|
TallbutBuxomly
12,140 posts
86 months
|
Garvin said: I can call BMW, answer a couple of security questions and they will remotely open my vehicle - they can also lock it remotely. The software fix would be for the in-car software - surely the dealers have other methods, external to the vehicle, of coding keys using BMW records. I had an email from BMW in response to my last where they said they were aware of the "rumours"
|
|
|
CoolHands
1,899 posts
65 months
|
to me the thing to worry about before coding keys etc,is how are they getting into the vehicle? No-ones answered that yet. The 'jamming' thing is totally implausible imo.
|
|
|
BE57 TOY
913 posts
17 months
|
CoolHands said: to me the thing to worry about before coding keys etc,is how are they getting into the vehicle? No-ones answered that yet. The 'jamming' thing is totally implausible imo. It's been answered several times (lock drilling) with CCTV footage and pictures to back it up.
|
|
|
Dave Hedgehog
5,321 posts
74 months
|
Garvin said: I can call BMW, answer a couple of security questions and they will remotely open my vehicle - they can also lock it remotely. The software fix would be for the in-car software - surely the dealers have other methods, external to the vehicle, of coding keys using BMW records. you could use a duel key type system, where you need to send a key code to the car which would have its own unique key code before it will respond, rather than just having it open to to any device sending a reprogram key request
|
|
|
joe oliver
15 posts
27 months
|
The argument about needing a system whereby you can code a key in the car whilst it's still immobilised incase the owner loses the keys is rubbish. How on earth did everyone manage back in the days with bladed keys? Could you imagine the uproar if 10 years ago BMW cars had a box in the passenger footwell with a slot in it where if you inserted a blank key blade it'd cut you a key to the ignition barrel?
Same situation we have now...
|
Advertisement
|
|
|
Garvin
553 posts
47 months
|
Dave Hedgehog said: Garvin said: I can call BMW, answer a couple of security questions and they will remotely open my vehicle - they can also lock it remotely. The software fix would be for the in-car software - surely the dealers have other methods, external to the vehicle, of coding keys using BMW records. you could use a duel key type system, where you need to send a key code to the car which would have its own unique key code before it will respond, rather than just having it open to to any device sending a reprogram key request There are many ways to increase the security by simple fix of the in-car software - the simplest to me is to disable any of this key cloning nonsense if the alarm/immobiliser is still set (and to prevent the alarm/immobiliser being disabled by drilling of locks etc). This would put the onus on the owner/driver to make sure the vehicle is locked which doesn't seem unreasonable. However, nearly every other manufacturer seem to have a much more secure system. Recoding/resyncing the keys to my previous TTs required the dealer to contact Audi in Germany to obtain the codes necessary to do the job (or so they told me).
|
|
|
va1o
11,766 posts
77 months
|
Could they not resolve this by way of a recall and software update to remove the security flaw? It will cost them a lot, but so will this story making it onto the national press and Watchdog. As said on the other thread, it has the potential to affect the majority of BMWs on the road in this country today.
|
|
|
DivideBYZero
58 posts
34 months
|
Apparently one way to defeat this is to have the two free key slots in the CAS unit disabled, therefore preventing another key being added to the car by the OBDII method.
|
|
|
toxicnerve
5,442 posts
47 months
|
DivideBYZero said: Apparently one way to defeat this is to have the two free key slots in the CAS unit disabled, therefore preventing another key being added to the car by the OBDII method. And how does one disable the aforementioned key slots in the CAS?
|
|
|
DivideBYZero
58 posts
34 months
|
toxicnerve said: And how does one disable the aforementioned key slots in the CAS? It's a dealer jobbie, AFAIK. Not done it yet, I'm calling them tomorrow to enquire.
|
|
|
camel_landy
1,549 posts
53 months
|
Interesting thread...
Here's a few observations from an IT security bod who also has one or two links to the automotive industry!
1 - BMW don't have a technical problem that requires a recall... If you put it into IT security speak, what has happened is that someone has discovered a venerability which needs a fix. Sure, it is in BMW's best interest to find a fix but like others have said, cars have been broken into & nicked for years.
2 - I can't help thinking that part of the problem is down to the motor manufacturers being forced to open up the ECU specs for independents, etc... At a very simple level, if they were allowed to keep things closed, all they would have needed to do was secure the OBD communications (e.g. through a shared secret / SSL).
3 - Frankly, the nobbling of the OBD port looks like the most sensible solution. You could even fit a false one & tuck the real one back out of sight.
My 2p.
M
|
|
|
camel_landy
1,549 posts
53 months
|
Actually... Sod Watchdog, why not get PH to run a story on it???
M
|
|
|
tonker
44,043 posts
118 months
|
camel_landy said: Actually... Sod Watchdog, why not get PH to run a story on it???
M Imagine how much BMW spend advertising with Haymarket. Unless Autocar's long term 1M gets nicked, then there's very little chance of Haymarket breaking this.... and it's still not 'mass-market'....
|
|
|
camel_landy
1,549 posts
53 months
|
tonker said: camel_landy said: Actually... Sod Watchdog, why not get PH to run a story on it???
M Imagine how much BMW spend advertising with Haymarket. Unless Autocar's long term 1M gets nicked, then there's very little chance of Haymarket breaking this.... and it's still not 'mass-market'.... Depends on who needs who more & how independent the editorial staff are. Do the Haymarket editorial staff want the cudos of leading the way in breaking a story or do they want to play catchup when one of the other players leads with it??? Do Haymarket need the BMW ££££ more than BMW want Haymarket's circulation?? We may never know...  M
|
|
|
TallbutBuxomly
12,140 posts
86 months
|
camel_landy said: Interesting thread...
Here's a few observations from an IT security bod who also has one or two links to the automotive industry!
1 - BMW don't have a technical problem that requires a recall... If you put it into IT security speak, what has happened is that someone has discovered a venerability which needs a fix. Sure, it is in BMW's best interest to find a fix but like others have said, cars have been broken into & nicked for years.
2 - I can't help thinking that part of the problem is down to the motor manufacturers being forced to open up the ECU specs for independents, etc... At a very simple level, if they were allowed to keep things closed, all they would have needed to do was secure the OBD communications (e.g. through a shared secret / SSL).
3 - Frankly, the nobbling of the OBD port looks like the most sensible solution. You could even fit a false one & tuck the real one back out of sight.
My 2p.
M camel Andy my Audi came with a tag with my vin number on it. I see no reason why BMW cannot apply an SSL system and give the obd SSL password to the owner in the same form. Vin one side obd password the other. The system would then comply with eu regs as it would be open as owner could give the obd password to whichever garage they take the car to.
|
|
|
camel_landy
1,549 posts
53 months
|
TallbutBuxomly said: camel_landy said: Interesting thread...
Here's a few observations from an IT security bod who also has one or two links to the automotive industry!
1 - BMW don't have a technical problem that requires a recall... If you put it into IT security speak, what has happened is that someone has discovered a venerability which needs a fix. Sure, it is in BMW's best interest to find a fix but like others have said, cars have been broken into & nicked for years.
2 - I can't help thinking that part of the problem is down to the motor manufacturers being forced to open up the ECU specs for independents, etc... At a very simple level, if they were allowed to keep things closed, all they would have needed to do was secure the OBD communications (e.g. through a shared secret / SSL).
3 - Frankly, the nobbling of the OBD port looks like the most sensible solution. You could even fit a false one & tuck the real one back out of sight.
My 2p.
M camel Andy my Audi came with a tag with my vin number on it. I see no reason why BMW cannot apply an SSL system and give the obd SSL password to the owner in the same form. Vin one side obd password the other. The system would then comply with eu regs as it would be open as owner could give the obd password to whichever garage they take the car to. Neat idea... Would need some thought put into the areas of: - What if you have a replacement ECU?
- Lost codes!
- If you put a wrong password in, do you get locked out? If not, it just leaves it open for a 'brute force' attack... Which potentially wouldn't slow the thieves down much (if at all!!).
Building on this idea, maybe a system where the code/cert is kept in the key and the OBD port isn't unlocked until the car/key are together... With maybe a manual override using the built in emergency key?? M
|
|
|
DivideBYZero
58 posts
34 months
|
Removed my OBD port on my e92 M3 today. It's only held on by two philips head screws. If it's needed it can be returned fairly quickly. This will do until there is a software fix.
|
|
|
mrmr96
12,044 posts
74 months
|
Could someone please tell me which types of key which are vulnerable to this. Thanks. Type 1  Type 2   Type 3 (two holes at the top, rectangular in shape)   Type 4 (different from type 3, as type 4 has one hole at the top and is trapezoidal in shape) 
|
|
|
The Crack Fox
8,169 posts
62 months
|
andy_shaf said: Do you think this can turn into one of those threads that can actually make a company look at and take action...
Anyway here are the email addresses for BMW for people who want to complain. I would suggest as many people as possible send their PR office an email.
graham.biggs@bmw.co.uk - Corp Communication Director
wieland.bruch@bmw.co.uk - Corp Coommunication Manager I've heard they've seen this. 
|
|
|
TallbutBuxomly
12,140 posts
86 months
|
mrmr96 said: Could someone please tell me which types of key which are vulnerable to this. Thanks. I believe these two from what i have seen online.Type 3 (two holes at the top, rectangular in shape) Type 4 (different from type 3, as type 4 has one hole at the top and is trapezoidal in shape)
|
|
