A long-awaited software update aims to stop the On-Board Diagnostics thieves - but at what cost?
The OBD-accessed thievery of BMWs that's been going on this year has been a serious problem for BMW, not just because it's been in the public domain, but also because there's been no solution offered.
It's a tricky one for BMW. On the one hand, nobody at BMW can have wanted the situation to have developed this far, or for so many people to have been robbed of their pride and joy. On the other, BMW couldn't publish details of any quick DIY fix to its cars’ electrical systems, because that would have contravened certain EU laws.
Now there is an official fix. It's already being rolled-out for the X5 and X6: for other models, the re-flash will be available in around eight weeks time. For many people, that’s too long a wait, but that’s what BMW is offering.
Obviously, BMW is highly defensive of its security credentials. Some of that is bluster, because robbers aren't pinching AMGs and Audi RS models in anything like the same numbers. But one aspect of BMW's defence is actually very interesting. Block exemption laws governing the ability of non-OEM service outlets to service all new cars means that it is now possible for J Bloggs Esq to buy diagnostic software which effectively grants access to a car’s starter motor. There's a good chance that this episode will have all car manufacturers beating a path to Brussels to stop this practice.
Another area of interest is car finance. With the majority of new car purchases being on the dreaded 'drip', those few post-Lehman bankers still willing to lend on cars want better tools for recovering defaulted assets. This OBD trick is perfect for them. If it was a condition for the initial loan, its potential removal through legislation (should the manufacturers persuade the Eurocrats to take action) may well persuade more banks to reconsider the car loan business. Of course, many brands underwrite their own finance and simply keep a spare key.
BMW is not actively contacting owners, because it doesn’t see this as a recall situation, so it's up to all of us to spread the word: any BMW built before September 2011 and using the new electronic key system ('06 on) is eligible for the software update.
Can see there point but I don't see why the port can't be encrypted.
Pug car in to diag kit, tap in an 8 digit code, get access to car. Obviously the passcode would be given only to the owner...
Idiotic idea - most people can barely remember their house number and postcode and you expect an ID code for a car to be something they'd remember AND supply to the garage when required (see locking wheel nuts for an example of how useless people can be).
Also totally unnecessary in this case - all they needed to do was have any OBD access when the car is 'armed' trigger the alarm - the way it SHOULD have been designed in the first place.
p.s. OBD access is something the EU fought to make available despite manufacturers wanting to keep their systems closed - without that, you'd need to pay the official dealer a fortune for the life of your car!!
So why is it BMWs are easier to steal? Just silly placement of the OBD port?
1. OBD port is live 2. Alarm has a blackspot that means it won't trigger if the window is smashed ins a certain place and area (where the OBD port is!).
1+2 = 3. Thief with these...
... breaks in and drives car away within minutes.
So, given that part of the problem is the shoddy alarm, I am curious to know how this so called 'update' cures the sensor problem, not just the live OBD port?!?
Edited by kmpowell on Thursday 13th September 15:04
Found this in that thread linked and me laugh loads!
hora 15,513 posts 72 months [report] [news] Tuesday 17th April
In a few months the woeful/pisspoor BBC Watchdog programme will catch onto this and run a piece. That piece will last for 5mins then they'll run 15mins+ 'rogue traders' where they'll chase a mingy one-man band Gas engineer as though its worthy/national interest tv..
I would just like to add that after speaking to BMW they will not be updating any BMW’s built before March 2007. This seems strange to me and BMW would not explain why they are using this as the cut of date.
Pathetic response. A child could do better in a tenth of the time. If I was cynical I would consider BMW to be less than delighted at being forced into offering a solution. They will now lose a number of sales for replacement shiiite-boxes.
Pathetic response. A child could do better in a tenth of the time. If I was cynical I would consider BMW to be less than delighted at being forced into offering a solution. They will now lose a number of sales for replacement shiiite-boxes.
Quite. The timing of the announcement (post-Watchdog) and some of the grammar:
BMW UK said:
Be careful with your keys and who you give them too keys (e.g. valet parking).
Makes me wonder if this was rushed out, even though they must have known they were going to be covered.
1. OBD port is live 2. Alarm has a blackspot that means it won't trigger if the window is smashed ins a certain place and area (where the OBD port is!).
1+2 = 3. Thief with these...
... breaks in and drives car away within minutes.
So, given that part of the problem is the shoddy alarm, I am curious to know how this so called 'update' cures the sensor problem, not just the live OBD port?!?
Edited by kmpowell on Thursday 13th September 15:04
Isn't the simple answer to relocate the obd to well within the alarm range? Ie near the centre of the car? Won't help the thousands on The road now but something for new models.
Great is you have an X5 or X6 but according to my dealer this morning they've heard nothing about "a fix" from BMW UK for any other model including my M3.
So, given that part of the problem is the shoddy alarm, I am curious to know how this so called 'update' cures the sensor problem, not just the live OBD port?!?
Edited by kmpowell on Thursday 13th September 15:04
It makes sense now actually, the EWS module (or whatever they call it these days) will always be on, and the blind spot I'd guess is a hardware limitation. Presumably this update will set the alarm off for so long if the OBD port is tampered with and the alarm is active, which would explain why it's only compatible back to 07.
Either way it was very short sighted of BMW, and it should be a recall.
and the blind spot I'd guess is a hardware limitation.
Yup, no amount of software updates can alter the mechanical trajectory of the ultrasonics which have the black spot. All the affected 1/3/5 etc series use these ultrasonics:
