New BMW's getting stolen using blank BMW keys

New BMW's getting stolen using blank BMW keys

Author
Discussion

WeirdNeville

5,932 posts

214 months

Saturday 6th October 2012
quotequote all
TheEnd said:
WeirdNeville said:
People seem to belive this is a problem with the alarm system.
The actual problem is that you can walk up to a BMW with any old key from another BMW, and code the car to it with a hand held device in under a minute.
It's a new key programmed to the car, not the car programmed to accept a used key.
It's not a new key. Nothing on the key changes. You can use any key. you can use the same key over and over. In the videos you see ofthese devices, the induction loop on the device reads the code out of the key and injects it into the cars security module.
You can take a key from one car, inject that key into the CAS of another car, and the key in your hand will open and start BOTH cars.

In summary:
1) The primary flaw is one of authentication, or lack of it. This means that a cars security system can be manipulated to accept any compatible key as a trusted key in moments. At present, no other cars but BMW's are being subjected to this in the "wild". Others may be vulnerable, but right now, it's only happening to BMW's.
2) Secondary to this, flaws in the alarm system making it possible to break a window and even reach into the car without triggering the alarm facilitate the theft.
3) It's a high tech crime: You need an expensive tool to do it (not $70 as reported in US media, but not a whole heap more).
4) BMW diesels with M-sport kits seem to be targeted most, and it is any car with push button ignition and no proper key blade (an electronic only key) from 2005-2011 that is vulnerable, give or take a few special models.
5) Although some thefts are being committed by breaking glass or reaching into the car, or drilling/manipulating locks, cars ARE being taken with no visible damage being done to them. So an alarm upgrade alone is not going to prevent these thefts now there is an established disposal chain for parts and cars. There are thieves making a good living from this.

Cheib

23,067 posts

174 months

Saturday 6th October 2012
quotequote all
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?

WeirdNeville

5,932 posts

214 months

Saturday 6th October 2012
quotequote all
Cheib said:
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.

Cheib

23,067 posts

174 months

Saturday 6th October 2012
quotequote all
WeirdNeville said:
Cheib said:
So there seems to be speculation the current "fix" is a tweak to the cars alarm system rather than dealing with the OBD issue. Is that right or is that speculation ?
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.
My dealer told me it was enhanced "encryption" when they upgraded my X5......not sure the bloke really had a clue though.

IF it is just an alarm fudge someone's car that has been upgraded is going to get nabbed sooner or later.....if that does happen BMW are going to look so incredibly stupid.

If that is the case why the hell is it taking eight weeks to work out how to do it for other models ?

Doesn't make sense.

chivdog

2 posts

137 months

Sunday 7th October 2012
quotequote all
WeirdNeville said:
Speculation based on things said by the dealers (who may well be in the dark anyway) and the fact that no hardware changes are made.
I reached this conclusion after speaking to BMW customer service in the UK when I reported my car stolen to them. The aim of my discussion with them was to find out whether it was worth my while buying another BMW to replace the one that was stolen by understanding what the enhanced security actually is. I mentioned on the call that ideally the car should not be able to be programmed to accept new keys through the port (ie. a hardware solution) rather than a software fix. To this the BMW rep told me that the fix isn't to do with the port and the ability to programme the car to accept new keys - but is rather focussed on preventing access to the vehicle in the first place. I speculated that this means that they are enhancing the alarm which I commented to him was rather disappointing (acknowledging that car theft is a part of life).

va1o

16,028 posts

206 months

Sunday 7th October 2012
quotequote all
So potentially exactly the same problem will remain as it wouldn't stop the thieves jamming the signal when you lock the car etc. Disappointing effort from BMW. Still think its the head office we should be complaining to however, BMW UK are really just middlemen and can do very little.

Digger

14,573 posts

190 months

Sunday 7th October 2012
quotequote all
For the last 10 years i have never ever locked my cars (via remote) without checking that both the armed light is flashing away merrily and that the door lock button knobby things have dropped. I think a change in behaviour is required.

Zod

35,295 posts

257 months

Sunday 7th October 2012
quotequote all
WeirdNeville said:
t's not a new key. Nothing on the key changes. You can use any key. you can use the same key over and over. In the videos you see ofthese devices, the induction loop on the device reads the code out of the key and injects it into the cars security module.
You can take a key from one car, inject that key into the CAS of another car, and the key in your hand will open and start BOTH cars.

In summary:
1) The primary flaw is one of authentication, or lack of it. This means that a cars security system can be manipulated to accept any compatible key as a trusted key in moments. At present, no other cars but BMW's are being subjected to this in the "wild". Others may be vulnerable, but right now, it's only happening to BMW's.
2) Secondary to this, flaws in the alarm system making it possible to break a window and even reach into the car without triggering the alarm facilitate the theft.
3) It's a high tech crime: You need an expensive tool to do it (not $70 as reported in US media, but not a whole heap more).
4) BMW diesels with M-sport kits seem to be targeted most, and it is any car with push button ignition and no proper key blade (an electronic only key) from 2005-2011 that is vulnerable, give or take a few special models.
5) Although some thefts are being committed by breaking glass or reaching into the car, or drilling/manipulating locks, cars ARE being taken with no visible damage being done to them. So an alarm upgrade alone is not going to prevent these thefts now there is an established disposal chain for parts and cars. There are thieves making a good living from this.
No. Unless the car has even left open, they need to drill the lock or break the window to gain access to code the key to the car.

But what would I know? I've only experienced it twice; once by each method.

Zyp

14,670 posts

188 months

Sunday 7th October 2012
quotequote all
Digger said:
For the last 10 years i have never ever locked my cars (via remote) without checking that both the armed light is flashing away merrily and that the door lock button knobby things have dropped. I think a change in behaviour is required.
Agreed.

I've always check the door has actually locked, no matter which car I'm in.

cptsideways

13,532 posts

251 months

Monday 8th October 2012
quotequote all
Zod said:
WeirdNeville said:
t's not a new key. Nothing on the key changes. You can use any key. you can use the same key over and over. In the videos you see ofthese devices, the induction loop on the device reads the code out of the key and injects it into the cars security module.
You can take a key from one car, inject that key into the CAS of another car, and the key in your hand will open and start BOTH cars.

In summary:
1) The primary flaw is one of authentication, or lack of it. This means that a cars security system can be manipulated to accept any compatible key as a trusted key in moments. At present, no other cars but BMW's are being subjected to this in the "wild". Others may be vulnerable, but right now, it's only happening to BMW's.
2) Secondary to this, flaws in the alarm system making it possible to break a window and even reach into the car without triggering the alarm facilitate the theft.
3) It's a high tech crime: You need an expensive tool to do it (not $70 as reported in US media, but not a whole heap more).
4) BMW diesels with M-sport kits seem to be targeted most, and it is any car with push button ignition and no proper key blade (an electronic only key) from 2005-2011 that is vulnerable, give or take a few special models.
5) Although some thefts are being committed by breaking glass or reaching into the car, or drilling/manipulating locks, cars ARE being taken with no visible damage being done to them. So an alarm upgrade alone is not going to prevent these thefts now there is an established disposal chain for parts and cars. There are thieves making a good living from this.
No. Unless the car has even left open, they need to drill the lock or break the window to gain access to code the key to the car.

But what would I know? I've only experienced it twice; once by each method.
The locks can be picked in seconds without damaging them

WeirdNeville

5,932 posts

214 months

Monday 8th October 2012
quotequote all
Zod said:
No. Unless the car has even left open, they need to drill the lock or break the window to gain access to code the key to the car.

But what would I know? I've only experienced it twice; once by each method.
What would I know? I've only seen several hundred reports....

youngsyr

14,622 posts

191 months

Monday 8th October 2012
quotequote all
WeirdNeville said:
Zod said:
No. Unless the car has even left open, they need to drill the lock or break the window to gain access to code the key to the car.

But what would I know? I've only experienced it twice; once by each method.
What would I know? I've only seen several hundred reports....
Rather than alluding to your knowledge, why not just state roughly how many cars were broken into via a damaging method (smashed window or drilled lock) and how many with no visible damage at all?

As I posted earlier, from memory there hasn't been a single case of a recovered car not exhibiting one of the two damaging methods of entry in either this thread or on the M3Cutters forum.

It's a separate issue and not aimed at you at all, but I find it quite patronising that some people are happy to believe that owners of £60k cars leave them parked in vulnerable spots without ensuring they're locked.







WeirdNeville

5,932 posts

214 months

Monday 8th October 2012
quotequote all
From memory, about 1/3rd with no damage, 2/3rds with evidence of forced entry (borken window, pulled/forced locks). I know that there are methods of getting these cars to open without leaving visible damage.

I have to allude to what I've seen, as I can't post it. Sorry. Take it or leave it.

youngsyr

14,622 posts

191 months

Monday 8th October 2012
quotequote all
WeirdNeville said:
From memory, about 1/3rd with no damage, 2/3rds with evidence of forced entry (borken window, pulled/forced locks). I know that there are methods of getting these cars to open without leaving visible damage.

I have to allude to what I've seen, as I can't post it. Sorry. Take it or leave it.
Fine, thanks for replying. How many of the undamaged 1/3 were stolen with the keys?

From what I can gather from what victims have posted, it seems that the vast majority of thieves just aren't that technically advanced - they'll simply use whatever crude method is quickest to gain access and then clone the key and be gone.

I even know of a case where they made a mess of the car door, gained access to the car which supposedly has no current software fix, accessed the OBDII port, yet couldn't clone a key.

I don't doubt that some very skilled people can gain access to the cars without the key, but it just doesn't agree with what victims are posting that the majority of the thieves are this skilled.

cptsideways

13,532 posts

251 months

Tuesday 9th October 2012
quotequote all
The lock picking kits are readily available & any slightly technical person could learn to use one in a day.

youngsyr

14,622 posts

191 months

Tuesday 9th October 2012
quotequote all
cptsideways said:
The lock picking kits are readily available & any slightly technical person could learn to use one in a day.
So why do 2/3 of stolen BMWs reportedly not have their locks picked?

I guess I'm just inherently sceptical that non-damaging entry to these cars is easy. Obviously there is a flaw in the security caused by the key cloning ability, but that is new technology with an unintended consequence. I would like to think that door lock technology has come along way from the days where you could open any Ford Fiesta with the key to your Fiesta. Again, not saying that picking their lock is impossible, just that it's beyond most car thieves ability/willingness to learn.

cptsideways

13,532 posts

251 months

Tuesday 9th October 2012
quotequote all
This guy is manually picking the lock the difficult way, http://youtu.be/Aw2ctqcq32Q

However google BMW lock picking & you'll find decoders, the manual way of finding the key cut code for each barrel pin doo dah.

Ocdbeemer

94 posts

140 months

Tuesday 9th October 2012
quotequote all
BMW (dealer) have stated the fix is something to do with the alarm and comfort access. Apparently it is possible to activate comfort access buy jamming a screw driver in the door lock and holding it at 90 degs. This activates the comfort access in the same way as holding the remote unlock button to drop the windows. The fix basically removes this function altogether. Nothing is done to the obd.

Once the windows are down the thieves can access the obd port.... The rest is history......

Why do poster insist on making statements without backing them up. If we know what the thieves are doing to gain access, we can try and do something about it. Or are they just bullsh@ting us ?

WeirdNeville

5,932 posts

214 months

Wednesday 10th October 2012
quotequote all
How can I back it up? I see crime reports, they're on police systems, I attempt to digest them to give people an idea of what is happening and the scale of the problem without a) Worsening the problem by exposing methodology or b) losing my job for posting confidential or private information. Almost everything about this is not in the public domain. If you want to start putting in freedom of information requests, be my guest, but I haven't got the time to generate actual statistics. I report as I see, but I'm no statistician and I don't have the time to analyse in depth the many reports of theft.

I'm not about to start doing screen grabs of confidential reports. Sorry.

As I've said, you can take or leave the information I post, I post it without prejudice or malice.

Zod

35,295 posts

257 months

Wednesday 10th October 2012
quotequote all
WeirdNeville said:
How can I back it up? I see crime reports, they're on police systems, I attempt to digest them to give people an idea of what is happening and the scale of the problem without a) Worsening the problem by exposing methodology or b) losing my job for posting confidential or private information. Almost everything about this is not in the public domain. If you want to start putting in freedom of information requests, be my guest, but I haven't got the time to generate actual statistics. I report as I see, but I'm no statistician and I don't have the time to analyse in depth the many reports of theft.

I'm not about to start doing screen grabs of confidential reports. Sorry.

As I've said, you can take or leave the information I post, I post it without prejudice or malice.
so why do we have a 120 page thread about BMWs being stolen by thieves who break in by drilling the lock or breaking the window, exploiting a blond spot in the alarm's coverage? Why bother breaking in at that rate? Perhaps some people leave their cars unlocked. I'm sure most of us have done it and been lucky. There are no other reports than yours that there Is a problem of BMWs being vulnerable to being stolen without even having to be broken into.