Keyless Ignition: Theft Threat?
12-24-06, 03:50 PM
#1
Rookie
Thread Starter
Join Date: May 2005
Location: CO
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
Keyless Ignition: Theft Threat?
Do we know if the GS uses a 40 or 128-bit encrytion in the keyless fob? I can't find it anywhere on the official site (see article below).
Also the official site states that the GS 430/350/450h utilize an immobilizer. How can that possibly be as there is no key?
"Engine Immobilizer
A tiny transponder embedded in the key sends a personal identification code to the engine control computer. Unless the system reads the proper code, the computer will not enable the ignition and fuel injection, thus immobilizing the vehicle. "
http://www.lexus.com/lexus-main/mode...fications.html
--
Security Watch : Don't get burned by viruses and hackers
Gone in 60 seconds--the high-tech version
By Robert Vamosi
Senior editor, CNET Reviews
May 5, 2006
Let's say you just bought a Mercedes S550, a state-of-the-art, high-tech vehicle with an antitheft keyless ignition system. After pulling into a Starbucks to celebrate with a grande latte and a scone while checking your messages on a BlackBerry, a man in a T-shirt and jeans with a laptop sits next to you and starts up a friendly conversation: "Is that the S550? How do you like it so far?" Eager to share, you converse for a few minutes, then the man thanks you and is gone. A moment later you look up to discover your new Mercedes is gone as well. Now, decrypting one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car--making the hack tempting for thieves. The owner of the code is now the true owner of the car. And while high-end, high-tech auto thefts like this are more common in Europe today, they will soon start happening in America. The sad thing is that manufacturers of keyless devices don't seem to care.
Now, one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car.
Antitheft systems get more sophisticated
Wireless or contactless devices in cars are not new. Remote keyless entry systems, those black fobs we all have dangling next to our car keys, have been around for years. While still a few feet away from a car, the fobs can disengage the auto alarm and unlock the doors; they can even activate the car's panic alarm in an emergency. First introduced in the 1980s, modern remote keyless entry systems use a circuit board, a coded Radio-Frequency Identification (RFID) technology chip, a battery, and a small antenna; the latter two designed so that the fob can broadcast to a car while it's still several feet away. The RFID chip in the key fob contains a select set of codes designed to work with a given car. These codes are rolling 40-bit strings, meaning that with each use, the code changes slightly, creating about 1 trillion possible combinations in total. When you push the unlock button, the keyfob sends a 40-bit code along with an instruction to unlock the car doors; if the synced-up car receiver gets the 40-bit code it is expecting, the car performs the instruction. If not, car does not respond.
A second antitheft RFID use is for remote vehicle immobilizers. These are tiny chips embedded inside the plastic head of the ignition keys, and they are used in more than 150 million vehicles today. Improper use prevents the car's fuel pump from operating correctly. Unless the driver has the correct key chip installed, the car will run out of fuel a few blocks from the attempted theft. (That's why valet keys don't have the chips installed; valets need to drive the car only short distances.) One estimate suggests that since their introduction in the late 1990s, vehicle immobilizers have resulted in a 90 percent decrease in auto thefts nationwide.
Unfortunately, the companies making RFID systems for cars don't think there's a problem.
But can this system be defeated? Yes
Like vehicle immobilization, keyless ignition systems work only in the presence of the proper chip. Unlike remote keyless entry systems, keyless ignition systems are passive, don't require a battery, and have much shorter ranges (usually six feet or less); instead of sending a signal, the keyless ignition system relies on a signal emitted from the car itself. Keyless ignition systems allow you the convenience of starting your car with the touch of a button without removing the chip from your pocket or purse or backpack.
Given that the car is more or less broadcasting its code and looking for a response, it seems possible that a thief could try different codes and see what the responses are. Last fall the authors of a study from Johns Hopkins University and the security firm RSA used a laptop equipped with a microreader. They were able to capture the code sequence, decrypt it, then disengage the alarm and unlock and start a 2005 Ford Escape SUV without the key; they even provided an online video of their "car theft." But if you think that such a hack might occur only in a pristine academic environment, with the right equipment, you're wrong.
Real-world examples
Meet Radko Soucek, a 32-year-old car thief from the Czech Republic. Using a laptop and a reader, he is alleged to have stolen several expensive cars in and around Prague. Soucek is not new to auto theft; he has been stealing cars since he was 11 years old, but he recently turned high-tech when he realized how easily it could be done. Ironically, what led to his downfall was his own laptop, which holds evidence of all his past encryption attempts. With a database of successful encryption strings already stored on his hard drive, he's now able to crack cars he's never seen before in a relatively short amount of time.
And Soucek isn't an isolated example. Recently, soccer player David Beckham had not one but two custom-designed BMW X5 SUVs stolen, the most recent theft occurred in Madrid, Spain. Police believe an auto theft gang using software instead of hardware pinched both of Beckham's BMWs.
Gone in…a few minutes?
How a keyless car gets stolen isn't exactly a state secret; much of the required knowledge is Basic Encryption 101. The authors of the Johns Hopkins/RSA study needed only to capture two challenge-and-response pairs from their intended target before cracking the encryption. In an example from the paper, they wanted to see if they could swipe the passive code off the keyless ignition device itself. To do so, the authors simulated a car's ignition system (the RFID reader) on a laptop. By sitting close to someone with a keyless ignition device in their pocket, the authors were able to perform several scans in less than one second without the victim knowing. They then began decrypting the sampled challenge-response pairs. Using brute-force attack techniques, the researchers had the laptop try different combinations of symbols until they found combinations that matched. Once they had the matching codes, they could then predict the sequence and were soon able to gain entrance to the target car and start it.
In the case of David Beckham, police think that the criminals waited until he left his car, then proceeded to use a brute-force attack until the car was disarmed, unlocked, and stolen.
Hear no evil, speak no evil
To remediate these hacks, the authors of the Johns Hopkins/RSA study suggest that the RFID industry move away from the relatively simple 40-bit encryption technology now in use and adopt a more established encryption standard such as the 128-bit Advanced Encryption Standard (AES). The longer the encryption code, the harder it is to crack. The authors do concede that this change would require a higher power consumption and therefore might be harder to implement, nor would it be backward compatible with all the 40-bit ignition systems already available. The authors also suggest that car owners wrap their keyless ignition fobs in tin foil when not in use to prevent active scanning attacks, and that automobile manufacturers place a protective cylinder around the ignition slot. This latter step would limit the RFID broadcast range and make it harder for someone outside the car to eavesdrop on the code sequence.
Unfortunately, the companies making RFID systems for cars don't think there's a problem. The 17th annual CardTechSecureTech conference took place this past week in San Francisco, and I had an opportunity to talk with a handful of RFID vendors; none wanted to be quoted nor would any talk about 128-bit AES encryption replacing the current 40-bit code anytime soon. Few were familiar with the Johns Hopkins/RSA study I cited, and even fewer knew about keyless ignition cars being stolen in Europe. Even Consumer Reports acknowledges that keyless ignition systems might not be secure for prime time, yet the RFID industry adamantly continues to whistle its happy little tune. Until changes are made in the keyless systems, my next car will definitely have an ignition key that can't be copied by a laptop.
Would you purchase or trust a keyless ignition system on a new car? Talk back to me.
http://reviews.cnet.com/4520-3513_7-...3.html?tag=txt
Also the official site states that the GS 430/350/450h utilize an immobilizer. How can that possibly be as there is no key?
"Engine Immobilizer
A tiny transponder embedded in the key sends a personal identification code to the engine control computer. Unless the system reads the proper code, the computer will not enable the ignition and fuel injection, thus immobilizing the vehicle. "
http://www.lexus.com/lexus-main/mode...fications.html
--
Security Watch : Don't get burned by viruses and hackers
Gone in 60 seconds--the high-tech version
By Robert Vamosi
Senior editor, CNET Reviews
May 5, 2006
Let's say you just bought a Mercedes S550, a state-of-the-art, high-tech vehicle with an antitheft keyless ignition system. After pulling into a Starbucks to celebrate with a grande latte and a scone while checking your messages on a BlackBerry, a man in a T-shirt and jeans with a laptop sits next to you and starts up a friendly conversation: "Is that the S550? How do you like it so far?" Eager to share, you converse for a few minutes, then the man thanks you and is gone. A moment later you look up to discover your new Mercedes is gone as well. Now, decrypting one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car--making the hack tempting for thieves. The owner of the code is now the true owner of the car. And while high-end, high-tech auto thefts like this are more common in Europe today, they will soon start happening in America. The sad thing is that manufacturers of keyless devices don't seem to care.
Now, one 40-bit code sequence can not only disengage the security system and unlock the doors, it can also start the car.
Antitheft systems get more sophisticated
Wireless or contactless devices in cars are not new. Remote keyless entry systems, those black fobs we all have dangling next to our car keys, have been around for years. While still a few feet away from a car, the fobs can disengage the auto alarm and unlock the doors; they can even activate the car's panic alarm in an emergency. First introduced in the 1980s, modern remote keyless entry systems use a circuit board, a coded Radio-Frequency Identification (RFID) technology chip, a battery, and a small antenna; the latter two designed so that the fob can broadcast to a car while it's still several feet away. The RFID chip in the key fob contains a select set of codes designed to work with a given car. These codes are rolling 40-bit strings, meaning that with each use, the code changes slightly, creating about 1 trillion possible combinations in total. When you push the unlock button, the keyfob sends a 40-bit code along with an instruction to unlock the car doors; if the synced-up car receiver gets the 40-bit code it is expecting, the car performs the instruction. If not, car does not respond.
A second antitheft RFID use is for remote vehicle immobilizers. These are tiny chips embedded inside the plastic head of the ignition keys, and they are used in more than 150 million vehicles today. Improper use prevents the car's fuel pump from operating correctly. Unless the driver has the correct key chip installed, the car will run out of fuel a few blocks from the attempted theft. (That's why valet keys don't have the chips installed; valets need to drive the car only short distances.) One estimate suggests that since their introduction in the late 1990s, vehicle immobilizers have resulted in a 90 percent decrease in auto thefts nationwide.
Unfortunately, the companies making RFID systems for cars don't think there's a problem.
But can this system be defeated? Yes
Like vehicle immobilization, keyless ignition systems work only in the presence of the proper chip. Unlike remote keyless entry systems, keyless ignition systems are passive, don't require a battery, and have much shorter ranges (usually six feet or less); instead of sending a signal, the keyless ignition system relies on a signal emitted from the car itself. Keyless ignition systems allow you the convenience of starting your car with the touch of a button without removing the chip from your pocket or purse or backpack.
Given that the car is more or less broadcasting its code and looking for a response, it seems possible that a thief could try different codes and see what the responses are. Last fall the authors of a study from Johns Hopkins University and the security firm RSA used a laptop equipped with a microreader. They were able to capture the code sequence, decrypt it, then disengage the alarm and unlock and start a 2005 Ford Escape SUV without the key; they even provided an online video of their "car theft." But if you think that such a hack might occur only in a pristine academic environment, with the right equipment, you're wrong.
Real-world examples
Meet Radko Soucek, a 32-year-old car thief from the Czech Republic. Using a laptop and a reader, he is alleged to have stolen several expensive cars in and around Prague. Soucek is not new to auto theft; he has been stealing cars since he was 11 years old, but he recently turned high-tech when he realized how easily it could be done. Ironically, what led to his downfall was his own laptop, which holds evidence of all his past encryption attempts. With a database of successful encryption strings already stored on his hard drive, he's now able to crack cars he's never seen before in a relatively short amount of time.
And Soucek isn't an isolated example. Recently, soccer player David Beckham had not one but two custom-designed BMW X5 SUVs stolen, the most recent theft occurred in Madrid, Spain. Police believe an auto theft gang using software instead of hardware pinched both of Beckham's BMWs.
Gone in…a few minutes?
How a keyless car gets stolen isn't exactly a state secret; much of the required knowledge is Basic Encryption 101. The authors of the Johns Hopkins/RSA study needed only to capture two challenge-and-response pairs from their intended target before cracking the encryption. In an example from the paper, they wanted to see if they could swipe the passive code off the keyless ignition device itself. To do so, the authors simulated a car's ignition system (the RFID reader) on a laptop. By sitting close to someone with a keyless ignition device in their pocket, the authors were able to perform several scans in less than one second without the victim knowing. They then began decrypting the sampled challenge-response pairs. Using brute-force attack techniques, the researchers had the laptop try different combinations of symbols until they found combinations that matched. Once they had the matching codes, they could then predict the sequence and were soon able to gain entrance to the target car and start it.
In the case of David Beckham, police think that the criminals waited until he left his car, then proceeded to use a brute-force attack until the car was disarmed, unlocked, and stolen.
Hear no evil, speak no evil
To remediate these hacks, the authors of the Johns Hopkins/RSA study suggest that the RFID industry move away from the relatively simple 40-bit encryption technology now in use and adopt a more established encryption standard such as the 128-bit Advanced Encryption Standard (AES). The longer the encryption code, the harder it is to crack. The authors do concede that this change would require a higher power consumption and therefore might be harder to implement, nor would it be backward compatible with all the 40-bit ignition systems already available. The authors also suggest that car owners wrap their keyless ignition fobs in tin foil when not in use to prevent active scanning attacks, and that automobile manufacturers place a protective cylinder around the ignition slot. This latter step would limit the RFID broadcast range and make it harder for someone outside the car to eavesdrop on the code sequence.
Unfortunately, the companies making RFID systems for cars don't think there's a problem. The 17th annual CardTechSecureTech conference took place this past week in San Francisco, and I had an opportunity to talk with a handful of RFID vendors; none wanted to be quoted nor would any talk about 128-bit AES encryption replacing the current 40-bit code anytime soon. Few were familiar with the Johns Hopkins/RSA study I cited, and even fewer knew about keyless ignition cars being stolen in Europe. Even Consumer Reports acknowledges that keyless ignition systems might not be secure for prime time, yet the RFID industry adamantly continues to whistle its happy little tune. Until changes are made in the keyless systems, my next car will definitely have an ignition key that can't be copied by a laptop.
Would you purchase or trust a keyless ignition system on a new car? Talk back to me.
http://reviews.cnet.com/4520-3513_7-...3.html?tag=txt
Last edited by spiralynth; 12-24-06 at 03:58 PM.
12-24-06, 10:02 PM
#5
Rookie
Thread Starter
Join Date: May 2005
Location: CO
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
Shameless flaunting of high IQ in the form of scathing wit aside (you three little rascally showoffs you), anyone actually capable of speaking to the issue and answering my two questions?
12-25-06, 04:49 AM
#7
How can this type of theft be common in Europe?
The US and Europe were introduced to this tech at
the same time.
I dont believe anyone will go this hugh undertaking
when they can us a simple weapon and take your
key.
This is the same concept as in the early days of
cell phones. Someone could stand on a bridge and
steal your ESN's as people drove under your computer.
The idea is possible, but it never really happens.
Lastly, I think you are mistaken when it comes to
what kind of signal is being "broadcast" by your fob.
Its not like a bluetooth type signal, that could have
an encyption. It just a simple freq. that the car
listens for and excepts.
The US and Europe were introduced to this tech at
the same time.
I dont believe anyone will go this hugh undertaking
when they can us a simple weapon and take your
key.
This is the same concept as in the early days of
cell phones. Someone could stand on a bridge and
steal your ESN's as people drove under your computer.
The idea is possible, but it never really happens.
Lastly, I think you are mistaken when it comes to
what kind of signal is being "broadcast" by your fob.
Its not like a bluetooth type signal, that could have
an encyption. It just a simple freq. that the car
listens for and excepts.
Trending Topics
12-25-06, 02:24 PM
#8
Rookie
Thread Starter
Join Date: May 2005
Location: CO
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
How can this type of theft be common in Europe?
The US and Europe were introduced to this tech at the same time. I dont believe anyone will go this hugh undertaking when they can us a simple weapon and take your key. This is the same concept as in the early days of
cell phones. Someone could stand on a bridge and steal your ESN's as people drove under your computer. The idea is possible, but it never really happens. Lastly, I think you are mistaken when it comes to what kind of signal is being "broadcast" by your fob. Its not like a bluetooth type signal, that could have an encyption. It just a simple freq. that the car listens for and excepts.
The US and Europe were introduced to this tech at the same time. I dont believe anyone will go this hugh undertaking when they can us a simple weapon and take your key. This is the same concept as in the early days of
cell phones. Someone could stand on a bridge and steal your ESN's as people drove under your computer. The idea is possible, but it never really happens. Lastly, I think you are mistaken when it comes to what kind of signal is being "broadcast" by your fob. Its not like a bluetooth type signal, that could have an encyption. It just a simple freq. that the car listens for and excepts.
Also, Europe and US were not introduced to anti-theft tech at the same time. Immobilizers were first introduced in Europe in the early 90's, and by the mid 90's, mainly because of burgeoning Eastern Europe black markets creating unprecented high tech thieves, and consequent demands from German insurance companies, they'd almost become mandatory. By 1995 BMW came up with 32 bit RFID immobilizers, which later rolled into the US and Japanese luxury markets. Immobilizers are the most effective security option available to this day, but that is if your car uses it. As per my point above, I don't see how Lexus can claim the GS utilizes an immobilzer in a keyless ignition system, unless the presence of a transponder in the fob as it communicates with the car defines it as such (by nature that's basically how a traditional immobilizer works, though with some significant differences).
As for your comment on cell phones, that was a potential problem until phones became ubiquitous. As the window between the haves and have nots closed very rapidly, that threat and the practice died quickly with it. You won't be seeing high priced luxury cars in everyone's hands anytime soon.
12-25-06, 03:28 PM
#9
Pole Position
Join Date: Oct 2003
Location: TX/OK
Posts: 238
Likes: 0
Received 0 Likes
on
0 Posts
Gotta love the RFID tech...
not surprised one bit. Whoever thought RFID should be used for anything more secure than "are you human? yes or no", is not a bright fellow.
As previously stated, if your enterprising enough, theres a very lucrative job opening in an easy to use Brand X car RFID hack. LOL just at the moment, it requires just a "little" bit more thought than the average thief is willing to expend. However the tow trick always works...
But you have to remember, if your a target, your a target, if not, you got nothing to worry about.
Buy a cell phone, have it interrupt the voltage to the fuel pump when called. Car stolen? call the phone.
not surprised one bit. Whoever thought RFID should be used for anything more secure than "are you human? yes or no", is not a bright fellow.
As previously stated, if your enterprising enough, theres a very lucrative job opening in an easy to use Brand X car RFID hack. LOL just at the moment, it requires just a "little" bit more thought than the average thief is willing to expend. However the tow trick always works...
But you have to remember, if your a target, your a target, if not, you got nothing to worry about.
Buy a cell phone, have it interrupt the voltage to the fuel pump when called. Car stolen? call the phone.
Last edited by okcfunky; 12-25-06 at 03:43 PM.
12-25-06, 06:19 PM
#10
Lexus Test Driver
Join Date: Oct 2006
Location: Colorado
Posts: 1,201
Likes: 0
Received 0 Likes
on
0 Posts
32 bit encryption that's all? Is that what is in out keyless entry system.
I'm seriously annoyed if that is the case. Are we sure it's not a rotating, or randomizing code key fob?
If this is the case I feel better about it, because the second you arm/disarm the code is rolled and swapped with a different one - one of millions.
That's the same basic pattern/principle as on the newer garage doors.
Yes it is breakable, I could even do a 32 bit with a program I have, but if it's a rolling code, it's much harder even at the lame 32 bit....
I'g going to do some research now, I'm interested...
I'm seriously annoyed if that is the case. Are we sure it's not a rotating, or randomizing code key fob?
If this is the case I feel better about it, because the second you arm/disarm the code is rolled and swapped with a different one - one of millions.
That's the same basic pattern/principle as on the newer garage doors.
Yes it is breakable, I could even do a 32 bit with a program I have, but if it's a rolling code, it's much harder even at the lame 32 bit....
I'g going to do some research now, I'm interested...
12-26-06, 02:11 AM
#12
That was my point AudiMan. Much easier ways to steal a car then to
throw away an education.
I don't see that may software engineers stealing cars. I see it as a majority
of thieves aren't smart enough and will force the key from you. The ones
that are smart enough, are gonna take your car. You can do nothing about
it, except pay your insurance.
Lastly, I don't think the car manufactures want to make a system that prevents
theft. This thread already has started to blame Lexus for not having a
"good enough" system. There is no such thing. A thief will always beat the
"system". If they attempted to install a system good enough, it would drive
up the costs, make them liable in a US court, and the car would still be stolen.
Didn't Mercedes have a problem with the whole Finger Print thing? Where you
had to put you finger on the door for it to open? I think a cast went to court
over the thief cutting the guys finger off to steal the car. I could be wrong,
but I remember something about that.
throw away an education.
I don't see that may software engineers stealing cars. I see it as a majority
of thieves aren't smart enough and will force the key from you. The ones
that are smart enough, are gonna take your car. You can do nothing about
it, except pay your insurance.
Lastly, I don't think the car manufactures want to make a system that prevents
theft. This thread already has started to blame Lexus for not having a
"good enough" system. There is no such thing. A thief will always beat the
"system". If they attempted to install a system good enough, it would drive
up the costs, make them liable in a US court, and the car would still be stolen.
Didn't Mercedes have a problem with the whole Finger Print thing? Where you
had to put you finger on the door for it to open? I think a cast went to court
over the thief cutting the guys finger off to steal the car. I could be wrong,
but I remember something about that.
12-27-06, 09:48 AM
#13
Pole Position
Join Date: Apr 2006
Location: PA
Posts: 363
Likes: 0
Received 0 Likes
on
0 Posts
Besides, if they want you car, you can't do anything about it. I just hope I don't get the car back so I can get a new one. LOL
01-04-07, 12:41 AM
#14
Rookie
Thread Starter
Join Date: May 2005
Location: CO
Posts: 95
Likes: 0
Received 0 Likes
on
0 Posts
The point of my inquiry was not about what one will or won't do; it was about what one could do. This is not about conjecture on theories of man's intentions - constructive or otherwise, or to stike fear into the hearts of owners and potential owners. Sure you could walk out on the street and get hit by a bus. Sure you could have your house broken into. Sure you could be held up at gunpoint while withdrawing cash from an ATM. You're talking about pickpockets; I'm talking about ID thieving crooks who phish their ways into your accounts. You're talking about the dolt who holds up a bank; I'm talking about the hack who reroutes money transfers. You're talking about a druggie or junkie or a joyrider; I'm talking about organized theft for large black market or otherwise purposes. You're talking about primal intentions; I'm simply interested in what's possible in this rapidly advancing technological age, nothing more.
Additionally, this sort of car theft does happen - a lot, and not just in your neighborhood multiplex. High tech car theft is a serious problem in Eastern Europe. And again, this is only as difficult as it for those who THINK it is difficult. It is a VERY, very doable thing with not much more than a simple laptop and some software required. Motivation is the main variable, and a capable, immoral thief properly motivated will opt for this route long before he decides to club you for a myriad of reasons I'm sure, but mainly because the likelyhood of him being caught or facing opposition would dwindle exponentially.
And by the way, for those who think that claiming insurance on your stolen car is a cinch adventure - think again. It's a usually a nightmarish process, especially if you own any car with an anti theft system that's defined as an immobilizer, because insurance companies believe immobilizers are about as impregnable as can be, true or not. Try convincing your company to fork over $40K+ because your brand new Lexus with a 40 bit encrypted immobilizer got stolen, and they will turn your life so upside for months on end you won't know what hit you. The more negative things they dig up - and they will dig into your crimnial history, any potential signs of financial distress, resulting from health or marital issues or gambling or work status or otherwise, you name it - the more they will try to incriminate you long before they pay up. Google is your friend on finding plenty of horror stories to that end.
Anyway, I found my answers:
A) Lexus does use 40 bit encryption
B) They can claim immobilizer per my previous post
Additionally, this sort of car theft does happen - a lot, and not just in your neighborhood multiplex. High tech car theft is a serious problem in Eastern Europe. And again, this is only as difficult as it for those who THINK it is difficult. It is a VERY, very doable thing with not much more than a simple laptop and some software required. Motivation is the main variable, and a capable, immoral thief properly motivated will opt for this route long before he decides to club you for a myriad of reasons I'm sure, but mainly because the likelyhood of him being caught or facing opposition would dwindle exponentially.
And by the way, for those who think that claiming insurance on your stolen car is a cinch adventure - think again. It's a usually a nightmarish process, especially if you own any car with an anti theft system that's defined as an immobilizer, because insurance companies believe immobilizers are about as impregnable as can be, true or not. Try convincing your company to fork over $40K+ because your brand new Lexus with a 40 bit encrypted immobilizer got stolen, and they will turn your life so upside for months on end you won't know what hit you. The more negative things they dig up - and they will dig into your crimnial history, any potential signs of financial distress, resulting from health or marital issues or gambling or work status or otherwise, you name it - the more they will try to incriminate you long before they pay up. Google is your friend on finding plenty of horror stories to that end.
Anyway, I found my answers:
A) Lexus does use 40 bit encryption
B) They can claim immobilizer per my previous post
Thread
Thread Starter
Forum
Replies
Last Post
