Hacker Helps Family Recover Minivan After Losing One-Of-A-Kind Car Key

An anonymous reader writes: A hacker and a mechanic have helped a family regain access to their hybrid car after they've lost their one-of-a-kind car key while on vacation. The car in question is a Toyota Estima minivan, which a Canadian family bought reused and imported from Japan. When they did so, they received only one key, which the father says he lost when he bent down to tie his son's shoelaces.

Because it was a hybrid and the on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire. After offering a reward, going viral on Facebook, in Canadian media, and attempting to find the lost keys using crows, the family finally accepted the help of a local hacker who stripped the car apart and reprogrammed the car immobilizer with new car keys. The whole ordeal cost the family two months of their lives and around $3,500.

Why?

Why would anyone buy a car like that?

Re:Why?

[epyT-R]

Welcome to the future of overengineered garbage.

Re:Why?

[ShanghaiBill]

Why would anyone buy a car like that?

According to TFA, they didn't know what they were buying. The car was originally made for the Japanese market, and later imported to Canada. They should have known something was fishy when they noticed that the steering wheel was on the wrong side.

Also, according to TFA, it is common in Japan for car buyers to only receive one key, which cannot be duplicated. So I guess the Japanese just never lose their keys, or if they do, they just buy a new car.

Re: Why?

Or they have it towed to a shop and get new keys programmed. Just like we do here in the US.
I assume the issue is there wasn't a shop which had the programming equipment in Canada.

Re:Why?

[taiwanjohn]

No shit. Why would you want a right-hand-drive car in Canada? Why would dealers even bother shipping them to Canada for resale when there are plenty of other markets in the world where they also drive on the left side of the road? If this were a story out of Australia or the UK, that's one thing... but Canada? Weird.

Re:Why?

[Bert64]

Try Myanmar, they drive on the right but 95% of cars on the roads are right hand drive cars imported from Japan...

Re: Why?

[ShanghaiBill]

Or they have it towed to a shop and get new keys programmed.

RTFA. They tried that, and all the shops said it was impossible. The car had a customized immobilizer. Even the manufacturer could not make a new key.

Also, in America you do not need to have your car "towed to a shop" to get new keys. You just need to call an authorized dealer and give them the VIN.

Re:Why?

[uvajed_ekil]

AWD hybrid minivan? Cool. RHD hybrid minivan that is literally impossible to find parts for on this continent? Not so cool. Kind of a neat van but way too rare over here to be even a remotely good idea. When you need anything at all for it, you'll spend forever trying to match parts from Toyota's massive catalog of locally available parts, and probably end up having to order shit from Japan most of the time.

Re: Why?

[aussersterne]

On all Volvos since 2000, you have to have a CAN network module in the car programmed with the ID of any new key, and this requires a VIDA subscription, a DiCE unit, and access to Volvo's network. So yes, if you lose your key you *will* have to have your Volvo towed to the mechanic and pay for programming time while they hook your car up and tell it about a new key.

Re:Why?

[Nkwe]

Also, according to TFA, it is common in Japan for car buyers to only receive one key, which cannot be duplicated. So I guess the Japanese just never lose their keys, or if they do, they just buy a new car.

Actually the article says:

"This was not the case; as the manager just informed me, most cars sold by auction in Japan come with only one key and they haven't gotten anything else from the auction since."

I assume that "by auction" implies sales of used cars that are not private party to private party. Surely new cars come with multiple keys.

Re: Why?

[superdave80]

Also, in America you do not need to have your car "towed to a shop" to get new keys. You just need to call an authorized dealer and give them the VIN.

My co-worker has a Prius, and he lost the only key. They had to have it towed to the dealership to be reprogrammed to get new keys.

Re: Why?

[dknj]

And you are literally paying for the time, there is a hardcoded timeout between accessing the reprogram function and enabling the new key. That said, there are always ways around this functionality.

It has already been done for Ford and Jeep

Re: Why?

[corychristison]

Many manufacturers are different.

If you have 1 key, generally it's much, much easier (and affordable) to get a duplicate made. If you have no keys, generally your only route is the dealer for modern cars. Depending on the year and manufacturer, you can not make a new key from just the VIN. Ford specifically dumps their records after 10 years.

I worked in a locksmith shop a few years ago, and every vehicle is different. Many manufacturers you can simply "clone" the existing key, and it will simply work without issue. Some other manufacturers you need to cut the key to a new key, and program the new key into the system. Sometimes it's as simple as turning the existing key in the ignition to accessory, leaving it there for a few seconds, turn it off, remove the key and insert the new key and turning it to accessory as well (most 2005-2012 Chevrolet's are this way). Sometimes you need to turn to Accessory 3-10 times for it to program, then you can start the vehicle with the key.

Some need you to use an external device plugged into the CAN bus to program the new key in (many Fords, and Lincolns).

When it comes to imports, however, all bets are off. We built keys, and rebuild ignitions to jimmy-rig systems together in some cases. You do what you need to do to make the customer happy. Our experiences were with older models, and nothing too technically advanced. Simple transponder based keys and ignitions, which are generally easy to work with.

My personal vehicle uses a proximity fob, and they are much more complicated. Just as I left the locksmith shop, they came out with a way to clone the "key" part (you stick it in a slot in the center console to start the car), but not the proximity feature. If I wanted an additional proximity key, I would need to buy a new one from the dealer, and have them program it in to the tune of around $400. Thankfully I have two, but if one becomes lost I'll buy another without hesitation, as my body wouldn't be able to contain my anxiety I would have with the thought of losing the only key.

Re: Why?

[GerryGilmore]

Likewise Ford. I have a 2002 Ranger and only got one key when I bought the truck, so I went to the dealer to have an additional made. No dice. You must have 2 keys before they will cut a new one. If I lose that one key, it must be towed to the dealer as any attempt to bypass it will result in bricking the truck. Minimum charge (not counting the tow)? $300. Obviously, had I known, I would have bought a different make. Fuck Ford.

Re:Why?

[davester666]

Why would anyone design a vehicle, where something that happens pretty commonly may result in the destruction of the vehicle?

Re: Why?

[GrumpySteen]

The dealer told you that they won't make a key if you show up with the truck and only one key, but if you show up with the truck and no keys at all they will make one?

Either you're gullible and don't recognize an obvious scam or you're not very good at making up stories.

Re: Why?

[Miamicanes]

You're assuming a future smart TV won't do bullshit, like refuse to do anything when powered up for the first time because it's hellbent on checking for updated firmware (read: the TV went to manufacturing 6 months before it even HAD working firmware, so they manufactured it with little more than an internet-connected bootloader on the assumption that by the time it ended up in stores, they'd (hopefully) have working firmware for it ready for buyers to download.

Think it can't happen? Hardware like that already exists. One of my friends has a Nintendo 3DS. He bought a new game for it to play in the car on a weekend road trip the night before we left, and ran it for the first time after we were on the road. The game came on cartridge. He put in the cartridge, powered up the system, and had a "fuck my life" moment when it refused to let him do anything until he downloaded an update. If he hadn't been able to tether to my phone, he would have been screwed and unable to play it for several hours. This was a CARTRIDGE GAME that effectively refused to run until it managed to connect to the internet and download something.

By the same token, I can't think of a single time... EVER... when I've been able to stick in a game disc for an Xbox 360, Xbox One, or Wii-U & just PLAY the goddamn game without having to endure 2-20 minutes of mandatory downloads and updates before being allowed to continue. When I plugged in by XB1 for the first time on Christmas Day, I spent my first hour and a half as a new owner staring at the glacially-slow download meter. Why? Games now go to manufacturing LONG before they're anywhere close to being play-ready. Physical media is now just proof of having a license.

Christmas 1983, brand new c64. Plugged it in, turned it on, and wrote my first program in about 20 minutes.

Christmas 2016, brand new dell laptop. Pluged it in, booted it up, and spent the next 2 hours watching Windows Update install update after update after update.

We're frogs getting boiled slowly, one shitty piece of hardware at a time.

Re: Why?

[Demolition]

Minimum charge (not counting the tow)? $300.

Frankly, it sounds like your dealer is ripping you off. $300 for one spare PATS/SecuriLock key is very pricey, even including programming time.

A few years ago, a coworker lost the key for one of our work trucks (a 2003 F-350). He had a non-PATS spare key that would open the doors, but not turn the ignition, so he had to get it towed to the dealer (no charge for the tow due to auto club membership). The dealer charged us $125 + tax to program two new PATS keys. Overall, the whole ordeal cost much less than we thought it would.

As for buying a different make... immobilizer technology is pretty much ubiquitous. I've read that some countries have mandated engine immobilizers on new cars and trucks (and even motorcycles) since the late-1990s. I recall that Japan and Australia are among them. Up in my neck of the woods (Canada), we've had federally-mandated immobilizers on all new vehicles since 2007. Not sure about the U.S., although it seems logical that all North American vehicles would be similarly-equipped.

Re: Why?

[Darinbob]

It's DRM. Hollywood and game makers have so many companies forced to implement their DRM schemes. If you can't connect to the internet then they have no way of proving that you're allowed to play that game at that particular time and in that location. Nothing scares game makers like the thought of someone playing a used game instead of playing full price.

Re: Why?

[barc0001]

I have no trouble believing the story. Ford is involved after all.

Re: Why?

[barc0001]

Could have been Ford Canada. They're assholes. Friend of mine had the infamous Focus ignition cylinder problem that Ford USA was doing replacements on free of charge. For him in Canada? That'll be $1000...

Fuck Ford.

Re:Why?

[dryeo]

Lots of right hand drive former Japanese cars/trucks here on the wet coast of Canada. The Japanese are very anal about the cars they allow on their roads so once a vehicle hits maybe 30,000 miles, it's junk by their standards.
Want a Skyline, a mini cab-over truck (4x4 too), a real Landcruiser (diesel too), those weird 4x4 short stubby vans? They're all available here in BC, there's a reseller (importer?) about 15 miles from me.

Re: Why?

[green1]

US and Canada both require immobilizers, but due to very slight variations in the rules around them (the Canadian ones have to immobilize the vehicle faster after you shut it off than the American ones) the auto manufacturers have been using it as an excuse to forbid the importation of American cars in to Canada. "Oh we're sorry, even though we sell the identical model vehicle in Canada, there's no possible way to fix the immobilizer on that US vehicle to meet Canadian standards, you'll just have to pay $20,000 more for the Canadian version of the car"

Re:Why?

[green1]

You'd want a right hand drive car in Canada because a right hand drive car is far better suited to driving on the right hand side of the road than a left hand drive car. It's far safer for both you, and for cyclists, pedestrians, and other motorists.

It boggles the mind that people are willing to drive on the left side of the car when you drive on the right side of the road. It's was a completely arbitrary decision many years ago, and was quite honestly the wrong one.

But beyond that, you'd import a car from Japan to Canada because they have all sorts of models available there that were never available in North America, and are far superior to the ones that were made available here. Additionally they tend to be in amazing condition with very low mileage, and relatively cheap. They're amazing bargains. It's sad that the industry lobby groups have managed to convince the government to ban them until they're over 15 years old, and that they're still often more appealing than the much newer offerings available here.

Re: Why?

[slashrio]

We are fucking idiots for not giving those brands the boot at first notice.

Re: Why?

[slashrio]

So... that man hates liars...

Re:Why?

[tlhIngan]

No shit. Why would you want a right-hand-drive car in Canada? Why would dealers even bother shipping them to Canada for resale when there are plenty of other markets in the world where they also drive on the left side of the road? If this were a story out of Australia or the UK, that's one thing... but Canada? Weird.

Well, you are allowed right-hand-drive cars in Canada (and US too). Though since you typically import them, you usually know what you're getting, and the why part is usually because it's a highly special car. Though usually it's some sort of supercar or other collectible car.

You know what you're getting in to - if you're looking for a car and see that the steering wheel is on the wrong side, you either know what you're doing, or imported it yourself. The fact is, the owner has a clue - most buyers of used vehicles won't buy a car that's "different" (e.g., steering wheel on wrong side) from what they're used to. Unless I wanted a specific car, I wouldn't take the right hand drive version because it will be odd. Plus they are licensed and insured differently due to the non-standard nature of the vehicle, so really, you know what you're getting into.

Re: Why?

[spiritplumber]

Re: your sig, Dr. Godwin has said that it's okay.

Re: Why?

[Megane]

Xbox One

Then I assume you've never tried to use a brand new Xbone out of the box without an internet connection? It requires an initial download before you can play *any* games on it. I don't ever plan to have one, I only know this because I've seen it happen.

Re:Why?

[Aighearach]

They should have known they were part of a fake story when somebody told them that hybrid cars somehow "keep track" of the state of charge when charging but can't simply test the voltage to know the state of charge any other time, and would somehow overcharge and explode if they disconnected it to replace parts.

I suspect the timeline is a bit off and the hacker who saved them was also telling them where to get info on the car. Probably also helped them out by calling the dealer for them. And crows?! This is just bad fiction.

Re:Why?

[Aighearach]

Burma doesn't import many cars from Thailand because Thais already run them forever until they can't fix them anymore and there isn't a significant downmarket. It would just add another middleman. Instead, Burma and Thailand are importing the same used cars from Japan, with the newer ones going to Thailand.

Also, they don't get along that great and there isn't a huge amount of casual trade.

Re:Why?

[Aighearach]

Because they're a fake engineer in a fake story where most of the details are just something somebody said. Worse, if the charger couldn't read the voltage, it would still explode the battery even when it remembered how long it ran the last time. Battery charging is never open-loop!

Re: Why?

[thegarbz]

Why? Games now go to manufacturing LONG before they're anywhere close to being play-ready.

Err no. Many times you're not downloading anything to do with the game. Some times you're downloading lovely feature additions or minor bug fixes.

We're frogs getting boiled slowly

Actually what we are is a bunch of experts at hyperbole that could make even a Fox News presenter blush.

Re: Why?

[green1]

Only for the past 20 years, and have driven many different vehicles including several right hand drive ones.
How much time have your spent behind the wheel of a right hand drive vehicle?

Re: Why?

[fluffernutter]

Can you not plug, download, then unplug?

Re: Why?

[fluffernutter]

The first thing I did with my new Ford was put a carabiner on my keys that gets securely clipped to a belt loop if not on my key rack. Cost of carabiner? $0.25.

Re: Why?

[endercase]

yes; such swig much swooty.

Re: Why?

[Miamicanes]

No it WAS *NOT*. It was Lego Legends of Chima for 3DS. The first time it ran -- from cartridge, on a 3DS not connected to the internet (because we were in a car), it announced that "an update is available that must be installed before the game can run".

My whole point was, you now can't even assume a GODDAMN FUCKING *CARTRIDGE* game will allow you to play it until after it's gotten to access the internet even once.

Imagine if you were a parent taking your kid on a long transpacific or transatlantic flight, bought him a new shrinkwrapped cartridge game, and gave it to him to play on his 3DS once the plane was at cruising altitude... then that shit happened.

Cartridges are EXPECTED by consumers to be self-sufficient to at least some sane degree. Forcing an update before allowing a cartridge (or disc) game to run AT ALL (bugs or not) is bullshit.

Re:Why?

[Bert64]

No, definitely from Japan..
The used car dealerships all advertise the fact they have cars imported from japan, and many cars still have stickers in the window from their former use in japan, many also have smart card readers which were seemingly commonly used for something in japan and are totally useless in myanmar, but just havent been removed.

Most of the entertainment systems are also still running in japanese, where navigation systems are present they will usually be in japanese and contain japanese maps (rendering them somewhat useless), many don't even have the option to change the language to english and i've not yet seen any which supported burmese.

WTF

[Fly+Swatter]

owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire

That's a thing?

Re:WTF

[drinkypoo]

That's a thing?

It sounds suspiciously like bullshit to me. Hacking the immo isn't at all likely to cause that kind of problem. On the other hand, from what we learned about Toyota's coding practices around the unintended acceleration issue, I wouldn't be terribly surprised if a minor misstep could cause basically any kind of problem.

Re:WTF

[JBMcB]

Potential Failure Mode: Battery overcharges
Effects: Car catches fire
Secondary: Possibly killing people or setting structures on fire
Cause: Replacing lost vehicle key
Severity: Catastrophic
Risk: Unacceptable
Mitigation: Never replace lost car key

Yeah something here isn't adding up

Re:WTF

[drinkypoo]

You mean the unintended acceleration that for some strange reason only occurred in the US where people are litigation happy to get rich?

Did you read the results of the code review? You won't ever cross the street in front of a Toyota again.

Re:WTF

Not in the slightest. Nobody has ever designed a battery charger like that. This car owner received some misinformation about his car, probably made some bad assumptions, and then made a stupid decision.

More likely than not, a Toyota dealership in Canada or the USA could replace the key for a couple hundred, but worst case they could special order a replacement key from Japan. In either case, neither the immobilizer nor computer have anything to do with preventing overcharge. At most the computer keeps track of the re-charge cycles and implements coulomb counting to better estimate remaining charge, detect an old worn out battery, etc... but recharge is ALWAYS done based on measuring the voltage and/or internal resistance of the battery while charging.

Re:WTF

[goose-incarnated]

You mean the unintended acceleration that for some strange reason only occurred in the US where people are litigation happy to get rich?

Did you read the results of the code review? You won't ever cross the street in front of a Toyota again.

Apparently the software magically gets better design and development when it's self-driving software.

Re:WTF

[Aighearach]

More intelligent people use accident statistics to predict how often a car will crash.

Toyotas are very safe.

It is a fact.

You're actually afraid to cross the street at certain times, because some programmer looked at other programmer's code and said something bad about it? LOL real programmers have to be able to survive that one, because everybody's code is ugly; just show it somebody else and ask!

Re:WTF

[Cramer]

Indeed. Plus, Toyota hybrids use NiMH, which you technically can't overcharge. And there's thermal sensors preventing overheating -- and thus "fire". Li-Ion based systems have the BCM built into the battery module, and it's 100% independent from the ECU. If it's a plug-in hybrid, then the BCM will be running when the ECU isn't.

This story is just a bunch of BS about people losing a key for a foreign car that can't be replaced out-of-market. Of course they can't get a Canadian Toyota dealership to replace it; the thing doesn't exist in NA. It's entirely likely the tools to do it don't exist in Canada. (obviously, outside the hacker community.)

reset computer - battery explosion WTF

" on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire"
  Really? You mean the computer cannot detect the charge level of the battery and act appropriately. Sounds broken by design if it really works that way.

Re:reset computer - battery explosion WTF

[v1]

The problem is the key and the computer were paired. To fix the problem requires either duplicating the key (but it was a custom system so that's out) or replace the computer with another one you have the key for. Biut when you replace the computer, THAT was where the charge cycles were stored, and the computer will think it's still using the battery from the vehicle it used to be installed in. (I suppose you could swap the battery too but that would be a whole new problem) The hack was replacing the computer and importing the battery data from the old computer.

This all sounds rather odd to me, an electric vehicle you can't swap the battery on because the battery data is stored in the car not the battery? Any good laptop computer stores charge data in the battery itself, so a new battery has 0 cycles on it. You can also carry a spare battery with you and the computer can treat them differently. I don't see what sort of genius designs an electric vehicle and stores battery history in the computer rather than in the battery where it belongs.

Re:reset computer - battery explosion WTF

[kugeln]

Toyota uses separate ECUs for just about every major feature. Sounds like the guy was a victim of the "hard sell" when he was calling some shady locksmiths to cut and program a new set of keys. New transponder ECU with a new matching set of key blanks and he would've been good to go. Significantly lighter in the pocket book, but nowhere near "your car might explode".

Re:reset computer - battery explosion WTF

[Kohath]

Also, who designs open loop battery charging systems?

I fuck all about battery charging, but engineers would never design a system that could overcharge and explode batteries based on some old data about how much charge the system thought it might have. And even if they did, why would safety regulators ever approve such a system -- especially in Japan?

Re:reset computer - battery explosion WTF

[Darinbob]

Any battery charger that doesn't monitor voltage and temperature is junk. At the very least there should be a way to restart a training cycle.

Re:reset computer - battery explosion WTF

[v1]

Any battery charger that doesn't monitor voltage and temperature is junk. At the very least there should be a way to restart a training cycle.

Any decent charger will do that. But it's still necessary to track cycle count to adjust the charge rates and levels as a battery gets older. Risk of fire isn't as big as a lot of media say, that just gets them some more clicks. But improperly charging a battery will definitely shorten its life. And when it's a big, expensive battery, getting every week you can out of it is important.

I've seen a lot of batteries swell due to overcharging, and a few of them even started busting up the laptop computer they were installed in at the time of the failure. I can't imagine the mess that would make of your car if the battery decided to be an extra 10 inches thick overnight... it'd punch out the bottom of the deck onto the driveway or try to stuff your headrest out the sunroof!

Re:reset computer - battery explosion WTF

[Megane]

You mean in Japan, where they allowed a nuclear power plant to be built on a coast that gets tsunamis, with cooling pump emergency power generators at sea level?

Re:reset computer - battery explosion WTF

[Aighearach]

Improperly charging shortens life, and tracking is good so that the computer can detect when the battery is starting to fail, but those are totally separate things. You don't charge differently as the battery ages. I read the datasheets before I design my circuits, and all the charger ICs are the same on that point, as are the from-scratch engineering guides.

Generally the charge cycle count is stored in the battery pack where it available.

I think the dealer fed him a bunch of bullshit trying to get him to just buy a different car, and he took it all at face value and this is the tale of woe that happens to you if you're credulous. Everybody is full of shit, believe that until you understand the entire datasheet. Always.

Tired of smartkeys

[tempest69]

I really don't want a smart key I've been careful and lost one already.
I've been tempted to just wire my key into my car, so regular keys would just work.

Re:Tired of smartkeys

[ElizabethGreene]

I do this, with an almost-smart key.

My Dodge minivan requires a transponder key and I have only one. A second transponder key, programmed by the dealer, is over $200.

I lose stuff, so an irreplaceable key is a bad idea for me. That key is now stuffed inside the plastic housing that covers the lock and I use $2 "dumb" keys instead.

Re:Tired of smartkeys

[Bing+Tsher+E]

My wife's car has a 'smart key' like that. I have been tempted to get the key duplicated in the 'dumb' variety, then grind or cut the key tip off the 'smart key' and do what you say, stuff the electronic part inside the housing.

She hasn't lost the key, but there have been crises where her copy of it is lost.

Re:Tired of smartkeys

[drinkypoo]

I've been tempted to just wire my key into my car, so regular keys would just work.

There is often simply a little smart "pellet" in the key, and an antenna near or even wrapped around the ignition lock. You take the pellet out, and you glue it to the antenna, and then any key will work forevermore.

Re:Tired of smartkeys

[fluffernutter]

I lose stuff too. So for my brand new smart key I bought a brand new carabiner clip for $0.25. My smart key is either on my key rack, in my wife's purse (who isn't so prone to losing stuff) or clipped securely to my belt or laptop bag.

Re:Tired of smartkeys

[Cramer]

Remove the battery. Duh.

picture of keys

[Bender+Unit+22]

Now that they have posted pictures of their analog keys, I hope they have replaced those too.

Re:picture of keys

[uvajed_ekil]

Right, because I'm so sure that someone who desires to commit grand theft auto (or whatever they call it in Canada) is going to see this picture AND track down this one of a kind vehicle (practically, anyway) AND manage to duplicate the key, knowing that the car has basically no resale value because it is so unusual. Right.

Just go down to a dealer

[guruevi]

Using the VIN number, they can reproduce ANY key for ANY model the manufacturer carries. Sure it may be a bit of a hassle but with proof of ownership, any dealer can reproduce the keys. I've done it a number of time, a key just to get in the car is often free and a smart key can cost $150-250.

For $3500 you could've flown to Japan, gone down to their HQ and flown back with a key.

Re: Just go down to a dealer

I read it and it's still bullshit stupid. The key doesn't encode recharge cycles. How would you have multiple keys? Regardless, having a failure mode that will intentionally overcharge the batteries is insane. The Japanese engineers are not that stupid. Advice from local mechanics about import hybrids -- yeah.

Like any rational design the immobilizer is likely not part of the ecm but self contained or part of the bcm. Order a new one, with keys, from a Japanese dealership. I do wonder if they use canbus now for this instead a dedicated line between the immobilizer and the ecm.

Re: Just go down to a dealer

The story is bullshit. Doesn't matter where the car comes from. Clearly the dealers they talked to were full of it. No need to break into the dashboard at all. Sounds like this family got scammed out of some cash.

Re: Just go down to a dealer

[Mashiki]

try reading the story.. youll look like less of a moron that way.

The person you're replying to knows what they're talking about. Toyota keys on top of that are universally designed to be programmable out of the box, the only real problem that the shop locally might have is having the proper signal on file because it's an out-of-country vehicle. Even at that you can have the programmable ID tossed on a flash drive and go on your way or even emailed to you. There's also universal master-key signals, but they're not supposed to program them to customer keys. But nothing stopping the dealership to use it to get them out of the lot for example. There's the possibility that the key is only programmable while near the car, GM cars for example require this. But it's easy enough to trick the computer to broadcast the signal to the key too. All that involves is yanking the computer out and slapping it into diagnostic mode.

It all sounds more like the dealership was trying to fuck them over fully, and they got more fucked in the end. The immobilizer ECU can be picked up for under $700 and comes with two keys, and that's through the most expensive source I could find.

Re:Just go down to a dealer

[93+Escort+Wagon]

Using the VIN number, they can reproduce ANY key for ANY model the manufacturer carries. Sure it may be a bit of a hassle but with proof of ownership, any dealer can reproduce the keys.

AND they'll only charge you a few hundred dollars for the privilege*!

*The privilege of making a new key for a car you own. Something hardware stores used to do for around three or four bucks.

Re:Just go down to a dealer

[guruevi]

Sure, but it's not $3500. And you can still get a copy of your key that will open your car, it just won't start it. And if you really want to, there are third party keys that you can reprogram yourself for ~$50.

Re:Just go down to a dealer

[vtcodger]

"something hardware stores used to do for around three or four bucks."

And something the hardware stores will still do for older models that lack the nifty "features" of modern cars. Things like ... well, I can't think of many. You can add an aftermarket backup camera and a radio that does GPS, will play mp3s and can talk to your smartphone for maybe $150 plus maybe $100 or $150 labor if you don't fancy soldering a few wires. Threading the video feed for the camera can be a drag. But you can pay someone to do that also.

Re: Just go down to a dealer

[Aighearach]

They're both equally bullshit though.

They're claiming that regenerative braking would be active all the time, as if that is the default state. The default state is actually coasting. Obviously. Putting power back into the battery is complicated, and requires that the controller be connected, and have passed its startup self-tests, etc.

It is the same switches that let electricity flow into the motor for the car to move that also let it flow back the other way, and they have to be switched in a special way to boost the voltage because otherwise the motor voltage will be lower than the battery voltage and no charging/braking even happens.

Re:Just go down to a dealer

[91degrees]

I was quoted a similar price from a third party supplier for a 10 year old Ford.

I'm actually okay with this being a more expensive process than simply cutting a key, since the technology means the car is less stealable, although the price they charge does seem a little extortionate.

Re:Just go down to a dealer

[Cramer]

Any dealer in the car's original market, perhaps. NA dealers are unlikely to have the systems to pair a JAPAN market key/car. Sure, the owner could've gone to Japan, but they'd need to bring that car with them.

Meanwhile Im replaying my ECU in my Jeep...

With a megasquirt after the ECU and the keys decided not to like each other. Semi modern cars are wonderful!

batteries could charge until they explode so no sa

[Joe_Dragon]

batteries could charge until they explode so no safety cut off? if the system fails?

also what is next the system fails if any non dealer work is done?

Re:Unconventional.

[mrbester]

They have better eyesight than humans and like shiny things, so yeah, a couple of tame crows that will bring you the shiny things they find is not a bad idea.

I call shenanigans

[Brett+Buck]

Because it was a hybrid and the on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire.

    What!? You have to replace the key, and there is some uncontrollable/unresettable battery charging failure? I find that difficult to believe. It suggests that the on-board estimate of battery capacity (which goes down over time, and has to be considered when recharging) somehow gets reset when you replace the key, and that this is somehow uncorrectable. Or alternately, that it writes the battery capacity to the key somehow, which seems inconceivable.

      Add to that the fact that you can go to any dealer and get a key with the same code (which means the on-board software has no idea that it is different) for something like a few hundred dollars, and there is a bit of a fishy smell about this story.

    I am pretty sure that Toyota did not fail to consider the possibility of a lost key, and if you try to replace it, the car blows up/catches fire.

Re:I call shenanigans

[mhkohne]

Add to that the fact that you can go to any dealer and get a key with the same code (which means the on-board software has no idea that it is different) for something like a few hundred dollars, and there is a bit of a fishy smell about this story.

Are you sure this is true? I was under the impression that this was NOT possible. You CAN got to a dealer and get new keys - they just have to register them with the on-board computer. Which presumably they were unable to do in this case because they had NO valid keys? That seems odd to me too - you'd think a dealer could just reset the computer to zero and enroll some new keys.

Also, the summary text is far more confusing than the actual article text. The fear of recharge related failure came from the mechanic recommending against letting a hacker at the thing due to fear that hacking it would screw up the computer as a side effect, not because the key was somehow vital.

Terrible summary. And probably some stupid going on somewhere in the chain of events - I really don't believe a dealer couldn't have dealt with this somehow.

Re:I call shenanigans

[Brett+Buck]

No, I am not sure, but there is something else to this story. It might be gray-market, which can mean that it's possible but they factory refuses to support it.

Re:I call shenanigans

[toadlife]

and there is some uncontrollable/unresettable battery charging failure?

No. There is no way that is correct. Probably just a misunderstanding. It happens a lot with Hybrids and EVs.

Re:I call shenanigans

[ElizabethGreene]

That's not what they meant. They meant "we could bypass the hybrid immobilizer and run it as an IC only car, but doing so leaves the hybrid system in an unknown state. It's possible, though unlikely, that this could cause a burst-into-flames failure mode."

I feel that Toyota JP will probably pipe up at some point and ask why the family didn't contact them directly. People lose keys, even in Japan. It shouldn't have been thousands of dollars and a hack to fix this.

Re:I call shenanigans

[drinkypoo]

Are you sure this is true? I was under the impression that this was NOT possible. You CAN got to a dealer and get new keys - they just have to register them with the on-board computer. Which presumably they were unable to do in this case because they had NO valid keys?

A dealer who has the right scan tool with the right software can generally program new keys into the system, but they themselves may not actually have the software to do it. That functionality might actually require that someone in the corporate office perform the process, while the scan tool is connected to both the car and a PC with an internet connection, and the service software installed — like a remote cell phone unlocking. And the US dealers might not even have the right software on their scan tools to even talk to the vehicle in the first place. The immo coding can further be in multiple modules, which all have to be re-coded together (by the scan tool) in order to change the key coding.

Ummm, why then did,,,,,, is there even,,, uhhh....

[Slugster]

So then,,,,, if a hacker can make a new key, what was the point of these microchip keys again?

And anyway, why would they not just contact a dealer or the manufacturer in Japan to make some new keys, and overnight-ship them? Seems a lot cheaper than $3500 and faster than two months,,,

I recall reading at one point that such systems were "un-hackable",,,, tho that was a while back now. They don't say that much anymore.

"You keep using that word... I don't think it means what you think it means..."

Re:PWNED: Tor Browser Bundle for Linux! (LOLz!)

[_KiTA_]

This is similar to the bug they used in Operation Pacifier. That one they used a bug in the Adobe Flash plugin (it ignored TOR and went over standard IP).

Re:Ummm, why then did,,,,,, is there even,,, uhhh.

[toonces33]

I won't say they are unhackable, but they are a lot harder to steal than they used to be. In the old days the thief would use a screwdriver and force the lock to start the car. I remember all of the goofy alarm systems and other anti-theft systems that people came up with - they were all a pain, but getting your car stolen was even more of a pain. These days they basically need to use a tow truck.

What?

[wonkey_monkey]

Because it was a hybrid and the on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire.

...what?

Programming new keys..

[toonces33]

The specifics vary from one manufacturer to the next. With VW, there was a 4-digit PIN number in the ECU that you needed to adapt keys, and generally VW wouldn't give you that number. The people that can chip your engine generally have the know-how to retrieve that number - whether they will or not is another matter, but I had the PINs for both of our cars at one point. At one point, my wife had lost one of her keys. We had another made and paid thee dealer $$ to adapt it. Then we found the missing key. By then I had the PIN number, so I re-adapt the keys myself with a laptop and special software that I already had on-hand. I suspect a lot of the pain here is that since the vehicle was out of market that the local dealers couldn't help.

Re:Programming new keys..

[Art+Challenor]

Too late once you've locked the key in the car, but I've seen this (or something very similar) work for a minivan and a prius. You do look stupid while programming, but it's saves you $100 or so. http://www.programyourkeys.com...

TOYOTA 1. The vehicle should be in the following condition- A. The key is NOT in- serted in the ignition, B. The driver's door IS open, C. The driverâ(TM)s door is UNLOCKED. 2. Insert the Key into the ignition switch and then pull it out. 3. Press the Master Door Lock Switch 5 times from Lock to Unlock. 4. Close the Driver's door then open it. 5. Repeat step #3. 6. Now select the mode by inserting the key into the Ignition Switch and turning it to the "Run" or "On" position. The programming mode is determined by the amount of times you go from âoekey offâ to the "key on" position and back before pulling the key out. A. 1 time is the "Add" mode. This is used only on some models and it allows you to add a remote to the already existing remotes. The ECU confirms this by locking and unlocking the door locks automatically after you remove the key. B. 2 times is the second mode which will erase all previously programmed remotes and allow you to program new ones. The ECU confirms this mode by locking and unlocking the door locks twice after you remove the key C. 3 times is the third mode which tells you how many remotes are already programmed to the ECU. It confirms this locking and unlocking the door locks the amount of times applicable to the remotes coded. If no remotes are programmed then the ECU locks and unlocks the door locks 5 times. The ECU will hold up to 4 remotes at any one time. 7. Press the Lock and Unlock buttons on the remote simultaneously for 1.5 sec and then press either button by itself for 1 sec. 8. The ECU will perform the Lock/Unlock automatically to confirm that the 1st remote is stored by the ECU. Repeat step 7 immediately with another remote and continue until all remotes are registered. 9. Shut the driverâ(TM)s door and try all remotes.

Re:Programming new keys..

[toonces33]

There are usually 2 adaptations. One is to the ECU so you can start the car. The other is to the door locking mechanism, and that adaptation is a separate step. The sequence of steps described above sound like adapting the door locks, not the ECU.

Re:Programming new keys..

[Art+Challenor]

There are slightly different procedures for different Toyotas and for the key to start the car vs the fob to open the car. But, from personal experience, you can buy a (chipped) starter key and fob online. Get the key cut at the local hardware store and program both to work. You have to program all the keys/fobs not just the new one. Even opens the power sliders and hatch. The Prius was an expensive "smart" key (keep it in your pocket) and also programmed with a similar (but not identical) procedure to the above. I'm told that USED Prius keys can NOT be programmed with this approach - I don't know if this is true or if it is true for other cars.

It is possible that the *SOFTWARE* refuses to.

[aussersterne]

I posted upthread but modern cars often have fairly involved networks onboard with multiple systems where serialized modules are "known" to the network as secure. Tamper with the module, and dealer software can refuse to work. There is a cottage industry of people disassembling electronic modules and doing "brain transplants" by transplanting an EPROM or affixing a kludged daughterboard to new ones so that dealer computers are willing to talk to the car. Yes, the dealers can do something, but they often quote entire subsystem replacements, multiple units and 5-6 figures so that all the components are "new" and "match" (i.e. come from the factory already talking), so customers end up buying a grey-market ECU or whatever unit, then shipping their old one and the new one to transplanters to do the switch.

The article was nonspecific, but I imagine it was more like for the dealer to do it the "right way per the dealer" they'd have had to ship the car back to its original market, then shell out half its value to have a bunch of stuff replaced/reprogrammed.

If you can only get a dealer quote from overseas, and the dealer quote is like $10k on top of that, then "impossible" is an apropos word.

Just New keys?

[John.Banister]

If I had to spend $3500 and hire a hacker, I'd want that custom immobilizer never to immobilize again. A purely mechanical key would be fine.

Re:Unconventional.

[cstacy]

They have better eyesight than humans and like shiny things, so yeah, a couple of tame crows that will bring you the shiny things they find is not a bad idea.

Not parsing: if the hackers can see the shiny things, what are the crows for?

Re:While we're on the subject....

[guruevi]

It's a BS FaceBook Please-Fund-Me story. Any mechanic could've taken out the car computer and purchased a new one and installed it for less than $1500. Even if the car was out-of-country, it's a risk you take that when you buy exotic cars you may have to pay extra for repairs.

I had an older Buick that had gone on the fritz where basically the keys would start the car but not unlock the gearbox or any other theft prevention (the radio would refuse to work, the car could not be remotely unlocked).
My garage charged $500 to the warranty provider for a brand new "computer" and swapped out the keylock mechanism, and they simply reprogrammed my key (and then I had to go back with my other key to get it reprogrammed as well).

And if I didn't want to pay the dealership an exorbitant amount, there are numerous websites that offer OEM-compatible key replacement and ECU reprogramming services including the Toyota Estima in the story.

Moral of the story

[dentar]

If you buy a newer used car that has an electronic key, and you only get one key, it's ALWAYS worth the $200 something to go to the dealer and get an extra before this happens.

Re:Unconventional.

[nnet]

Dinner.

Or call Toyota?

[viperidaenz]

I doubt a new key would be $3,500
Maybe $1,000 at the most.

BS Story

[stooo]

Yes. The whole story is more or less BS.
1) who buys a RHD car as an import from JP for use in Canada ?
2) Battery exploding after losing track of charge cycles. Complete and utter bullshit.
3) Dealer cannot reprogram the Immo. could be.
4) Manufacturer cannot reprogram the Immo. Bullshit.
5) key image is photoshopped

Re:BS Story

[dryeo]

All I know about is number one. There are tons of right hand drive, former Japanese vehicles here in BC. The Japanese have insane vehicle inspections resulting in vehicles being condemned at like 30,000 miles (kms?) and they have some neat vehicles. I see enough on the roads around here that I know they're common.
The rest of your points, you're probably right except maybe #4. Quite possible that Toyota Canada is quite different from Toyota Japan but who knows.

Re:BS Story

[green1]

1) Lots of people, the Japanese have great vehicles that were never made available here any other way, they're low mileage, and relatively cheap to import. They also have the benefit of being right hand drive which is a far better driving position for places where you drive on the right side of the road than the conventional left hand drive.
2) you're 100% right. that's absolute BS
3) Most dealers in Canada outright refuse to work on vehicles imported from Japan, even if the identical model was sold domestically, it's part of the auto industry's attempt to make you pay outrageous prices for Canadian market cars. I used to have a Mitsubishi that was imported from Japan, if I walked up to the Mitsubishi parts counter at one of the local dealers and asked for any part for the vehicle they would flat out refuse. But if they didn't watch me drive up, and I didn't tell them what vehicle it was for, and just gave them a part number, there'd be no problem at all.
4) see #3 (good luck dealing with a manufacturer without going through the dealer)
5) *shrug* whatever the key image looks like is irrelevant to the story.

Re:BS Story

[Askmum]

5) *shrug* whatever the key image looks like is irrelevant to the story.

No it's not. In the facebook page they specifically ask "have you seen these keys". And then photoshopped in the image is a very old fashioned key that really has no place in a modern Toyota. Certainly if it is a hybrid it will only have a keyfob and will not need a physical key to put in a hole to start.

The whole story is BS from the beginning to the end.

Re:BS Story

[green1]

Keep in mind this is NOT a modern Toyota, to be imported to Canada it must be (by law) over 15 years old. And many hybrids, especially of that generation, still had physical keys.

I agree there's a major component to BS here, but I don't think that particular element proves anything at all. I think the only BS part is that the manufacturer/dealer refused to help them (likely because they imported instead of buying domestically) and the whole line about destroying the battery if they did so.
The rest, the bit about them losing the key, believing the dealer lies about making the battery explode, and paying someone to hack the car? I do believe all of that part.

Auto dealers and manufacturers are scum. They will do anything to punish people who did not buy their vehicles in the way that they envisioned. They will tell any lie, and do anything they can to block imported vehicles, and when that fails, to punish those people who import them.

Re:BS Story

[stooo]

>> Keep in mind this is NOT a modern Toyota, to be imported to Canada it must be (by law) over 15 years old.

What?
You cannot import new items in your country ?

Re:BS Story

[green1]

It is illegal to import a vehicle newer than 15 years old in to Canada unless you are the manufacturer of said vehicle, AND are on a specific list of manufacturers allowed to import, AND the vehicle has never been sold to someone else fist. AND the vehicle is certified to meet all Canadian standards.
The only exception is certain vehicles from the USA, but only if the manufacturer has specifically authorized that exact model to be imported, AND has provided a letter stating that that specific vehicle (by VIN) has no outstanding recalls, AND the vehicle must be modified to meet all Canadian regulations before being registered, AND must pass an out of province safety inspection before being registered.

The auto industry has lobbied hard to make sure you MUST buy through them.

Re:Yea isn't technology wonderful?

[ledow]

I'd be very suspicious, to be honest.

A programmed key, with a guy who knows what key it fits, where he lives, how much money he's got, etc. is running around in some employee's pocket "by accident".

No. You just keep the keys in a cabinet in the dealership, press the buttons on the keys you have until the care you want unlocks.

What a bunch of idiots to lose those keys? Absolutely. Including that one rogue guy who has a nice sideline in cars stolen-to-order and the paperwork behind them.

Re:They gor ripped off

[vtcodger]

It's conceivable that the electronics for the Japanese version of the vehicle called a Previa in North America are not fully compatible with the tools an American dealer would use. I'd assume that the Japanese home island diagnostic tools have a Japanese language UI and that maybe some minor differences exist in the support programs and maybe even the ROMs as well. Doesn't matter if the differences are minor. They likely can effectively prevent a North American dealer from working on the some features of the electronics of a Japan configured vehicle.

Note that there can be differences (other than the Left hand steering) between a vehicle built in Japan for the Japanese market and a vehicle built in Japan for the North American market.

Re:Yea isn't technology wonderful?

[vtcodger]

OK then. Just epoxy your "smart key" someplace under the dash. But keep in mind that you'll need to replace the key battery every few years. Put the key someplace accessible. Then buy a mechanical ignition switch and cylinder for any older car, mount it on the dash, and graft in a bit of wiring to make it operate rationally.

Oh yeah, and one more "feature" of these moronic smart keys is that if the key's battery is tired and the key is left in the car in cold weather, you may have to somehow warm the key up before the vehicle will start. Yes, I've had that happen.

Re:Hollywood

[PPH]

the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire

Lennart Poettering builds a car.

LOL

[p51d007]

Just so they can act all smug that they have a "hybrid" Those silly vehicle cost more to produce, and have more of a carbon footprint than a traditional vehicle, have more toxic materials...but, because they are "green" everyone overlooks that!

Many Japanese companies handle this

[mattr]

Google this: Toyota Estima
(the Japanese means "lost the key").
I found 3 sites immediately that discuss Toyota Estima. A couple mentioned charges of about 80 USD while another seemed more detailed. It seems that it is a difficult job that requires rewriting the car's computer, but that it can be done in 60 minutes. They quote a cost of about $165 for Osaka area.
TFA says the Japanese partner (should be Toyota) could not do it and that the importer split the cost so they paid around $2000. It sounds expensive but conceivably there was no cheaper alternative in their location, and since they got the importer to pay half it sounds like the importer also could have already tried to help.
https://translate.google.com/t...
https://translate.google.com/t...

Re:Many Japanese companies handle this

[mattr]

The Japanese got stripped out by slashdot. Try this to see the search results maybe
https://www.google.co.jp/searc...

The car owner clearly misunderstood how his car wo

Because it was a hybrid and the on-board computer was synced to the battery recharge cycles, the car owner couldn't simply replace the car key without risking the car battery to overcharge and catch fire.

This is absolute bullshit. That's not how battery chargers work.

How it ACTUALLY works

[Kagetsuki]

I live in Japan and am super into cars.

You usually get 2 to 4 keys with a new car, always 2 standard with fob/chip, often 1 backup key without fob/chip, and sometimes 1 "valet" key. When you get the keys you get a code tag that you use to order additional keys at any time - loose the tag and you can still order as long as you have an existing key, but you need to send the key in to have the tag info cross referenced. So basically as long as you don't loose the tag and *all* of the fob/chip keys you're totally fine.

And the whole issue was due to the immobilizer, which was DOING EXACTLY WHAT IT WAS SUPPOSED TO BE DOING. The idea is it makes it very difficult to hot-wire a car, and even if someone does somehow (with a trailer?) steal your car they won't be able to actually use it or sell it without putting in a huge amount of effort.

So what do you do if you loose all your keys and tag? You bring it to the dealer or an authorized/licensed mechanic who deals with that brand and have the immobilizer unit replaced. I just looked it up, and the cost for that on a newer Estima looks to be about $900USD.

The dealer/importer should have been able to figure this out much easier but I'm guessing they're just one of those places that grabs cache stock from auto auctions and kludges the paperwork.

Re:Unconventional.

[Dog-Cow]

It parses fine. You're just drunk. Or illiterate.

Even electronic key not strictly needed

[cellocgw]

If you happen to have an upper-level car (in my case Model S), you can run an app on your tablet or smartphone that links to your car and can be used in place of your car's key to open the doors, start the engine, and drive off. There is the downside that this fails if either your phone or the car cant make a cellular connection (or, usually, local WiFi).

But no key required here.

Re:Unconventional.

[K10W]

Crows? Seriously?

corvids are incredibly intelligent and have unbelievable eyesight. They have such high visual accuity they recognise where humans eyes (not face direction but the actual eyeball direction!) are looking from a fair distance away, much further than humans I recommend looking up the studies on this they show how little we think we know of the crow family. They have uncanny recognition ability and can accurately spot and track human faces in a crowd MUCH better than humans thus one consideraton is training them for security and profiling reasons. There is a LOT of research on several of the family, plus they're one of the only families with several species that are complex tool users. Some of the species have tool use similar to human level and higher primates. Look up some of the studies done in the past 20 years so yeah "Crows, seriously!"