Newish BMW Security Concern!!

Soldato
Joined
4 Feb 2003
Posts
5,069
Location
West Midlands
Got an email at work today about increased thefts of new bmws. 160 outstanding stolen bmws in the west midlands alone since January. They are been stolen using two electronic methods that I obviously won't go into to. If you have a BMW under 5 years old, I would be considering an extra security feature over standard. Genuine shock at just how easy they are to steal :(
 
Man of Honour
Joined
17 Oct 2002
Posts
159,534
There seemed to be some confusion on whether it actually reads and decrypts the signal (unlikely) or blocks it (far more likely). If its the latter, provided its locked, its locked. Problem is most people press lock and walk off without checking.
 
Soldato
OP
Joined
4 Feb 2003
Posts
5,069
Location
West Midlands
[TW]Fox;21690324 said:
There seemed to be some confusion on whether it actually reads and decrypts the signal (unlikely) or blocks it (far more likely). If its the latter, provided its locked, its locked. Problem is most people press lock and walk off without checking.

I have seen CCTV of two thefts where the vehicles were locked :/ an x6 and a 335
 
Soldato
Joined
26 Jun 2011
Posts
4,902
You can clone the key
You can block the key so it doesn't lock and the owner doesn't realise
You can break the window, decrypt via obd2 and write the key aswell as I think disabling EWS.
There are loads of ways tbh.
 
Associate
Joined
26 Jan 2009
Posts
848
Location
Amsterdam
I'm still wondering if the following is going to be an issue, as if it is, there's no way around it that I can think of.

Assuming we have keyless entry, as it works on my mum's old Swift and new Splash - there's a button you can press on the door when you have the key in your pocket, some sort of signal exchange will happen, then the door opens.

So lets you have two miscreants, A and B. And you've got this device, which can capture the key fob frequency, transmit it over some long distance protocol (e.g. 3G), actually you have two of these. Miscreant A follows you around the store with 1 device, then B stands at the car. B can then press the button, and the signal exchange takes place over the two devices, and the car unlocks. He can then drive the car to the garage and remove the alarm, etc, in order to sell it on.

If Miscreant A following you about is too much, he can always drop the device in a handbag, etc.

Is this possible do you think?
 
Man of Honour
Joined
21 Feb 2006
Posts
29,297
So I sell my RS4 which was tracked by big boy car nabbers and buy a BMW and now they want that too, excellent. Known about this for a couple of weeks now anyway, it's insured so if they want it that much take it, it's a bit of metal.
 
Man of Honour
Joined
21 Feb 2006
Posts
29,297
Taken from PH

http://www.pistonheads.com/gassing/topic.asp?h=0&f=72&t=1121571&i=20&mid=0&nmt=

PH said:
I'm sure that no one is underestimating the issue, but the theft of BMW's is now at an epidemic level.
It is a BMW issue,across the board on cars using the can bus 'block' type key,across the range.I would suggest that the more 'mainstream' models and not M vehicles are a better target as the parts are easier to sell on as there is a bigger and ready market.Thats not to say that an M vehicle isnt a target,its just harder to move about before disposal,whether on false plates or not.
The risks of using V5 documents to get duplicate keys from a dealership,is a thing of the past.
They are being stolen as follows.
Thief targets your car and will either gain access via smashing the window or jamming the signal when you come to lock it.Jammers are cheap when compared with the profit on selling your car on as parts etc,so a thief may even leave one concealed near to where your car is normally parked-pre-emptying your and subsequently,their return.
Access is gained to your car and obd equipment is plugged into the port which reads the data that the key uses to 'communicate' with the car and vice versa.This takes seconds.
A blank BMW key (mostly manufactured in China and bought for a few pounds) is then programmed with this data.
Your car is driven away,all within minutes and stripped or exported.
Don't confuse any of this with the copying of the signal transmitted from the key,as used to happen pre-Thatcham.Random encryption solved that problem but this new wave seems to have created a new gap in the system.
Regarding jammers,they are also being used more commonly as the audible arm/disarm feature has been deactivated on bmw's.Unfortunately,too many owners just assume that their cars have been locked without checking.
As mentioned,Autologic software can re-enable the arm/disarm chirp in seconds(I have just had this done on my vehicle).
The same jammers will also work
To block any Tracker signals.
Comfort access has its own problems as on some systems,this tends to 'work' at quite a distance and this signal can easily be copied and retransmitted to allow access to your car.
The jury is still out as to whether this will allow your car to be driven away due to the different operating systems,but I believe that some manufacturers aren't pushing comfort access as an option.
Sorry for the waffle,but I thought that as it was being discussed,I would put a lengthy explanation.
BMW are well aware of the issue and it seems,are quite happy to fob off their customers.
 
Soldato
Joined
27 Sep 2004
Posts
13,281
Location
Glasgow
Glad this thread popped up. I've been looking into newer BMW models lately whilst also contemplating the possibly of break ins to get the keys. I don't stay in the nicest of areas and BMWs are a bit of a rarity around here unless it's of the 90's E46 variety.

Funny though, there's brand new Fiestas, Clios, meganes, corsas and astras yet not a 'premium' brand in sight, regardless of age or price.
 
Associate
Joined
23 Sep 2009
Posts
324
Access is gained to your car and obd equipment is plugged into the port which reads the data that the key uses to 'communicate' with the car and vice versa.This takes seconds.
A blank BMW key (mostly manufactured in China and bought for a few pounds) is then programmed with this data.

lol what? this seems like a rookie programmers mistake. The key data shouldn't be accessible to the program itself, let alone spat out on the odb port.
 
Back
Top Bottom