Watchdog - BMW theft

[Ninja59]

Quote:

Originally Posted by SonyVaio

Some keys are not physically different! Here is keys from a V50 which generally are all the same for opening and starting a the car, yes there is a physical blade element of the key but no used generally speaking.



With Volvo though the need for both VIDA and DICE to activate a key makes it so more secure. The dealers VIDA systems have an active connection to Volvo's servers in Sweden. Unlike the BMW you can't program a key straight from the OBD port on its own.

I have heard that there is work around for BMW's in that they can have a firmware upgrade which then prevents the system from being suceptible to this type of attack but the dealers are faily unwilling to do it because of the time it takes and BMW HQ will not authorise the cost (i.e activate a Recall).

And there is the problem for thieves...just to be correct BMW are being FORCED into doing a campaign to get cars back for an update the 3 series is still a number of weeks away for them. the watchdog campaign totally made them change their attitude not long before the release on the box

Quote:

Originally Posted by 100K+

Sorry guys still not convinced by this now. I'm happy for me cos I have a proper key. Have tried both my V70's and need the right key to gain access and start. If I had a plastic key I would be concerned.

The clone VIDA/DICE as I understand has additional software that makes the laptop belive its connected to Sweden - that why its able to do so much.. ie reset SRS, reprogramme control modules, reset fault codes etc, and these are being sold for about £100-£120 - Watch them in action on the web.

This thread has had some 300+views and what surprises me is that nobody who has a vida/dice has come forward and said the softeware does not exist with their equipment. ( nor that it does). People have said they got Vida/Dice software on other threads but not this.

I'm not sure about the legality of owning or using these divices, perhaps thats why no one wants to say anything too specific.
As i have previously said this is only my opinion,but with the number of Dice/Vida sold I really think we as owners need to be think about security carefully.
Perhaps as Mythbusters say "it might be possible but not probable".. but I'm still paranoid.

Cheers

Bob

PS My dash VIN is now masked

Anything with time and effort is hackable/broken and entry gained YES. it is like operating systems the greatest problem is the human element.

DICE/VIDA on its own cannot really do much. The updates and security for keys are usually the bit that comes from Sweden again with the keys this is the bit that causes issues for anyone copying them.To reset things does not actually need a connection. the fact that even locksmiths refuse to attempt volvo keys speaks wonders.

and tbh not being even having a key is no sure far way to protect the vehicle tbh if someone is going to try taking my car THAT BADLY. THEY WILL.

in honesty you have to draw a line somewhere...prevention yes but you will never eradicate it. In addition, going back to the bit above about wanting my car that badly it really is not worth risking your life over.

Do not get me wrong I LOVE CARS, but i would never dream of risking my own life or more to the point another member of family or my GF's over a car. it can be replaced lives cannot.

you do realise VIN's are checked on MOT's and if given a tug they might be suspicious of an obscured VIN?

[Clan]

Quote:

Originally Posted by 100K+

Sorry guys still not convinced by this now. I'm happy for me cos I have a proper key. Have tried both my V70's and need the right key to gain access and start. If I had a plastic key I would be concerned.

The clone VIDA/DICE as I understand has additional software that makes the laptop belive its connected to Sweden - that why its able to do so much.. ie reset SRS, reprogramme control modules, reset fault codes etc, and these are being sold for about £100-£120 - Watch them in action on the web.

This thread has had some 300+views and what surprises me is that nobody who has a vida/dice has come forward and said the softeware does not exist with their equipment. ( nor that it does). People have said they got Vida/Dice software on other threads but not this.

I'm not sure about the legality of owning or using these divices, perhaps thats why no one wants to say anything too specific.
As i have previously said this is only my opinion,but with the number of Dice/Vida sold I really think we as owners need to be think about security carefully.
Perhaps as Mythbusters say "it might be possible but not probable".. but I'm still paranoid.

Cheers

Bob

PS My dash VIN is now masked

The actions you mention above have no need for connection to any server , they work directly from the PC and vida software ..

To be able to program keys or remotes you need the unique software from the server for your particular car . hence the connection . Obviously no unauthorised computers can do this . Also the software has to be ordered as per any other part so only a dealer parts dept can do this . then when you get it further code numbers are required .

[Bill_56]

One very important rule of computer security and encryption is that secrecy is absolutely pointless, as secrets will always escape. It does sound as if that is the mistake that BMW made, depending upon 'secret' algorithms to reduce the costs of implementing a secure server for key assignments.

Whilst I am not privy (and have no reason to be so) to the protocols by which the Swedish servers allocate new keycodes, I get the distinct impression that the Volvo system depends entirely upon mathematical encryption rather than secrecy, and so remains secure.

That said, all of modern data encryption, and hence the Volvo keycode algorithm, depends upon the unproveabe mathematical premise that prime number factorials are hard to evaluate. But if that premise ever proves ill-founded, and somebody thinks of an unthinkable algorithm for prime factorials, then car-theft will be the least of our worries as the entirety of world commerce will descend into chaos, online bank accounts are drained overnight, and mobile phones and the internet suddenly stop working.

[Ninja59]

Quote:

Originally Posted by Bill_56

One very important rule of computer security and encryption is that secrecy is absolutely pointless, as secrets will always escape. It does sound as if that is the mistake that BMW made, depending upon 'secret' algorithms to reduce the costs of implementing a secure server for key assignments.

Whilst I am not privy (and have no reason to be so) to the protocols by which the Swedish servers allocate new keycodes, I get the distinct impression that the Volvo system depends entirely upon mathematical encryption rather than secrecy, and so remains secure.

That said, all of modern data encryption, and hence the Volvo keycode algorithm, depends upon the unproveabe mathematical premise that prime number factorials are hard to evaluate. But if that premise ever proves ill-founded, and somebody thinks of an unthinkable algorithm for prime factorials, then car-theft will be the least of our worries as the entirety of world commerce will descend into chaos, online bank accounts are drained overnight, and mobile phones and the internet suddenly stop working.

all true points but this is why vehicle security has two distinct levels and if you looked at any reliable stat info it would comeback has access to the vehicle (unauthorised) and the other step of actually driving it away. On both fronts BMW failed to keep their e series vehicles secure.

Going back to the point of keys the reason for this even the early none electronic BMW keys are actually flawed as they let the thieves in by the same means (there are reports of one guy having his airbag stolen and other materials and to NOTE his was a none affected electronic version key.

[Bill_56]

It is relatively easy to gain unauthorised access to pretty much any vehicle, including our Volvos. You simpy break a side window, using a centre-punch, club hammer or if you can't afford these high tech gadgets, a brick is cheaper.

In some circumstances the alarm may go off, but can you ever remember seeing anybody take any notice of a car alarm? Have you ever called the Police to report crime implied by a car alarm, or even a house alarm? I have, they politely declined to become involved until more convincing evidence of crime was provided.

The issue here is that the hackers seem to have found a way to ovecome the protection in the BMW keycode programming protocol. And actually, I'm more worried than I was, since people seem to be suggesting that a fully secure keycode protocol, that relied on encrypted authentication by the car-maker's servers, would be illegal under EU law which mandates that non-franchised garages must be able to service the cars. It's in our interests I suppose, eg if the car maker goes belly-up (like Saab), and switches off their servers, owners should still be able to get new keys. If that is indeed the law, and if Volvo compy with these laws, it may only be a matter of time before Volvos are vulnerable too...

I suppose the cars in this area of the forum are more fortunate than some, as at
least a 'cut' steel key is still required, in addition to any computer hacks!

[Bernard333]

Quote:

Originally Posted by Bill_56

The issue here is that the hackers seem to have found a way to ovecome the protection in the BMW keycode programming protocol. And actually, I'm more worried than I was, since people seem to be suggesting that a fully secure keycode protocol, that relied on encrypted authentication by the car-maker's servers, would be illegal under EU law which mandates that non-franchised garages must be able to service the cars.

The thieves did not hack anything they simply wiped the memory in the car and entered a new code because BMW left the back door open enabling this to be possible , what they did was simplistic which makes you wonder about the competance of BMW . The set up inside the Volvo security system does not allow this to happen , trying to reset the key codes will result in the ecu being shut down without being connected to Sweden .

[Bill_56]

Quote:

Originally Posted by Bernard333

The thieves did not hack anything they simply wiped the memory in the car and entered a new code because BMW left the back door open enabling this to be possible , what they did was simplistic which makes you wonder about the competance of BMW . The set up inside the Volvo security system does not allow this to happen , trying to reset the key codes will result in the ecu being shut down without being connected to Sweden .

Whilst I am happy to accept that ECU shutdown is technically possible and relatively easy, I am struggling to see how any car maker can realistically implement it without leaving back doors for the benefit of non-franchised dealers, or in the event of the parent company's demise.

Otherwise, what is the mechanism that a non-franchised dealer, or even a foremerly franchised dealer if Volvo ceased to exist, would use to activate a replacement key for use with a Volvo?

If we really are dependent on Sweden then that could be just as big a worry... will all Volvos become unmaintainable if Volvo stop trading? Surely not.

[Ninja59]

Quote:

Originally Posted by Bill_56

It is relatively easy to gain unauthorised access to pretty much any vehicle, including our Volvos. You simpy break a side window, using a centre-punch, club hammer or if you can't afford these high tech gadgets, a brick is cheaper.

In some circumstances the alarm may go off, but can you ever remember seeing anybody take any notice of a car alarm? Have you ever called the Police to report crime implied by a car alarm, or even a house alarm? I have, they politely declined to become involved until more convincing evidence of crime was provided.

The issue here is that the hackers seem to have found a way to ovecome the protection in the BMW keycode programming protocol. And actually, I'm more worried than I was, since people seem to be suggesting that a fully secure keycode protocol, that relied on encrypted authentication by the car-maker's servers, would be illegal under EU law which mandates that non-franchised garages must be able to service the cars. It's in our interests I suppose, eg if the car maker goes belly-up (like Saab), and switches off their servers, owners should still be able to get new keys. If that is indeed the law, and if Volvo compy with these laws, it may only be a matter of time before Volvos are vulnerable too...

I suppose the cars in this area of the forum are more fortunate than some, as at
least a 'cut' steel key is still required, in addition to any computer hacks!

it is not actually "illegal" they just have to make provisions for it for example Alfa Romeo used to get round this by having a number to contact that would allow them to get a new key, rather than compromising the security of the car.

Volvo WILL be complying with the EU law there are generally severe punishments and fines if not FOR many of them.

The other thing is that the BMW one WAS NOT SECURE. The actual way this was done is that the device could read the LIVE EOBD port of the car and get the code from the key hardware and then marry to two up. If you are actually interested in how the key of the affected models works there is a link somewhere about this and exactly how the key links with the BMW CAS system.

At no point did any body say that the port had to transmit KEY information the only laws are in the positioning and the availability of certain features of the EOBD.

an actual key is no more secure than an electronic one really

and as for the original preliminary statement, someone doing that is nothing like how they are doing it.

EDIT:
BMW CAS KEY SYSTEM LINK -How it works.

[Ninja59]

Quote:

Originally Posted by Bill_56

Whilst I am happy to accept that ECU shutdown is technically possible and relatively easy, I am struggling to see how any car maker can realistically implement it without leaving back doors for the benefit of non-franchised dealers, or in the event of the parent company's demise.

Otherwise, what is the mechanism that a non-franchised dealer, or even a foremerly franchised dealer if Volvo ceased to exist, would use to activate a replacement key for use with a Volvo?

If we really are dependent on Sweden then that could be just as big a worry... will all Volvos become unmaintainable if Volvo stop trading? Surely not.

I think some people are reading WAY to much into this and going off on one. If you ACTUALLY looked at the sites that are selling this software and devices all the software is EXACTLY the same. At no point ON ANY SITE i have seen is information linking a new key programming feature for VOLVOS.

tbh I go back to my original statement as well if THEY are REALLY THAT BOTHERED and do not give two ****s then they will just lift it or WORSE still break in take the keys, some will threaten you (i recently saw another instance of this involving weapons and a armed gang.) tbh it is a lump of plastic,metal and rubber i would prefer it taken than any harm to family, my GF's family a car can be replaced inconvenience yes and whatever but life is worth WAY MORE.

[Bill_56]

As I said in an earlier post, secrecy is of no value at all in security.

That being the case, the sensible thing to do would be for the motor industry to come clean and 'spill the beans' and describe the precise mechanism of this exploit. Only then can we begin to assess whether or not other cars are vulnerable too.

I am sure BMW would reel back in horror at the suggestion of such openness, as would any other car maker. Be open with customers and tell them how things work? Heaven forbid. And perhaps that is the attitude that needs to change.