Motor Mouth: Car keys are no longer safe in your pocket
In a test set up by the German group Allgemeiner Deutscher Automobil-Club, two studs steal a BMW three Series Touring with a signal amplifier.
Thieves use signal amplifiers to steal your car. And some automakers don’t care
This is all that an enterprising youthfull — and digital-savvy — car thief has to do to steal your fresh, high-tech, it’s-computerized-so-it’s-got-to-be-luxury sedan. Very first, go after you into your favourite chic little boîte, wait for you to get nice and comfy at your favourite table, then walk over and ….
Local Pricing & Incentives
- 2018
- 2017
- 2016
See what your neighbours are paying
That’s it. Sit down. No violence. No subterfuge. Actually, no interaction at all is required. He doesn’t even have to be facing you. Just sit down at the table next to yours and maybe sip a little oh-so-fruity Chablis.
Meantime, outside, another bad actor, with a similar lack of fanfare, walks up to the car that you’re absolutely sure you locked – you hit the lock button twice and the horn beeped, didn’t it? – and opens the door as if he was Ali Baba himself. He thrusts the starter button – yes, the high-tech, anti-theft random-number-generating keyfob is still in your pocket – and quicker than you can say “open sesame,” your fancy fresh Mercedes/BMW/Audi is on its way to a shipping container destined for Upper Slobovia.
Even the trick to this subterfuge – an “amplifier” that increases the output of your keyfob’s radio transmission that artful dodger No. One has in his pocket – isn’t particularly complicated, experts who know better than I telling they’re not much firmer to construct than the little Heathkit ham radios we old farts used to put together when we were the avant garde of high-tech.
RELATED
Top ten ways to avoid getting your car hacked
The only defense against such seemingly ordinary trickery is to construct something called “Faraday cage” – you know it as the proverbial tin foil hat every dime-store Hollywood director scripts into their “conspiracy theory” blockbuster – or keep your keyfob in something impervious to radio transmission like, say, the icebox in your refrigerator.
I know, I know. You’re thinking this is a joke. So did I when I very first penned that exact same recommendation some three months ago in Top ten ways to avoid getting your car hacked. Who could earnestly recommend you commence wrapping up your car keys in Reynolds Wrap or hide it under the Swanson’s TV Dinner as a serious deterrent to auto theft?
Allgemeiner Deutscher Automobil-Club e.V or ADAC, the German equivalent to the AAA, that’s who. In a latest public announcement, they put together a movie depicting exactly the screenplay described above to illustrate how effortless it is to steal a modern car. Car theft never looked so effortless – or so comfy. Even more telling, however, was some actual footage showcasing two reprobates stealing a fresh BMW three Series Touring in less time than it takes the holder – you have to fumble in your pockets for the keyfob, after all – to get in and embark his own vehicle.
Perhaps what will surprise you the most, however, is ADAC’s list of vulnerable vehicles. This is not a bunch of low-cost rust buckets lacking in supposedly high-tech protections, but a veritable who’s who of high-dollar automobiles that most owners are wooed suggest all manners of protection. BMW’s seven Series leads the list, but Audi’s A3, A4 and A6, Ford’s Galaxy (a Sienna-like minivan Ford sells in Europe) and VW’s high-performance-diesel GTD version of the Golf are also vulnerable. Indeed, the only car the automotive club couldn’t unlock was BMW’s i3, but they could embark its little three-cylinder 1.5-litre engine. “The radio connection inbetween keys and car can lightly be extended over several hundred metres, regardless of whether the original key is, for example, at home or in the pocket of the proprietor,” said ADAC’s researchers.
What made their announcement all the more interesting is it coincided with the very first automotive Cybersecurity super summit held July twenty two nd at Detroit’s Cobo Hall, the very same gargantuan arena that hosts the North American International Auto Showcase every year. Hosted by Thomas K. Billington, it was a veritable who’s who of doomsday prognosticators. Homeland Security was there as was the FBI, the DOT, NHTSA and even the American Federal Trade Commission, each attempting to out-trump the other with tales of the terrible calamities that the modern connected car might wreak on an unaware public. What commenced out at 9am as predictions of ne’er-do-wells merely misdirecting Autopilot, were, by 4pm, prophecies of Nice-like truck rampages, only with hundreds of inter-connected, self-driving busses (a la Tesla Master Plan, Part Deux) wreaking unimaginable havoc.
All the assembled – there were many automotive captains of industry nodding their collective affirmation – agreed that the only solution was accomplish technological transparency and an unprecedented level of co-operation. Not only inbetween industry and regulators, they also claimed they could put aside the industry’s famed inter-brand Hatfield-McCoy-like chicanery for the public good. They even formed an organization – much self-congratulation here – called the Automotive Information Sharing and Analysis Center (Auto-ISAC) that will dedicate itself entirely to the thwarting of high-tech skullduggery and protection of its automotive citizenry. Such was the level of official co-operation on display before the cameras.
In the hallway outside this august arena, however, we got a different story. One marketing manager from a well-known computer security software provider (I’m withholding his name to protect the gratefully direct) complained that some car companies – not all, he was careful to point out – are not willing to spend even a dollar to augment their cyber-security. That’s not $1 for a superior anti-theft key fob mentioned above. Or even $1 to protect the ECU to prevent the horrible acts of terrorism all the prognosticators of doom were predicting. That’s $1 per car for all the cyber-security measures needed to protect you and yours from any intrusion well — from plain auto theft to hijacking with nefarious intent – a high-tech miscreant might want to perpetrate on a car that, let me remind you, very likely cost you anywhere inbetween $20,000 and $150,000.