RE: Video: Key fob reprogrammers steal BMW in 3 mins
Discussion
Superhoop said:
Sorry, but disagree with this - most manufacturers systems now require the use of the OBDII port to program keys, and most don't need an existing key - if they did, losing both keys would cost the owner £000's due to the nature of key ID storage within the vehicle systems. Other manufacturers might need a secondary form of access to complete the process, but they still use the OBDII port
just to add to this...the problem here is not the use of the OBD port per say, it's the total lack of security involved in being able to programme and enable a new key.
the issues are:
1) you can break into the car to access the OBD port without the alarm going off.
2) the CAS unit is not secure, ie. no encryption of anything to access it.
now, you can argue all you like that this is because of the evils of OBD or the ability of BMW to provide new keys, but both arguments are bogus.
OBD access for diagnostics has F*** all to do with access to the CAS unit (is it even on the same CAN bus? - just because it's also presented on the same OBD socket does not mean it's on the same pins/CAN as the ECU)
Also, if access to the CAS was properly encrypted (as in one time passcodes etc), then it would not be (practicably) possible to do this without access to BMW - if you think about it, a well setup system it would be possible for the legitimate owner to ask for a one time pass-key for ANO garage to add a key and still not compromise the basic security.
Long and short of this is that BMW have screwed up, not thought though the security of the CAS unit itself, and what they have now is a HUGE hole in it (funny when you consider how much trouble they went to with the communications from the CAS unit to the ECU only to leave the CAS unit wide open!)
Edited by Scuffers on Saturday 7th July 09:00
Superhoop said:
Sorry, but disagree with this - most manufacturers systems now require the use of the OBDII port to program keys, and most don't need an existing key - if they did, losing both keys would cost the owner £000's due to the nature of key ID storage within the vehicle systems. Other manufacturers might need a secondary form of access to complete the process, but they still use the OBDII port
I don't know how BMW dealers code a key, although I do know that BMW can supply a key already coded to operate - the problem is, thieves have found a way to cheat the system.
Like I said in my last post, this is an industry wide problem, it's not isolated to just keyless entry systems and it's not just BMW working on a solution. Thatcham are definitely involved, and it's Thatcham that sign these systems off as secure.
BMW seem to be the biggest target, and no doubt there are things that are making it easier for the car thieves with OBDII port location etc, but part of the reason for them being a target is desirability
As I also said in a much earlier post, as and when a solution is found, the thefts won't stop, the scum that are taking them will just go back to removing your back door to gain access to your house, to gain access to your keys just like they have been doing for the last few years - and if someone wants my car, I'd rather them take it without the need for any interaction with either me or my family to do so.
What I'm saying is that it's a known weak spot to allow key adding via ODB but it eases production.I don't know how BMW dealers code a key, although I do know that BMW can supply a key already coded to operate - the problem is, thieves have found a way to cheat the system.
Like I said in my last post, this is an industry wide problem, it's not isolated to just keyless entry systems and it's not just BMW working on a solution. Thatcham are definitely involved, and it's Thatcham that sign these systems off as secure.
BMW seem to be the biggest target, and no doubt there are things that are making it easier for the car thieves with OBDII port location etc, but part of the reason for them being a target is desirability
As I also said in a much earlier post, as and when a solution is found, the thefts won't stop, the scum that are taking them will just go back to removing your back door to gain access to your house, to gain access to your keys just like they have been doing for the last few years - and if someone wants my car, I'd rather them take it without the need for any interaction with either me or my family to do so.
So it's a calculated risk which some manufacturers take, and some don't.
The company I work for make body control systems and security systems and keys and we would never allow programming via ODB.
Superhoop said:
I'm not defending BMW here, but whilst it may be BMW's that are seemly being targeted for this type of theft, as the article on here stated, there are other manufacturers that are vulnerable.
It's not just BMW that are working for a resolution to this problem, the MET, Thatcham and a number of manufacturers are all working together
In a way, I feel sorry for BMW, as they are the ones that are having the finger pointed at them, primarily because they make nice cars that are easily moved on/are desireable/valuable - at the end of the day, the only people that should be blamed are the dirty fking scumbags that are stealing them, and a penal system that allows them to get off with a slap on the wrists when they get caught
They cracked the EWS4 key which is a unique problem for BMW, also affects RR Phantom I think (looking at the manual online).It's not just BMW that are working for a resolution to this problem, the MET, Thatcham and a number of manufacturers are all working together
In a way, I feel sorry for BMW, as they are the ones that are having the finger pointed at them, primarily because they make nice cars that are easily moved on/are desireable/valuable - at the end of the day, the only people that should be blamed are the dirty fking scumbags that are stealing them, and a penal system that allows them to get off with a slap on the wrists when they get caught
EWS4 Secret Key (new 128-bit synchronization with engine control unit).
BMW documentation “says” that noone can read or write it, but we can do it
through OBD-II socket! Surprise!
Haven't read back to see if this has been posted but the video has reached Jalopnik:
http://jalopnik.com/5923802/watch-hackers-steal-a-...
http://jalopnik.com/5923802/watch-hackers-steal-a-...
After my car was stolen my immediate response was to call the police and they'll use the CCTV cameras all over London that are used to catch speeders, people who park on bus stops, drive in bus lanes and other such violations to track the car and hopefully apprehend those involved. After numerous phone calls to the police I managed to find out who the investigating department and officer was. I managed to briefly speak with him and he basically said i'll be lucky to get the car back but they are investigating the case. A couple of weeks passed so I phoned him again but he was on annual leave, his colleague informed me that the case was closed...thanks for letting me know!
At the end of the day its only a car, no one was hurt and I managed to get my money back through my insurance.
The problem is that insurance premiums will be affected, not only for those directly involved but also for those living in the same postcode, with the same or similar car and any other loosely related excuse to increase premiums. I'm sure many people will have seen their insurance premiums either go up or stay the same despite earning another years worth of no claims bonus?
Hypothetically speaking, say if I had woken up and seen them attempting to steal my car, then pop outside and batter one of them with a baseball bat? I would probably go inside for longer than them...the whole thing is a bloody joke!
At the end of the day its only a car, no one was hurt and I managed to get my money back through my insurance.
The problem is that insurance premiums will be affected, not only for those directly involved but also for those living in the same postcode, with the same or similar car and any other loosely related excuse to increase premiums. I'm sure many people will have seen their insurance premiums either go up or stay the same despite earning another years worth of no claims bonus?
Hypothetically speaking, say if I had woken up and seen them attempting to steal my car, then pop outside and batter one of them with a baseball bat? I would probably go inside for longer than them...the whole thing is a bloody joke!
I work on a particular brand of HGVs.
When I programme keys you need to have an online connection to the plant in Germany to obtain the correct 'passcode', otherwise it won't work.
Brilliant idea because:
A: you can't steal them
B: the manufacturer knows exactly who/what/where the keys were programmed.
So for BMW to do this, I would imagine all that would be required is a software update to prevent keys being programmed without an online connection to the plant.
When I programme keys you need to have an online connection to the plant in Germany to obtain the correct 'passcode', otherwise it won't work.
Brilliant idea because:
A: you can't steal them
B: the manufacturer knows exactly who/what/where the keys were programmed.
So for BMW to do this, I would imagine all that would be required is a software update to prevent keys being programmed without an online connection to the plant.
Scuffers said:
Exactly, its hardly rocket science is it?
No, and in consequence I do wonder whether the fix is that simple for BMW. I am not saying that, it is not. But if it is literally that simple, then I would have thought, BMW would have adopted it, immediately and trumpeted their huge success at preventing the criminal masterminds from pinching the cars. From the roof tops, so that all the affected owners realise how well BMW have done in solving this difficulty.BMW, have steadfastly refused to admit or recognise any need for change. BMW are many things, but they are not stupid. Therefore I have my doubts ,if it can be that simple. Time surely, will tell.
Steffan said:
No, and in consequence I do wonder whether the fix is that simple for BMW. I am not saying that, it is not. But if it is literally that simple, then I would have thought, BMW would have adopted it, immediately and trumpeted their huge success at preventing the criminal masterminds from pinching the cars. From the roof tops, so that all the affected owners realise how well BMW have done in solving this difficulty.
BMW, have steadfastly refused to admit or recognise any need for change. BMW are many things, but they are not stupid. Therefore I have my doubts ,if it can be that simple. Time surely, will tell.
BMW had a problem with their alloy wheels being too soft and cracking far too easily. Their response to that was the same as this, to claim it was nothing to do with their wheels they conform to all standards etc and only when the press and in particular watchdog got involved did they capitulate and accept there was an issue.BMW, have steadfastly refused to admit or recognise any need for change. BMW are many things, but they are not stupid. Therefore I have my doubts ,if it can be that simple. Time surely, will tell.
TallbutBuxomly said:
Steffan said:
No, and in consequence I do wonder whether the fix is that simple for BMW. I am not saying that, it is not. But if it is literally that simple, then I would have thought, BMW would have adopted it, immediately and trumpeted their huge success at preventing the criminal masterminds from pinching the cars. From the roof tops, so that all the affected owners realise how well BMW have done in solving this difficulty.
BMW, have steadfastly refused to admit or recognise any need for change. BMW are many things, but they are not stupid. Therefore I have my doubts ,if it can be that simple. Time surely, will tell.
BMW had a problem with their alloy wheels being too soft and cracking far too easily. Their response to that was the same as this, to claim it was nothing to do with their wheels they conform to all standards etc and only when the press and in particular watchdog got involved did they capitulate and accept there was an issue.BMW, have steadfastly refused to admit or recognise any need for change. BMW are many things, but they are not stupid. Therefore I have my doubts ,if it can be that simple. Time surely, will tell.
Max_Torque said:
Isn't it going to be rather easy to catch these theives? Everytime someone orders a replacement drivers side windowglass, just send the rozzers around? Let's face it, they can't sell many side windows every year?
That won't be in the polices' interest mate, they are too busy.sturobturbo said:
Max_Torque said:
Isn't it going to be rather easy to catch these theives? Everytime someone orders a replacement drivers side windowglass, just send the rozzers around? Let's face it, they can't sell many side windows every year?
That won't be in the polices' interest mate, they are too busy.Pique said:
Haven't read back to see if this has been posted but the video has reached Jalopnik:
http://jalopnik.com/5923802/watch-hackers-steal-a-...
I got it on google news today http://jalopnik.com/5923802/watch-hackers-steal-a-...
dasbimmerowner said:
I've no interest in a tracker. If the car is stolen I really don't want it returned.
Really?I can see a couple of upsides here though:
- Car returned relatively fast without cost, no insurance bother either
- Damage is usually minimal, a couple of hundred £
- "they" won't return after a couple of months for your brand new insurance money car
- insurance claims don't go up for EVERYBODY. Look at this 1M, imagine if you want one and insure one, turns out that in your area there's a 20% chance it'll get nicked without a chance of retrieval. Your insurance quote will eventually say £15000, because some people "rather have a new one than have one returned". Don't forget that, however you think of it, YOU pay for the new one, not the scrotes, not the insurance, YOU.
- most of all: the fking scrotes don't have it, they've wasted an evening of their fking around and don't have any money in their pockets for it. This sends the message that MAYBE crime doesn't pay after all. Better still, they might even get caught with it (justice system aside, that's another matter). Imagine if the return/retrieval rate of cars is 60% instead of the current 5%, you'd think that thefts will drop? Now it's just so likely to get away with it it's ridiculous.
ZesPak said:
- Car returned relatively fast without cost, no insurance bother either
- Damage is usually minimal, a couple of hundred £
- "they" won't return after a couple of months for your brand new insurance money car
- it took 12 weeks to recover it
- it was supposedly un-damaged, but ended up being written off some months later when the fixing dealer discovered the shell was twisted (not before they had already spend a fortune on trying to fix it)
- if only.....
Scuffers said:
not sure I agree with these, having had a car stolen/recovered...
Sorry, I was of course also speaking of anecdotal evidence. Having had my car stolen and retrieved once, it was stolen in the night and intercepted only 30km further (eastern european scrotes still inside), having it returned to us within 2 hours and all we had to do was replace two locks and get the stench out.- it took 12 weeks to recover it
- it was supposedly un-damaged, but ended up being written off some months later when the fixing dealer discovered the shell was twisted (not before they had already spend a fortune on trying to fix it)
- if only.....
I understand this is now in the Telegraph and Metro. Every article in the news must be most welcome to the owners of affected cars. How long before BMW come clean and admit their mistake, and actually come up with a dealer approved solution? I do think the roll needed has started at last.
Gassing Station | General Gassing | Top of Page | What's New | My Stuff