Reply to post: Re: Car thieves will be very happy with it...

BMW complies with GPL by handing over i3 car code

EveryTime Silver badge

Re: Car thieves will be very happy with it...

Why would car thieves find this useful?

What makes you think that the older closed-source systems are more secure for being closed source?

BMW relied on security-by-obscurity for their key system. It meant that for a long while only thieves could make keys, while regular people had to go to the dealer for their $250 replacements. Or spend far more if they ran out of the firmware limit of 10 key codes.

Eventually the same techniques used by thieves filtered down to serious hobbyists and now to less-dedicated car people. With an $60 AK90, it just takes following directions to read and modify the key module, and write new key transponders. Including re-using key slots so that you don't need to buy a new key module and new keys if a few keys have been lost.

Some of the newer models were reverse-engineered so thoroughly that new firmware was written. (Or perhaps they just discovered an existing hidden function.) The key ECU can be manipulated so that it would detect a blank key transponder in the ignition and write the contents to work with the car, without additional hardware . Yes, the car would bypass its own electronic security. Right now that system is many thousands of dollars, but I'm guessing that it will soon be available for much less.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019