colinecek

@Rustynuts: I am neither ignoring nor being defensive about your observations. In point of fact, your observations, among others, have helped me deal with some of my misconceptions on this subject.

@Estate Man: OK, hands up, I was wrong! I concede that it is possible to sniff a Key Fob and use that sniffed data to gain access to a car. My father once told me that if your going to poke around a hornets nest don't be surprised if you get stung @Rustynuts: What I said was that providing the car is deadlocked there is no way in without breaking something (a window). I'm sorry but I can't help you with your adding up problem :no:

Thank you Patrol Man, that’s a very interesting link. I found the “HowStufWorks” a little contradictory, but in essence, it works as I understand it having poured a lot of hours into researching this topic. My conclusion is that I stay with my new habit of locking my car with the key, and unlocking with the key fob if I so choose. I am then not unnecessarily offering a criminal a way into my car. I shall talk to my Skoda service to see if I can get the RF disabled on my car so as to make that vulnerability less of a probability.

@goneOffski & @Estate Man: I am not asking for details and I completely agree with not giving out information likely to be of value to a criminal type. I understand and appreciate your caution, but I am simply interested in whether you can irrefutably say that in your experience/knowledge that it is possible to copy a key fob based entirely on sniffing a host key fob as it transmits a command to a vehicle. Here is the reason why I am interested. My car was broken into 2 times in the week before Christmas. On the first time they got away with my Columbus Nav, and on the second time they got away with my laptop which was in the boot. I have owned my car from new and in the 7 years I have never had a problem until then and I was shocked that the criminals were able to gain access to my car without triggering the alarm. I am even questioning if I did actually lock the car on both occasions. I want to make myself more secure and to that extent, I intend to do things to increase my vehicle security. I had thought that my car had an alarm installed in that it is a top of the range and I thought I had ordered every conceivable extra. Turns out it does not have… grrrrr! So I am going to install an alarm that will not be connected to the OBD that will call my mobile when the alarm is triggered. I am also going to secure the boot. I need to be confident that if a criminal does get into my car he cannot get into the boot. and I am going to disable the key fob if that proves to be a vulnerability. I joined this community to learn as much as I can do regarding car security. I very much value the experience shared throughout this thread and I am going to learn stuff that’s going to be very helpful to me. The reason why I am being so persistent with this thread is because I need quality information that going to help me, not hearsay that’s going to misdirect me.

Some great responses there and I agree with everything that’s being said. I did say that breaking a window is easy way in to get at the OBD, but I did not mean that to be exclusive. I understand that there are other ways entrance can be affected without damage. However, what I did say was that it is not possible to sniff a transmitting key fob and clone another key fob using the data collected. @Estate Man & patrol man: Have either of you in your past experience seen a key fob being programmed using data sniffed from a transmitting key fob?

I started off this thread debunking cloning key fobs by sniffing and this has turned into a much broader discussion relating to car theft and how theft may or may not be perpetrated. To be honest, I find myself thinking about stuff for which I don’t have first hand knowledge or experience, and it’s getting way bigger than I expected – not that I really considered what to expect, and just maybe I should have. Don’t get me wrong, I think this is a healthy discussion and I for one; appreciate the opportunity to learn something I did not know, as I have done through out this thread. I asserted that it is not possible to clone a key fob by sniffing (the radio signal as a close/open button is pressed on the key fob). Even now I stand solidly by that assertion given my understanding of how these key fobs work, which is in short: The key fob (transmitting device) and the central locking ECU (receiving device) are paired with the same large block of large randomly generated security code numbers that are stored in indexed tables in each device. When a button is pressed on the transmitting device, it transmits 3 key pieces of data: the security code (that was ordered in a previous button press or pairing), the function code (lock/unlock etc) and a randomly generated index number (pointer into the stored table of security code numbers) to be used for the next button press. The receiver can only act on a function code if the security code exactly matches the code it was ordered to use on the previous successful transaction or pairing. Given that only the transmitter and receiver know the next security code to be used to lock/unlock the car, I would think that it would take a very long time for any kind of processor to work through upwards of a trillion numbers to find a security code that the receiver expects. As fabiamk2SE put it: ”Can’t get away from the fact that the easiest thing to do is break into the house and steal the keys.” As I have said previously: the only viable way for a thief to circumvent the key fob system is to prevent the receiver from receiving a lock signal in the hope that the transmitter operator does not notice. However, having lent strongly on the “it can’t be done camp”, a side of my brain warns me “never say never!” At the end of the day, these systems are just systems; designed by very clever people and programmed by very clever people who can never fully protect these systems from equally clever criminals who want your stuff! Regarding “Keyless Entry Systems”: My thinking is: The same or better security is most likely applied to these systems as described for the key fob system. The fob periodically transmits a so called friendly signal, and it is possible for a criminal to listen to that fob friendly signal, and subsequent signals using a sniffer device, and relay the signals to a receiver close to a car that then in turn retransmit the signal to the cars receiver subsequently fooling the car receiver that the owner is at the car and unlocks. Once unlocked, access to the OBD and … well… you know the rest. This in my view is a huge security weakness. Anyone who connects their car to a mobile phone really needs to think again. Cool maybe, but a very serious security risk. In my view keyless entry should be aborted. I say bring back the key! We, the below lux car owners are paying through insurance premiums for the well healed to push their start buttons. My message to the well healed: If you’re so set on pressing the start button thingy, go by an F1 car and live the dream! But please, buy car with a key. @fordfan: “Why have BMW being recently silently rolling out a software fix to prevent their group cars from being opened using a mobile phone?” Because it was a dumb ass idea in the first place. Whoever in BMW suggested this as being a good idea should be fired! This should never have been introduced; neither should any kind of remote start. @Rustynut: I am Czech so I may wrongly refer to something by the incorrect name. What I meant by “key blade” is the physical key, not some other device that would enable a lock to be operated. Also my reference to disabling the alarm was meant to be in context of a thief being able to access the OBD without triggering the alarm, if indeed there is such a thing fitted, and that if a thief could gain access to the OBD without triggering the alarm, then I would want my money back because the alarm is not performing the very task it was designed to do, which is to alert the presence of unauthorized access.

Some good quality responses up there though I still stand by my assertion that it is impossible to clone a key fob over the air – so called sniffing, so providing your car is deadlocked you are a good way away from unauthorized access to your car. The only way to unlock a car that is deadlocked in the absence of the key fob is with a key blade, or some tool that slides down between the door window and door casing, though such a tool has to circumvent the manufactures prevention schemas. I watched the video submitted by Rustynuts many times over. The flashing LED is an indication that the car was most probably deadlocked, so I am fairly well convinced that the thief had a key. How the thief acquired the key probably lies somewhere in the response from goneoffSKi. I know here in the Czech Republic it’s very easy to get a key blade duplicated at the same place you would get a home key done. As I said in my originating post: it is possible to jam the frequencies used by key fobs thereby preventing a car from being locked. The holds true for key and keyless entry systems. It is though, possible to relay a “friendly” signal from a keyless system fob and use that relayed signal to gain access to a car. Once in the car the thief can steal stuff, or even gain access to the OBD and steal the car. The quickest way into a deadlocked car is through a broken window. I wouldn’t know for sure, but I would bet that the cars stolen from outside dealerships are stolen in this way. Richf posted that he witnessed access to a BMW OBD without triggering the alarm. Crap alarm I say. A car alarm is supposed to detect unauthorized entry, and I would say that that falls into this category. I would be pretty annoyed if that was my car. I know that there are several ways to hook into the OBD. The ODB connector is just one way so securing the connector is going to impede the thief, but not necessarily save your car. I am also intrigued by the thought that there may be some way to get at the OBD from outside the car.

Thanks Adam :-)

I want to install the media interface into my Octavia but I don't want it in the arm rest. Is the media interface available from Skoda without that, and would anyone know what is the part number?

A report on British TV news last night claimed a sharp increase of criminals gaining entry to cars that are locked using the car RF key fob. To substantiate this claim they found some pundit who claimed:- “Within the past few years, cyber criminals have cracked the code on some car remote controls and have developed technology that allows them to clone a nearby signal. As you unlock your vehicle, if they are nearby they can pick up that signal that’s being transmitted through the air and if they’ve got the right software they can decode that encrypted signal and decode and figure out what the code is to open your car,” This is total rubbish. Fact: no criminal can gain access to your car using key cloning, or any other technical wizardry, providing it is (dead)locked with key fob or physical key, without breaking a window. I'll post technical reason if anyone wants. They also reported that it takes less than 10 seconds to get away with your car – also total rubbish. Yes if they break a window they can get into your car through the window, but they have to override in some way the alarm system before they can get into the OBD system, and yes they may be able to start the engine, which by the way will cut out when the brake is pressed if they haven’t overridden the key transducer, then they have to override the steering lock mechanism, and it goes on. Anything is possible but this is more than a 10 second walk in the park. I am astounded that the people who prepare this kind of disinformation do not check facts before transmitting them to a world of people who require quality information to better protect them selves from the criminal scum. It is probably true that most car crime is committed by opportunist criminals. They want your radio/nav and anything else they can easily get out of your car. The criminal pro’s, however, want the car, and if they are minded to want your car, their going to get it no matter what. My interest is preventing the opportunist scum so here are a couple of helpful pointers:- Don’t leave stuff in view – and I mean any stuff! Lock your car with the metal key. Use the fob for unlocking when your hands are full with shopping (or kids!) Don’t fit a factory alarm. These can be easily disabled through the OBD Fit a siren (120db) inside the car – it will make life unbearable for the criminal while he is trying to get away with your radio. When you walk away from your car clicking the lock button on your fob, DO NOT RELY ON THE CLUNK OF THE DOOR LOCKS AS CONFIRMATION THE DEADLOCK HAVE BEEN ENGAGED. It maybe someone else’s car locking you heard! The last pointer is important because the one sure way of a criminal getting into your car is if the car is unlocked. All a criminal has to do is prevent your key fob lock signal from getting to your car (signal jamming) and he has access to your car. Regarding the OBD: I think it right that the OBD should be made accessible to non-car dealer types, however, I am of the mind that the OBD connector should be better protected from unauthorized access, and I am sure it’s not beyond the whit and skill of car manufactures to make it very difficult for all but the most persistent criminals.

@Adamal: Is there any good reason to go from SW2864 to SW4120?

Now I feel stupid! I am from the Czech Republic and the manual is as clear as mud on this. I downloaded the English version and it's clear how this works. I have owned the car from new and this has irritated me for the past 7 years. Why oh why did I not ask the question sooner!! Many thanks John and Brad for taking the time out to respond.

Octavia II Pre-FL: The average fuel consuption recorder resets to zero over night. Anyone have any idea what might be the problem?

Thanks Mike/Adam for the explaination. Mine is a L&K and I was really suprised that it was not fitted from new (I have owned it from new). I guess it did not get fitted because we don't have criminals here in the Czech Republic :-)

I may be wrong but I do not think there is an arial on/off switch. What your seeing is the status off the arials as the radio see's them. I have operated my Columbus with a piece of wire stuffed into the arial sockets prior to installing it into the car, and that works fine for both FM and MW. As to which goes in which socket - both coax's look the same so thats down to trial and error. FM should work either way round, however, MW will only work one way round because one arial has the amp in series. Colin

OK, I do not have an alarm fitted so I'm going to have to think of something else. What I need is a signal that tells me that the central locking has been engaged, which I could get from the flashing LED on the drivers door, or somwhere around the confort unit - I would guess. I have noticed that the amber light on the interior locking switch flashes once when the car is locked by the fob or key. However, it does seem intermittent in that it does not apear to flash everytime I lock the car. Do you guys have have the switch with light? if so, would you check next time you lock your car? By the way, you mentioned your car is a face lift. Mine is a late MKII 2008. Is that concidered FL?

Is there a VCDS Adaption to beep the horn when the central locking is activated?

I have a real itch to get into the CAN-Bus, not necessarily to change things but to check status codes for different operations. What tools are you guys using?

Does anyone know what is the significance of the A in partnumber 3T0 035 680 A. Is that a hardware revision code? I have seen A through P and there are probably more.

Thanks for setting me right on this Adam. That explains the window antenna listed in my car’s delivery configuration. Just for the record, I got my info from the amphenol site that listed Curry as Radio with IF "Output (antenna diversity)". Obviously I misinterpreted what is exactly meant for the curry connector. My thanks also go out to BigMan for sharing experience with window mount DAB antenna. I came to the conclusion that roof mount is a better solution. Colin

@Adam: The antenna you have installed is without FM diversity – no curry colored Fakra. Does the Columbus care about that? This is what I have in mind for my upgrade: OEM 1K0035501J Original Skoda - Roof Shark Antenna GPS, GSM, RADIO, DAB RADIO, WEBASTO. This does have diversity.

I spent a lot of time googling sticky on the glass antennas and I have concluded that they are not that great performance wise so I am minded to got the roof way. My Octavia is a 2008 Laurin & Klement with factory RNS510 Nav so I intend to replace the roof mount with:- OEM 1K0035501J Original Skoda - Roof Shark Antenna GPS, GSM, RADIO, DAB RADIO, WEBASTO The original antenna installation does not have DAB or GSM and I need both so I’m going to have to run 2 additional coax’s. I would not normally run shy of such a task, but I am not sure what problems I going to run into, particularly because this car has airbags all over the place, plus I don’t have a nice heated garage with tea making facilities By the way, is “WEBASTO” the OEM or some technical term? Regarding sealant on antenna mounts: I wouldn’t. These things are designed to seal under compression. So, given the mounting is tightened to the extent that the mount does not move, and don't over tighten the thing, I would say that’s job done. My problem with adding stuff under the mount is that that may interfere with the mount seal. If you feel inclined to add extra insurance, I would recommend using grease (or Vaseline) built up around the perimeter of the mount hole, but not to contaminate the mount seat.

I found Fakra kits for the GPS (Blue) and FM/AM antenna (White double). Won't be beyond my skill to install those if my terminations are incompatible. So, job done. Blue - http://www.ebay.de/itm/Crimp-Stecker-FAKRA-Antenne-Kontakt-Antennenstecker-RG174-Antenne-Reparatur-SET-/371246027369 White - http://www.ebay.co.uk/itm/Fakra-Twin-car-radio-stereo-aerial-Antenna-connector-adaptor-Repair-End-Part-/151549646179?pt=UK_In_Car_Technology&hash=item2349101563 Next task, find a window fit DAB antenna. Any ideas/recommendations?

Interesting and coincidental topic. My Colubus was stolen and they took the white Fakra block (double and left the 2 tiny plugs terminated on the coaxs. Anyone know if those tiny plugs snap into a Fakra housing?

Thanks NinjaVRS. I have checked on eBay but I am stuck with the White double fakra which I think is an adapter because of the small plugs that terminate the coax's, however, spent all evening rooting around on google and found this which is described as "Original VW adapter kit from simple Fakra to double Fakra connector" This may be the part I need but I won't know until I purchase it.