RE: Video: Key fob reprogrammers steal BMW in 3 mins
Discussion
Was talking to a friend of ours this morning. She'd taken delivery of a new X1 a couple of weeks ago. Last week she heard people trying to break into her kitchen window, three blokes with hoods and scarfs on fled when she opened the curtains. She then moved house at the weekend, and yesterday morning she had a delivery from Ikea, and the driver said - did she know someone was outside taking photos and videos of her house? He'd taken the reg plate of the car doing it, she reported it to the police who said it had been on fake plates. The police also mentioned that they were targeting a lot of the X models just now as they either go abroad to South Africa or split for parts on the web.
She phoned her fleet company and told them to take it away as she didn't feel safe, and now has a crappy 207 until her new car arrives.
All a bit scary if you ask me!
She phoned her fleet company and told them to take it away as she didn't feel safe, and now has a crappy 207 until her new car arrives.
All a bit scary if you ask me!
it's on Wired.com with the video.
http://www.wired.com/threatlevel/2012/07/keyless-b...
Apologies if this has already been posted.
http://www.wired.com/threatlevel/2012/07/keyless-b...
Apologies if this has already been posted.
carinaman said:
I'm struggling not to compare Monkey being on the front page on a Beemer with his much publicised falling out with Ferrari over the grooming and control that went on with their test cars. Perhaps it's just an unfortunately timed coincidence, and it's nothing to do with journalistic standards and advertising revenues.
I fear your assumption is correct. Integrity is far too costly for most businesses.Surely it is a huge issue that isn't being covered because it affects lots of cars out there and they don't want to make it easier for the thieves. Hopefully it is only a small percentage that would know/think of this flaw and exploit it, but now there will be lots more buying the equipment and knowing how to do it. Still think some duck tape or a few screws would solve the issue and force them to open the window/door and set off the alarm.
As an example with a quick search turns up a US site with locations of all the OBD ports of older cars in a database, http://64.78.43.239/connectors.aspx
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
As an example with a quick search turns up a US site with locations of all the OBD ports of older cars in a database, http://64.78.43.239/connectors.aspx
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
Edited by Crusoe on Wednesday 11th July 13:00
Crusoe said:
As an example with a quick search turns up a US site with locations of all the OBD ports of older cars in a database, http://64.78.43.239/connectors.aspx
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
Think this has been covered before, but again these requirements need to be filled:Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
- OBD hardware must be attainable by everybody (EU requirement)
- OBD must be accessible in the blind spot of the alarm
- Key programming can be done through the OBD
- Key programming can be done without any credentials/encryption required
Add to that that BMW produces some expensive cars, and they become a very easy-money target.
Crusoe said:
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
My car has an OBD port down there, and I imagine the alarm wouldn't go off.This doesn't bother me as I don't keep a spare key in the driver's footwell, or one of these
ZesPak said:
Crusoe said:
As an example with a quick search turns up a US site with locations of all the OBD ports of older cars in a database, http://64.78.43.239/connectors.aspx
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
Think this has been covered before, but again these requirements need to be filled:Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
- OBD hardware must be attainable by everybody (EU requirement)
- OBD must be accessible in the blind spot of the alarm
- Key programming can be done through the OBD
- Key programming can be done without any credentials/encryption required
Add to that that BMW produces some expensive cars, and they become a very easy-money target.
bertie said:
ZesPak said:
Crusoe said:
As an example with a quick search turns up a US site with locations of all the OBD ports of older cars in a database, http://64.78.43.239/connectors.aspx
Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
Think this has been covered before, but again these requirements need to be filled:Lots of cars also have the OBD port down by the driver’s side. Assume most also have a inch or two blind spot in the alarm round the windows to deliberately stop leaves and other objects passing the windows setting off the alarm.
- OBD hardware must be attainable by everybody (EU requirement)
- OBD must be accessible in the blind spot of the alarm
- Key programming can be done through the OBD
- Key programming can be done without any credentials/encryption required
Add to that that BMW produces some expensive cars, and they become a very easy-money target.
I am hopeful greater publicity will make denial by BMW untenable.
Steffan said:
The truth is that no one at BMW, the EU lot, or Thatchem spotted the weakness...
I would think that it's none of the EU's matter? Would they care if you made a car you can't lock up?BMW is to blame, and the question may follow what does Thatchem actually do all day? Current cars are pretty good, but would this indicate Thatchem just lets them pass without testing them? Are there any repercussions for them?
ZesPak said:
Steffan said:
The truth is that no one at BMW, the EU lot, or Thatchem spotted the weakness...
I would think that it's none of the EU's matter? Would they care if you made a car you can't lock up?BMW is to blame, and the question may follow what does Thatchem actually do all day? Current cars are pretty good, but would this indicate Thatchem just lets them pass without testing them? Are there any repercussions for them?
Thatchem are the industry standard required by the insurance companies. The car, as it is, apparently complies according to Thatchem and BMW. I think they are all to blame but BMW are the manufacturers and therefore primarily responsible.
No easy fix = deny all responsibility according to BMW. How long this lasts remains to be seen.
Contrary to popular opinion, I very much doubt BMW aren't doing anything about this. It's got to a point now where it obviously can't have escaped the notice of some higher ups in the organisation.
However what they will be doing is be getting a group of accountants to feverishly try to work out how much a fix for this issue will cost and whether that cost will outweigh the loss of sales\reputation\goodwill that this problem has caused. This will be the only deciding factor in whether they actually come out and do something about it or continue to deny all knowledge.
However what they will be doing is be getting a group of accountants to feverishly try to work out how much a fix for this issue will cost and whether that cost will outweigh the loss of sales\reputation\goodwill that this problem has caused. This will be the only deciding factor in whether they actually come out and do something about it or continue to deny all knowledge.
Guvernator said:
Contrary to popular opinion, I very much doubt BMW aren't doing anything about this. It's got to a point now where it obviously can't have escaped the notice of some higher ups in the organisation.
However what they will be doing is be getting a group of accountants to feverishly try to work out how much a fix for this issue will cost and whether that cost will outweigh the loss of sales\reputation\goodwill that this problem has caused. This will be the only deciding factor in whether they actually come out and do something about it or continue to deny all knowledge.
I wonder if they'll use the same equations as Ford did with the Pinto?However what they will be doing is be getting a group of accountants to feverishly try to work out how much a fix for this issue will cost and whether that cost will outweigh the loss of sales\reputation\goodwill that this problem has caused. This will be the only deciding factor in whether they actually come out and do something about it or continue to deny all knowledge.
Steffan said:
ZesPak said:
Steffan said:
The truth is that no one at BMW, the EU lot, or Thatchem spotted the weakness...
I would think that it's none of the EU's matter? Would they care if you made a car you can't lock up?BMW is to blame, and the question may follow what does Thatchem actually do all day? Current cars are pretty good, but would this indicate Thatchem just lets them pass without testing them? Are there any repercussions for them?
Thatchem are the industry standard required by the insurance companies. The car, as it is, apparently complies according to Thatchem and BMW. I think they are all to blame but BMW are the manufacturers and therefore primarily responsible.
No easy fix = deny all responsibility according to BMW. How long this lasts remains to be seen.
EU riles say you must allow OBD II access to the cars ECU for reading fault codes etc, it says NOTHING about BMW being stupid enough to:
1) put the cars security module access on the same OBD port
2) having it connected with zero encryption on the interface.
As far as I know, nobody else's cars have un-coded interfaces to re-programme key numbers, just BMW.
Crusoe said:
wonder if there is the same alarm blind spot on LHD cars, assume there would be but maybe it is just a UK (and other rhd) problem? Can't seem to find any issues with cars stolen under similar circumstances in europe but just keep getting linked to the uk story.
could be...does not excuse them form the catastrophically stupid design of the CAS unit though...
Crusoe said:
wonder if there is the same alarm blind spot on LHD cars, assume there would be but maybe it is just a UK (and other rhd) problem? Can't seem to find any issues with cars stolen under similar circumstances in europe but just keep getting linked to the uk story.
I have read but don't know for definate that LHD cars do not have this issue. Apparently some guys in the US have done experiments and the alarm sensor appears to offer proper coverage of ODB port on LHD cars.The reason the RHD cars have this problem is because BMW decided NOT to produce a new alarm sensor specifically for RHD cars due to cost cutting. If this is true it's another dropped ball on the part of BMW I'm afaid.
Gassing Station | General Gassing | Top of Page | What's New | My Stuff