|
S80 '98-'06 / S60 '00-'09 / V70 & XC70 '00-'07 General Forum for the P2-platform S60 / V70 / XC70 / S80 models |
Information |
|
Watchdog - BMW theftViews : 6206 Replies : 37Users Viewing This Thread : |
|
Thread Tools | Display Modes |
Sep 18th, 2012, 20:47 | #11 | ||
Probably Akita's Toyboy..
Last Online: Dec 27th, 2023 22:24
Join Date: Jul 2010
Location: A House.
|
Quote:
Quote:
DICE/VIDA on its own cannot really do much. The updates and security for keys are usually the bit that comes from Sweden again with the keys this is the bit that causes issues for anyone copying them.To reset things does not actually need a connection. the fact that even locksmiths refuse to attempt volvo keys speaks wonders. and tbh not being even having a key is no sure far way to protect the vehicle tbh if someone is going to try taking my car THAT BADLY. THEY WILL. in honesty you have to draw a line somewhere...prevention yes but you will never eradicate it. In addition, going back to the bit above about wanting my car that badly it really is not worth risking your life over. Do not get me wrong I LOVE CARS, but i would never dream of risking my own life or more to the point another member of family or my GF's over a car. it can be replaced lives cannot. you do realise VIN's are checked on MOT's and if given a tug they might be suspicious of an obscured VIN? Last edited by Ninja59; Sep 18th, 2012 at 20:52. |
||
The Following User Says Thank You to Ninja59 For This Useful Post: |
Sep 18th, 2012, 21:40 | #12 | |
Experienced Member
Last Online: Today 11:48
Join Date: Jun 2007
Location: L/H side
|
Quote:
To be able to program keys or remotes you need the unique software from the server for your particular car . hence the connection . Obviously no unauthorised computers can do this . Also the software has to be ordered as per any other part so only a dealer parts dept can do this . then when you get it further code numbers are required .
__________________
My comments are only based on my opinions and vast experience . |
|
Sep 19th, 2012, 00:40 | #13 |
Premier Member
Last Online: Oct 29th, 2021 23:58
Join Date: Jan 2010
Location: Over the hill
|
One very important rule of computer security and encryption is that secrecy is absolutely pointless, as secrets will always escape. It does sound as if that is the mistake that BMW made, depending upon 'secret' algorithms to reduce the costs of implementing a secure server for key assignments.
Whilst I am not privy (and have no reason to be so) to the protocols by which the Swedish servers allocate new keycodes, I get the distinct impression that the Volvo system depends entirely upon mathematical encryption rather than secrecy, and so remains secure. That said, all of modern data encryption, and hence the Volvo keycode algorithm, depends upon the unproveabe mathematical premise that prime number factorials are hard to evaluate. But if that premise ever proves ill-founded, and somebody thinks of an unthinkable algorithm for prime factorials, then car-theft will be the least of our worries as the entirety of world commerce will descend into chaos, online bank accounts are drained overnight, and mobile phones and the internet suddenly stop working. |
Sep 19th, 2012, 18:59 | #14 | |
Probably Akita's Toyboy..
Last Online: Dec 27th, 2023 22:24
Join Date: Jul 2010
Location: A House.
|
Quote:
Going back to the point of keys the reason for this even the early none electronic BMW keys are actually flawed as they let the thieves in by the same means (there are reports of one guy having his airbag stolen and other materials and to NOTE his was a none affected electronic version key. |
|
Sep 20th, 2012, 20:42 | #15 |
Premier Member
Last Online: Oct 29th, 2021 23:58
Join Date: Jan 2010
Location: Over the hill
|
It is relatively easy to gain unauthorised access to pretty much any vehicle, including our Volvos. You simpy break a side window, using a centre-punch, club hammer or if you can't afford these high tech gadgets, a brick is cheaper.
In some circumstances the alarm may go off, but can you ever remember seeing anybody take any notice of a car alarm? Have you ever called the Police to report crime implied by a car alarm, or even a house alarm? I have, they politely declined to become involved until more convincing evidence of crime was provided. The issue here is that the hackers seem to have found a way to ovecome the protection in the BMW keycode programming protocol. And actually, I'm more worried than I was, since people seem to be suggesting that a fully secure keycode protocol, that relied on encrypted authentication by the car-maker's servers, would be illegal under EU law which mandates that non-franchised garages must be able to service the cars. It's in our interests I suppose, eg if the car maker goes belly-up (like Saab), and switches off their servers, owners should still be able to get new keys. If that is indeed the law, and if Volvo compy with these laws, it may only be a matter of time before Volvos are vulnerable too... I suppose the cars in this area of the forum are more fortunate than some, as at least a 'cut' steel key is still required, in addition to any computer hacks! |
Sep 20th, 2012, 21:06 | #16 | |
Premier Member
Last Online: Oct 20th, 2021 11:41
Join Date: Nov 2007
Location: Ramelton
|
Quote:
|
|
Sep 20th, 2012, 21:21 | #17 | |
Premier Member
Last Online: Oct 29th, 2021 23:58
Join Date: Jan 2010
Location: Over the hill
|
Quote:
Otherwise, what is the mechanism that a non-franchised dealer, or even a foremerly franchised dealer if Volvo ceased to exist, would use to activate a replacement key for use with a Volvo? If we really are dependent on Sweden then that could be just as big a worry... will all Volvos become unmaintainable if Volvo stop trading? Surely not. |
|
Sep 20th, 2012, 21:22 | #18 | |
Probably Akita's Toyboy..
Last Online: Dec 27th, 2023 22:24
Join Date: Jul 2010
Location: A House.
|
Quote:
Volvo WILL be complying with the EU law there are generally severe punishments and fines if not FOR many of them. The other thing is that the BMW one WAS NOT SECURE. The actual way this was done is that the device could read the LIVE EOBD port of the car and get the code from the key hardware and then marry to two up. If you are actually interested in how the key of the affected models works there is a link somewhere about this and exactly how the key links with the BMW CAS system. At no point did any body say that the port had to transmit KEY information the only laws are in the positioning and the availability of certain features of the EOBD. an actual key is no more secure than an electronic one really and as for the original preliminary statement, someone doing that is nothing like how they are doing it. EDIT: BMW CAS KEY SYSTEM LINK -How it works. Last edited by Ninja59; Sep 20th, 2012 at 21:47. |
|
Sep 20th, 2012, 21:25 | #19 | |
Probably Akita's Toyboy..
Last Online: Dec 27th, 2023 22:24
Join Date: Jul 2010
Location: A House.
|
Quote:
tbh I go back to my original statement as well if THEY are REALLY THAT BOTHERED and do not give two ****s then they will just lift it or WORSE still break in take the keys, some will threaten you (i recently saw another instance of this involving weapons and a armed gang.) tbh it is a lump of plastic,metal and rubber i would prefer it taken than any harm to family, my GF's family a car can be replaced inconvenience yes and whatever but life is worth WAY MORE. Last edited by Ninja59; Sep 20th, 2012 at 21:30. |
|
Sep 20th, 2012, 21:50 | #20 |
Premier Member
Last Online: Oct 29th, 2021 23:58
Join Date: Jan 2010
Location: Over the hill
|
As I said in an earlier post, secrecy is of no value at all in security.
That being the case, the sensible thing to do would be for the motor industry to come clean and 'spill the beans' and describe the precise mechanism of this exploit. Only then can we begin to assess whether or not other cars are vulnerable too. I am sure BMW would reel back in horror at the suggestion of such openness, as would any other car maker. Be open with customers and tell them how things work? Heaven forbid. And perhaps that is the attitude that needs to change. |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
|
|