Sorry .. NO. There's NO need for me to be there with the key fob, etc. Let's say the car's in airport. He jimmies the door enters it and starts the car by shorting the connecter. Bingo. That's all it takes.
Critical security issue - should I or should I not expose it?
- Thread starter bmninada
- Start date
Sorry .. NO. There's NO need for me to be there with the key fob, etc. Let's say the car's in airport. He jimmies the door enters it and starts the car by shorting the connecter. Bingo. That's all it takes.
You said earlier he needs a tool to capture the output from the button module.
The point of a rolling code is change code each time its pressed. A recorded code would work just once, and have to have complex method you describe with a jammer and multiple presses.
Last edited:
Looking in my USA 2014.5 CX-5 user manual, it describes two security systems on CX-5.
1) Immobilizer system - prevents unarthorized keys (by RFID wirelss system in key)
2) Theft Deterrant system - horn and lights are triggered by forced door entry
The Mazda USA site shows these two theft systems are standard on all CX-5 models.
Last edited:
It is the correct code. The interceptor jams the remote's signal and then pretends to be the remote. The car doesn't know. And the remote owner just thinks the first button press was missed. On subsequent remote presses, the interceptor jams the remote (but saving the code), but sends its stored code.
- Owner presses button, sending code #1
- Interceptor jams signal, preventing car from receiving code #1, but stores code #1
- Owner presses button again (thinking it was a missed keypress), sends code #2
- Interceptor jams signal, but records code #2. Transmits code #1 to car.
- Car unlocks
- All future remote keypresses are jammed, but their codes are stored and the interceptor will send the prior code to the car. The owner will not be aware of issue.
The owner of the interceptor can come at a future time and have it send code #2 to the car, unlocking it without the remote present.
It's not something a common criminal would use, but it is a vulnerability that someone who wants surreptitious and possibly repeated access to a vehicle could use.
Same for my 2014 Canadian model.
I understand the process, but that captured 2nd code would only work once. Even then it would only work if owner locked doors using door button before leaving. If owner locked doors with remote when leaving the code would roll, and that captured code would not work.
Last edited:
The stored code is updated each time the remote button is pressed because the interceptor is constantly jamming the remote's signal, recording the transmitted code, and sending to the car the previous code it received. The only oddity from the remote owner's perspective is the very first button press after activation of the interceptor.
For fully keyless systems (like door request), there's other methods that are even easier. The interceptor can pretend to be the car with a much more powerful transmitter, and have it trigger the remote from afar (potentially hundreds of meters). In such a case they may not even have to wait for the remote owner to start the process to gain access.
More sophisticated handshake processes between car and remote may reduce this vulnerability. It's complicated by the fact that communication between the two can be unreliable due to range, interference or battery power.
Last edited:
Item #2: only if the car is able to detect the door is being forced open. Usually it's a standard approach. In this case the guy used the front tire well and from there he could open the door. There was no alarm.
Forced door entry is when you try to rip open the door by forcing the handle.
Last edited:
You are confused. There is no code to capture.
Transmitter just sends a start signal. There is no security in it. Capture that signal, most probably a 12v to relay which starts the car.
Everything before the transmitter is effectively bypassed.
Why you didn't you just say so? You made it sound complicated. Essentially the same as hotwiring, and no surprise there. At some point there's a simple closed circuit to turn the starter.
Are you like this with every car you buy? Since you've joined you seem to post constantly about issues you have that, to a normal person, are trivial at best.
Any modern car can be hacked into, plain and simple. Go look up stories about BMWs, Mercedes, Range Rovers, etc. all being stolen out of the blue in places like NYC. http://jalopnik.com/keyless-thefts-account-for-nearly-half-of-stolen-vehic-1683557913
This is a non-issue. Hell, tell your buddy to come steal my car if he wants, I'd be glad to collect the insurance and get a new ride...
Any modern car can be hacked into, plain and simple. Go look up stories about BMWs, Mercedes, Range Rovers, etc. all being stolen out of the blue in places like NYC. http://jalopnik.com/keyless-thefts-account-for-nearly-half-of-stolen-vehic-1683557913
This is a non-issue. Hell, tell your buddy to come steal my car if he wants, I'd be glad to collect the insurance and get a new ride...
- :
- 2024 Toyota GHH MAX
2016 Mazda CX-5 GT (Wife)
1990 Miata (Zoom Zoom!)
It does seem like a disproportionate amount of his posts are quite negative in nature.
Maybe he just likes to complain?
If he truly bothers you, I guess you can add him to a block list so you don't see his posts.
To steal a CX-5 you need a sophisticated reader/jammer to steal a rolling code and another sophisticated box to tap into wiring to tell car to start .... or just a tow truck that can skim up two wheels and take off in less than 2 minutes.
Back in the day my Honda CRX was broken into 4 times. Never stolen. I used my old trusty Autolock. Its likely outdated now though
Before cars had alarms, mine would get broken into once a year in Dallas. One morning saw my 1982 Camaro had door open, but nothing was taken, not even the radio. It was insulted, and knew it was time to buy a new car. Since then I've found the best deterrant is a blinking light on the dash. Thief thinks its an alarm, and will move on. Wish the CX-5 had a blinking light, but at least it does have an alarm.
