key, but also the car. The car can be reprogrammed after gaining entry with a physical key - this may be a traditional key, or a smart key, or whatever. Just a second key, that the owner receives with his car and which can only be used for gaining access for reprogramming purposes.

Now what if you lose that reprogramming key as well? Then the car owner will have to pay for a new window in his car, as the dealer will have to use brute force to access the reprogramming hub.

Now theft becomes a bit of an issue (thief steals reprogramming equipment, gains access to the car, reprograms it to match the thief's key), however this again can be mitigated by having the car lock up for some time (a few hours should be enough to deter thieves) upon reprogramming without reprogramming key.

The only issue may be that all the existing keys to the car (many people will have more than one key) have to be replaced.

Re:I wish I'd thought of that

[weilawei]

Old spark plugs work nicely too. That ceramic stuff is super-hard. Will shatter a window like nothing with just a small chip of it.

Re:I wish I'd thought of that

[wvmarle]

I'm used to such numbers being inside the passenger compartment, under the rug - rather concealed places like that.

If the police would want to check on it (never heard they do), I'd have a hard time finding it. It'd require me to read the car manual to check on the location of it.

Re:I wish I'd thought of that

[nabsltd]

Well, back in the early '90s, Texas A&M used lots of GM, and lots of students drove GM as well.

Interesting. I never heard anything about that, and the group of people I hung around with were just the sort that would pull that kind of stunt. I left in 1995, though, so maybe it was a little later.

Re:I wish I'd thought of that

[wvmarle]

Didn't those cars have license plates attached to them for easy identification?

Re:I wish I'd thought of that

[jittles]

Keep your VIN number covered up.

Obstructing VIN = Violation of the law, possible Ticket.

Sufficient probable cause for police to force entry into the vehicle to investigate.

That explains something. I am in the UK and have an American car. The VIN is visible in the windscreen, the first car I have ever known like that, and it puzzled me why. I thought perhaps to save opening the bonnet (sorry, hood) to quote it when ordering spare parts?

I know of no jurisdiction in the US that requires you to physically change license plates every year. In Florida, the license plate is owned by a person and can be registered with another car when the plate owner sells or transfers a car. In California, the plate is tied to the car and they will not issue you a new plate unless you buy a car that has been taken by lien, drug forfeiture, etc. We just have stickers that you put on the plate to show you've paid the fees for the year.

Perhaps because, in the USA, don't you physically change the licence plate every year? In the UK the licence plate is permanent and is all that the police nornally need to know. You could physically and illegally change the number plate for a false one, but so you could change my VIN in the windscreen - only looks like a strip of metal stamped with the characters.

Re:I wish I'd thought of that

[jittles]

Not sure what happened there... sorry for the messed up quote. User error I am sure.

Re:I wish I'd thought of that

I have a Lexus which uses challenge/response from the fob, and yes - the battery lasts maybe 2 years at best with frequent primary use of the car. Recommended replacement is at one year intervals.

Re:I wish I'd thought of that

"The problem is lost keys. There has to be a mechanism for an automotive dealer or manufacturer to replace lost keys, and it has to function without the original key. "

Take blank new key, insert into key programming slot in engine compartment (or some other hard-to reach area). It 'programs' the key (probably the other way around- it programs the car to accept the key, but, whatever), and now that key can be used. Unless a car thief is willing to jack up the car and half-remove the engine in order to access the slot....

Re:I wish I'd thought of that

I think you're onto something with the license plate thing.

As the sibling poster said, US states have various laws regarding changing the plates, but most do not require frequent replacement. Where we run into trouble is when you take a vehicle across state lines. I live in the midwest and drive my car to college in California. If I graduate and become a California resident, I will have to switch my license plates to California. At that point, they'd lose all record of the crazy things I did in college (with my midwestern plates).

Similarly, a lot of jurisdictions require all or part of the VIN number to be recorded on police citations. I think that's partly a bid to force the parking enforcement people to actually get out of their car when writing tickets.

Re:I wish I'd thought of that

[I'm+not+god+any+more]

Perhaps because, in the USA, don't you physically change the licence plate every year? In the UK the licence plate is permanent and is all that the police nornally need to know. You could physically and illegally change the number plate for a false one, but so you could change my VIN in the windscreen - only looks like a strip of metal stamped with the characters.

You get to drive your new car off a USA car dealer's lot without number plates. You get the plates a month or two afterwards.

Hence why you see lots of cars on the road without number plates. Cops get mad if they can't give you a parking ticket - hence the need for visible VINs.

Also, if you have personalized plates - you get to keep your plates, so your old car's new owner needs to get new plates.

Re:I wish I'd thought of that

I've no idea who's right, but the article says:

But Ian Crowder, from motorists' group the AA, warned the risk should not be overstated. "By far the most common way of a car being stolen is still from thieves breaking into homes and stealing keys," he said.

Re:I wish I'd thought of that

[PPH]

Cops get mad if they can't give you a parking ticket

They run the plate and get the vehicle description. If it matches, odds are its not stolen or switched plates. If it doesn't match, they boot it or tow it.

Too many cars don't have visible VINs. My truck has a vertical windshield and no dashboard. So no place to put the VIN tag there. Its on the door jamb (open the drivers door to read). And too many people throw crap up on the dashboard for cops to rely on the VIN beng visible. Take a look at most contractors' trucks.

Re:I wish I'd thought of that

[gzuckier]

No car company is going to equip a car with a security system that will make it impossible for the dealers to repossess the car when the payments stop coming in.

Re:I wish I'd thought of that

[Reziac]

Presumably anything can be cut, given a hard enough blade, but are those "recommended locks" actually any better than the cheap standard locks for the job of discouraging a bungler armed with a hammer?

[The main thing I use padlocks for is to make stealing my trailers too inconvenient for the casual thief.]

Re:I wish I'd thought of that

[Reziac]

It Depends. New plate every year used to be fairly standard practice, but that was a Long Time Ago.

Back in the olden days, Montana used to sell you new plates every year, which is quite the nuisance. This went away in the 1970s (I believe in 1975 since I recall changing the plate on my first car only a couple times), and tho current law says plates shall be replaced every five years, I suspect that's gone by the wayside with the switch to a one-time, permanent registration for vehicles 11 years or older.

At least as of 1984, California sold you one plate (which could be transferred to a new vehicle) and an annual sticker.

Re:I wish I'd thought of that

[lsatenstein]

What I can't figure out is how incompetent the car industry's software engineers must be. The implication of this is that it's possible to clone a key based only on the signal it gives off. The implication of that is that they're sending out a static password.

I mean, why are these keys not just broadcasting an "I'm here" signal (possibly with a unique id), and then doing some challenge/response authentication ala SRP that can't have the key reverse engineered from the transmissions to actually perform the unlock.

How did the car companies think they could get away with such crappy security?

My Chamberlain garage door opener uses a rolling security code as an access code. This is to protect hackers from recording the code and reusing it.
The same is required for vehicles. The access code has to randomly change with every use, and be known only to the legitimate keys.

I never leave the garage remote anywhere in site. Especially not in the car parked in the driveway.

If garage door openers can be secure, so should car access systems.

Re:I wish I'd thought of that

My grandfather told a story about getting in his car with the door key only to find the ignition key didn't work. After looking around a bit more, the car wasn't his - just same make and model on the same street at night. Apparently, manufacturers would reuse keys in different cars but didn't match a door and ignition combination on more than one car.

Re:I wish I'd thought of that

[AK+Marc]

Nope, it was done while you were there, I was class of '95. Some "unofficial" splinter group of the SCCA group. Did you ever do any autocross there? It was the car nuts, doing it for fun, not "bad guys".

But I knew some of those. My roomie used to steal bikes. We got raided by the police once. I had two bikes in the room at the time, receipts for both, and the police didn't believe that one guy would have to bikes, even if I did have receipts and the VINs came up clean. What was funny is that he had a stolen bike in the room at the time, and the police didn't find it. Yes, he manged to hide a bicycle in a room that resembled a prison cell ( 12' by 12', all concrete construction). And no, I broke no laws by failing to turn him in, but the friends that stalled the cops outside to give him time to hide the bike did.

Re:I wish I'd thought of that

[AK+Marc]

If you see the right make and model parked in the right spot, with the large university logo on the side, why would you assume it was a stolen car and check the plates first thing? Nah, most people don't read the plates of the car they are approaching, unless they have a very common looking car, and are unsure of its location in the lot.

Re:I wish I'd thought of that

[AK+Marc]

That would have been a GM, right? All cars started out that way, cars started without doors, and doors were added later, and handled separately. Toyota was the first with a single reversible key in the USA, and the others quickly followed suit, other than GM that held out for another 2 decades. So most of the "two key" stories were '70 to '2000 and involve GM.

Re: I wish I'd thought of that

We all know you drive an El Camino. Now go kill yourself.

Re: I wish I'd thought of that

[AK+Marc]

Nope. The system I described required a single key car. I think all the El Caminos were 2-key systems. Not even close.

Re:I wish I'd thought of that

[nabsltd]

Nope, it was done while you were there, I was class of '95. Some "unofficial" splinter group of the SCCA group.

OK, I know of that group of people, but none of them well.

My roomie used to steal bikes.

Hey, I had a bike stolen around that time! Seriously, I did, but there were a lot of bikes that went missing in that town.

Re:I wish I'd thought of that

[harl]

Covering your VIN is illegal in some jurisdictions. In some it's printed on required registration stickers more easily visible on your dash.

Re:I wish I'd thought of that

[mysidia]

Perhaps because, in the USA, don't you physically change the licence plate every year?

No.... the plate is easily removable, and someone could steal it or swap an incorrect or forged plate there, but every year or 2 years you get a new special little sticker to attach to a corner your plate to show the new registration expiration date.

Re:I wish I'd thought of that

[mysidia]

46.2-1074 https://leg1.state.va.us/cgi-b...

Re:I wish I'd thought of that

[AK+Marc]

When most people lock up a bike with a lock through the front tire and a quick-release hub, it takes 10 seconds to steal a bike. When he'd go out stealing, he'd take a front wheel with him, and put it on the recently-stolen bike and ride it away. Sometimes he'd steal a wheel from a bike next to the bike he stole, but never walked away without a rideable bike. Carrying your own wheel around campus is odd, but not illegal. Carrying a stolen bike with no wheels is odd and illegal. So be odd only when legal, and fit in when illegal.

After a while word got around, and bikes would be locked up better. He never broke or cut a single lock, but probably stole 100 bikes in his 4-5 years there.

Most of the car shenanigans was by some curious, but not malicious people. Eventually, some more malicious people in the group caught on, and the non malicious people stopped. I only know of two times cars were started with the Golden Keys, it was more a theoretical exercise to see how bad GM's security was. I know there were likely more, but I was only personally aware of two.

Re:I wish I'd thought of that

[mysidia]

I'd have a hard time finding it. It'd require me to read the car manual to check on the location of it.

The police know where the manufacturers put the number, which include some additional locations outside and beneath the vehicle which can be read with a flashlight or optically scanned.

But they are all less convenient for the officer than looking down at the dash, or forcing entry to read it off the door frame or pop the hood to read one of the plates off the engine block, major vehicle components, or one of the other dozens of locations where extra hidden VIN plates are placed.

Re:I wish I'd thought of that

[mysidia]

They run the plate and get the vehicle description. If it matches, odds are its not stolen or switched plates. If it doesn't match, they boot it or tow it.

Towing requires time and dispatch of the proper equipment. They'll probably just find the VIN somewhere else or break in in some manner.

If it's switched plates and they boot it, the boot can likely be removed in about 2 minutes by picking the lock then using a standard ratchet + spark plug socket. Clamps could also be taken off pretty quickly with a hand drill and a $1.00 grinding wheel or a hammer and chisel to cut through some spot welds in the design of these things, but the city authorities might try and bring up some bullshit about "damage" to city property that had to be done by the owner in order to expeditiously recover the essential use of their vehicle.

Re:I wish I'd thought of that

Not sure which law you're quoting, but it's not the Federal law: 18 USC Chapter 25 Section 511. The car's owner is specifically exempted.

http://www.gpo.gov/fdsys/pkg/USCODE-2009-title18/html/USCODE-2009-title18-partI-chap25.htm

Re:I wish I'd thought of that

[RockDoctor]

Submitter here.

I've never been a fan of the keyless car design. But if I wanted a new car, I had little choice.

There is really that little choice of vehicles in your country?

I didn't think that North Korea had Internet access.

Actually, we were car shopping a couple of weeks back, so I'm just slightly more interested in vehicles at the moment than I am normally. I'd better do some checking, just in case - by accident - I've ordered such a car. The idea never occurred to me, because the vehicle we test-drove used keys.

Tum-te-googly-tum ... foreign safety kit - not a worthwhile deal as it doesn't include a fire extinguisher ... oh, poofs!! It's got a "hill hold function" - what am I going to do with my left foot now? ... but no mention of keyless locking at all on that range. . Good. I'll double check, but that looks good. No sign of this being a problem we'll have to attend to for the next cycle, and I'll try to remember for the next vehicle cycle too. Maybe the bugs will be squashed by 2020.

Re:I wish I'd thought of that

[RockDoctor]

Better not miss that payment then.

Re:I wish I'd thought of that

[RockDoctor]

[The main thing I use padlocks for is to make stealing my trailers too inconvenient for the casual thief.]

Round here we say "a padlock will keep out an honest man."

Re:I wish I'd thought of that

[Reziac]

Like locks in general keep honest men honest...

Figure if someone really wants to steal 'em, well, that's why they're insured.

Re:I wish I'd thought of that

[mysidia]

Forget it. They'll just smash the window and replace it, or haul it onto a flatbed and work on it at their leisure.

Are you sure the thief won't just move onto the next car whose door was left unlocked?

The trouble with smashing windows is, they're made out of tempered auto glass and can be rather resistant to having projectiles thrown at them; it's also possible to reinforce the windows so they can't be smashed very easily, even by lobbing a brick at them.

Also; they make it very obvious in public that you are attempting a security defeat by a thief, and it will look suspicious to be driving around with a big hole in your window. Noone wants to smash their own window, and now you'll have a huge mess to clean up.

Re:I wish I'd thought of that

[weilawei]

Try throwing a spark plug at your window. The brick will bounce off. The spark plug (ceramic) will shatter it. No window left to have a hole in. It will just appear to be rolled down.

Thieves know this stuff. Consumers, not so much.

Strange

They didn't make universal keys, why would they make universal keyless?

This will be quickly fixed...

No Insurance?

No car loan..

Cash only customers...

Few Sales...

Car makers adapt or go out of business..

Re: This will be quickly fixed...

Time for another bailout.

Re:This will be quickly fixed...

[RockDoctor]

No Insurance?

No car loan..

Cash only customers...

You are probably not reading the article : this is about a British system, so British law applies, not the law of whichever country you're anonymously cowarding in.

In Britain, unless you're the government, if you do not have insurance for your vehicle it is
(1) illegal to have it on the public road, stationary or static.
(2) illegal to drive it on the public road

Questions of car loans or cash purchases are not relevant. Consider someone who owns, outright one of these vehicles. Tomorrow is the day that your vehicle insurance is due for renewal (for driving - British vehicle insurance doesn't necessarily cover theft or damage, they're extras to the legal minimum requirements). So, you grip your credit card in one hand and telephone the insurance company to pay for another year (or month) of insurance.

And the insurance company say "we don't want your business". And every other insurance company also refuses to take your money.

You now have a car which you still own. But you can't drive it - legally - and you can't even leave it immobile on the public highway. Nor can you pay tax on it (which also means that you have got to take it off the public highway). Oh - you can move it between pieces of private ground on a properly insured vehicle - flatbed or trailer. If that's any use to you.

10 years ago and earlier....

[gerald.edward.butler]

Car thieves in any country have been expressing their opinions on the security of keyed car entry and/or control systems. The thieves are happy to steal them (often using equipment intended for dealer maintenance of the vehicles *OR SIMPLY USING A COAT HANGAR/SLIM-JIM, A PAIR OF WIRE CLIPPERS/STRIPPERS/THEIR TEETH AND THEIR HAND AND FINGERS*), but, car insurance companies insured the cars anyway taking into account the risk/likelihood of the car being stolen knowing that it didn't require much expertise or knowledge to steal the car. HOW IS THIS DIFFERENT? SOUNDS LIKE THE INSURANCE COMPANIES HAVE LOST THEIR MIND.

Re:10 years ago and earlier....

[Registered+Coward+v2]

Car thieves in any country have been expressing their opinions on the security of keyed car entry and/or control systems. The thieves are happy to steal them (often using equipment intended for dealer maintenance of the vehicles *OR SIMPLY USING A COAT HANGAR/SLIM-JIM, A PAIR OF WIRE CLIPPERS/STRIPPERS/THEIR TEETH AND THEIR HAND AND FINGERS*)

Too slow. A body pull tool pops the key mechanism out of the dash/column and exposes the wires.

Re:10 years ago and earlier....

Because 10 years ago that's as good as it got. We moved on. Now the insurance companies are saying "This is fucking stupid. Fix it or we won't pay for your idiotic keyless thingamabob. Cmon guys, we fixed keys years ago. If you can't do better, don't bother"

Re:10 years ago and earlier....

[Opportunist]

Because there was very little choice for the insurance companies. Because ALL cars could be stolen like that.

But, unlike with the problems of the old days, there is a tool that can easily remedy the problem of the keyless car. It's called a key.

Re:10 years ago and earlier....

The article actually says that the most common way to steal cars (at least in the UK) is to first steal the key from the house, then steal the car.

dom

Re:10 years ago and earlier....

[u38cg]

It's about the excess of risk. Thirty years ago or more, when all cars were equally stealable, you could charge the same theft premium for all of them because they were all equally easy to steal and there is a relatively fixed amount of theft in total. When only *one* model is easy to steal, that model *will* be stolen, and hence insuring it means a premium equal to the cost of the vehicle.

Re:10 years ago and earlier....

I've seen people jimmy with a coat hanger/unlock tool against a car window for a half hour or more and get nowhere, I can get into my car when I lock the keys in it in at most 10 minutes. You use an extra large screwdriver to pry the upper corner of the door open and then use a long thin metal/wood pole to hit the unlock button through the opening. It might put a few scratches on the door/frame but its disturbingly effective.

Re:10 years ago and earlier....

[RockDoctor]

Thirty years ago or more, when all cars were equally stealable, you could charge the same theft premium for all of them because they were all equally easy to steal and there is a relatively fixed amount of theft in total.

The theft premium was always proportional to the value of the vehicle, not a flat rate.

You might be able to get "legal minimum" or "third-party and fire" insurance for your keyless car, but the threat from the insurance companies is that of simply refusing to accept any new (or renewed) insurance on these vehicles, making it impossible to legally drive them on the public highway.

Under British driving laws, insurance against injuring other people is mandatory. And this "third party" leg of the insurance is the largest chunk of the insurance cost. You can choose to vary if you have insurance against fire, or theft, with varying levels of excess, but you've got to have the "third party" insurance.

Key or keyless, all the same

I still remember the cases which transpired in Asia. BMW was trumpeting their "totally secured" computerized key system back in the 1990's, telling the world that no one can steal the car since everything is secured and only the people with the key with the right key which comes with the correct computer (I guess encryption or something like that) sequence can start the car

And then those cars were sold in Asia and within months people are stealing those cars

According to BMW their so-called "security" is so secured that there are BILLIONS of combination in their "secure key" system

Well, billions or not someone in Asia figured out a way to break the system and those BMWs in Asia were being stolen left and right

Them car companies are so fucking full of themselves, and because of that, their customers kept finding their cars being stolen

Re:Key or keyless, all the same

[Immerman]

>According to BMW their so-called "security" is so secured that there are BILLIONS of combination in their "secure key" system

Well there's the problem right there - obviously they didn't take computer security seriously or they'd realize that billions of combinations hardly gives a brute-force hacking simpleton time tor their coffee to cool - I don't think anyone has considered 32 bit encryption keys secure since... ever, really. And that's assuming there's no vulnerabilities in the system. Meanwhile in order for the mechanic to be able to replace a lost key you need to install a gaping back door in every car you make, rendering your security system irrelevant except to the most casual of thieves.

Re:Key or keyless, all the same

[__aaltlg1547]

There's an app for that.

Re:Key or keyless, all the same

[fahrbot-bot]

;According to BMW their so-called "security" is so secured that there are BILLIONS of combination in their "secure key" system

Well there's the problem right there - obviously they didn't take computer security seriously or they'd realize that billions of combinations hardly gives a brute-force hacking simpleton time tor their coffee to cool

It only works if you say "BILLIONS of combinations" in Car Sagan's voice.

Re:Key or keyless, all the same

[hawguy]

>According to BMW their so-called "security" is so secured that there are BILLIONS of combination in their "secure key" system

Well there's the problem right there - obviously they didn't take computer security seriously or they'd realize that billions of combinations hardly gives a brute-force hacking simpleton time tor their coffee to cool - I don't think anyone has considered 32 bit encryption keys secure since... ever, really.

Given that physical keys can have only "thousands" of combinations and provide reasonable security (car thiefs will break the window rather than try to pick the lock), you don't need a bit 128 digital key to make a secure car door lock, you just need to rate-limit brute force attacks. no thief can spend the time testing thousands of physical keys in the lock door lock, and if the system stops listening for 5 minutes every N number of incorrect keys, then even a 32 bit digital key can be immune to a brute force attack (though the protocol has to protect against snooping)

And that's assuming there's no vulnerabilities in the system. Meanwhile in order for the mechanic to be able to replace a lost key you need to install a gaping back door in every car you make, rendering your security system irrelevant except to the most casual of thieves.

It needn't be a big gaping back door -- if every new car-key generation request has to be signed by the secure private key only known by the manufacturer, then stolen car-key programming equipment has a very short lifetime - it's only good until the equipment is reported stolen, and only validated service stations can get their car-key requests signed and it's trivial to track stolen cars back to the machine that generated the key.

Re:Key or keyless, all the same

[Technician]

Most of those billions of codes are easly circumvented by a replay attack. The cure is to lock and unlock your car with a physical key to prevent reading of the code. The other step is to add a switch to simply turn off the RF trancievers in the car when parking it in an unsecure location. A replay attack will fail when the RF is OFF.

Re:Key or keyless, all the same

[nbauman]

;According to BMW their so-called "security" is so secured that there are BILLIONS of combination in their "secure key" system

Well there's the problem right there - obviously they didn't take computer security seriously or they'd realize that billions of combinations hardly gives a brute-force hacking simpleton time tor their coffee to cool

It only works if you say "BILLIONS of combinations" in Car Sagan's voice.

And only if you're stoned.

Re:Key or keyless, all the same

[sjames]

Rate limiting would help a LOT, but may not be enough if the bad guys rig up a strong transmitter. If you are in a crowded parking lot, you probably don't much care which BMW you steal, the first one to unlock will be good enough.

It's not like BMWs are bargain basement cars, surely they could have spent a bit on an actually secure keyless entry system.

Re:Key or keyless, all the same

[drkim]

...The cure is to lock and unlock your car with a physical key to prevent reading of the code. The other step is to add a switch to simply turn off the RF trancievers in the car when parking...

Great point.

Once hackers started popping passenger doors remotely, I found out you could disable remote door unlock just by pulling the fuse on the receiver.

Now you need a physical smart key turn to open the door and disable the alarm.

Just picking the lock won't work either, because it's the smart key that disables the alarm.

Re: Key or keyless, all the same

[afidel]

Rate limiting would make ddosing a country club parking lot lots of fun.

Re: Key or keyless, all the same

It's also make life easier for any would-be car park rapists.

Re:Key or keyless, all the same

Billions is enough if the car limits the number of attempts per second to something very low, like 1 or 0.5...

Unless the attacker has a few billion seconds to hack the car. Seems like a crowbar through the window would be a lot easier anyway.

Re:Key or keyless, all the same

Even snooping would be fairly easy to protect against, give the key say 100 valid codes out of a few hundred thousand/million. The key fob randomly uses one of the valid codes each time the button is pressed, after one has been accepted by the car car it won't accept that code again for a few days. You still need to implement a limiter on the bruit force approach, maybe only accept one code every 5 seconds (a pool of even 500,000 codes would take about a month to go through them all at that rate)

Re:Key or keyless, all the same

[nabsltd]

It's not like BMWs are bargain basement cars, surely they could have spent a bit on an actually secure keyless entry system.

The problem is that the only right way to do it is a public key-based challenge/response system. This prevents replays from snooping, keeps the keys secure (they never leave the car or key fob), and essentially prevents brute force.

The issue is that this requires the key fob to have both a transmitter and a receiver, plus more computing power, making it larger, and would likely run the battery down pretty fast (even if the receiver is only powered for a few seconds after a button is pressed). Nobody wants to replace their key fob battery every few months.

Re:Key or keyless, all the same

[AmiMoJo]

The radios they use in these systems are ISM band, often 433MHz (Europe), 432MHz (Japan) or 915MHz (US). The bit rate is fairly low, often 9600 or maybe 30kb tops. Thus you can really only try maybe a couple of hundred keys per second, at the absolute limit.

Fortunately there is no need to brute force. Just set up a jammer, wait for someone to fail to notice that their car didn't lock as they were walking away, and attach your hardware to the car's debug port.

Re:Key or keyless, all the same

Given that physical keys can have only "thousands" of combinations and provide reasonable security (car thiefs will break the window rather than try to pick the lock)

I'd point out that carrying thousands of physical keys is rather impractical, whereas generating billions of potential digital keys is trivial.

Re:Key or keyless, all the same

[j2.718ff]

Rate limiting would help a LOT, but may not be enough if the bad guys rig up a strong transmitter.

Exactly. Even if the guy had to park right next to the car he wants to steal, the fact that he doesn't have to touch the target car means it doesn't look like anything nefarious is happening. So he can walk away, do his grocery shopping, while his tools do their thing, and if all goes well, he'll drive home in a much nicer car.

Re:Key or keyless, all the same

[deadweight]

When I had my BMW the most common ways for them to be stolen was either a mole in the dealership making extra keys or the thieves break into your house and steal the key sitting there on a hook in the kitchen.

Re:Key or keyless, all the same

[sjames]

They make credit card chips that can do RSA, so there shouldn't be a big problem there. Also, the receiver shouldn't draw as much power as the transmitter.

Failing that, if making an actually secure keyless entry isn't feasible, surely making a crappy one and lying about it's security isn't the right answer.

Re: Key or keyless, all the same

Not really. Most BMW drivers are rapists and pedophiles. How often do you see a sex slave locked in the back of a X5 - often. Drive a Mercedes instead.

Re: Key or keyless, all the same

[RockDoctor]

Rate limiting would make ddosing a country club parking lot lots of fun.

Hold on a couple of seconds while I get the microphone in position ....

OK, could you repeat that, with a good chesty "Mwahahahahahaha!" at the end. Thank'ee.

Underground as rare as hens teeth

[jabuzz]

At least in the U.K. which is where the article is about. Basically underground car parks at private residences don't for practical purposes exist in the U.K., which is why the article *NEVER* mentions them at all.

Never liked the idea of a keyless car, just being near the car means anyone can get in the car as you approach. Heck even if it is parked on the drive and the keys are inside. One of the stupidest ideas in existence really.

Re:Underground as rare as hens teeth

[Kaenneth]

... And carjackers, since you are in the car at the time.

Re:Underground as rare as hens teeth

[SternisheFan]

In the New York area a lot of keyless cars get stolen from car lots/convience stores because the owners leave the fob in the car, the thieves just get in and drive off. People get pretty complacent with their expensive cars.

Re:Underground as rare as hens teeth

Why do they even have their keys out around the car? In the pocket or purse when you lock the house since you don't need them for anything else.

Re:Underground as rare as hens teeth

[SternisheFan]

They're leaving them either in the slot in the dash or in the glove compartment and just walking away. Stupidity of the owners. Perhaps we will be seeing the re-marketing of kill switches and steering wheel locks soon for these 'secure' keyless cars.

Re:Underground as rare as hens teeth

[fustakrakich]

People get pretty complacent with their expensive cars.

No biggie.. It's insured...

Re: Underground as rare as hens teeth

[jd2112]

Usually the key fob has to be within about 3 feet of the door being opened and then you must press a button on the door handle.

Re:Underground as rare as hens teeth

[tompaulco]

Wow. I literally do no remove my key fob from my pocket at any point when I get into or out of the car. It would take extra effort to take the key out and leave it in the car.

Re:Underground as rare as hens teeth

[EETech1]

My old boss had a Porsche Carerra GT (and other fabulous Porsches in his collection) and he used to leave it parked with the keys in it.

One day I was joking with his secretary about taking it for a spin:

"You don't want to lose your job"

"I can get another job, but I'll never get a better chance to total out a sweet ass Porsche"

About a minute later I played a clip of one being started and revved up, and he bolted out of his office.

I made him take me for a ride (no he wouldn't let me drive it)

He let me follow his wife around Road America in one of his beater Porsches though!

Re:Underground as rare as hens teeth

[RockDoctor]

Submitter here.

At least in the U.K. which is where the article is about. Basically underground car parks at private residences don't for practical purposes exist in the U.K., which is why the article *NEVER* mentions them at all.

By pure coincidence, my family home did have underground parking. But outside residents of that street, I haven't ever met a private residence that had an underground garage. Those garages were built into the houses in approximately 1860 to provide stabling for the horses and storage for the carriage. That they're underground is purely a quirk of the arrangement of streets and a moderately steep hillside.

Not quite as rare as hen's teeth. There are probably more carpenters carving rocking horse turds than there are developmental biologists playing fast an loose with the anatomy of developing chicks, which is how you can give hens teeth. (Seriously - you can. See my signature - I have a non-passing interest in such things.)

Re:Underground as rare as hens teeth

[RockDoctor]

I don't know about your car, but the remote-opening central (un-)locking of my current car can be over-ridden by pressing a button on the driver's door arm rest. [Ker-lunk] and all doors and boot are locked. Which I have used on occasions when suspicious people have been doing the "wash yer winders" trick at traffic lights.

None of which helps you with someone approaching you when you're getting into the car in the parking lot / multi-storey park / street / whatever. Our kidnap security instructors at work refer to that as situational awareness. If you don't have that, you're fucked no matter how secure your vehicle is.

Re:Underground as rare as hens teeth

[RockDoctor]

... or not, any more. Which is the entire point of the article. Not only do you not get the vehicle replaced if it gets stolen, but if you drive it on the public highway before it gets stolen, you're liable to arrest, jail and loss of your privilege of driving.

Really don't get this...

[PortHaven]

It's easier enough to get into a standard auto keylock. People get the key cut books, and cut their own keys. No different.

Re:Really don't get this...

[cheater512]

How does a key cut book help you get in to a random specific car?

Re:Really don't get this...

[drinkypoo]

How does a key cut book help you get in to a random specific car?

Yeah, I'm at a loss there, too. My car came with a tag which I don't actually have which had the key code on it. Otherwise the dealer has to actually get the data from the manufacturer. This is standard for OBD-II-era Audis, and probably VWs too.

Re:Really don't get this...

[Cramer]

Where "from the manufacturer" is far too often "type VIN into a box on a web page." VW has actually made that process much harder over the years. It used to be a 4-5 digit code on the VIN tag that came with the car. Today, the immobilizer code can only be accessed from the diagnostic computer connected to the car. (supposedly through a secure channel (SSL?) to the mothership. and may require some human interaction to allow it in the first place.) Of course, the code is fairly obvious once the ECU is disassembled. :-) But that can take a while, depending on model.

Re:Really don't get this...

Your key code numbers were provided by the manufacturer on one of the various stickers on the ECU (which matches the tag you lost), it's just easier to call them than yank the kickpanel off.

Re:Really don't get this...

[drinkypoo]

Your key code numbers were provided by the manufacturer on one of the various stickers on the ECU (which matches the tag you lost), it's just easier to call them than yank the kickpanel off.

Well, I'll test your theory once I build my bench flashing rig, but I'm pretty sure that the immo code is not anywhere on my Motronic PCM. And the PCM is not behind the kick panel, there's only fuses there. The PCM is in the e-Box, where it's easy to access from beneath the hood (somewhere 6-8 #2 philips screws) and you can even easily read the label without removing the unit itself.

Re:Really don't get this...

[RockDoctor]

It's easier enough to get into a standard auto keylock.

If your vehicle is more than about 25 years old, that may well be the case (though it was getting rapidly harder even then). Newer cars are harder to the point that car theft for entire cars has dropped off a cliff (thefts continue for breaking for parts).

The story is about Britain, where we have a thing called RAIN, and it's cousin, RUST. A 25 year old vehicle is pretty uncommon ; a 40 (+something) vehicle is considered a classic, attracting negligible running tax because there are so few of them.

Car thieves = NSA

There is here surely an equivalence to the NSA's idea of backdooring everything, but only for their own use...

This most important thing in the article

[gewalker]

"By far the most common way of a car being stolen is still from thieves breaking into homes and stealing keys," he said.

Don't leave your keys in the obvious places, including the spare keys.

For bonus points: Have some keys labeled "neighbor's house" that are useless.

Re:This most important thing in the article

Don't leave your keys in the obvious places, including the spare keys.

This. Put your keys in a non-obvious place when at home, and don't even leave spare keys (car or otherwise) at your home. Leave them with a trusted friend or relative.

I remember here in Australia when immobilisers had to be installed in all new cars, and retro-fitted on all old cars. My Dad said at the the time that this would just force thieves in to homes to steal keys, and that is exactly what has happened.

Re:This most important thing in the article

"Don't leave your keys in the obvious places, including the spare keys.

And the thief will then tear apart your house looking for the keys that he knows must be there, taking out any family members that she comes across.

I have heard multiple times that the police in the UK recommend you have you car keys clearly visible in the hall way to avoid this.

Re:This most important thing in the article

[MadKeithV]

Don't leave your keys in the obvious places, including the spare keys.

I'm really good at this! Most of the time even *I* can't find my keys.

Re:This most important thing in the article

Sure, there's almost no risk at all to the thieves in Australia or the UK. In many places in the US, thieves risk being shot if they tried that.

Re:This most important thing in the article

[RockDoctor]

taking out any family members that she comes across.

This is Britain, not America. Burglary with violence is an extremely rare occurrence. Probably less than a one-in-a-million event per household.

Hell - our police forces have to work hard to find enough officers to volunteer for firearms training.

slim jim = stolen CDs. Hot wiring much harder

[raymorris]

Opening a car door is easy enough. That way the thief can steal your CDs. Hot wiring a modern car to steal the entire automobile is quite a bit more difficult. I've opened a lot of car doors. I've never started the ignition without a key on anything newer than 1980s, when you could just pull the lock cylinder with a sufficiently strong tool, then turn the switch with a screwdriver.

Re: slim jim = stolen CDs. Hot wiring much harder

Growing up in the 90s a few friends of mine didn't even have keys for their cars. Just a screwdriver.

Good times.

Re:slim jim = stolen CDs. Hot wiring much harder

[cheater512]

That is one thing I've always wanted the time and equipment to muck around with. Its all security through obscurity since at the end of the day it comes down to a single bit saying whether the car can start or not. Change that bit and all the rest of the security vanishes. Just like hotwiring a older car means the key as a security mechanism.

It might be difficult to get to that bit without half dismantling the car, but it would be interesting to tinker with nevertheless.

Re:slim jim = stolen CDs. Hot wiring much harder

[fustakrakich]

Hot wiring a modern car to steal the entire automobile is quite a bit more difficult.

Call a tow truck, well, one that doesn't ask any questions...

Re:slim jim = stolen CDs. Hot wiring much harder

These days, the electronic lock goes all the way down into the electronic ignition circuits. No keys, no electronic ignition.
So the thieves break into the homes, taking the owners hostage if necessary, all in order to the keys. The British police were telling potential victims to leave the keys in a easy accessible and visible location in order to reduce the chances of them being hurt.

Re:slim jim = stolen CDs. Hot wiring much harder

CDs? What are those?

Re:slim jim = stolen CDs. Hot wiring much harder

[Bob+the+Super+Hamste]

Hell in the US one the the most effective theft deterrent systems is a manual gear box. Then add in not keeping anything valuable laying around in your car and you could probably leave it unlocked in most cases.

Re:slim jim = stolen CDs. Hot wiring much harder

[RockDoctor]

The story isn't about the US.

Submitter here

In a few months short of 25 years of driving, I've driven vehicles with an automatic gear box on approximately 5 occasions, totalling perhaps 100 miles. I've owned 8 or 9 cars, and not one of them has been an automatic.

Other risks

[Alain+Williams]

A few years ago I had a jacket stolen from a restaurant. The crooks walked round the local car parks pressing the button on the key-less entry fob until my (ex) car flashed its lights. Easy job for them.

I reported it to the police, got a video of it being stolen from a camera - the police were less than interested. I was then told that it had been seen on an auction site - by the time that the police got round to visiting it 3 weeks later the guy claimed to not remember anything about it & that was that.

Re:Other risks

[Lumpy]

Lesson that was learned: The Police are 100% useless.

Remember kids, the police are not there to protect and serve or stop crime. They are there for their own reasons to do what they want to do.

Re:Other risks

[tompaulco]

My mother had a car stolen out of her garage while she was on vacation. The police actually found it, amazingly, in a park and ride well known to be a dropping off point for cars bound for Mexico. They actually took prints, which almost made me fall over in surprise. They got a match to a guy who was a known car thief. They did not arrest the guy and would not press charges even though my Mom wanted them to. Not only would they not do their job, but they wouldn't even tell my Mom who the perpetrator was so she could do their job for them.
Why waste time dusting for prints when you are not going to follow up?

Re:Other risks

[freeze128]

Next time you drive to a restaurant, make sure to leave a snake in your car. It doesn't even have to be a big or poisonous snake. If a thief gets into your car, he will immediately jump out again in terror.

Of course, you may want to warn the valet.

Re: Other risks

No, the lesson is that unless the crime involves drugs where the police can seize property and sell it and pocket the money they aren't interested. Welcome to one of the consequences of the war on drugs and civil forfieture. The police aren't interested in crime tgat doesn't pay them anymore. Before tge war on drugs police used to investgate property crime.

Re:Other risks

[Richard_at_work]

Why waste time dusting for prints when you are not going to follow up?

Probably because the suspect is involved in another, bigger investigation - is he a known gang member whose gang is being investigated for human trafficking or drug distribution? Why pick up the known gang member when he can lead to them other members and on up the chain?

Re:Other risks

Don't even go to the police. Get your shotgun and pay the fuckers a visit. Problem solved. Oh, wait, you don't have those. Crowbars are so much messier...

They only speak one language. Prison time doesn't mean jack to them.

Re:Other risks

[RockDoctor]

make sure to leave a snake in your car. It doesn't even have to be a big or poisonous snake.

... your car will be broken into by the RSPCA, assisted by police officers, since it's obvious that you're cruelly mistreating the snake by exposing it to such cold weather.

nope...

For the same reasons why my home door isn't keyless... just not secure enough.

Re:nope...

[YrWrstNtmr]

As it happens, I just bought a keyless electronic deadbolt. But it is not NFC, bluetooth, keyfob, smartphone, or other 'no touch' unlocking tech.
You must either use the key, or enter the PIN on the keypad.

As a father...

... of a 4-year-going pest, I'm sure to avoid keyless cars. Not to mention the other "he's so cute, let him play" relatives. Actually, I might buy a Bluetooth conventional key which would beep loudly if I distance more than x meters from it.

The problem is how many meters?

Modified car?

[jd659]

I have a car that uses a wireless key. After browsing the web trying to find more about the security, I found that you could buy a programmer that connects to the car's data port and programs a new key. What was surprising to me was how relatively easy it is to buy such a device and how quick the programming process was (about 30 seconds). A thief would have to get an entry into the car first (breaking a window, perhaps), but once that is done, it's relatively easy to just drive off with a newly programmed key. What I did was to disable to data port, not permanently, but more of a need to use basis. Since it works on obfuscation, this is not a type of security to be mass produced. Not knowing how exactly the port is disabled, it will take a long time to make it work, so I don't expect a thief to start taking the car apart. Wonder if you can claim for the insurance that the port is disabled. There are many other ways to steal a car, I just want to prevent the easy ones known today.

Re: Modified car?

Which car is that? On my Suzuki sx4 they will need to break a glass, enter the car, open the hood, access the ECU, pop it off and reprogram! It's not an easy task, definitely not easier than just forcing the ignition key under the driving wheel (my car has a failsafe normal key as well for ignition).

Re:Modified car?

[drinkypoo]

Yeah, I just found out there's a sweet hack for the immobilizer in my Audi A8, which admittedly is first-generation. A free program with a ten dollar cable lets you pull the ROM image through the OBD-II port, and then you read the immo code out of the flash. You can get the hood open by cutting the cable, and you can bench flash the PCM (inside a box under the hood) by connecting your OBD-II cable to just three pins since you only need +, -, and the K line. Then you can program your $20 fob to get you in the car, once in there it's not too hard to get access to the ignition switch. The factory service manual data is available by torrent. And that's just keyless entry.

On the other hand, my car still has an old-fashioned column lock, so it's not all software and wire splices.

Re:Modified car?

What's the point when someone can load it onto a flatbed in under 5 minutes and drive off with it?

Re:Modified car?

[dotancohen]

What's the point when someone can load it onto a flatbed in under 5 minutes and drive off with it?

You don't need a flatbed.

Re:Modified car?

What you want to do is put a lock on the data port, that way you can be sure that the keyless system is safe.

Re:Modified car?

Wow, allowing the ROM to be accessible from the OBD-II port is a huge oversight from the car vendor. I would expect better from Audi.

Re:Modified car?

[RockDoctor]

Wonder if you can claim for the insurance that the port is disabled.

Hmmm. Interesting. More interesting than many comments so far.

(Submitter here.)

You could make that claim.

Whether the insurance company chose to believe you is one question that is absolutely and entirely at their discretion (note that in the original description that they were refusing new business, or in some cases annual renewal of the insurance ; they are under no obligation to accept new business, and if you have existing insurance with them which they choose to discontinue, they're only obliged to return premiums paid in advance and to give you a reasonable time - several days to a week or so - to arrange new insurance if they cancel an existing policy).

They might, if they wanted the administrative hassle, send out a vehicle inspector to assess your vehicle's modifications, and then insure the vehicle under "showman's vehicle" terms. Needless to say, you pay for the inspector's report, every year. Or, if you had the system removed/ disabled by a dealer, then they'd want the garage's and manufacturer's certification of the modifications - just as if you'd lowered the suspension and changed the 1.5L engine for a 12L F1 race engine.

Or ... you could tell them you'd made the changes without having actually made the changes. That's when it gets really interesting. Attempting to obtain a service by fraudulent misrepresentation is a criminal offence. It also invalidates your insurance. So, if your vehicle is stolen, and your lies (in writing, above your signature, dated) are found out, then you're liable to unlimited fines, a criminal record (e.g. many countries will now refuse you a visa, for the rest of your life), jail time. AND, because you were driving around with fraudulently-obtained insurance, you were driving with NO insurance. Which almost always means that you'll lose your driving license for several years.

The action that the insurance companies are taking is designed to make people either remove the keyless systems, or to take the vehicles off the road. They clearly don't want to have the business. They're doing this for their convenience, not for the convenience of their customers.

The next step - which I'd expect in about 6 months - will be to raise the cost of insurance above the cost of the vehicle. Which is a very clear way of saying "we don't want this business - it's too troublesome".

Fool me once...

The thieves are happy to steal them (often using equipment intended for dealer maintenance of the vehicles) and in consequence the insurance companies are refusing to insure such vehicles

This is ironic. When electronic systems were first rolled out, the car manufacturers did a fantastic job of convincing insurance companies they were far superior to mechanical lock systems. So good, that in some cases insurance companies initially labeled any theft of such a car as being likely to have been done in conspiracy with consent of the owner, since it was obvious no common thief could have cracked such awe-inspiring technological marvels of security.

Of course, this point of view was unfortunate for those first-generation owners who, who were labeled as suspected frauds. But initially very convenient for the insurance company, who could find an excuse to not pay out (at least until the police began to figure out just how easy it was to fool that "fool-proof" security).
 

Re:Fool me once...

[tompaulco]

No big trick. They did the same thing when they introduced aribags. These lifesavers were going to decrease insurance premiums dramatically. Unfortunately, they have increased premiums dramatically because when they go off, you have to pay thousands to get them repacked, and plus you are probably badly injured instead of dead, possibly injured by the airbag itself, and your medical bills are higher than they would have been if you didn't have an airbag.

Re:Fool me once...

[Cramer]

Not "repacked", but "re-placed". And it happens so rarely because no one will assume the liability of anything ever going wrong with the replacement. Should you have a crash and the airbag doesn't deploy, guess who's going to be sued? (answer: who ever replaced that airbag.)

Re:Fool me once...

[u38cg]

You don't get injured by the airbag, you get injured by not wearing a seatbelt. You can crash into a brick wall head on at 100+mph with a seatbelt and airbag and walk away; with just an airbag you're toast. Mandatory seatbelts would make more of a difference than airbags have.

Re:Fool me once...

Mandatory seatbelts would make more of a difference than airbags have.

Would?! What century do you live in? What third world country do you live in? In (most of) Europe seat-belts are not only mandatory in cars, but mandatory to use for all passengers.

Re:Fool me once...

[wiredog]

your medical bills are higher than they would have been if you didn't have an airbag
True, dead people don't have very high medical bills...

Re:Fool me once...

[u38cg]

Anonymous coward, I'd like you to meet the United States. I'm sure you'll get on :D

Also, freedom.

Re:Fool me once...

People don't seem to understand this: Airbags were designed to be used WITH seatbelts, not instead of them.

As a father...

> The problem is how many meters?

As much as my unimpeded direct line vision allows, I'd say... or rather, close enough that I can get him before he enters the car... that would be about, considering his present maximum speed (and mine!)... about 10m / 10 yards, perhaps.

Comment removed

[account_deleted]

Comment removed based on user account deletion

A Government Poll

The BBC reports that Britain's car thieves, rapidly followed by Britain's car insurance companies, have been expressing their opinions on the security of keyless car entry and/or control systems.

Was this a government organized poll, or a parliamentary committee taking in feedback from the industry? This soft on crime has gone too far, I tell you!

Re:Fucked Up

I don't know about the UK but In the US basic insurance doesn't cover theft. It's liability only.

Re:Fucked Up

[tompaulco]

Yes, you have to have comprehensive in order to cover theft. Of course, if you have a loan, the bank will insist on you having theft insurance, but for some reason they are not willing to pay for this coverage of which they are a beneficiary.

AIG

[John.Banister]

Couldn't help but notice from the article that the insurance company mentioned as refusing to pay on claims is AIG.

Re:Fucked Up

You still would be paying the bank for the insurance they provide, in the form of a higher rate.

To explain why:
You aren't insuring the car in this scenario, you are insuring your debt to the bank. If the car gets stolen, you still owe the bank for the balance.

They need you to demonstrate your ability to pay back the loan. You do that by letting them keep ownership of the car, and agreeing to provide comprehensive insurance until you pay off the debt. If you don't do that, they take back the car and sell it at auction. If that doesn't cover your debt, you still owe them the difference.

Either way, you are on the hook for the debt, whether or not you have the car in your possession.

No, he meant body puller

The slide hammer is but one part of the tool, which is universal. If you go to the tool store and ask for a slide hammer, you get this, which is not a dent puller. A dent puller is this. Both of those contain slide hammers, but if you used the first item, I would imagine it would be easier to beat the column to death with the bare hammer as the screw-like attachment you need for the lock cylinder is in the other box. None of those slide hammer attachments would work.

Re:Fucked Up

[hairykrishna]

There tend to be three levels you can buy in the UK. The least common is 'Third party only', which only covers your liabilities to other people. Next you get 'Third party fire and theft', which does what you'd expect. Last is fully comprehensive which covers everything including making good your losses even if there's no third party to pay out.

Liability

[dutchwhizzman]

This problem is easily solved by placing the liability of a "proper" locking system on the manufacturer and vendor of the car. If the system gets hacked, the manufacturer should be made liable to come up with a fix for that, or buy the car back from the owner at the original price of sale. In the UK most of the provisions for such a system are already in place. It will just take a relatively small and easy law where the party responsible for sale and/or manufacture of a device that later turns out to be fundamentally broken be made liable for the costs of replacing, reparing or taking back the goods.

This will probably turn in to a discussion of what "fundamentally broken" is, but I'm sure the courts will be able to take care of that.

Re:Liability

[N1AK]

This problem is easily solved by placing the liability of a "proper" locking system on the manufacturer and vendor of the car. If the system gets hacked, the manufacturer should be made liable to come up with a fix for that, or buy the car back from the owner at the original price of sale. In the UK most of the provisions for such a system are already in place.

The UK already has consumer protection laws that should be sufficient to cover this. Our statutory rights include that goods are 'fit for purpose' and 'last a reasonable length of time'. There are other relevant protections as well. I'm pretty sure that if the company that sold you a new car in the last ~8 years refused to rectify a security issue sufficient enough to make your car uninsurable you'd have grounds for a lawsuit.

And that's aside from the massive damage to the manufacturers reputation if they didn't resolve it anyway.

Re:Liability

[Simon+Brooke]

Already exists. Goods sold in the UK have to be of 'Satisfactory Quality' and 'Fit for Purpose'. A car you cannot insure for us on the public road is unlikely to be deemed by the courts to be of 'fit for purpose', so the sale of such a car is likely to be void.

IANAL.

Re:Liability

[RockDoctor]

A car you cannot insure for us on the public road is unlikely to be deemed by the courts to be of 'fit for purpose', so the sale of such a car in the future is likely to be void.

FTFY

We don't do retrospective legislation very often in the UK. Which is why the insurance companies are making a public fuss about this, so that future purchasers can't claim "we didn't know about this problem", and the manufacturers do have a reasonable time to fix the problem before the insurers really crack down.

Like I said up-thread, I reckon about 6 months. Then the premiums will go up to around the vehicle's value. There will remain "specialist" insurers who'll do the job for 40%, and will love creaming the profit, while the big insurers will have got a substantial risk off their books.

Best deterrence: Scratched car

[advid.net]

Our car is badly scratched. It's second hand and one of us made additional scratch to it (non intentional).

I don't think anyone would be interested in robing such a car and we feel quite relaxed regarding theft risk (and when going through tight places).

Re:Best deterrence: Scratched car

Next best deterrence would probably be a manual transmission, but the downside there is that you need to learn how to drive it (if you don't know how already), and driving it requires a bit more mental effort (as well as both hands, appropriately making texting more difficult).

Re:Best deterrence: Scratched car

Doesn't always work - a friend had a piece of junk VW, 1st gear didn't work (it was a stick) and he just kept it unlocked with the key under the mat. Someone stole it one day.
Of course, it was such a pile of crap that he was somewhat saddened to find that the thief had only driven it 1/2 a block and abandoned it in a car park...

Re:Best deterrence: Scratched car

"I don't think anyone would be interested in robing such a car..."

This is your neighbor, please robe your car. We are tired of looking at the nasty scratches. Thanks.

Re:Best deterrence: Scratched car

I'll see your beater and raise you a "own a Hyundai"

Re:Best deterrence: Scratched car

Do those two scratches somehow make all the parts of the car which can be "chopped" and re-sold somehow less attractive?

I have two basic rules: avoid buying a new vehicle; avoid buying a used vehicle which is in the top 15 or so of stolen used vehicles. I also try to park near, but not next to, vehicles which are desirable to thieves.

- T

NFC

Why hasn't anyone figured out how to unlock your car with your phone?
Press button under handle to activate power to the car's wireless circuitry.
Have it unlock if your phone can handshake with your car.
No more worry over lost keys.

It's obvious, right? or did someone patent this and is sitting on development?

      http://www.nfcworld.com/2014/10/27/332283/apple-patent-unlocks-cars-ble/

Just the "NFC unlock button" could easily become an after-market item, too, without CarPlay.

@weilawei - Re:I wish I'd thought of that

[nukenerd]

Locks keep honest people honest. They barely slow down a professional.

Yes, but there are a lot of potential thieves who fall between those ends of the spectrum.

Re:Fucked Up

[petermgreen]

#1: Basic insurance is required to drive your vehicle on public roads.

All you need to legally drive your vehicle on the road is third party liability insurance. You do not need coverage against fire and theft and you do not need coverage against damage you cause to yourself and your own vehicle.

#2: Insurers can refuse to insure some vehicles, or set the price such that no one is going to try to insure it anyway.

They can but there are a lot of insurers out there. If a rational risk analysis says there is money to be made then it's likely someone will insure it. At least the freely accessible bits of TFA don't make it clear if he was denies third party insurance or only denied insurance policies which included theft cover. It also doesn't make it clear how widely he searched (another article I found which may or may not be about the same person claims he later found insurance from another provider).

tempest in a teapot

[neurovish]

Yeah, it could be more secure, but it also doesn't have to be. This article sounds like insurance companies just trying to get out of paying claims, which seems to be the primary business of insurance companies. It is computationally simple to crack keys and open a car door, but it is even more simple to break a window or just tow the car away.

Re:tempest in a teapot

[RockDoctor]

This article sounds like insurance companies just trying to get out of paying claims,

Nope, primarily this is the insurance companies turning business away (or handing it to their "specialist" subdivisions, at much higher rates).

There are always cases of insurance claims being refused. But since the rate of fraudulent claims in general is in the region of 5 to 10% (and higher in vehicle insurance), you'll also expect that some of your genuine claims are going to be rejected as fraudulent. and some fraudulent claims are going to be accepted as genuine.

Personally, out of 6 encounters with the payout side of the insurance industry, I've had the loss adjusters round once (i.e., they suspected this claim), and when I produced receipts for around 60% of the material I claimed taken in a burglary, over several years ... claim paid in full. Which was fair, because I wasn't inflating the claim.

I wish I'd thought of that

If you still want a physical key, buy a used rental. I have not been in a rental that does not have a key, even on the newest models. The features the rental companies pick tend to be the no nonsense ones that won't confuse people and won't break.

slim jim = stolen CDs. Hot wiring much harder

Maybe some higher end cars, but I've got a 98 Honda and through normal wear and tear the ignition is messed up to the point where you can jam any key like object in the ignition and with a little finessing start the car.

Fool me once...

This kind of thing isn't relegated to automobiles, when the "chip-n-pin" system was introduced in Europe from what I understand it was considered so secure that banks assumed that any fraudulent charges were somehow the fault of the card holder and they were held liable for them. After mounting evidence and public outcry they eventually admitted that theft was still quite prevalent with these new "secure" cards and reverted to a standard credit card liability (card companies are held liable for fraudulent charges).

after 1995 most have transponder keys

[raymorris]

I guess that Honda model was a little late to the party. Most cars built after 1995 have transponder keys, where the ECU sends a challenge string to the chip in the key.

My theft resistant car

[vandamme]

...a 9 year old Focus