RE: BMW puts the OBD fix in

No-one cracked the code, they are just using dealer spec diagnostics equipment to do this. BMW (along with all manufacturers) is forced by European law to release for general sale all dealer tools including diagnostic equipment. The thieves are just using dealer equipment or a Chinese copy of the dealer equipment to do this. For the people stealing the cars it's not a complex thing to do, they are car thieves after all and therefore not the sharpest. They are just plugging in and pressing buttons.

It is perfectly feasible to copy a tool or routine without 'cracking' the encryption on it in the same way you can copy someone's credit card onto a new card and use it without breaking the 128bit encryption. Whatever BMW engineer has to be released to the general public by law and therefore it can be copied or reverse engineered by Chinese diagnostic equipment suppliers.

This vulnerability has always been there just never exploited because until recently you needed a physical key to turn the ignition barrel. Almost every vehicle will be vulnerable to this, anyone could go to Ferrari and buy their dealer diagnostic kit and go and do this. They just might set the alarm off in the vehicle. Also they may have the usual safeguard which is to require a second authentication factor e.g. submit the VIN to the manufacturer electronically to get a one time code to enable the key learn to occur.

Don't go thinking car criminals are some kind of sophisticated cyber criminals these days, 'Gone in 60 seconds' was a film not a documentary on car theft professionals!

He does have a point though, both times the issue has been on the front page the blame has been put on the OBD rather than the alarm. They also made the point that most manufacturers are just as susceptible when the current trend would suggest not.

From what I have seen the issue is actually an Alarm "BLACK SPOT" that can be utilised by "crooks" to get access to the panel, not the fact that power is to it when the car is inactive. The Deficiency is with the placement by BMW of said OOBD port, not the actual proposal of having to cater it. The Alarm issue is something imho that should never of got past Thatcham to warrant the device "Cat1" approval.

Having said that, I am no car mechanic or Quality assesor of any manufacturer,

Put this another way. If somebody put the alarm panel to my house within arms reach of breaking a window near it that had a 5 inch squard alarm dead spot. I would be livid and I presume the said installer and maufacturer of the product would more than likely have the book thrown at them.

Why so long to acknowledge the fault? It isn't rocket science. Move the port, simples.

edit: Just saw Ed's Post, yes, it occured to me after writing my part that there was no mention of the alarm being at fault. I was short, sorry

Can we please get one thing straight:
The alarm black spot is NOT the primary problem.
The OBD port being "live" is NOT the primary problem.

The problem is that the security system in affected BMW's lets you "inject" an unknown key into them to become an "accepted" key with NO authentication and NO verification. Whether this is clever hacking by the crooks or a simple but serious failure by BMW is a moot point - it can be done.

This should not be possible, and is indeed impossible with other manufacturers. We do NOT see keyless thefts of this kind with any other manufacturer at present.

The alarm blackspot helps the thieves complete the process undetected, but the key coding is so fast (10 seconds with some devices) that even by the time you've got to your window to look, the thief can deactivate it by pressing the unlock button their newly coded key even if they HAVE set the alarm off.
If the OBD port wasn't "live" then they would simply use auxiliary power. I suspect that the "2 minutes" that BBC watchdog got was with a menu driven Key coder, more like a diagnostics computer. There are devices which are fully automated. You plug them into the OBD with a key in the induction reader, a light lights up, the key is good to go.

I've been aware of these thefts since the start of the year, I've got first hand experience of the methods used.

The Site says it, we (the police) haven't seen it in the wild at all. BMW's have been and still are the only cars being stolen in this manner.

The OBD port must be located within 30" or so of the steering column. So there are many locations within almost 3 feet of the steering coulmn. This sounds like poor design.

Calm down dear, caps lock and bigger fonts don't make your point any more valid.

I don't even agree with the point. I think the primary problem is the alarm system.

Are significant numbers of LHD cars being stolen in this way? I believe the alarm works properly on that side.

Agreed, but if it isn't happening it doesn't matter that it could as long as that continues to be the case.

All the thefts I've heard of have been when the car was parked on people's drives by an occupied house and have only been successful because it's completely silent.

As plenty of people have pointed out, lots of cars can program new keys from their OBD port, but the theft problem seems to be heavily skewed towards BMWs. I would assume this is because it's the only manufacturer who fits an alarm rubbish enough that you can get to the OBD port without triggering it.

Of course changing any part of the system wculd solve the problem, but the only part of the system which is clearly broken, to my mind, is an alarm which lets someone get to major internal components of the car without triggering. If the alarm did its job, we would not behaving this discussion.

ETA: Although to be fair, we probably also wouldn't if you couldn't program keys in ten minutes from the OBD port.

To be honest, the whole security issue seems a bit of a non-event to me anyway - the number of cars being stolen is pretty small and anyway, that's what insurance is for. What would worry me far more, is how slow BMW were to do anything about it.

I'd happy buy a car that's relatively easy to steal. I would not buy a car from a company that doesn't seem to care that its cars are easy to steal when many of its customers do care, because it doesn't bode well for the rest of their customer service.