BMW Thefts

rocky

Anan1 wrote: »

Sure you're too lucky to ever have your car stolen.

that, and I have the old blade-type key

Cuddlesworth

rebel.ranter wrote: »

The solutions as mentioned are:

- steering wheel lock
- ODB port disable
- Enable audible "chirp" for locking

Only one of the above options would actually work, the steering lock.

As I said I posted about this last year. All it took was 1 person to point out the glaring flaw and a couple of clever people to whip up some basic prototypes. Which you can pick up on ebay.

You can unlock a car from the OBD network while outside of it, you don't need access to the internal port. You can reprogram a key from outside the car. You can pretty much do anything you want as long as you can key into the network from numerous entry points and have a good understanding of that particular manufactures signalling.

In theory, I could set up a high powered receiver/transmitter beside the M50 putting out engine kill signals for specific manufacturers and watch as the newer cars started dropping off in droves.

And because of the design of the wireless transmitters and receivers, you would need a complete rewrite of the whole system to avoid it. Starting in the world of IT security myself, I was pretty shocked at how far behind car manufacturers are in their whole approach to the concept of access into internal networks.

Blazer

that's one thing I'm paranoid about is locking my car..I always make sure to it right outside and ensure the door bolts shut down.I've even walked back to make sure again that I do it..
Of course you can be absolutely guaranteed that the one day I do forget the thieves will be around

00833827

the dude in the video has mega hairy fingers!

00833827

rebel.ranter wrote: »

This is not just a BMW problem, any brand that utilises a fob type key like Mercedes, Audi/VAG, etc. are vulnerable. BMW are getting all the publicity right now.

Was just gonna suggest the VAG's from mid 00's on with the key fob type device.

What about the Renault credit card style key. Do they still have those?

Also the new Fords (Fiesta at least) have the device that just needs to be on the person to allow car to be started. I would think these have to be examined also.

tossy

A friend of mine recently fitted a second OBD port in his car in another location and made the factory port a dummy port,except now it has a constant 12v supply from the battery so anyone who plugs their laptop in will get a nice surprise - i thought it was genius myself

Victor Meldrew

rocky wrote: »

That's what BMW are saying and I believe them

So, in my car, I put the fob in the steering column, and it releases the steering lock. I then press the start button.

does this constitute " comfort" start? I thought that was proximity peys, where it did not need to be put in any part of the dashboard?

galwaytt

...this reminds me of what the salesman on the Skoda stand at the National Ploughing Championship made as a USP for Skoda : an actual key and an actual handbrake; compared to all those 'high tech' cars. ....

bmstuff

Victor Meldrew wrote: »

So, in my car, I put the fob in the steering column, and it releases the steering lock. I then press the start button.

does this constitute " comfort" start? I thought that was proximity peys, where it did not need to be put in any part of the dashboard?

Yes it would be

The proximity key, you can keep it in your pocket and start the car.
I am sure someone will come up with a hack here too, unfortunately. Just a question of time.

djimi

Blazer wrote: »

that's one thing I'm paranoid about is locking my car..I always make sure to it right outside and ensure the door bolts shut down.I've even walked back to make sure again that I do it..
Of course you can be absolutely guaranteed that the one day I do forget the thieves will be around

The only time in the 10+ years Ive owned cars that I forgot to lock the doors was the night before someone tried to open my door with a screwdriver. I am blessed that they didnt try it 24 hours earlier...

rebel.ranter

Cuddlesworth wrote: »

Only one of the above options would actually work, the steering lock.

As I said I posted about this last year. All it took was 1 person to point out the glaring flaw and a couple of clever people to whip up some basic prototypes. Which you can pick up on ebay.

You can unlock a car from the OBD network while outside of it, you don't need access to the internal port. You can reprogram a key from outside the car. You can pretty much do anything you want as long as you can key into the network from numerous entry points and have a good understanding of that particular manufactures signalling.

In theory, I could set up a high powered receiver/transmitter beside the M50 putting out engine kill signals for specific manufacturers and watch as the newer cars started dropping off in droves.

And because of the design of the wireless transmitters and receivers, you would need a complete rewrite of the whole system to avoid it. Starting in the world of IT security myself, I was pretty shocked at how far behind car manufacturers are in their whole approach to the concept of access into internal networks.

Those solutions I posted deal with the current threat that is widespread out there at the minute. The current batch of thieves are using kit that requires access to the OBD port.

I don't know if you had a look yet but there are some really interesting videos over on www.ted.com under security, well worth a watch.

One of them talks about the various everyday items such as pace makers, power plants & cars can be hacked. The car one talked about using Mobile phone system, Bluetooth, WiFi, OBD port & FM radio as means to access the cars' system. Everything is networked together so basically any device on that network is a potential entry point.
Just started to get interested in the whole IT security industry myself recently.