BMW security flaw allows the car to be stolen
#16
Lexus Test Driver
It's funny how things work out. Toyota, and all car manufacturers, have a vested interest to keep people from cracking their engine management code so they use higher security for that. There is probably a lot of proprietary code in that software. All changes to the ECU can only be done with Toyota signed code. Keys on the other hand can be handled by the dealers, so they use a weaker key, but a less private one too. Besides, ECU changes aren't done OTA, but keyless access is.
#17
It's funny how things work out. Toyota, and all car manufacturers, have a vested interest to keep people from cracking their engine management code so they use higher security for that. There is probably a lot of proprietary code in that software. All changes to the ECU can only be done with Toyota signed code. Keys on the other hand can be handled by the dealers, so they use a weaker key, but a less private one too. Besides, ECU changes aren't done OTA, but keyless access is.
#19
This . . .
I know on a GM car with onstar that is one of the selling points. Car gets stolen, Onstar works with law enforcement and can find your car with a couple key strokes, down to within about 3 feet. Provided the thief is dumb and doesn't rip off the antenna.
As for the previous poster talking about it being impossible to crack the engine management code, that's not true of all manufacturers. GM IMO went out of their way to make the ECU on all their V8 engines easy to play with and tune. Doesn't matter if its a truck, van, Corvette, you can tinker to your heart's content.
#21
It's funny how things work out. Toyota, and all car manufacturers, have a vested interest to keep people from cracking their engine management code so they use higher security for that. There is probably a lot of proprietary code in that software. All changes to the ECU can only be done with Toyota signed code. Keys on the other hand can be handled by the dealers, so they use a weaker key, but a less private one too. Besides, ECU changes aren't done OTA, but keyless access is.
#22
Lexus Test Driver
As for the previous poster talking about it being impossible to crack the engine management code, that's not true of all manufacturers. GM IMO went out of their way to make the ECU on all their V8 engines easy to play with and tune. Doesn't matter if its a truck, van, Corvette, you can tinker to your heart's content.
Most security holes in encrypted systems depend on some level of cracking the encryption key unless the coder left a back door to bypass the protection all together. Even your simple WEP hacks to get you access to the neighbour's wifi (free **** downloads ) relies on cracking the key by capturing a number of packets with the said key and brute forcing it.
#23
If the car has GPS, it's pretty easy to either jam it or disable it, since the thieves seems to be pretty prepared (there are often at least 3 of them at a time).
That's likely the case. Below is a follow up story with BMW response at the end -- they really tried to say this problem is not specific to BMW. They are aware of this problem around September 2011, and any BMW manufactured after that you can't exploit the security flaw. Seems to me that although all cars can be cracked, BMW was easily cracked/exploited before what ever update they did.
http://www.bbc.co.uk/programmes/b006...eft-technology
Originally Posted by spwolf
i doubt they are cracking any keys... they probably found some security hole they are using to gain access.
http://www.bbc.co.uk/programmes/b006...eft-technology
Thread
Thread Starter
Forum
Replies
Last Post