Gone in 60 seconds… has modern car security gone off track?
It seems that the car theft technique used in the movie Gone in 60 Seconds, starring Angelina Jolie and Nicholas Cage, has become a reality. BMWs are being stolen by thieves hacking into the security system.
Thieves in the Midlands are stealing expensive BMWs by using computer software to reprogramme the car’s engine management system so that they can start the car using a dummy key fob.
To do this they have to smash the car’s window so that they can plug in the reprogramming device, which is actually designed to help garages carry out diagnostics and repair work. Then they simply wait a couple of minutes while the car is altered to recognise their key.
According to some industry sources, this problem has arisen because it’s possible for anyone to buy the reprogramming gadget for as little as £70 online.
So, even though car theft is going down overall, more BMWs have been stolen so far this year in the West Midlands than in the previous year (314 thefts compared to 258).
The insecurities of high-tech car security
This raises the question – if carmakers are making their cars ever more sophisticated in all sorts of ways, why aren’t they able to stop them from being stolen?
It seems that every time manufacturers bring out new security technology they think will make their cars harder to pinch, but criminals simply take a bit of time to work out a way round it. And that seems to have been true for many years.
So is there a case for ditching all the high-tech kit, such as start-stop ignition buttons that only require the car’s key to be in the vicinity to allow the car to start? Perhaps we should go back to old fashioned ignition systems where the steering can be locked when the car is parked. At least with these, the car is immobilised when the key isn’t in the ignition and no electronic gadgetry can be used to unlock them.
And do we really need keys that will recognise our car as we walk towards it and unlock the doors? Or keys that allow us to wave our foot under the back of the car to open the boot?
As a parent who’s frequently loaded up like a pack horse with school and shopping bags, I can see the benefit, but not if it means a thief will be able to pinch my car more easily.
Post a Comment
Your email is never published nor shared. Required fields are marked
nfh
BMW should do a recall and retrospectively fix this problem on all affected vehicles. It was negligent of BMW to implement this backdoor into the car’s engine management system without proper authentication.
thelm
It might take a substantial re-think of the engine management system to start to tackle this. If they start to restrict access to the ECU (through bespoke interfaces and heavy security) they could be in a sticky legal situation when it comes to non-dealership garages carrying out work. I wonder if other vehicle manufacturers have similar potential issues?
Argus
I wouldn’t go back to advocating the old method. I had an escort a few years ago and it was stolen by
a) hammering a screwdriver into the lock to open it
b) digging the ignition mechanism out of the steering column and then starting it with a biro (it’s a hexagonal shape)
c) kicking off the steering lock
Wherever you have an expensive consumable good just sitting in the street, there will always be thieves. Personally I drive a BMW and am a bit worried about this, but there’s always the point that the dealer will always know how to code an operate this mechanism. All it takes is 1 easily led employee and they’ll have a field day.
Perhaps it’s time to give each customer a personal code assigned to their keys that isn’t part of a BMW database. Then if there is a problem with ignition/starting/security that needs to be fixed in the garage, the customer can furnish the dealer with it to do the work.
It would also protect from thefts as the dealer arranged key will not have the unique code. But then with any computer system, it can always be hacked
dc
I’m led to believe the problem with bm’s is that the alarm doesn’t go off, as the area the plug-in socket is in isn’t covered, i.e. its an alarm black spot, so the window can be cut/forced/broken and then access to the ecu socket is clear.
As the alarm doesn’t go off the thieving s***’s then get the time needed to re-programme the key.
If the interior alarm went off maybe things would be different.
wavechange
Hmm. Let us hope that no-one with criminal tendencies is reading Which? Conversation.
dieseltaylor
Yet again, as with the run-flat, BMW lead the way. : (
I am always amazed that so little thought is invested on how systems can be defeated BEFORE they are launched into the market place.
Peter
I had a 2006 BMW 330D M Sport. Thieves broke into the boot and stole my laptop and some other irreplaceable stuff. The Scene of Crimes Officer told me that this would have taken them about 4 seconds with a screwdriver and a hammer. They simply hammerered through the bootlock with the screwdriver and then using the screwdriver they turned the lock mechanism and opened the boot. Gone in 10 seconds. I wrote to BMW about this but it was like pulling hen’s teeth. They just did not want to know.
Magoo
Having worked in a BMW dealership myself I wouldn’t be at all surprised if they hadn’t pushed it back to your nearest or regular dealer Peter and told them to “find a solution”. I got sick to death of hearing that old chestnut, time and again, when I contacted the customer support department and requested assistance.
dubious
I agree with ‘Argus’ & ‘dieseltayl’ on the points they make.
Wouldn’t it be wonderful, if when the car was interfered with & the alarm activated, the body would immediately be electrically charged boosted via the high voltage ignition system……….!!!
PSJ
My BMW X6 was stolen a couple of days ago. This was during a busy lunchtime, from an open air supermarket car park operating an entry/exit ANPR system and in central Solihull which itself is covered with CCTV. I have all the keys and there were no signs of a break-in at the scene. In fact my wife spent most of her time convincing the authorities that she had parked there!
In talking with the police, it is clear that the thieves have become so brazen that they are simply taking BMWs, at will, using OBD access methods. I have not spoken with BMW as yet – but from reviewing the threads on various forums see little value in doing this.
I do hope your focus on this calls BMW to action.
M3SD
My 2009 M3 Convertible was stolen a few weeks ago in Birmingham on a Sunday afternoon in broad daylight. I was lucky that my vehicle was recovered a few hours later….nevertheless I was shocked to discover how quickly, easily and how many vehicles with supposedly “Thatcham 1 Security” were being stolen – all thanks to the weaknesses and flaws in BMW’s security system..
BMW are aware of the problem but don’t seem to have a solution. Hopefully more media attention will start to shift their priorities.
BMW owners take note and take some basic steps to protect your property.
pauliboo
Why don’t they make the OBD port less accessible?
Put it under the boot floor or in the glovebox or armrest – at least then the alarm will be activated?
EasySolution
It should be an easy software change on BMWs to disable the key programming functions until the car is unlocked with the alarm turned off. Then it would be impossible to program a blank key without first gaining legitimate access to the car. This assumes that the alarm will go off when a window is broken and a thief attempts to unlock the doors using the buttons inside the car, I’ve never tried, but I would hope that the unlock buttons are also disabled when the car is locked from outside with the alarm on ?
George Hynes
You may wish to read this article to further make up your mind:
http://www.balitapinoy.net/journal/802147/BMW_Anger_Owners_At_Blase_Response_To_Easy_Car_Thefts
Paul Kelly
Very good article, I have already contacted my local dealer, and the response as usual was very negative, and no fix available and no re calling of vehicles, so I have done the only thing left and to walk away from BMW and take my custom else where, and if more people done this they would look at the problem if sales dropped off. I am afraid BMW back up now is very poor especially design failures(E90 steering coloum) but very lucrative for BMW to replace at customers expense.
Charles Keisner
In Jan 2012 I bought from BMW Dick Lovett a BMW X6 , one year old with 10,000 miles , in April the car was stolen from outside my home, some weeks later the police found the car in a container at Southampton docks and impounded it for forensic tests which took a total of 3 months , at the end of July the car was released and delivered to BMW Holland Park , due to the amount of work ( 55 hours labour) that was required my insurers decided to have the works carried out by BMW Heathrow although prior to having it moved the new updated security patch was installed on the 31st August. I finally got my car back in showroom condition three weeks ago and believe it or not the car was stolen last night from exactly the same spot as before. I have just spoken to Mr Sukh Bhamra customer service manager at BMW who has told me that the new security patch was to give their clients “peace of mind” and that I should contact my insurers as their is nothing BMW can or will do……what a joke!
It is quite frankly outrageous that BMW are turning their backs on customers and refusing to admit that their is a serious security fault with their top of the range models.
Magoo
I fully sympathise with you with this Charles.
As I have posted earlier (above) I used to be a service manager in a BMW dealer and, amongst other things, I got sick to the back teeth of not being fully supported by various BMW departments in head-office and having issues pushed back into my court with the instruction “find a solution”.
On the other hand, when it came to reviewing the monthly customer satisfaction index all hell was let loose by my area manager if results were not as they would like them. It was a travesty and a no win situation to be in.
Mrs e. madden
Our BMW x5 was stolen from our drive last week, Wednesday/Thursday night. We have both sets of keys . The police attended and advised us that a “scanner” had been developed by thieves to enter and start BMW s without the keys. The police said highly unlikely it would be recovered, and due to lack of forensics etc they would not be actively pursuing the matter.
We are so shocked and angry. Our car was in our local dealer Sytner of Harold Wood, twice in the last three months once for a pre winter check up , and body work. Why didn’t Sytner warn us, or offer the security upgrade they are supposedly offering on the free phone no. We didn’t know about about the problem,not being readers of motoring magazines or websites before this. Why should we??
We feel that BMW had a moral obligation to advise its clients/customers of any possibility of problems with any aspects of safety or security. What if it had been a possible brake failure??they would have done something about that surely.
Paul Kelly
BMW after service is extremely poor i asked the question about the security system and their response is very negative. It needs all insurance companies to refuse insurance on any BMW cars and when sales drop off BMW will do something about it, until then people should just walk away from BMW.