Right, before we start: I know it's a sensitive subject, so I'm not looking for a "How to" thread, just a basic conversation.

I understand that on modern (think in terms of Octavia II onwards) cars, the "crypto key" should change with each use so it shouldn't be able to be cloned (in theory), and that there are supposed to be millions of combinations.

I also know how BMWs are being stolen, from watching the news report, so I'm aware how that's being done, but there is a time and effort involved in that.

So, other than the "BMW" method, how do common cars get stolen these days? (Let's not worry about turning up with a low-loader to nick an R8 etc) Surely if you don't have the kit to use the BMW method, using something like VCDS still takes time and requires a certain amount of kit.....kit that isn't pocket-sized.

What does your average chav do to nick an Octavia (or Golf or Audi etc etc)? Surely there's nothing so stupid as a "master crypto key".

Also with time being against you, and a car being parked on the road is exposed to the public walking past, the risk of being discovered "in the act" grows. So surely having a car on a secluded drive, or even in a garage, will now be a higher risk than one on the road.

Is there anything more that could be done to stop this from happening?

The BMW method could easily be dealt with by needing an existing key to program a new key.........Fords used to need that.

I know that with SAAB's you used to lock the gearbox when you took the key out of the ignition.....sounds a good idea.

I think most of the time these days they take the car using the keys.

It's generally easier to break into a house and get the keys than defeat the cars security.

As above... they don't bother breaking in and cracking immobilisers.

Just easier to break into the house and nab the keys.

Phil

People not locking house doors or leaving keys in reach of letter boxes etc...

I mean you could sit and mess about with a key and vcds for example but the doors are deadlocked so without a key how do you get into the car?

Sent from my iPhone 4s

Or plug in your own ECU/tool like the dealers have.

Some makes can opened with a key using a machine that costs a few hundred. (ie, Ford)

That's how we lost a minibus, took them less than two minutes with no key.

These days they either need the key or the technology. Unless moving the whole vehicle.

http://www.aberdeenvoice.com/2013/01/grand-theft-auto-aberdeen-version

All the tricks are used including Blocking the Locking & Alarm setting of the car as the drivers blips it.

Favourite & easiest for teeny tots in Aberdeen was a mate working in the Merc Garage.

(lots of people are now fitting Lockable bollards to stop the car getting driven out of driveways.)

Cars left a Valeters are at a high risk, as is Long Term airport Parking.

It may be long enough after the event/date that the car is stolen the connection is not always obvious.

http://www.extremete...mw-in-3-seconds

george

The crypto on cars isn't good.

The reason why it isn't cracked by default is that it's easier to nick the keys.

But you can expect that as cars get more like mobile phones with wheels the attacks will get more sophisticated and perversely easier since the crims will buy off the shelf car hacking tools from other crims.

I was at a conference recently where they were talking about Russian hackers setting up Crime as a Service (CAAS). You buy hacking services and they even come with helpdesk support.

Similar to Georges post above the keyless entry models seem particular at risk as the tealeaves use a jammer to stop the car being locked and as the locking is supposed to be automatic the driver is less likely to check it's happened. This stops the security system being activated. Scroat then walks up to an open car, gets in, plugs in and drives off

They take the key, any theft of motorcar where a low loader hasn't be used to lift the car away and they haven't taken the keys are threaded as highly dubious reports, especially if it ends up burnt out!

There was a guy in the paper the other day who had a Lamborghini murcialago stolen from his garage. They broke in and stole the keys. No sign of it. Firstly surely it's a fairly noticeable car and secondly no tracker? Even my old 740i has got some kind of tracking device.

Following on (sort of) fromt Aspman's post we looked, briefly, at wireless attacks on cars at uni. In short, using bluetooth or some other wireless interface (TPMS etc.), using the unsecured CANbus you can then jump around the different bits/modules of the car. Some cases allowed the car to be started and unlocked remotely, pretty scary and impressive.

There's a lot of info (research papers, not how-tos) on the internet if anyone's interested.

Its safe to say most cars are safe unless they have the key. If someone goes to the effort of buying alot of expensive kit to steal cars, i doubt they will waste effort on say, a 1.2 clio

Sent from my iPhone 4s