Login | Register
SearchMy Stuff
My ProfileMy PreferencesMy Mates RSS Feed
1 2 ... 118 119
121 122 ... 190 191
Reply to Topic
Author Discussion

WeirdNeville

5,892 posts

103 months

[news] 
Friday 5th October 2012 quote quote all
For the umpteenth time....
sinizter said:
A large part of the problem (or pretty much all of it) was that the alarm wasn't sensitive enough, allowing practically unlimited access to the OBD port, once the window was dealt with.

If the alarm has been made sensitive enough, that problem has been solved.
No, it really isn't.

sinizter said:
As for cloning keys once you have access to the OBD port, the same thing can be done for pretty much every other car out there.
No, it really can't.

sinizter

3,348 posts

74 months

[news] 
Friday 5th October 2012 quote quote all
WeirdNeville said:
o, it really can't.
Very enlightening.

WeirdNeville

5,892 posts

103 months

[news] 
Friday 5th October 2012 quote quote all
People seem to belive this is a problem with the alarm system.
The actual problem is that you can walk up to a BMW with any old key from another BMW, and code the car to it with a hand held device in under a minute.

An alarm fix is a sticking plaster.

There is good evidence to suggest that thieves are able to prevent the car from locking OR make it unlock, meaning that the alarm will not activate in any case.

So we're back to square one: It should not be possible to code a car to a key without verification. But it is.

I'd hoped the software fix would be somewhat more involved than cranking the alarm sensitivity up to 11.

youngsyr

8,100 posts

80 months

[news] 
Friday 5th October 2012 quote quote all
WeirdNeville said:
People seem to belive this is a problem with the alarm system.
The actual problem is that you can walk up to a BMW with any old key from another BMW, and code the car to it with a hand held device in under a minute.

An alarm fix is a sticking plaster.

There is good evidence to suggest that thieves are able to prevent the car from locking OR make it unlock, meaning that the alarm will not activate in any case.

So we're back to square one: It should not be possible to code a car to a key without verification. But it is.

I'd hoped the software fix would be somewhat more involved than cranking the alarm sensitivity up to 11.
It is an alarm issue. No one should be able to forcefully enter a modern car without the alarm activating. The fact that you can drill the lock or smash the window with impunity is a massive issue.

Once a thief can enter a car without the alarm sounding, all bets are off as it opens up a myriad of ways for them to attempt to steal the car.

In this case, having a working alarm will stop the issue dead in its tracks.

WeirdNeville

5,892 posts

103 months

[news] 
Friday 5th October 2012 quote quote all
But it won't, because in about half of cases they don't do anything that would cause the alarm to sound anyway.

The walk up to what is in effect an unlocked car, programme a key into it, and drive it away.

And anway, when was the last time you bothered to look at a car when an alarm was audible? To see an owner wave in a friendly fashion, present a key, blip it, the alarm to silence and the person to get in the car to drive off? Because that's exactly what you'll see in this circumstance.
Advertisement

youngsyr

8,100 posts

80 months

[news] 
Friday 5th October 2012 quote quote all
WeirdNeville said:
But it won't, because in about half of cases they don't do anything that would cause the alarm to sound anyway.

The walk up to what is in effect an unlocked car, programme a key into it, and drive it away.

And anway, when was the last time you bothered to look at a car when an alarm was audible? To see an owner wave in a friendly fashion, present a key, blip it, the alarm to silence and the person to get in the car to drive off? Because that's exactly what you'll see in this circumstance.
If the owner can't lock the car properly, then that's not BMWs fault. I also haven't read of one case on here where a jammer was used. They've all either had their locks drilled or the window smashed.

If the alarm worked it would not be just a case of the thief waving a key around and turning off the alarm within seconds - it takes over 2 minutes to reprogramme the key once they've got access to the OBD port. This is likely to attract some attention in most cases.

Many of these cars are taken from people's drives in the middle of the night - given two minutes warning of their car being interfered with just metres away from them, most people would take some action and it would take a very brazen thief to contemplate a theft under such circumstances.

smashy

703 posts

46 months

[news] 
Friday 5th October 2012 quote quote all
Alarms mmmmmm who is going to care less that an alarm is going off.

Disklock is the only way Backwards.


youngsyr

8,100 posts

80 months

[news] 
Friday 5th October 2012 quote quote all
smashy said:
Alarms mmmmmm who is going to care less that an alarm is going off.

Disklock is the only way Backwards.
I would if it were my car on my drive.

WeirdNeville

5,892 posts

103 months

[news] 
Friday 5th October 2012 quote quote all
Youngysr> No, the thief is able to either PREVENT the car from locking, or else force it to unlock. The owner has nothign to do wit hit.

And it's not 2 minutes. It can be done far faster, it's just the device BBC Watchdog had took 2 minutes. 10-20 seconds is more like the actual time from plugging some devices in to working key, fully automated.

youngsyr

8,100 posts

80 months

[news] 
Friday 5th October 2012 quote quote all
WeirdNeville said:
Youngysr> No, the thief is able to either PREVENT the car from locking, or else force it to unlock. The owner has nothign to do wit hit.

And it's not 2 minutes. It can be done far faster, it's just the device BBC Watchdog had took 2 minutes. 10-20 seconds is more like the actual time from plugging some devices in to working key, fully automated.
Either way, 20 seconds is enough time to stop a theft from outside your house, which is how many of these cars have gone.

The forcing to unlock is done by smashing the window or drilling the lock, either of which should set the alarm off. I haven't read of a single case of a stolen car being recovered without either a broken window or a drilled lock.

WeirdNeville

5,892 posts

103 months

[news] 
Friday 5th October 2012 quote quote all
I wouldn't even be out of bed in 20 seconds.

Ok, because I've investigated a few cases where the cars have been recovered with no damage at all.

I even know a couple of the methods how they unlock them. It's farking scary is all I'm going to say.

stuart-b

3,088 posts

114 months

[news] 
Friday 5th October 2012 quote quote all
Not sure why people seem to think that the alarm system will cure the problem.

SERIOUSLY?

What we need is the ability for a key NOT to be programmed to the car in under 30 seconds.

Who even needs an alarm then?

They wouldn't try to steal it in the same manner.

I mean it is quite bloody obvious - it would then make BMW no different to any other brand.

TheEnd

14,404 posts

76 months

[news] 
Friday 5th October 2012 quote quote all
WeirdNeville said:
People seem to belive this is a problem with the alarm system.
The actual problem is that you can walk up to a BMW with any old key from another BMW, and code the car to it with a hand held device in under a minute.
It's a new key programmed to the car, not the car programmed to accept a used key.

t8cmf

342 posts

48 months

[news] 
Friday 5th October 2012 quote quote all
TheEnd said:
It's a new key programmed to the car, not the car programmed to accept a used key.
I'm sure this was covered earlier in the thread but I think the car is reprogrammed and not the key.

WeirdNeville

5,892 posts

103 months

[news] 
Saturday 6th October 2012 quote quote all
TheEnd said:
WeirdNeville said:
People seem to belive this is a problem with the alarm system.
The actual problem is that you can walk up to a BMW with any old key from another BMW, and code the car to it with a hand held device in under a minute.
It's a new key programmed to the car, not the car programmed to accept a used key.
It's not a new key. Nothing on the key changes. You can use any key. you can use the same key over and over. In the videos you see ofthese devices, the induction loop on the device reads the code out of the key and injects it into the cars security module.
You can take a key from one car, inject that key into the CAS of another car, and the key in your hand will open and start BOTH cars.

In summary:
1) The primary flaw is one of authentication, or lack of it. This means that a cars security system can be manipulated to accept any compatible key as a trusted key in moments. At present, no other cars but BMW's are being subjected to this in the "wild". Others may be vulnerable, but right now, it's only happening to BMW's.
2) Secondary to this, flaws in the alarm system making it possible to break a window and even reach into the car without triggering the alarm facilitate the theft.
3) It's a high tech crime: You need an expensive tool to do it (not $70 as reported in US media, but not a whole heap more).
4) BMW diesels with M-sport kits seem to be targeted most, and it is any car with push button ignition and no proper key blade (an electronic only key) from 2005-2011 that is vulnerable, give or take a few special models.
5) Although some thefts are being committed by breaking glass or reaching into the car, or drilling/manipulating locks, cars ARE being taken with no visible damage being done to them. So an alarm upgrade alone is not going to prevent these thefts now there is an established disposal chain for parts and cars. There are thieves making a good living from this.

Cheib

9,266 posts

63 months

[news] 
Saturday 6th October 2012 quote quote all
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?

WeirdNeville

5,892 posts

103 months

[news] 
Saturday 6th October 2012 quote quote all
Cheib said:
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.

Cheib

9,266 posts

63 months

[news] 
Saturday 6th October 2012 quote quote all
WeirdNeville said:
Cheib said:
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.
My dealer told me it was enhanced "encryption" when they upgraded my X5......not sure the bloke really had a clue though.

IF it is just an alarm fudge someone's car that has been upgraded is going to get nabbed sooner or later.....if that does happen BMW are going to look so incredibly stupid.

If that is the case why the hell is it taking eight weeks to work out how to do it for other models ?

Doesn't make sense.

chivdog

2 posts

26 months

[news] 
Sunday 7th October 2012 quote quote all
WeirdNeville said:
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.
I reached this conclusion after speaking to BMW customer service in the UK when I reported my car stolen to them. The aim of my discussion with them was to find out whether it was worth my while buying another BMW to replace the one that was stolen by understanding what the enhanced security actually is. I mentioned on the call that ideally the car should not be able to be programmed to accept new keys through the port (ie. a hardware solution) rather than a software fix. To this the BMW rep told me that the fix isn't to do with the port and the ability to programme the car to accept new keys - but is rather focussed on preventing access to the vehicle in the first place. I speculated that this means that they are enhancing the alarm which I commented to him was rather disappointing (acknowledging that car theft is a part of life).

va1o

13,917 posts

95 months

[news] 
Sunday 7th October 2012 quote quote all
So potentially exactly the same problem will remain as it wouldn't stop the thieves jamming the signal when you lock the car etc. Disappointing effort from BMW. Still think its the head office we should be complaining to however, BMW UK are really just middlemen and can do very little.
1 2 ... 118 119
121 122 ... 190 191
Reply to Topic