my gt3 STOLEN: UPDATE FOUND TORCHED
12-20-2009, 02:12 PM
#410
Poseur
Rennlist Member
Rennlist Member
The Freedom of Information Act would allow the information to be made public. Everyone with a 997 should know whether a key was used or some other method to gain access to the car. If the thief acted alone he had to be a Houdini with getting into a car in less than 3 minutes--or he had an accomplice, or a key. But we'll all like to know. Since the thief was driven off from the fire scene by an accomplice we know that angle. It's the unlocking and starting the car part I'm still curious about.
12-20-2009, 06:14 PM
#411
2nd Gear
Join Date: Dec 2009
Posts: 2
Likes: 0
Received 0 Likes
on
0 Posts
Not that hard to gain access.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over.
Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over. Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
12-20-2009, 07:20 PM
#412
Addict
Rennlist Member
Rennlist Member
Not that hard to gain access.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over.
Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over. Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
12-20-2009, 07:21 PM
#413
Rennlist Member
Not that hard to gain access.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over.
Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software. Numerous BMW's have been taken from dealers via this route and with their new keyless fob and remote start as stock options. Yep.
The key part isn't really hard, either jam something big inside or destory the dash and pull the plug out hastily.
I love it how you guys described the RFID chip as a "glass circular object" that was hilarious.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over. Car security is a fickle thing because it's proprietary design and it will never perform well with age. Plus the knowledge to disable it is quite common since "what if a customer has a problem with the transponder system" it means the dealership techs have to diagnose and fix it. So there you go.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
You wouldn't know anything about an Rx7 that was stolen in 1988 in Bloomington, IN?
12-20-2009, 07:24 PM
#414
Rennlist Member
Join Date: Sep 2006
Location: Vancouver, BC, Canada
Posts: 1,968
Likes: 0
Received 0 Likes
on
0 Posts
12-20-2009, 07:46 PM
#415
Nordschleife Master
there was a 60 minutes show about steeling cars. They asked a guy how to prevent him from take a car. His reply: "Don't buy one. If I want it, it is mine."
12-20-2009, 08:46 PM
#417
Racer
Join Date: Oct 2005
Location: Oceania
Posts: 477
Likes: 0
Received 0 Likes
on
0 Posts
Not that hard to gain access.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
Easiest way: Be within proximity of the key with RFID chip. RFID chip transmits data wirelessly, simple to do even with PDA's. Pull ignition out, start car.
Mediuem way: Break window, hook up a PIWIS from Bosch (Dealer system) reprogram with different transponder key, pull ignition and done.
Hard: Replace "ECU" with a unit that has security disabled.
Hardest: Brute force w/ laptop + yagi antenna and software.
This is what's basically inside the key, and the radio frequencys which the igntion socket gives out are enough to wirelessly power this chip to emit a transponder code back to the ECU which tells the car OK turn over.
P.S. The FOIA above is hilarious. It makes me think you guys are sorting this out to be like a conspiracy like the Kennedy assassination.
Please expand a little on each method--I need to understand this a little.
Using the" hard" method listed above- replace ECU with security disabled -- would that actually work? I was under the impresssion that using that alone that car will still not start?
12-20-2009, 09:56 PM
#418
2nd Gear
Join Date: Dec 2009
Posts: 2
Likes: 0
Received 0 Likes
on
0 Posts
At last someone with understanding of how it could be done( presuming any of the above will work!)
Please expand a little on each method--I need to understand this a little.
Using the" hard" method listed above- replace ECU with security disabled -- would that actually work? I was under the impresssion that using that alone that car will still not start?
Please expand a little on each method--I need to understand this a little.
Using the" hard" method listed above- replace ECU with security disabled -- would that actually work? I was under the impresssion that using that alone that car will still not start?
An easier way would be if you already had a porsche to play with, and use a tool like vag + the OBD2 cables which can be purchased quite cheaply online. Flash a new firmware onto the ECU and bam. Security disabeled.
For RFID, this link is all I need to explain. It includes a RFID writer (really it's universal as all chips used in the cars across the board (from porsche to honda) use the same ISO standard for writing and reading. Same tool with enough amplification can read the new e-passports issued by the USA and possibly the new "universal state id's" congress keeps trying to pass. More 1984 esque, hmm?
http://ufodiag.en.ec21.com/HITAG_2_K...8_3827461.html
This tool is only useful if you have the key within physical access, since it does not provide enough amplification and RFID chips aren't designed to send infomation more then a few cm.. but basically if you have the key physically you can have this on your body e.g. your pocket as you scan it the RFID chip, valet the car and then make an impression of the laser cut key and done.
But personally no one does impressions of laser cut keys, they use key depths to measure the lock and the numbers reported back can make an exact replica.
Heres an example of what I mean to measure the lock:
http://video.google.com/videoplay?do...cidfeed&hl=en#
12-20-2009, 10:38 PM
#419
Still plays with cars.
Lifetime Rennlist
Member
Wow!
12-20-2009, 10:57 PM
#420
:lol: It's hilarious really!
Way before my time. :P But models before transponders can be bypassed quite easily, with simple tools. A Brick, wire cutters and wire strippers are all thats needed to steal a majority of 80's cars, and even 90's. Steering wheel locks and other little improvements made it a bit harder but it's still quite simple today.
It depends on the way you do it, theres readily availble firmware dumps for several porsche models, which all you'd have to do is purchase a used ecu, unsolder the nand chips and manually flash it via a willems programmer and ta-da you have a ecu which is basically the same engine map w/o the immobilizer.
An easier way would be if you already had a porsche to play with, and use a tool like vag + the OBD2 cables which can be purchased quite cheaply online. Flash a new firmware onto the ECU and bam. Security disabeled.
For RFID, this link is all I need to explain. It includes a RFID writer (really it's universal as all chips used in the cars across the board (from porsche to honda) use the same ISO standard for writing and reading. Same tool with enough amplification can read the new e-passports issued by the USA and possibly the new "universal state id's" congress keeps trying to pass. More 1984 esque, hmm?
http://ufodiag.en.ec21.com/HITAG_2_K...8_3827461.html
This tool is only useful if you have the key within physical access, since it does not provide enough amplification and RFID chips aren't designed to send infomation more then a few cm.. but basically if you have the key physically you can have this on your body e.g. your pocket as you scan it the RFID chip, valet the car and then make an impression of the laser cut key and done.
But personally no one does impressions of laser cut keys, they use key depths to measure the lock and the numbers reported back can make an exact replica.
Heres an example of what I mean to measure the lock:
http://video.google.com/videoplay?do...cidfeed&hl=en#
Way before my time. :P But models before transponders can be bypassed quite easily, with simple tools. A Brick, wire cutters and wire strippers are all thats needed to steal a majority of 80's cars, and even 90's. Steering wheel locks and other little improvements made it a bit harder but it's still quite simple today.
It depends on the way you do it, theres readily availble firmware dumps for several porsche models, which all you'd have to do is purchase a used ecu, unsolder the nand chips and manually flash it via a willems programmer and ta-da you have a ecu which is basically the same engine map w/o the immobilizer.
An easier way would be if you already had a porsche to play with, and use a tool like vag + the OBD2 cables which can be purchased quite cheaply online. Flash a new firmware onto the ECU and bam. Security disabeled.
For RFID, this link is all I need to explain. It includes a RFID writer (really it's universal as all chips used in the cars across the board (from porsche to honda) use the same ISO standard for writing and reading. Same tool with enough amplification can read the new e-passports issued by the USA and possibly the new "universal state id's" congress keeps trying to pass. More 1984 esque, hmm?
http://ufodiag.en.ec21.com/HITAG_2_K...8_3827461.html
This tool is only useful if you have the key within physical access, since it does not provide enough amplification and RFID chips aren't designed to send infomation more then a few cm.. but basically if you have the key physically you can have this on your body e.g. your pocket as you scan it the RFID chip, valet the car and then make an impression of the laser cut key and done.
But personally no one does impressions of laser cut keys, they use key depths to measure the lock and the numbers reported back can make an exact replica.
Heres an example of what I mean to measure the lock:
http://video.google.com/videoplay?do...cidfeed&hl=en#
And .... um....where did you say you lived, again ???