So I could rent a car for one day, duplicate its keys, then steal it the next day?
That's me looking for my car keys...
Dutch and British researchers Roel Verdult and Baris Ege, the duo behind the revelation that many VW cars have a security flaw, have now revealed that Ferraris, Maseratis, Pontiacs, and Porches that use Megamos Crypto transponders can be stolen. The duo demonstrated how the Megamos engine immobiliser, which unlocks when an …
If you have the key in your (temporary) possession there are easier ways for most cars.
EBD-II port is your friend. Just program a new key. Very few cars require a PIN and/or using a master key instead of the "mere mortal" key to perform this operation and the gadget to do it costs 20 Eu.
So frankly, if your car does not have special "valet" mode and if it is not documented to turn off all key programming functionality in that mode I suggest you park it yourself.
Oooopps... Sorry... forgot... Luxury vehicle. Parking it yourself is an insult to the snobbishness of the driver. Oh well, do not complain it got nicked then.
@Mark 85
You quite clearly DO NOT have a Ferrari.
If you have a Ferrari making a point of giving the cerf at the Casino door your keys comes with the territory. After all, what would be your priority - the Ferrari or the "accessory" which came with it.
"If you have a Ferrari making a point of giving the cerf at the Casino door your keys comes with the territory."
Fuck that balls, I'd be blipping and revving it in the car park and making the exhaust note reverberate off the walls, lowering the property prices of every building within aural range.
Some of us like cars as something more than a status symbol (although fewer and fewer of us these days, it seems :-( )
Steven "vroom" R
erm... Correct I don't have one. But to me it would be for the driving pleasure.. the engine sounds, etc. and not the status. My reasoning for not letting the pimply faced kid park it for me (or take it for a joyride) is one of not wanting to have to fix whatever they break. I have had high-performance cars in the past, and no one, absolutely no one was ever allowed to drive it but me. Picky I am.
Rather than running to the courts why don't vw just fix the problem?
It could be because the security researcher needs the publicity quicker than it takes to fix the problem. This means the company is told "here is the problem and I'm going to publish this in xx days" rather than "here is the problem and I also have the skills to fix it" (which is IMHO a heck of a lot more impressive).
It's only an assumption, of course, but I have seen a number of disclosures of late that have more to do with ego tripping than honest work to improve security.
Ferarri, Maserati, etc...
In other words, people with money, meaning people with influence and, perhaps more importantly, people who know just how influential they are.
I wonder how quickly said manufacturers will pony up that additional $1 to solve this problem. For a business based on image, this is one heck of a smear.
Ferarri, Maserati, etc...
In other words, people with money, meaning people with influence and, perhaps more importantly, people who know just how influential they are.
I wonder how quickly said manufacturers will pony up that additional $1 to solve this problem. For a business based on image, this is one heck of a smear.
The issue is not the brand, it's the make of the component they all share (a bit like Hella lights or Bosch electronics). That supplier has to come up with a fix, and then handle the enormous blowback from all these car manufacturers for exposing their customers. It could get very costly because as far as I can see it requires a recall and the exchange of a part (read: labour & operational costs, and we all know what a garage bill looks like when there is labour involved), so I suspect the fight will be as to who will pay for all that.
Having said that, they knew who they were selling to. If they didn't bother doing some basic security testing they were really asking for it.
If that sounds too much like hard work for appx £10 you can buy a "VAG drive box" off ebay and just turn the immo off if its an older VAG group car.
Quite handy when the rfid coil in the steering column dies and you don't fancy dismantling the dash or paying the pisstake price of a replacement.
When reading that, an item in the 'related content' caught my eye.
Extreme porn charge as man caught with video of sex with a fish
after Volkswagen spent some two years suppressing the work discovered in 2012.
They have form here. There are at least two cases of nailed-on candidates for recall[1] that VW spent years resisting claims from affected owners and baffling the regulators with bullshit over, rather than just take it on the chin.
They're also one of the worst manufacturers for getting "goodwill" out of (a contribution to the costs associated with a major component failure when the vehicle is just out of warranty)[1].
I'm amazed anyone touches the ruddy things with a bargepole.
They must have the world's best PR department, as the actual quality of their products and their attitude to customer service is pretty much the exact opposite of public perception. Presumably their legal department is always busy keeping a lid on anyone or thing trying to tell the truth. If everything in life really were as reliable as a Volkswagen, the human race would have died out eons ago.
[1] Look up VW ABS/ESP unit failures (mainly Golf models, but most affected) and Passat injector failures here.
[2] Exploding 1.4TSI engines for a start. Those make the legendarily iffy Rover "K" series look like a paragon of reliability.
the actual quality of their products and their attitude to customer service is pretty much the exact opposite of public perception.
Indeed.
I laid out my past grief with VW in a post here. The actual fault was that they had cheapskated on the wiring - all the connectors had barbed bits to accept a rubber strain-relief boot, but they hadn't fitted any. This probably saved about £2 per car - at the cost of problems later in life.
The bigger issue, IMHO, was the run-around the stealr gave us whilst fialing to fix the (somewhat obvious) problem...
Vic.
I think I'll stick with my 20 year old Mercedes, and its real key, with no remote-unlock at all. the key arms and disarms the alarm system, and if you somehow get into the car when its armed (maybe I left the top down?) the starter motor is disabled. the ignition lock and whole under-dash are well armored so the old hollywood trope of riping out the wires to hotwire it doesn't work so good.
oh, and the keys are a tricky steel side-milled key most key machines can't duplicate.
The lesson here for critical security issues is to arrange embargoed copies somewhere else in the world which will be published anyway.
And tell the judge that it's already been distributed PRIOR to the order being sought.
Or simply not bother to tell VW in advance - they've amply demonstrated that they don't give a shit about anthing except PR and profit. (I'd still put embargoed copies out, in case they get wind of the paper and take action)
Bear in mind that next time, VW or its ilk will go for ex-parte orders complete with gagging superinjunctions.
My car will never be stolen as
A: It's a girls car, apparently
B: It's one of three of the colour and type within 100 square miles
C: It's a complete bloody shed. Haven't washed it in about five months as doing 100 miles a day means it's covered in flies after a week anyway. It's due a wash really, before it turns even more brown (the other brown is rust).
Never had anyone mess with it. My Micra got more trouble.
Steven R