Sophisticated Car Thefts

[Jimrpa]

Any system that uses BLE without UWB is susceptible to Bluetooth hacking. Digital Key 3.0 system with UWB is supposed to solve the security concerns.

I think Digital Key 1.0 or 2.0 are NFC based... like on my Ioniq 5 and BMW i4 where you have to tap the phone against a specific location on the car (usually door handle).

Tesla, Ford PAAK, Rivian, etc. are all problematic PAAK systems.

I thought all Hyundai’s were unlocked and started with a screwdriver ?
Seriously though, a buddy of mine just bought a brand-new Sportage (I think that’s the right model) and refuses to drive it into Philadelphia because of the issues with the keys/locks.

Sponsored

 

[heisnuts]

The solution is not software...it's hardware

https://toronto.citynews.ca/video/2...installing-steel-posts-to-prevent-auto-theft/

This is how bad it is in Toronto right now.

Honestly I think EVs are less likely to be stolen. Thieves want easy, not complicated. Gas is easy. DCFC is hard.

? - I can just see it now... They take the car with 10% left, pull into an EA station with several broken, find one that works only to see 50kWh and an ETA of over an hour to charge, then PAAK not seeing the signal and asking for the backup code, then security noting an abandoned MME at one of the EA stations.....

 

[21st Century Pony]

There's (was?) an interesting anti-theft hidden system cutout dongle on the Russian UCDS site oriented on Fords called the Kozza ("Scythe").

Russia being one of the more car-theft-prevalent countries around, and also with a good supply of STEM-educated people, this had caught my attention some years ago.

Of course, international events have limited sales... my point is that a hardware dongle in a high crime country had been developed as a viable, marketable solution.

 

[Deleted member 16048]

I've wondered about this before... If someone were to steal my MME, wouldn't I be able to see where it is in the FordPass app?

Yes, you can. Only way you wouldn't is if they were actually smart for a criminal and reset the FordPass Connect settings to de-link it.

For those thinking of putting an AirTag in their vehicle, just remember the AirTag will give away its presents to a nearby device to prevent stalking. So they are not that effective.

I wish that Ford would have introduced the CarKey feature in Wallet. That would have been the most secure way since it will not appear unless requested by the correct vehicle, but also FaceID is required for it to transmit. It also uses NFC so it would have to be right next to the device to prompt.

 

[voxel]

I wish that Ford would have introduced the CarKey feature in Wallet. That would have been the most secure way since it will not appear unless requested by the correct vehicle, but also FaceID is required for it to transmit. It also uses NFC so it would have to be right next to the device to prompt.

NFC based PAAK - sucks to put it nicely. With the BMW i4 I had to unlock AND lock with the NFC underneath the door handle.

It's fine for last resort options but not as a daily key and why Hyundai/Kia/Genesis/BMW are moving to the UWB based Digital Key.

I actually like the idea of face and fingerprint recognition like the GV60 and want to try it myself.

 

[ShaggySS]

Low latency (~8 ms), link level attacks have been developed, which would be very difficult to protect against. They work on Teslas, I would imagine it would also work on Fords too. This attack didn’t exist yet when PAAK was developed.

https://www.bleepingcomputer.com/ne...sla-model-3-y-using-new-bluetooth-attack/amp/

I think thats why Ford added the PAAK delay "FEATURE". When you walk up to the car you gotta push the button a few times to open the door. This will deter a criminal from gaining access to your car.

 

[BMT1071]

NFC based PAAK - sucks to put it nicely. With the BMW i4 I had to unlock AND lock with the NFC underneath the door handle.

It's fine for last resort options but not as a daily key and why Hyundai/Kia/Genesis/BMW are moving to the UWB based Digital Key.

I actually like the idea of face and fingerprint recognition like the GV60 and want to try it myself.

Yeah, NFC eliminates the convenience of keyless entry/ignition. I'd carry the fob if I had to pull my phone out to make our PaaK work.

 

[Jppumper]

Anybody see this? Has this been addressed for the MME?

https://www.cbsnews.com/news/cars-hacked-stolen-keyless-vehicle-thefts/

I believe that this trick has been around for quite some time.

 

[the golden eel]

Yes, you can. Only way you wouldn't is if they were actually smart for a criminal and reset the FordPass Connect settings to de-link it.

Thanks. But would Ford still know where the car is? Like if I had a police report showing car was stolen, go through whatever Ford requires to prove its stolen, and then Ford could say where it is?

 

[LaFong]

Ford needs to add motion sensors in the key fobs so they become disabled if they remain stationary for more than a couple minutes.

PAAK may also be susceptible to a Bluetooth relay attack, so I recommend keeping the FordPass app closed (and prevented from running in the background) when not using your vehicle.

Ford did add auto-off to the fobs for a few models, but not MME I think. You can get add-on inserts to do the same thing, though they’re rather pricey.
https://www.hard-off-security.com/product/hard-off-fob-protector-relay-hacking-blocker/
https://navtv.com/products/SARA/relay-attack-explanation.html

 

[Deleted member 16048]

Thanks. But would Ford still know where the car is? Like if I had a police report showing car was stolen, go through whatever Ford requires to prove its stolen, and then Ford could say where it is?

That's getting into grey area. If they were smart enough to reset FordPass, I would be willing to bet it's going to be off the radar and Ford won't be able to assist at that point.

 

[voxel]

The solution is not software...it's hardware

https://toronto.citynews.ca/video/2...installing-steel-posts-to-prevent-auto-theft/

This is how bad it is in Toronto right now.

Honestly I think EVs are less likely to be stolen. Thieves want easy, not complicated. Gas is easy. DCFC is hard.

Wasn't there a large thread about 2 years ago about a Mach-E stolen in Toronto/Ontario and the thieves disconnect FordPass so the car could not be tracked. EVs are just as easy to steal.... there are Ioniq 5 and BMW i4 threads on the rash of UK thefts for those brands.

 

[azerik]

The solution is not software...it's hardware

https://toronto.citynews.ca/video/2...installing-steel-posts-to-prevent-auto-theft/

This is how bad it is in Toronto right now.

Honestly I think EVs are less likely to be stolen. Thieves want easy, not complicated. Gas is easy. DCFC is hard.

Scribbles that one off next years vacation spots...

EV theft is probably like SXS theft. Most of them are found a couple blocks from where stolen, rolled. Hell a friend of mine had 2 cameras capture his being stolen from his garage, stupid kids literally rolled it on the other side of his driveway.

I think thats why Ford added the PAAK delay "FEATURE". When you walk up to the car you gotta push the button a few times to open the door. This will deter a criminal from gaining access to your car.

And you!

 

[dtbaker61]

Ford needs to add motion sensors in the key fobs so they become disabled if they remain stationary for more than a couple minutes.

PAAK may also be susceptible to a Bluetooth relay attack, so I recommend keeping the FordPass app closed (and prevented from running in the background) when not using your vehicle.

my fob is hidden inside the MME, wrapped in foil, not too close to the center console.... I leave it there in case I lose or break my phone, and for the rare instances when I need to give a key to valet, dealership, or tire shop.

and I typically either turn BT off, or 'force stop' FordPass when I am home. Mostly because I don't like to hear the contacts opening and closing and waking up the vehicle every time I walk by in the garage. Especially since my office shares a wall with garage.

 

[Teslaeata]

I believe that's a regulatory requirement in the UK. That's why the MMEs there get an old school generic Ford fob.

Don’t you believe it!

Faraday pouch or batteries are available with this go-to-sleep-disable feature

Sponsored