Hacker Helps Family Recover Minivan After Losing One-Of-A-Kind Car Key

An anonymous reader writes: A hacker and a mechanic have helped a family regain access to their hybrid car after they've lost their one-of-a-kind car key while on vacation. The car in question is a Toyota Estima minivan, which a Canadian family bought reused and imported from Japan. When they did so, they received only one key, which the father says he lost when he bent down to tie his son's shoelaces.

Because it was a hybrid and the on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire. After offering a reward, going viral on Facebook, in Canadian media, and attempting to find the lost keys using crows, the family finally accepted the help of a local hacker who stripped the car apart and reprogrammed the car immobilizer with new car keys. The whole ordeal cost the family two months of their lives and around $3,500.

Re:Why?

[epyT-R]

Welcome to the future of overengineered garbage.

Just go down to a dealer

[guruevi]

Using the VIN number, they can reproduce ANY key for ANY model the manufacturer carries. Sure it may be a bit of a hassle but with proof of ownership, any dealer can reproduce the keys. I've done it a number of time, a key just to get in the car is often free and a smart key can cost $150-250.

For $3500 you could've flown to Japan, gone down to their HQ and flown back with a key.

Re: Just go down to a dealer

I read it and it's still bullshit stupid. The key doesn't encode recharge cycles. How would you have multiple keys? Regardless, having a failure mode that will intentionally overcharge the batteries is insane. The Japanese engineers are not that stupid. Advice from local mechanics about import hybrids -- yeah.

Like any rational design the immobilizer is likely not part of the ecm but self contained or part of the bcm. Order a new one, with keys, from a Japanese dealership. I do wonder if they use canbus now for this instead a dedicated line between the immobilizer and the ecm.

Re: Just go down to a dealer

[Mashiki]

try reading the story.. youll look like less of a moron that way.

The person you're replying to knows what they're talking about. Toyota keys on top of that are universally designed to be programmable out of the box, the only real problem that the shop locally might have is having the proper signal on file because it's an out-of-country vehicle. Even at that you can have the programmable ID tossed on a flash drive and go on your way or even emailed to you. There's also universal master-key signals, but they're not supposed to program them to customer keys. But nothing stopping the dealership to use it to get them out of the lot for example. There's the possibility that the key is only programmable while near the car, GM cars for example require this. But it's easy enough to trick the computer to broadcast the signal to the key too. All that involves is yanking the computer out and slapping it into diagnostic mode.

It all sounds more like the dealership was trying to fuck them over fully, and they got more fucked in the end. The immobilizer ECU can be picked up for under $700 and comes with two keys, and that's through the most expensive source I could find.

Re:I call shenanigans

[mhkohne]

Add to that the fact that you can go to any dealer and get a key with the same code (which means the on-board software has no idea that it is different) for something like a few hundred dollars, and there is a bit of a fishy smell about this story.

Are you sure this is true? I was under the impression that this was NOT possible. You CAN got to a dealer and get new keys - they just have to register them with the on-board computer. Which presumably they were unable to do in this case because they had NO valid keys? That seems odd to me too - you'd think a dealer could just reset the computer to zero and enroll some new keys.

Also, the summary text is far more confusing than the actual article text. The fear of recharge related failure came from the mechanic recommending against letting a hacker at the thing due to fear that hacking it would screw up the computer as a side effect, not because the key was somehow vital.

Terrible summary. And probably some stupid going on somewhere in the chain of events - I really don't believe a dealer couldn't have dealt with this somehow.

Re:WTF

[JBMcB]

Potential Failure Mode: Battery overcharges
Effects: Car catches fire
Secondary: Possibly killing people or setting structures on fire
Cause: Replacing lost vehicle key
Severity: Catastrophic
Risk: Unacceptable
Mitigation: Never replace lost car key

Yeah something here isn't adding up

Re:While we're on the subject....

[guruevi]

It's a BS FaceBook Please-Fund-Me story. Any mechanic could've taken out the car computer and purchased a new one and installed it for less than $1500. Even if the car was out-of-country, it's a risk you take that when you buy exotic cars you may have to pay extra for repairs.

I had an older Buick that had gone on the fritz where basically the keys would start the car but not unlock the gearbox or any other theft prevention (the radio would refuse to work, the car could not be remotely unlocked).
My garage charged $500 to the warranty provider for a brand new "computer" and swapped out the keylock mechanism, and they simply reprogrammed my key (and then I had to go back with my other key to get it reprogrammed as well).

And if I didn't want to pay the dealership an exorbitant amount, there are numerous websites that offer OEM-compatible key replacement and ECU reprogramming services including the Toyota Estima in the story.