IT CALLED A BEEMER!!!!

Re car theft.
In all western countries we hand responsibility for crime prevention/detection to the police. If you have your car stolen in the UK the police have absolutely no interest whatsoever. You have to go the police station and they just give you a crime number to hand to your insurer - thats all, nothing else. Now, your car could be worth as much as Becks (£60,000 or so) but thats all you'll get. Try to rob a bank and it will be surrounded by armed police, even if the sum involved is £1,000 or less. Police will now do absolutely nothing at all about an accepted range of criminal activity AND that list of 'do nothing about it' crimes is growing monthly. We have reached the stage where the police service is just a career in which you can retire early, receive a good salary and benefits whilst employed and screw the general public with totally bogus crime figures.
Wonder why confidence in the police is falling?

Whats a bimmer?

Makes you wonder why Beckham keps buying X5. He should have the money to buy something else.

@1

B.M.W

@2

I think it was a sarcastic comment. Be-mer is how its supposed to be pronounced. That looks like Bim-er.

They were right the first time. A Beamer is a bike. A bimmer is a car. Bimmer just sounds stupid to americans, and we ride Harleys anyway. So Americans incorectly call the cars Beamers.

For every new security feature that we see there is a hack that defeats it. You would think that since we all live in the technological 21st century that these manufacturers would implement something that would stop this kind of thing or at least needs a password before allowing a download of the computer. This is rediculous.

I thought we were talking about Beck, at which point, I would feel bad. But we're not, so it's all good. Wait, where am I? The Superficial?

#4 is right dont forget "zim zimmer, whos got da key to my bimmer"

Plus David Beckham "earns" �170,000 ($313,000) a week so im sure he'll cope!

Clubs are easy to get around... just cut the steering wheel.

Devices that attach to the brake pedal are much harder since the steel in a brake is much stronger. Steering wheels are designed to bend in the event of an accident.

FYI.

For anyone with a bank account that looks like the Beckhams', an X5 is probably the car you drive to get to your REAL cars.

Raul's behind this, no question about it.

And remember when some people compromised the brakes on his Ferrari Maranello?

Man, some people really hate this guy.

Actually the guy on the pic looks an awful lot like Guti.

Is that guy using an Apple? You can't hack with an Apple, can you?

#12, don't see why not. I remember seeing Jeff Goldblume take down an invading alien armada with just a PowerBook5300! Heck, might have even been a PowerBook 190c which would have been damn impressive since it wasn't even a PowerPC!

@ #7, actually, the lyrics are 'Sim Simma..., not zim zimma. I actually had a copy of the cassette single.

@ #13, you see a lot of things in movies that can't happen in real life, like tara reid without a drink in her hand.

With every day that passes we head closer and closer to that game I used to play as a child called Shadowrun - with deckers that hacked into systems while trolls protected them. (patent trolls that is).

:)

George

"12. Is that guy using an Apple? You can't hack with an Apple, can you?" depends on what your hacking really doesnt it, doent a lot of car computer run off some form of linux? in that case it would have more in common with mac than pc, just a thought

#12: I hacked the disposable digital cameras with a mac. You can access low-level USB commands from user-mode and from kernel-level. Windows only does this from kernel-level (which means writing your own drivers or installing lib-usb).

Plus, I dig all the unix commands. :-)

On-topic, BMWs use a few common buses that are distributed throughout the car. This means you can control the radio from, say, the rain sensor... anywhere where that bus goes. Luckily, on my car, the bus does not extend to the tail lights... otherwise, this soft plastic would be a good entry point.

Despite its promise, there are a few drawbacks:
- this was originally designed to save wiring. But, instead of a daisy chain, the bus is physically wired as a star network. This adds lots of wire, but makes debugging a short circuit much much easier.
- On the 330i's (E46), the radio signal goes to the car computer (not the engine computer), and that directly controls all the locks and windows. The "unlock" command isn't usually sent over the IBUS, unless they've found a back door. I don't know about the "start engine" signal.

Because 20 minutes is mentioned (and not 3 minutes), I suspect some sort of cryptographic and/or brute force hack is taking place.

"You would think that since we all live in the technological 21st century that these manufacturers would implement something that would stop this kind of thing"

Well the ironic thing is that cheaper cars do offer such a system. It's called Sentry Key and it's offered on Daimler Chrysler cars (including Mercedes, Jeep, Chrysler and other makes). Other car makers probably offer a similar system.

The problem is keyless entry systems rely completely on electronics from end to end in the name of convenience. You need a physical key to make things completely secure, because a) the encryption is on the key, not in the car, and b) without the key, there is still no way to even get into the car in the first place (without breaking a window or similarly calling attention to yourself). Then once inside, what the heck do you do?

The system is designed such that it requires a key to run - if you hotwire it, the system shuts down. (This functionality is in the engine itself, so it can't easily be disabled.) So even if you did somehow manage to break the encryption without the key (which you can't, because you don't have the key), you still couldn't start the car without the key.

And you can't copy the key either, because you also need the encryption chip that's on the key to start the car.

With a keyless entry system, once you hack the door, you've basically hacked the car, and you can hack it from the outside. But you can't hack the door if you need a key, and you can't hack the car without the key once you're in it. And you can't start the car without the key. And you can't copy the key.

So basically, the only way to steal a car with this system is a) by stealing the key, b) by loading the car onto a truck and then using it as a big, expensive doorstop, or c) by working at the car dealer that sold the car and making a new key with the same chip (which would be pretty easy to trace). And there's really no way around those situations.

Sentry key combined with lo-jack makes for a car that is basically impossible to steal and trivially easy to find even if you're bitten by one of the above three situations.

I would never buy a car without the requirement of a physical key. A fob alone just doesn't cut it for security. You need a key AND a fob.

Hi Jeff-

BMW (and others, like Ducati) have the equivalent of the Sentry Key. I'm sure that the keyless start and the Sentry Key use similar basic crypto technology, so both should be hard to hack.

The difference is that keyless start systems use a long-range radio, whereas the other systems use a short-range system that works only when in the ignition. The range on my key is about 1/2 inch.

Therefore, keyless start systems you can hack from a distance (i.e. parked next to, or standing near - you don't appear to be doing anything illegal), but non-keyless-start systems require you to be really close to the ignition switch antenna. Getting this close is dangerous - you have to break in (risky!) and stick around the broken-in car for the required cracking time (even more risky!).

So you're right that keyless entry is less secure, but it's not because they are necessarily cryptographically weaker. It's because the extra radio range buys the thief a whole lot less risk.

Ilocked my key inside a borrowwd car once. It took the locksmith less that a minute to enter the car with a metal strip, so don't tell me ordinary keys are good security. I was just wondering how these buys that make $50 emergency locksmith parking lots calls open keyless entry vehicles. Do they have bluetooth "open door" codes? If so the first place to look for clues on Beck's Bimmer might be to hack some locksmith or locksmith site.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Inspired imagination is precious rare, but progress starts there!

Boy, what's up with Engadget always using the striken-through words (soccer - football, in this article).
Once in a while and when needed/funny is ok, but they're getting out of hand...

hahahha becks got his car jacked score one for the hackers becks 0 obviously thats why fairyball is his sport lol this is a good one

It's selfish asshole hackers like these guys that perpetuate the stereotype portraying the hacker community as a group of thieves.

@21 Yeah what a sucker! Im sure he'll be crying all the way back to his 5million euro house in one of his 70 (actual figure) other cars.

You have the last laugh as you trawl engadget for things you can only dream of affording...

@3

Your wrong, common word in the UK :)

Car thieves deserve to die. Have your car stolen once and you will agree.

I don't understand, is Becks the only guy in Europe that is getting his BMW stolen in this manner? Or the only owner worth mentioning? I'd be very curious on wider statistics on this. Also, how do they know this is was the method? Cutting the battery cable and hooking it to a towtruck is common.

totally off topic question i wanted to ask the non-USA crowd: has the pump price for gasoline gone up over the past couple years for you all too? or the US just catching up?

Petrol in UK is about 95p a litre (which works out at $6.63 a gallon) they dont call it rip-off Britain for nothing!

yeah, but for $6.63 you're getting an IMPERIAL gallon, which is better (and more to boot).

in turkey, a galleon of unleaded (98-100 octane) fuel costs 7 dollars a galleon. that is 5 dollars tax.

The article seems to be pretty dry on how they decided this was stolen using a notebook...

I also wonder how they figured out they was stolen this way.

Pump prices 95octane lead-free 7.26 $USD/Gallon (11.89 NOK/Litre)last time I filled.

^^ in Norway (and we pump up a lot of oil in the north sea)

"". totally off topic question i wanted to ask the non-USA crowd: has the pump price for gasoline gone up over the past couple years for you all too? or the US just catching up?""

yes, i live in norway, and even though we are the third most oil producing country in the world, gas price has gone up from about 10 to almost 12NOK per litre, which is apx 1,6 and 1,9$.

He should just get a mercedes ML55 AMG and save himself the trouble.. Not trying to start a war here, but hands down Mercedes Benz pwns BMW

36... How did you work that out?

Your one of those people who just likes 'one car company' and your authority is clear from the 'pwns'.

Firstly, Mercedes have been heavily criticised over the quality of their cars in recent years.
AMG engines are extremely powerful, however the engines in a BMW are much more powerful and M division engines are some of the most impressive engines in the car industry.

Just because you have a 5.5 litre engine and a few more horses...doesn�t mean your going to have a better ride and for that case be faster. That�s illustrated by the M5 vs F430.

Also, if Mercedes 'pwn' BMW, why did BMW achieve the higher sales and profits.

So before you make strong assumptions on Mercedes 'pwning' BMW, I would strongly suggest you do some research on cars. No company 'pwns' anyone. Everyone has good cars, including both Mercedes and BMW.

P.S Becks does own an ML55 AMG

Just to add to the ensuing flame war, I have experience driving both. Girlfriend has a 2000 ML55, father has an 2004 X5, I have a 1997 328i. I have to say that the ML55 is by far the fastest SUV that I have ever driven and suprisingly faster than my 328i. But I have to go with the BMW on style and comfort. The bimmer just feels better to drive.

Back on topic... If it's happened to him twice, there must be many more that have been stolen.

In Turkey, you can make legal copies of your "immobilizer" locked car keys of major brands (Renault OPEL (Vauxhall in UK) even some BMWs etc) in any locksmith in just a few minutes, they use some sort of blank electronic key and a copier of sorts. At first I was completely dazzled how easy the procedure is. I think the reason of them being so low range is this.
The keyless systems use a better algorithm, something ssh like, key is not something like a password but it is hashed similar to what ssh does, so neither key nor the car knows the password, when they comminicate both ends contribute to authentication. However computer on the car is very limited, so is the computer on the key, thus with a strong computer and right sniffing tools the system is quite vulnerable. Unless they integrate a high entropy random number generator, or increase the computational power drastically, every car is vulnerable.

Well, no lock can stop a thief, what you need is a solid insurance policy, or a more common car.

Comparing an AMG to a standard BMW is biased. The ML55 (as you are ware as your wife owns one) has a 5.5 litre engine which has been modified by AMG (Tuners for Mercedes).

Now the BMW engines are standard engine (not modified). If for example, you compared a Hartge to a ML55, the ML55 would be left standing.

I�m not saying this in a rude way to you, but just saying that its worth noting!!

I just wanted to say the image does not show a BMW.. so why did Engadget even use it, especially if it has a water mark? I think a better image would have been a BMW X5, as they are very nice looking cars. My father has a X5 4.4 and 03' M5 and I cant get enough of BMW's. Currently I drive a 00' BMW Z3, but as soon as I can save up/graduate from college, I'm getting a new M roadster. The Z4 is a nice car, and the latest M roadster is the sexiest coupe ive ever seen.