Jeep Garage  - Jeep Forum banner

Keyless entry vulnerability

11K views 41 replies 13 participants last post by  Bmwister 
#1 · (Edited)
#2 ·
No pun intended, but the possibility of theft is remote being that the thieves need to figure out whose car they want, where it is, where the owner is, and expeditiously position antennas near the owner/key and vehicle with an amplified signal transfer to make it work. Even then, once they drive the car away there is no fob inside so they'll eventually find the JGC disabled. Interesting article nonetheless.
 
#4 · (Edited)
You are correct. However, I still think allowing engine to run if key is not inside the car (as it works in WK2 and probably a lot of other cars) is not a good idea IMO. The way it should work is if you started a car somehow computer should still keep checking for key inside every X seconds. Then if key is not present you are alerted and in 5 minutes engine is disabled or speed limited to 5 MPH. Only way to enable it back again is through the dealer.
 
#3 ·
That's an interesting concept, but it would be difficult to put into practice.

Essentially what they did is establish a radio relay from your key (where ever it is) to your car, fooling the car to think it's within range of the key. So they had to do two things:

Easy - Bad guy one stands with an antenna and powered relay module very close to your car.

Hard - Bad guy two stands with an antenna and a powered relay module within a few meters of YOUR KEY. Depending on where you're located, this would be challenging in a couple of ways -- If you're far from the car, it would be difficult to discretely provide enough power to complete the link. It also requires them identifying you as the owner of the target car.

So there are scenarios that might make this work -- like your vehicle gets identified in the mall parking lot and a bad guy follows you away from your vehicle while the second guy tries to enter your car -- but this isn't a "The Sky is Falling!" problem.

I'm far enough from my car right now that the bad guy following me would need a ton of power to make this work. And I think I'd notice being followed by a guy pulling a little red wagon full of car batteries.
 
#8 ·
Yeah I wouldnt worry too much about this. Atleast in my case when my car is at home its in the garsge 100% of the time and I work for the U.S. Gov't so work is surrounded by 13' barbed wire fences. Even if it wasnt still not an issue.

James
 
#9 · (Edited)
I started the car remotely, then walked up to it and got in. Normally you THEN have to press the "Start" button to transition from "remote start" to "start" mode. And in order for that to work you have to have the fob.

I had the fob, but I didn't press the "start" button. I tried to move the shift lever from "P" and it would not move. So even if a bad guy is SITTING IN THE DRIVERS SEAT when you start it, he still can't just drive it off.

In other words, having the car start remotely doesn't help the bad guy very much. First it will only run for 15 mins. Second you have to circumvent the transmission interlock. I imagine there is probably another failsafe after that, but I'm not going to jamb my transmission to satisfy my curiosity.

Ultimately it would be easier for him to break the window, put the trans in neutral, and tow it.
 
#10 ·
I started the car remotely, then walked up to it and got in. Normally you THEN have to press the "Start" button to transition from "remote start" to "start" mode. And in order for that to work you have to have the fob....
But the thief relay is still on. Car thinks fob is inside. Nothing prevents thief pressing "Start" button which will unlock transmission interlock and engine will work until it is stopped
 
#11 ·
This raises a related question that I haven't had time to research (and my baby is way too new for me to have put myself in this situation):

Has anyone been in a valet situation yet? Did you just toss the fob to the attendant and hope for the best? I think that if there's ever a chance that I'll be getting my vehicle parked by someone else, I'll pack both fobs and keep one on me just in case...
 
#12 · (Edited)
What are potential issues with valet situation? The only one I see is that they will lock your key in the car. What I do is give them FOB ONLY - metal key that unlocks the driver door stays on my chain. This, of course, is only partially helpful - if valet locks your key in your car while you are not around he probably won't have your cell phone # to call you right away.
 
#15 ·
We're getting off-topic here, but the consequences of stopping the engine or limiting it to some very low speed would be really devastating to Chrysler and maybe to the driver.

Remember that Chrysler is designing this for the real world, when things DO fail. With a vehicle this complex, even mapping all the failure modes is impossible -- let alone anticipating them. And they have to design so that it NEVER fails into a hazardous state due to liability issues. So, since they can't GUARANTEE that the system would never wrongly think there was no fob (or that the fob never dies while the vehicle is in motion), they MUST design it to never cause an issue like slowing down to 5 MPH on an expressway.
 
#17 ·
If there is a warning and 5 minutes delay I don't see a problem - this is enough time to get off the expressway. Maybe make delay longer - say 10-20 minutes.

On a related note no component is fail-proof - car can become disabled for a number of other reasons. Say something breaks in the engine and car stops - I can't see this as a liability issue for Chrysler. Things happen.
 
#16 ·
That is a great point, I wouldn't want the system shutting my jeep down on the freeway going 65MPH! I am curious to know if you start the car, leave the key fob behind and start driving what would happen. You would be starting from a complete stop so I wonder if that makes a difference.
 
#20 ·
Although they may be able to steal your car using any of these methods, but it will only run until it runs out of gas or they shut it off. I don't see without hacking how they could bypass the computer to restart the car without the key fob. I guess if you are concerned about theft, you could always lojack it. My thinking is, if they really want the car, they will figure it out one way or another.
 
#22 ·
Although they may be able to steal your car using any of these methods, but it will only run until it runs out of gas or they shut it off. I don't see without hacking how they could bypass the computer to restart the car without the key fob. I guess if you are concerned about theft, you could always lojack it. My thinking is, if they really want the car, they will figure it out one way or another.

Assuming they can get the car first. Restarting the car after reaching their destination is of no use or consequence.

The name of the game with late model, high production vehicles is "chop shop". Get it to the location, shut it down, tear it down and e-bay or black market the parts.

High end cars are the ones that will change hands or countries in one piece after theft. Think Porsche, Ferrari, Asti Martin, etc..
 
#21 · (Edited)
This is not necessary just to steel a car. The car is too big of a target and it may have a Lojack etc.

What thieves want is to get access to the car and steal your laptop, wallet etc. It is far easier to do and a lot more difficult to demostrate that they did it.

There are many cases in europe,( the highways, have usually rest areas with gas stations restaurants etc) where this has happened.

I have a friend who claims it happened to him. I say claims, because he cannot prove it. usually the thieves park in an empty spot and you the victim, would park next to them. The moment you push the remote key button, you are done.

The mall would be a very easy place to have this modus operandi. This is why I never have anything valuable in my car.
 
#28 ·
True. However, that does you little good on the convenience scale when you're traveling out of town and are 1000+ miles from home. I've already rigged my JGC with a kill switch as I do with all my cars if I'm going to be parking for a length of time in a "target rich" environment like a mall or the airport. I don't want to reveal much detail, but it's my own private creation that kills electrical power instantly when switching out of Park if I didn't previously set multiple, hidden switches to the correct detent positions (like a combination lock); it's simple and effective.
 
#30 ·
with my lexus which has keyless fob ive gone to the car wash and left without the fob on me. had to drive back an hour later to get it. if i had turned off the car without realizing i would have been screwed. kind of off topic but figured id mention it. make sure you dont make my mistake
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top