- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or register to comment.
Looking at the numbers in Canada, the Conservative party would make us believe that car theft is at a level never seen before but the truth is there were proportionally more cars stolen back in the 70s, 80, 90s and sometimes even more cars stolen than now in actual numbers with less cars on the road.
I know it’s gonna sound completely crazy but… Maybe it’s going up because the economic conditions at the moment make some people desperate and no matter if cars were keyless or not, the same thing would have happened? 🤔
Probably a mix of things. People are more desperate and cars have been artificially inflated in value. A fucking new kia is 40+k today
Adjusted to inflation they’ve basically kept up on price for the equivalent model, but income hasn’t followed inflation…
Another point: for equivalent models. Car manufacturers over the past two decades have been dropping the more affordable sedans and such from their lineups, favouring their more expensive SUVs.
Maybe domestic manufacturers but that’s because they built terrible, disposable cars that nobody wanted.
Real wages are actually up even against the high inflation of the last few years.
Highly dependent on your industry and location. There’s a lot of people still on actual minimum wage. And it sucks…
Out of all the brands you picked the one that actually has cheap models. A rio starts at 17k and a soul at 20k. Most of its vehicles, including SUVs are sub 40k
You’re not going to be able to find base models these days, or if you do they’ll come with a bunch of options already installed.
Dealers learned during the shortage that people will pay for the mid range ones if that was their only option.
Regardless, Kia is still a stupid choice to try to prove that particular point.
Great now find it for that price at the lot.
And it’s going to be about 5k more the second you walk in the door because they advertise a price without add ons. They also don’t sell one without add ons. Then by the time finance is done you’ll be paying at least another 5k.
You Cannot Reason People Out of Something They Were Not Reasoned Into 🤷
Side note, never ever sign the first offer. They call it “first pencil.”
FYI, Canada requires immobilizer by law. We can’t be used to compare to other countries for that reason.
I’m pretty sure the only companies that didn’t include them as a standard feature until recently was Hyundai/Kia. Back in the 90s and 00s, Hondas were by far the number one stolen vehicle in the US and they had chipped keys.
I mean, yeah for many decades car theft was worse. But it kind of got sorted out. Now with the current, honestly inexcusable vulnerabilities, theft has gotten worse again. There were a number of years with keyless cars they’re just fine.
They weren’t fine and people were stealing them, just not as much.
Keyless cloning isn’t new.
Just a writing tip: separate your points into distinct sections.
Your point makes sense, but reads better when broken up into distinct paragraphs or thoughts.
It’s already separated into two paragraphs, separating both points I’m making.
Certainly is after your edits. Thanks.
…
I didn’t split it in two as an edit, it was split from the get go…
Edit: I looked again and the only difference is that I added “proportionally”
It’s always been vulnerable, but dismissed because common criminals didn’t have access to required tools and the technical know-how to defeat common keyless entries. But things has changed and many entities start selling tools on the cheap to defeat keyless system such as flipper zero flashed with honda rf capture, etc.
So, when are car corporations gonna be held liable for selling products that are designed to be left out in public but are super easy to break into with cheap as fuck hardware?
When the insurance companies decide to not insure those models and people stop buying them because they can’t get them insured.
They are, that’s called people stopping buying their cars.
That’s not being held liable. That’s just the market forcing them to change. Fixing the problem going forward doesn’t fix the IB problems.
Besides, the market for cars is still terrible, and cars are a necessity these days. I’m not optimistic that consumers can pressure meaningful change with their wallets. (Who can afford not having a car for 6 months, waiting for the perfect car?)
I wouldn’t say the market is that terrible for cars, if you insist on only buying domestic new cars yea, but the used and import markets are massive.
In Canada, car theft was a major problem before 2010 until engine immobilizers became mandatory since 2007 on all vehicles made in Canada
Then everyone got too comfortable. The regulatory bodies and car manufacturers were too focused pretending doing some work and publishing all the buzzword-of-the-day “accomplishments” they were doing while patting each others backs without explicitely requiring manufacturers to comply/implement immediately anything. Meanwhile, manufacturers were happy to integrate almost off-the-shelf “children’s RC” car starter pack obfuscated through invisible/non-existent security and protected under dubious industrial secrets.
Obviously, criminals smelled the easy money. Starting around 2013 — mystery car unlocking device | 2015 — signal repeater car burglary, car thefts by relay attacks were known by automakers but ignored as one-offs, too technical, already dealt with by law enforcement to lets pretent it’s not that big of a problem or leave it to the police. Meanwhile, insurance claim replacement vehicles are selling like hotcakes and it is “convenient” to ignore the problem.
The following years various reprogramming theft become known and finally CAN bus injection — new form of keyless car theft that works in under 2 minutes or in depth investigation by Dr. Ken Tindell, becomes so easy, so cheap and widely available that even kids uses them to gain Youtube/TikTok followers.
Car hacking was a becoming serious concern during the pandemic, but now it’s simply ridiculous and as if current automaker included/provided anti-theft/GPS tracking were (un)knowingly made “defective”.
Hence, everyone is playing catch up and blaming left and right on who is responsible for this in-slow-motion public safety disaster.
Brian Kingston, president and CEO of the Canadian Vehicle Manufacturers’ Association, which includes Ford Motor Company of Canada, General Motors of Canada and Stellantis, said increasing the risk of prosecution is the most effective way to deter vehicle theft.
“And at the same time, providing more outbound inspection controls at the ports to prevent the flow of stolen vehicles to foreign markets by organized criminal organizations,” he added.
New vehicle safety standards have been published (rushed?) recently. We will see if all the panic settles down like after 2007.
Moreover, the exponential prevalence of car theft also laid bare the incredibly poor and ineffective security at the various ports of Canada. Unsurprisingly, it has been a known constant devolution:
(A partial repost of my same reply for a similar thread about the Canadian Government rushing to look like they are doing something, please check my post history for the other thread)
I’m glad you added the bottom of that because I 100% was going to ask you where you found that because that looked familiar lmao
They’ve known far longer than that…
When was the invention of the immobilizer again? Oh yeah: 1919 104 years ago. With keyless entry being 1981 43 years ago.
Yet theres still cars on the road, built long after those creations, that you can start with a usb cable… (and that’s just for the physical shape, not any sort of data)
Where’s the evidence that this stuff is even happening at a high enough rate to even be noteworthy? It seems these articles come out every couple of years, always heavy on claims and light on facts, trying to drum up FUD based on almost nothing but chatter. Last time it was a single grainy night-time video of a couple cars in a driveway where you see the lights flash and theives open the car.
The article claims insurance rates are skyrocketing due to car theft, yet their own article from January they cite states that insurance rates have skyrocketed due to record high inflation.
The article claims police close these cases out in 24 hours which means they aren’t even investigating the crimes to find out what happened. They also quote the police who stated that ‘car crimes’ are down 39% since 2010. Police aren’t stating this is an issue.
They quote a couple manufacturers who have higher rates of stolen vehicles and all they state is that they take security seriously and are working on improvements. There’s no admission or statement here that this is even occurring.
Finally the only remaining evidence is a paper written 12 years ago theorizing that this could be an issue. Hardly proof that it’s currently occurring.
To me, it just sounds like people who’ve watched too many movies like Gone in 60 Seconds and don’t understand technology very well who’re screaming that the sky is falling.
While my car wasn’t stolen, something very similar to this did happen to me. At the time, my wife and I kept our keys by the door. Our tenant did not, opting to keep the keys in her room. Sadly, my cameras didn’t catch the person, but you can see their silhouette approach the driveway, then the lights on my wife’s and my cars flash (exactly as you describe) before the person entered them and searched them. (This was during lockdown, so we weren’t travelling anywhere and so fortunately didn’t have anything of value in our car.) Our other friend’s car did not open.
I’m not suggesting this is an epidemic or anything, merely that it’s possible.
ETA: We only had one copy of our keys each and at no point did they go missing. The police did come to investigate (apparently it happened to at least several people on our street) but we never heard back. Presumably the person was not found.
It’s called a relay attack. Thieves just amplify the normally very weak signal and intercept communication. This allows them to unlock the door, and if push start, bypass the immobilizer to start the car. If a key is still required, this doesn’t work for starting the car.
The general rule for key fobs is never keep them near the door where the car is parked. Place them on the opposite side of the house. If you want to, some suggestions around the web include making a homemade Faraday box to put your key fob in.
Indeed - nowadays my keys are far from anywhere accessible from the outside. Thanks though!
interesting. Usually they will try to start your car and take off using that signal boosting method.
I think this individual was going for lower hanging fruit (and presumably hoping for lighter consequences if they got caught, though I’m not sure that’s what they would have gotten).
In this case, after talking to neighbors, it seemed like they were just going down the street, briefly stopping at each driveway, breaking into whatever cars they could, quickly going through the glove compartment and center console, and stealing anything they perceived to be of value.
Could anyone with more knowledge confirm, but couldn’t they just do what some car companies are doing and have a system by which you can just disable keyless entry when it’s parked up at night?
If I’m at home and my car is parked up where the key could potentially be repeated then I just disable it by locking the car using the key and tapping on the door handle, which disables just tapping the door handle to unlock it again, and only the unlock button on the key works. As far as I understand it resolves this issue, unless I’m missing something?
That won’t work for human reasons: few people will remember to lock the car that way at night-
That’s a very simple process, I’m sure people would be more than happy to do that on available vehicles.
Have you met any non-technical people?
In my mom’s basement? No.
In theory (barring the bit where you could literally break into Hyundai cars of the last few years, plug a USB stick into them and drive away), it is technically easier to steal some older vehicles without keyless entry (any car that has a key but doesn’t require that key to communicate with a security module). A criminal can (and some do) drill out the ignition lock cylinder, insert a blank one and then drive away with any thin bladed metal shank (flathead screw driver) as if nothing happened. Buy a new keying kit, and they take only a couple of minutes to install assuming they even care to do so (chop shop might care, joy rider won’t, someone interested in rummaging through the vehicle and dumping it won’t etc).
The keyless entry systems implemented on new cars work by having what’s essentially like an RFID in the key that communicates with a security module or multiple modules in the car, and this transmission is pretty much always active and only checked by range. If the car is close enough to where you hang your keys by the door the car may pick up this signal, and in the case of vehicles with keyless entry where you just need to touch the door handle with the key nearby that would give the thieves entry to the vehicle.
They use the tech that Canada is trying to ban to intercept that signal and another piece of tech to basically repeat it so the vehicle thinks the thieves have the key. Then using a GPS blocking tool they can prevent the car from pinging their location. At that point the only thing stopping them from taking the vehicle is their ability to take it out of park or start it. The tech to start it is fairly cheap. Taking it out of park is pretty simple for most cars if you already have access to the inside (ICE vehicles especially because there is usually a transmission selector switch attached to a cable that directly connects to the shifter (automatic or manual).
I could roll a car down the street if it was level or a light grade by myself and I’m not a big person. If you drive a truck or an SUV and that selector switch is on the bottom or side of the transmission that’s even easier and simpler to access (and doesn’t even require a thief to have access to the inside of vehicle to put it in neutral). If the horn is accessible through a wheel well? A thief can just disconnect it and the alarm won’t even sound. If they already have access to the inside of the vehicle a thief can just pull the horn fuse.
Automotive companies rely on the premise that there aren’t enough dishonest people in the world with the technical know how to circumvent their security so cost to benefit analysis says don’t worry about making it more secure until they’re forced to. Either by public demand, or by government oversight and regulation.
They use the tech that Canada is trying to ban to intercept that signal and another piece of tech to basically repeat it so the vehicle thinks the thieves have the key
Although if the signal is vulnerable to a replay attack just like that, it was a woefully poor design to begin with.
It’s why a lot of garage door systems don’t use a fixed code, but something more like 2FA codes, where it changes each time it’s used.
You’ll get no disagreement from me. I feel the same way about RFID ID tags. I remember seeing a CSI episode once where girls were getting RFID chips implanted in their wrists or something and using that to pay door fees and tabs at bars. I would never. I can and have cloned an RFID badge (to avoid paying $80 to my apartment complex for a badge that was inaccessible because it fell into a crevice of a locker at a gym), and I gotta tell ya, it doesn’t take enough time for me to be comfortable using it as a security feature for most anything.
This seems a lot more complicated and much worse than just using actually cryptographically secure keys to verify that it’s the real key.
Or just not storing your key where it can be repeated 🤪 this attack is 100% mitigated by some distance or just fuckin’ aluminum foil.
You would need to put your keys in a faraday cage.
Distance doesn’t matter, as they can just use a bigger antenna or better amplifier. You find footage of people using large loops of wire to capture the signal from the keys
Sure, you could and probably should do that. But is that something the consumer should have to do?
At what point is a design flaw/defect the consumer’s responsibility?
We just shut off our Toyota fobs every time we park, it’s a few extra button presses on the fob but gives some piece of mind. Why they can’t just put a simple power toggle on the fob that everyone could easily use when done is beyond me. Most people, Toyota employees included, didn’t even know the fobs could be powered down with a button combo.
deleted by creator
Everything with more tech or smart isn’t always better.
This is the best summary I could come up with:
A device disguised as a games console - known as an “emulator” - is being exploited by thieves to steal vehicles within 20 seconds by mimicking the electronic key.
Police facing a spate of keyless car thefts in many neighbourhoods are closing some cases in less than 24 hours even when CCTV footage is available.
Jaguar Land Rover announced a £10m investment last November to upgrade security for commonly stolen models for cars built between 2018 and 2022.
The Observer investigation reveals other vehicles with similar security loopholes, with Hyundai confirming this weekend it working “as a priority” to prevent an attack on its cars by criminals “using devices to illegally override smart key locking systems”.
An article by Stephen Mason, a barrister specialising in electronic evidence and communication interception, in Computer Law and Security Review in April 2012 warned keyless systems could be “successfully undermined” and unless manufacturers improve the design cars would be stolen without forced entry.
Mike Hawes, SMMT Chief Executive, said: “Car makers continuously introduce new technology to stay one step ahead of criminals.
The original article contains 623 words, the summary contains 178 words. Saved 71%. I’m a bot and I’m open source!
Business bros didn’t care, you say?
Literally any vehicle not made with more than 4 week old tech is subject to theft, the people who write articles and pass laws don’t understand anything but near as I can tell. I’ve worked on cars all my life, but I lost interest after my early 20s on keeping up. I can steal any vehicle built before 2000 in a few minutes, getting into seconds pre 94. The “kids today” who’ve worked on modern cars all their life can do this to anything new fast, it’s the old junk that might slow them down.
5 years ago, a 70-year-old towtruck driver/mechanic told me how he learned of the tools criminals can use to steal keyless entry vehicles. Anyone worth half their salt in the industry knows it’s possible and how it’s done and has known for a while.
