A wireless remote system used by Mercedes, Jaguar, and Honda (among others) has been compromised....

http://blog.wired.com/27bstroke6/200...chers-cra.html

 

I wish I knew that answer.

If it does, this justifies my current behavior of locking my door with the lock button inside ther car prior to exiting the car.

On the other hand, I wonder how close someone would have to be, though, to sniff the electronic communication required to OPEN the door if you're standing next to the car and using the door handle. The owner's manual says that part of the keyless entry system works when the key is within three feet of the desired entry point.

 

Soon we will be back to manual locks.

 

and the thieves will be back to slim-jim's and coat hangers.
vicious cycle...

 

I used coat hangers in the old days (to get into my own car), but can't figure out what a slim jim would do for me.

I thought about it for a few minutes but I give up. Tell us how you got into a car with a slim jim

 

OK, I'm an idiot. Just dawned on me what that probably was and did a google to confirm it. As you can tell I was never a car thief.

I actually had a cop use one of those to open my car for me years ago. Didn't know that was what it was called.

 

There will always be a univeral key.

A brick.

 

bullet proof glass.... anti brick device.
I did have a friend that had his car broken into by someone who DRILLED the lock out.
insurance had to replace the entire door!

 

I think this is probably the system the RL uses - since Honda is the first manufacturer mentioned and the type of keyless access used on the RL is referenced too.

I think the threat is fairly low. Technically - it likely is possible to read the data when unlocking the door from quite a distance (several meters at least). But I still feel the threat is low.

That is why you have insurance.

Also - with the RL being "unpopular" it doesn;t make it a big target, like Mercedes would be.

 

dont bet on the insurance.
dirty little secret, the insurance companies have been using the fact that cars are encoded with 'theft proof' keys and other factory anti-theft tech as a reason to deny theft claims.
Really, there was a huge expose in Wired about this.
the issue is this, when the owner claims that he is in possession of all the keys, and that his car was stolen, the insurance immediately suspects fraud.
After all, if you cant start the car without the transponder key-and you have all the keys, then how does the car get stolen....
well turns out that all cars have a back door that will let you start the car without the coded key, all you need is a copy of the physical key to insert into the ignition.
the hack is this, if you can insert the correctly cut key into the ignition, without the transponder (chip) all you need to know is what is the correct sequence of parking brake and turns of the ignition switch, and then after the correct sequence, the car will start without the encoded key.
So there have been plenty of cases where cars were stolen, and recovered and the insurance wont pay for damages because they saw the car was not 'hotwired' or otherwise tampered with, and so they assume that its fraud on the insured part.
Now the ins companies know of this 'hacking' of the car- but they just use this as a reason NOT to pay the claim.
So, now that the keeloq system has been cracked, if your car gets hacked, hijacked and stolen, the ins company will start with, do you have all your keys and fobs...?
you can see where that could go.
So dont assume that your ins will just be nice and pay, they will be looking to reduce the claim or deny it.

 

I rarely use the button on the fob to lock. I almost always just touch the dimple on the door since you have to be within two feet of the door for the car to "see" the fob.

 

After 35 years in the insurance industry, I can tell you this is more urban myth than truth.

The insurance company would have to have some concrete reason to suspect fraud to deny your claim on that basis. They're not going to run the risk of suits or bad faith claims unless they have information that suggests you are scamming them.

A big percentage of stolen cars are taken on flatbed wreckers, and who has the keys is not even an issue. And of course, insurance companies are aware of stolen codes and other methods used by professional thieves.

They will investigate, talk to the police, etc., but unless you're a shady character, or have had several cars stolen, etc., you'll get paid.

.
.

 

http://www.wired.com/wired/archive/14.08/carkey_pr.html

Read this then.

 

I have never even heard of that insurance company and I've been in the insurance industry for over 20 years.

I know insurance companies get a bad rap, but you do get what you pay for.

 

'The most stirring notes were from those who got spurned by their insurance companies. John Hutton, an architect from Fairfax, Virginia, lost his Acura RSX last fall and was reimbursed only after six months of aggressive wrangling with Geico. “The inspector treated me like I was a liar and a criminal,” Hutton says. “It all kept going back to the transponder system and their belief that ‘You can’t steal it! You can’t steal it!’” Sally Nguyen’s Acura TL went AWOL last New Year’s Eve and was later found gutted and submerged in the Sacramento River. When an investigator from her insurance company, Esurance, dropped by her house, he left a business card on which he’d scrawled, “Regarding your ‘stolen’ Acura.” Six months later, Esurance denied the claim, citing her car’s security system. Esurance wouldn’t talk to me about her case. Mohammad Awan lost his 2002 Ford Explorer last year; his son wrote to tell me that his insurer, Progressive, felt the existence of a transponder system – plus other “red flags,” like Awan’s outstanding debt – amounted to enough evidence to deny the claim. “Your vehicle is equipped with an immobilizing trans-ponder system which will not allow it to start without the use of a proper transponder key,” read the denial-of-claim letter.'

Ok, Geico, Esurance, Progressive...
Now I think there is something more to this than you know of.
There is something wrong when you have to 'prove' the claim too.

 

Well, we don't know the whole story on any of these, and I still say no reputable insurance company is going to automatically treat you as a criminal if your car is stolen.

These things make great stories, but who knows if the guy in the article had a string of questionable claims, maybe a criminal past, or other suspicious things going on in his life. If not, the insurance company was really putting its cohones on the anvil, just waiting for someone to whack them.

.
.

 

An employee of mine just went thru this exact accusation by Farmers Insurance about a year ago. His crossfire was stolen, he had the keys and the immediate claim was that it was imposssible to be stolen. The car was found burned to smitherines. He had a very minor burn on his arm from boiling water that had occured 5 days before his car was stolen. I was a personal witness to this fact along with about 10 other people ( that the burn occured before the car was stolen). The insurance company spent the next six months grilling him with the lawyers only to deny the claim. He hired a lawyer and within a month was paid lawyer fees plus loss of vehicle fees and an additional 2k. It was the most outrageous denial of a claim that I have ever heard of. If this 23 year old kids parents did not have enough money to hire a lawyer, the insurance company would have gotten away with this. Sorry but I would never do business with Farmers. I realize this is unusual, however it smells as criminal as the insurance companies accusation.

 

Again, I think this is a wildly unusual story, but your employee sold out cheap if he was indeed treated that way. His lawyer should have - at the very least - pursued a bad faith claim against Farmers, which would have netted him treble (triple) damages. He should have come out with enough dough to buy 3 Crossfires.

On top of that, he should have sued for defamation of character, false accusation and mental and physical trauma. Farmers would have settled rather than go to court, and he would now own a big chunk of the company.

.
.

 

He would own an RL too.

 

If I'm not mistaken, someone will have to have access to your key (transponder) for at LEAST an hour to hack the "master" key. They still won't have access to "your' key, only the master that was used to make all of the keys for your particular run.

Once they have the master, they still need to have continuous access to your car to try repeated attempts at unlocking it with variations of the "master" key.

So, unless you ride the train for over an hour and are sitting next to someone with a receiver connected to a small super-computer I think we all are pretty safe for now.

Of course you can wrap you key in aluminum foil...or wrap your head in foil.

 

...here is the link to the slide deck.

http://www.cosic.esat.kuleuven.be/ke...eeloq-rump.pdf

 

Interesting slide show presentation. What, they are now offering formal training classes for car thieves?