My clients all claimed they broke/lost their keys to their car - most of the time they were believable (car stuck in front of their driveway, etc). Sometimes less so, but I’d do it anyway because I needed the money and I had no proof of the contrary (innocent until proven guilty right?), although given the sad conditions of the cars I really doubt anyone would bother stealing them.
Car security is based on obscurity. There is very little cryptography involved (if any), and where there is, the car’s “computers” would happily install new, untrusted firmware through the diagnostics (OBD) port, which means you can do pretty much anything - program new keys, disable the immobiliser or alarm completely (by installing patched firmware) or even rewind the odometer.
I’m frankly surprised it took this long for “high tech” car theft to appear, unless it’s been going on for a while but executed perfectly so nobody would find a trace.
Happy to answer any questions if anyone’s curious.
"Casual" thieves are finding it harder though, it's more organized mafia in concert with dismantlers (as mentioned on a sibling comment).
"Immobiliser", usually. :)
This wouldn't be that hard for car manufacturers to defeat if they really cared. It's the exact same trusted-boot problem as any mobile phone faces, except (so far) with much more limited attack resources. It's devilishly hard to get perfect (as every iPhone jailbreak proves) but it's easy to get started.
This isn’t bulletproof either, but surely more than “hey I’m legit, here’s your new firmware, could you install and run it please?”.
Also I’m surprised they’d go after tuners, considering those are usually the most loyal customers you could dream of.
The even better and less user-intensive way to do it would be with asymmetric encryption - the ECU only trusts flashes signed with the vendor public key and to make things even more secure, you could encrypt each flash file server side with a keypair derived each boot on the ECU and sent over the Internet (many manufacturers require online flashing anyway).
Manufacturers dislike tuners because they make warranty claims for tune damaged parts like blown turbos. VW especially are very, very aggressive about detection and enforcement around this. Long term I think giving a few dishonest tuned customers free turbos is probably fine but they seem to disagree and I assume they have access to the metrics driving this decision (which I don't).
imagine a CPU where 6 and 8 core variants are the same but the 6 core is locked in bios and you can unlock it with some tuning software, its like that.
and manufacturers dont like that
This also happens with car manufacturers, in racing and such. Tuners are more under the radar so they don't like that, as well as the warranty claims that were mentioned.
the difference on the base model mercedes c class between getting a less powerful engine and the one that is one level up is like 3.5-4k eur.
that is a lot of money. if i could unlock the bigger engine with just 400 eur i would buy the base model.
manufacturers don't want that, and is one part of blocking the touching of the ecu. the other is also that the navigation and a lot of other things is just disabled in ecu, and could be easily unlocked with software.
There are some other differences, the 280bhp is AWS vs RWD for the 200bhp version, and you can get the 200 with smaller wheels. However when going for larger wheels on the 200bhp, you also get the exact same larger brakes...
It's a cool €6000 difference, for a similarly equipped car. I actually don't want AWD and the chassis can clearly handle this much power on the rear-wheels alone, the top-of-the-line 510bhp version is also RWD - so going for the 200bhp version and giving a reputable tuner €700 is a tempting proposition...
and if i would guess you are talking about mx-5 nd, those are natural aspired engines, where something like this is not really viable.
But isn't this already the case (except locking might be in CPU firmware)? AFAIR this is the case with GPUs.
That part doesn't sound very secure to me :-)
(If we're going with "Theoretically possible," that is.)
This was just an idea to thwart installation of compromised firmware by thieves via the diagnostics port. It's just a little layer of security, not designed to be bulletproof, merely to slow down thieves by forcing them to actually swap the hardware.
I demand a source that teaches me how to do this. :)
Orrr if you're in Chicago let's go figure it out ourselves!
I remember reading about the people that dismantled cars to find where manufacturers source the parts:
Those guys can probably switch you the ECU :)
Yeah. We bought an old Elantra which only came with a single key and no FOB. I bought a cheap gizmo on Amazon that you plug to the OBD port and allows you to program other FOBs.
Modern-ish cars are computers. Once you have physical access, all bets are off.
However, this is by no means secure where the car's ECU will happily dump its entire storage (including the SKC code) over the diagnostics port if you ask nicely.
Also, I have quite a problem with dumping entire storage (EEPROM parts for example, that contain SKC/PIN). Also, my experiance is that getting that info from modern ECUs is not that straightforward/there aren't many (in some cases any) tools to get it.
This tool successfully recovers SKC codes from pretty much any VAG Group’s (Volkswagen, Audi, Seat, Skoda) cars. It can also do other things like edit the odometer and probably more. It’s simply using “undocumented” (although is anything there documented?) commands of the diagnostics protocol to get raw access to the persistent storage.
My boss's car was stolen in broad daylight in front of a client's warehouse. This isn't a busy area, but it isn't extremely quiet either. The car had GPS tracking, but it disappeared without a trace.
The police guessed that it was driven into the back of a closed truck and straight away transported to Eastern Europe.
Reading things like this makes me realise how easy it is to steal things still. Much like the old days when people could exchange fake cheques at banks for cash... Most of the world is still built on trust.
> makes me realise how easy it is to steal things still
So yeah, you're right about this. Statistics actually seem to show that low impact, organized crime pays in the Netherlands , since police is too busy with high impact cases. High impact often being being defined as burglaries, robberies, rape, etc. that have long-term impact on the victims well-being.
I just found this through Reddit and had to think of your comment:
That car ended up stolen right from under my nose (I was within 100 feet of it, indoors but would hear if the alarm turned on) and the only thing I found in there when I came back for it was the sophisticated security system. The thieves just ripped it out in no time and with no sound, and drove away.
Since then I'm somewhat skeptical about how much protection such systems really provide.
Tesla is probably the only one I’d trust though. While I don’t expect them to be bulletproof either (at least not at first), I expect them to quickly catch on should this kind of theft appear, and make the necessary fixes. In any case I doubt they’d be stupid enough to accept arbitrary code over a diagnostics port (if they have one even). I mean, even if we forget security, why would they? Teslas update remotely via the Internet.
Your Tesla is essentially scrap after a non-minor accident, which is why most US insurers refuse to cover vehicles made by Tesla. Its as bad as rolling coal IMO, Tesla has created a massive eWaste problem. Meanwhile, rebuilding any other manufacturers car is doable, even other EVs.
How else would a tow truck tow away a vehicle in gear or with the parking brake on?
Through there are stories of tow trucks towing away vehicles in 1st gear, things seem fine, and then the transmission causes a fire from overheating...
The 8-18k winch on a rollback will have no problem dragging your car.
Of course, all bets are off when it's loaded into an RF shielded truck. It could have an onboard camera to record the number plate of the truck, but that could be shielded.
Long story short, you're probably better off parking it in a firmly locked / secured garage, and have a wheel clamp or chain attached to something solid.
My GPS tracker does do this in my daily car, but it only sets it off if the rest of the alarm is triggered (i.e. if the door sensor registers it opening while the alarm is set).
With the race car, it generally gets locked up. Although if I'm out in the town or something with it someone could possibly take off with it if they short-circuit the relay, and use something to clamp on the steering column (when the wheel is detached). But honestly, if someone stole the car like that they'd probably be found a few hundred yards up the road wrapped around a tree and on fire, after hitting boost with no steering wheel.
Wha? That may have been true about twenty years ago, but not now. BMW was using 256-bit RSA keys to validate ECU firmware and authenticate privileged access in the early 2000s (they're up to 1024-bit keys now) and write-once memory in their instrument clusters for about as long. Other (Euro) car makers using the same vendors offer similar features.
Once you have physical access all bets are off though. That's why the thieves cut the alarm sensors.
Beyond that, RSA is so much easier to understand and implement. Because computing powers of numbers is easier than computing multiples of points on a curve.
It’s one thing if you get physical access, replace the engine control module by a crooked one that will send the proper signals to the ignition and all the other actuators and start the car.
It’s another thing if you talk to the real engine control module (which should already be on alert because the car was broken into) and tell it “trust me, I’m legit, here’s your new firmware” and the computer just runs your code no questions asked.
New, expensive cars are stolen or broken into quite often. When broken into, they'll often rip out the infotainment, with high end cars this can be a five-figure repair.
Huh, is it legal to "crack" alarms/immobilizers without proof of ownership, especially if you suspect it might be stolen?
I took cash as well, because I was under 18 and couldn’t legally run a business at that time (but still needed to eat and buy drinks every weekend, and family couldn’t afford it).
I would probably feel differently if I got called to work on a supercar but that didn’t happen.
Here in downtown Amsterdam we called the police because the rear window of someone's car had just been smashed outside our office, and the police's response was "Has anyone been hurt? Nope? Then we're not coming".
Meanwhile, wherever this guy lives they're sending officers because some BMW call center calls the police in the middle of the night telling them that some car reported unspecified distress within some radius, and they sent officers to search the whole neighborhood for the car and locate the owner.
I guess the next time I need police help I'll use a burner phone and tell them a BMW is in distress.
Amsterdam currently has a big police shortage, that's why. It's not normal, it's just a problem in Amsterdam.
Right, the two times we needed police in Limburg (Echt and Maastricht, few years apart) it didn't happen either. It had to be life-threatening and the people didn't literally shout "we'll kill you" so the police wasn't gonna bother.
Meanwhile on TV they're cycling through parks to fine people some 99 euros for not having a well-behaved dog on a leash (could have used discretion there), or fining some poor dude 370 euros for standing literally 2 minutes on a disabled spot to pick someone up.
And standing still for two minutes is parking. And someone who is actually disabled cannot park there, and cannot see (and request) for the person to leave.
And if you drive for a company, protocol dictates that you call the police even in the most minor accidents for insurance reasons.
Or maybe Amsterdam has an excess of crime.
I ask because a long time ago I worked at a multinational that had facilities all over Europe. I'd have remembered if we got pushback from local management on this matter, but then I suppose they always could have been lying about their security programs... there isn't really a good way to audit law enforcement outreach - until something goes wrong.
The message they passed on was that there was either a burglary attempt or that my car was involved in an accident. They gave the police the exact coordinates of my car...
So I would hope that when presented with an automated report that the car was involved in an accident along with the exact coordinates, that they would come investigate to see if the driver was injured in the accident and unable to call for help.
I can believe that if someone witnessed a car break-in, that they'd give that a lower priority and if the thief is no longer there, that they wouldn't come out at all since there's not much they can do about it other than agree "Yup, someone smashed your window, now go clean your glass off the sidewalk".
Exactly this. Also, I have some family members working for the police in Dutch rural areas, at 3 am they'd happy to head out, because they're usually just waiting for something to happen.
When we tried to report that incident to the police their first question was: Did they manage to get into the apartment? When we said no they told us there's nothing that they can do as the people who tried to break into our apartment weren't doing anything illegal.
I think this is rather a signal that the police in Amsterdam is underfunded, and/or the types of crimes they deal with are much more severe.
Also keep in mind that it’s not a “search a whole neighborhood” situation, they got the exact GPS coordinates.
I'm just honestly surprised. I've only lived in Amsterdam inside The Netherlands and wouldn't expect the police to respond to something like that.
In retrospect I may have misread this:
> it’s not a “search a whole neighborhood” situation
I thought they had somewhat correct coordinates, but took 5 minutes to drive around the area to locate the car, as opposed to 5 minutes from wherever they were located before.
> They gave the police the exact > coordinates of my car and it only > took the surveilling car 5 minutes > to get to the car
In any case, it doesn't make much difference. I think if someone called the police here in Amsterdam with the exact location of a broken-in car they'd say tough titty and have the owner show up at the closest station and file a police report.
Don't you have insurance for theft? Kind mandatory in Amsterdam.
Also, in Amsterdam, don't get a fancy bike.
I didn't do a nationwide survey, but you can add two places in Limburg (Maastricht and a small town near Echt) to the list of understaffed places since they also wouldn't respond to anything that was not life-threatening (literally asked whether we were threatened with our life).
For added fun, you should try calling the local police on a public holiday. Better have a good reason for bothering these busy bees when they're all out on parking meter patrol!
Not just that, because of tourists misbehaving everywhere, there are also just way more crimes/disturbances than in normal city/town.
That said, I thought that car theft was all but gone in the US, at least for modern cars, whereas in Europe it still seems common. (Eg, if you follow international forums for newer car models, nobody in the US talks about theft anymore, but our European counterparts talk about these highly complex theft schemes). But then someone was posting about theft in Sacramento, so, I don't know.
If I have a car stolen in The Netherlands and it's being sold in Romania, and I find out who's selling it and where, I'll be told that I have to travel to Romania and file report with the local police there before they'll do anything.
The only inter-state enforcement we have in the EU is Interpol, which doesn't care about anything like that, they only handle the likes of violent crime.
So it's kind of like expecting to recover your stolen car from Mexico or Belize, except crossing the border is a lot easier.
Anyway a few year ago my car was stolen in Slovakia (the insurance paid out so my loss was minimal) and was found after a year in Hungary - the thieves were trying to sell it but it was found out they tried to change the VIN. Because apparently you can't register a car with a stolen VIN in EU. And that's nothing to do with Interpol as far as I know.
Why is that? Plenty of stolen European cars roaming in Algeria and Tunisia. And with the help of corrupt officers they are registered here.
I suppose these make for less interesting news stories since they aren't nearly as tricky to steal.
After all, they're just sensors, and they're still just guessing. Far better for them to report "something is wrong" than to file a false report.
Isn't that much more severe than "window smashed"?
It's "Burglary in process, or someone might be dying, and you haven't received a 112 so no ambulance is on the way."
It reported damage to the car severe enough to sever the door frame!!
> Official ombudsman, Arre Zuurmond told Dutch paper Trouw that "the city centre becomes an urban jungle at night". He added: "Criminal money flourishes, there is no authority and the police can no longer handle the situation."
Total crime numbers in Amsterdam are down substantially on prior years (https://www.ois.amsterdam.nl/popup/1663). The number of Dutch prisoners have halved over the last 10 years. Dutch prisons are now so empty the space is being rented out to other countries (https://www.bbc.co.uk/news/magazine-37904263).
At the same time, the number of tourists to Amsterdam has increased 60% over the last 10 years. It is not surprising the numbers are sometimes difficult to manage.
But, speaking as someone who since 2000 has lived in Amsterdam or visited at least monthly, I have never felt safer in the city.
I was in Amsterdam last weekend, at the party mentioned at the very end of the article. Thousands of people packed into the square on a Friday evening having fun. Minimal police and security guards present.
On the Saturday, hundreds of thousands of people visited Amsterdam to watch the Canal Pride on the Prinsengracht. The police reported minimal disturbances, and arrested a grand total of 25 people, 17 of which were for pickpocketing . That is a substantial reduction on prior years.
The comment I was replying too was able to dismiss the legitimacy of the offending 'news' article with a simple observation.
I was commenting on the efficacy of such pity denigration, not the quality of Amsterdam's nightlife.
Im in Amsterdam quite often, it just a short drive from where I live in Germany, and it’s a safe and fun place to be, if you take into account that it’s very touristy. I’ve been watching the canal pride from a park this year and was amazed that people even actually cleaned up their mess. Very unlike than at home, unfortunately.
It's rich that a British paper publishes an alarming story on this since British tourists are a huge part of these crowds.
That last bit is key: "or that my car was involved in an accident." An accident means people could be hurt which is something the police have to respond to.
Sounds like San Francisco as well. Petty crime and theft go uninvestigated and run rampant.
Of course not everyone is in the database, but if they are ever caught with anything they will be.
The key fob method is out of the question for my car. I've known about it for a while and store my keys in special bags.
I see quite a few people asking why a sting wasn't organised. I of course shared the M.O. with the police and we actually had a few phone calls from them over the past few days. They are sharing the information with their colleagues but to be frank, they are not going to spend an entire night waiting around for a potential car theft.
We live in Ijsselstein, a city just south west of Utrecht, and car burglary and theft is quite a big issue in our area. My previous car, a BMW F20, actually got broken into twice in 2 weeks. Both times they stole the entire nav system. I've become quite adapt at filing reports but besides filing a report the police can't do anything for you.
The first time it happened they asked me whether or not I saw visible blood stains. Only then would they send a patrol car to do sample research. In any other case, they just ask you to file a report and be done with it.
Let me know if there are any questions you'd like me to answer while I'm at it.
I'm also interested in writing some follow-up articles about car security/theft prevention. If there's anyone willing to contribute, let me know!
Or just expose two data lines from the OBD wiring harness and jump them together. Remove the jumper to operationalize the OBD port.
FYI: cutting off VCC may not always work since some devices may derive enough power through other lines that have pull-up resistors to function. I’ve seen it happen in other industries.
Not sure if such products exist commercially, but it would have some value for someone to build them.
I also read about the OBD key cloning, but I'm not sure whether or not that was an issue with the first F30s. I'm unsure whether or not it still works with the F30 LCI from 2017 that I have
Front and rear. Maybe the sides too?
They’re increasingly inexpensive, and you can move them car to car as you buy/sell.
I originally bought a forward facing, and as i’ve upgraded, my old forward facing is now my rear facing.
For hit and run accidents in which you can record a license plate it might be worth it.
Makes you wonder if you should start storing the key in a metal/RF shielded box at home...
Here's a video of a relay theft (of a Merc) from West Midlands police in the UK...
Photo from a camera of attempted theft, from a UK Tesla owner...
Not a massive inconvenience.
I personally just keep the keys in a metallic bag at night, blocks all signals perfectly.
Edit: I looked up the patent. Here it is: https://patents.google.com/patent/US8930045. I understand that patents protect novel inventions and that under some standard this may be considered "novel". On the other hand, I myself have frequently used the technique of sending a signal, awaiting a response, and then using timing to derive the distance. It seems such an obvious application to this use case that there is nothing novel here.
Key sends a “wake up” signal, car hears it and sends a random challenge, key receives it, signs it with its private key and send is back. If the response is correct the car unlocks, otherwise not and the user can try again.
Seems like à solved problem really.
Therefore the same concerns regarding relaying still apply, unless I’ve misunderstood your reply, but your later post suggests pressing a button on a key. If buttons on the key are pressed, this ceases to be “keyless” as the car industry understands it - this is back to conventional remote locking.
It's not that £30 is little money - it's that it's nearly impossible to secure a working terminal and then once you have that actually get any money out of it.
Technology can't solve everything.
That also means that relay attack is always going to work. So either accept the risk or disable the feature.
The scene of my car not being where it was supposed to be was so surreal that I did not even realize it was missing the first time when I walked out the trash. I basically walked around an invisible car.
Only when I wanted to leave the house and thought, well shouldn't my car supposed to be there did it dawn on me that something is amiss.
When I went to the police, the first thing they asked me was how far my keys were away from the car. My insurance was asking the exact same thing.
Remarkably the car was found when the police in our neighboring country stopped a driver under the influence of drugs.
Getting the car back (still ongoing) was so much hassle that I almost would be happier if it would not have been found.
It goes without question that all my keys are now stored inside a metal box when not in use.
I was a bit worried that the box does not shield the signal enough. The best way I could think of to test it was to put the key inside the box and hold the box to the steering column and try to start the car. It's probably not foolproof but I hope it is enough.
It's like the case where PIN numers on credit-cards where cracked but because noone knew it could be done people where assumed to have been negligent if the thief knew the code and automatically denied any compensation.
... until they caught the guys.
I'm very curious to know why was it was such a hassle? Unless the police were keeping the car as evidence in a truly major crime, why wouldn't they immediately give back your property?
As a background info. The car was stolen in Austria and 5 hours later stopped in the Czech Republic close to the border to Poland. It is a leased car, so there is also the leasing company involved in all decisions.
Since it seems to have been part of a bigger operation (several cars stolen over the weeks prior) a special unit working on this case got involved (from the Austrian police).
When I contacted the insurance they had me sign a waiver that I will also take back the car if it takes longer than a month to return it. This should have rang some alarms bells but I was still optimistic, after all I could have basically taken a train to the Czech Republic and drove back on my own.
Then it was week after week of people shoving the responsibility back and forth.
The Austrian police wanted to get the car to do a forensic analysis, and wanted it to be hauled back on a truck instead of driving. The insurance company flat out told them no, because it is to expensive.
Then I had to send my key to Poland (kind of ironic since this was the intended destination of the car all along) because the employee of the company that would collect and return it was located there.
After 3 weeks the officer in the Czech police was on vacation (pro tip: don't let your car get stolen during the summer vacation period :) ). The following week the insurance company wanted to know if they can finally collect the car. The Czech police told them basically yes, but the Austrian police had not given their OK, and now the Austrian officer on the case was on vacation.
After the 4th week when everyone finally thought that it could be returned, the Czech DA said the< needed to wait a bit longer because they still needed it for the case against the thief.
Now it's week 7 and I at least have seen my car after it was hauled back to the car dealer where the insurance company has sent an adjuster to check what needs to be repaired (the y have cut the connection to the car telemetry unit and caused a few scratches on the front fender).
I am not yet allowed to drive it home since those things need to be repaired first.
So my expectation if that I will get it sometime later next week, which would then be 8-9 weeks in total.
This reminds me of the street cleaning hazing ritual most newcomers to Cambridge, MA go through. I was about to call the police and report a stolen car when I saw the street cleaning sign and realized the day it specifies was the present. Either way not a happy feeling.
They make "Faraday Bags" exactly for this purpose.
Only "they" do not certify them in any way (for several reasons, including the fact that there is not - yet - an accepted standard for measurement) and in any case a Faraday bag (in the sense of a mesh) may be very effective at a given frequency and almost transparent to another one).
A tin box should always outperform a Faraday bag in shielding RF.
However, in the long run I won't bet on workarounds to prevent the signal to be repeated, I will rather use one of those steering wheel locks that's brightly visible from the outside. That does not prevent someone from breaking into the car, but it will prevent them from easily driving away with it.
A security camera has also been placed there, so I hope overall it is enough of a deterrence
Is that really an issue? This isn't the first type of theft that doesn't require a break-in. Tow the car and there's no evidence either.
If you say it's been stolen then it's been stolen. File the police report and that's the end of that, no? Unless they have specific reason not to believe you personally (history of fraud), it'd be a crappy insurance company that would question it.
Back in early 201x I was asked to take a look at a certain car manufacturer's project proposal. They wanted to introduce keyless unlock and ignition to their line.
I got the spec and the proposal. There was no security - the number of possible signalling combinations was in low thousands and the system was completely open to trivial replay attacks. So I got back and laid out my concerns and requirements: unique keys per car, strong nonce and proper cryptographic setup to make replay attacks impossible. The manufacturer balked, claimed it was too expensive and we lost the project.
Less than a year later certain mr. Miller demonstrated the very same type of key-fob replay attack against a different manufacturer.
Might be related to tripping this sensor in advance.
The other one was an air pressure sensor, used for detecting sudden changes in air pressure. This is the sensor that will, among other things, detect a broken window.
I suspect this is the same reason.
When they cut the wire in the pillar, they didn't disable SOS, they disabled the triggering mechanism. The idea being that they would return and break the window again only SOS wouldn't be triggered because that wire was cut.
The next night, there would be no SOS notification when they broke the window again. Or maybe they'd only have to tear away a plastic bag, if the owner hadn't gotten the window replaced.
Or maybe they were hoping to find a valet key in the car, making their job even easier, either that night, or the next night.
Cutting that wire loom disables the cars 'call home' functionality (probably by cutting it's antenna), as well as conveniently disabling the alarm.
The thieves who cut it this time were too slow though. Presumably, the 3G connection takes ~30 secs to boot up, find a cell tower, and connect to BMW servers. The thieves hoped to break the window and cut the loom immediately, before the connection to the server was made.
The modem itself probably isn't booted up to reduce vampire power drain. If it was always on, it would drain the battery after a few weeks. More likley, when the alarm goes off it starts booting up.
Mercedes and Audi have similar systems, as do others via OnStar. This is one of few cases where i believe having an "oh shit" button/system that automatically activates in case of serious accident or another event is valuable.
EDIT: oh, and this is entirely opt-in, at least on BMW.
(After reading more about it, the black box is only for cars used in this service, and apparently BMW and DriveNow have a "data protection firewall": BMW only tells DriveNow where the trip started and ended, and doesn't know who rented the car, and DriveNow knows who the renter is but doesn't know more other than the start/end of their trip)
Everytime I take my 2016 in to service, I ask both sales and service to disable teleservices. They say they cannot. I then call BMW teleservices (every time), and they tell me that the dealer has to do it.
There are explicit instructions from BMW online that in Germany you can take it to the dealer to have it disabled. No mention of any other country.
Yes, the emergency aspect of it is valuable. It's not worth the compromise in privacy, at the complete discretion and ineptitude of a corporation that has a profit motive.
In 2016, I certainly did not sign (and was not asked) any kind of doc authorizing location disclosure. My car definitely does have teleservices activated. (don't know if they will report my location)
- remote car monitoring/bmw connected app. this can be tweaked (its off by default) via idrive. I believe there is also some anonymized sharing with "parknow" and real time traffic apps.
- maintenance notifications. this is on by default and can be disabled in bmw's new "my car" website. They also send you a postcard letting you know its on periodically.
- "sos" services - I would call BMW and ask to have it turned off (its on by default). The signing of the doc might be depending on the state you're in. Mine's NJ reg, but NY dealer.
If BMW ever shares the location data with third parties other than police, I would have major issues with all of this.
To answer sibling post, SIM cards are located inside the Navi computer, which is a big gray/black metal box behind one of side access panels within the trunk (or under trunk for most sedans). BMWs can also be coded (google that- dealer wont do it) to not use SIM data completely. If you truly want teleservices disabled, find a friendly BMW modder shop adept at coding and they'll help you void your car's warranty :)
By that time it would be too late. And the problem with privacy-related info (like location history) is that once revealed, it can’t be re-secured. So the only proper fix is to not collect it in the first place.
Also BMW is a car company. Consumer data protection is not their core competency. Then info may not be intentionally revealed. A rogue employee may decide to listen in (as in OnStar case). We can’t know what controls they have in place to mitigate risk. Since I obtain almost no value I want to be able to opt out. That they make this difficult is so aggravating. But I love their cars. I wish I could quit you BMW.
I wonder if GDPR is a factor for new car sales. In fact maybe that’s why you got a big packet and had to opt in, and back in 2016 it was instead quite impossible to opt out.
Additionally, my interaction is with BMW USA, not BMW AG. If teleservices is instantiated locally in the US for US customers, then it's doubly the case the BMW need not respond to any such inquiry.
You brought the GDPR into it.
What I didn't know is that it would dial home if the connection was lost. Even the person I spoke to at the dealer wasn't aware of this.
Probably the thief didn't want to risk any kind of damage on the board caused e.g. by shorting two wires during cutting the cabling and thus shorting a capacitor on the board.
You are basically just paid to bypass security.
In cars, it’s security by obscurity. If you know the protocol to talk to the car’s computers via the OBD port, you are pretty much root without even providing any credentials.
Nothing stolen, only window shaddered and SoS going blind.
I left for Germany that day though, so I must have been lucky.
Thanks for posting
Knowing that for thieves, the most precious resource is time and if you force them to work more than expected, they might gave up...
I mean, if you were going to leave a box containing $30,000 on your doorstep. A box not only containing 30k, but a box that was labelled that it contained 30k. How would you protect it? Put a serial number on it so you can prove it's yours? A bike lock? A motion sensor? Cement it into the ground?
What lengths would you expect someone to go to, to try to walk away with this box? Just give it a little kick to see if it moves? A screwdriver or a pry bar? Angle grinder?
Once you divorce yourself from the commonality of a car, it's quite bizarre to think that not only do most people leave their second most valuable possession (or most valuable, if you rent your home) on their doorstep .. but that they just assume it won't happen to them. It doesn't take a targeted attack for someone to realise that that exposed, valuable, mobile asset is .. well, exposed, valuable and mobile.
I'm not trying to argue that anyone should live in fear. Just that assumptions of state-sponsored action severely overestimate which ballpark this lives in. This is more complex than an opportunistic thief, but well within career criminal - and probably well below "steal to order".
20 seconds with an angle grinder will not make a $30,000 car disappear. Selling it on the black market is also a much bigger pain in the ass, then selling a stolen bicycle.
People leave $300,000 dollar homes unattended all the time - protected by nothing more then a flimsy lock, and a few panes of glass. Yet, most of the time, people don't worry about someone stealing their house.
Assuming the 30000$ car is one ton, that's only 15$ per pound of car... Not too valuable.
(Yes, this is perpetuating a horrible stereotype. Nothing personal, Poles, you just happen to be the closest border for this particular stereotype.)
What I don't understand is what are they using it for? Can they upgrade older models with it?
What’s unsophisticated is stealing a radio or nav by slashing the back of the wiring loom, and then the owner having to replace the entire loom at the cost of many thousands of dollars. It sucks but that’s life. Car thieves aren’t your friends, DGAF about damage, and those that don’t operate on a “speed is life” principle get caught. Maybe you should show a little respect to the knowledge and tactics demonstrated?
Also, if the alarm is connected to a security provider, a disruption in communication with the car will also cause them to follow up on it.
Not to mention, I technically can’t see how this thing will be able to phone home if the mobile phone frequencies are being jammed.
Modern cars are so hard to steal that mots thieves resort to violence to get your car.
Contrary to insurance companies, I'd rather have my car stolen than to be knifed.
The current modus operandi is to find your BMW/Land Rover/Mercedes. Wait for it to come to your hand carwash, tyre company etc and get uninterrupted access to the OBD port along with the key. Program new key, find the address of the vehicle, walk up a few days later and drive it off at 3am in seconds.
If that's too much like shooting fish in a barrel, then the 'keyless relay theft' is probably more your bag. Using a relay transceiver, if the key is in the house within range, then you can trick the motor into thinking the key is present. Many cars will allow you to continue to drive them even if the key if out of range. Provided you don't turn the engine off, this gives you plenty of scope to get away and clone a new key in the meantime.
Tl;DR, OBD and keyless technology is basically flawed. The best countermeasure is a good old fashioned crook lock.
My friend has holes in the front of the car to make it easier for theives to attach a hook and then tow the car into a truck.
But if you put pressure above a threshold on any of the holes, car keeps sending one SMS to his number every 5 minutes.
This is in Romania.