Just
got this email from the OL thought I'd pass it along, didn't know if it was anyone on NAM.

 

What is it with electric blue MINI's getting stolen. Another guy from MD posted that his had been stolen. Other than these 2, I haven't heard of any stolen MINI's

https://www.northamericanmotoring.co...ad.php?t=60373

 

Well I live fairly close to the area in question. Coconut Grove is a trendy place (Restaurants, shopping, clubs) and both a mix of very upscale white neighboorhoods and poor black neighboorhoods separated just by a few blocks from each other. (Then again in Miami the divide between rich and poor folk is very evident) Crime and theft are not uncommon in Coconut Grove. I was there today for lunch and parked my car in the street meter with no problems. In fact I haven't had a problem there (yet). Don't like to hang around there late at night and if I do I park in a garage facility.

Very unfortunate, but this place being Miami (Crime ridden) this comes as no surprise. Xenon headlights are stolen in cars here everyday, so if there is a loser looking to get a MINI joyride, he will do that as well.

Also living in a port city has its problems. When it comes to auto theft, stolen vehicles quickly end up in shipping containers headed to the Caribbean and South America. How do they clear customs or the port? I have no idea (Corruption is a reality here in the Banana Republic of Miami) but this person maybe needs to come to terms that his MINI maybe on its way down to Venezuela or some other Latin American country.

Did he leave the keys inside? Too bad he does not provide further details.

 

There are tons of MINIs down here. Will keep my eyes peeled but I have a feeling this MCS is already loaded on a shipping container. :(

 

Its wierd that this comes w/in a week of another MINI being stolen, if the immobilizer has been bypassed then we are all vulnerable, anyway keep your doors locked, sorry I don't know more info.

 

OOOOHHHH...This sucks...2 MINI's being stolen in the last week...Hopefully this is just a weird coincidence and nothing wrong with out immobilizers.

 

That is the BIG question! Unfortunately, aside from locking the car and excercising common sense as to where to park it, there is very little anyone can do. An alarm is not going to cut it IMO.

What I don't like about all this seemingly new trend, aside from now being worried about my car being stolen, is that if MINI thefts reach epidemic numbers (a la Honda Accord or Toyota Camry) we could all face increased insurance premiums.

With the current gas prices, it seems to me MINIs are becoming appealing to car thugs and thieves given its qualities.

I have read about MINis being stolen left and right in the UK (www.mini2.com) so the coded key maight not be so invencible after all. I hope no one is cloning the code/signal when you use the remote key fob.

As a small preventive measure, I am going to stop using the remote keyfob to open/close doors and hatch and will start to open the door lock manually with the key. More inconvenient but I prefer to err on the side of caution in case a group of thugs is cloning our infrared keyfob signals.

 

thats why i got a lojack track the @#$@##@# if they steel mine just like onstare on gm vehicles a cop told me down here in detroit that a cadillac escolade was stolen and they used onstare to track the car and the police showed up right as the two guys were leaving their house dressed in their best to go on a night out on the town in their stolen ride hehehe id love to see their look on their face heheh

 

Good idea, I think I'll do the same my town is about to be hit w/ a population surge where crime rates always go up for the next few months, not a bad habit to start soon.

 

Yes, with that stuff they can find your car. But honestly, if my car is stolen, I don't want it back

 

Would low-tech, like taking off a coil wire so it wouldn't run, be worth the trouble? Or installing a hidden shut-off?

 

Something tells me that someone somehow has figured out a way to clone our remote keyfob's signal, unencrypt it and somehow be able to broadcast it to the car to gain access to it.

I am having a hard time finding any data stating the effectiveness of factory engine immobilizers.

Anyone more knowledgeable in the subject want to chime in?

 

I don't know that I would be so worried about the key fob as anyone with the right tools or a rock can get inside a car. It's getting it to run that is tricky. Any info on the effectiveness of the immobilizers would be good though if anyone could find it

 

GM's PASSlock II, FORD's SecuriLock, CHRYSLER’s SentryKey, and TOYOTA's Engine Immobilizer - These factory-installed antitheft systems consist of a miniature transponder imbedded in the ignition key head itself, which allows the vehicle's computer to identify the "real ignition key" and thereby enable the vehicle to start. Recently, a national automotive magazine published information on how to bypass these systems. All a thief has to do is cut the black wire in the three-wire ribbon cable located under the dash and measure the resistance between the black wire and the yellow starter wire with a volt meter. They then touch the two wires with the matching resistor and the vehicle will start. This sounds complicated, but only takes about 20 seconds to defeat. Also, there is a company that manufactures a product called the "No Key Required Bypass Kit", which bypasses the transponder key system in any vehicle made. A salesman might tell you that because of these factory-installed systems, you do not need any extra security for your vehicle, but this is NOT TRUE! Many vehicles equipped with these systems have been stolen.

 

GM's PASSlock II, FORD's SecuriLock, CHRYSLER’s SentryKey, and TOYOTA's Engine Immobilizer - These factory-installed antitheft systems consist of a miniature transponder imbedded in the ignition key head itself, which allows the vehicle's computer to identify the "real ignition key" and thereby enable the vehicle to start. Recently, a national automotive magazine published information on how to bypass these systems. All a thief has to do is cut the black wire in the three-wire ribbon cable located under the dash and measure the resistance between the black wire and the yellow starter wire with a volt meter. They then touch the two wires with the matching resistor and the vehicle will start. This sounds complicated, but only takes about 20 seconds to defeat. Also, there is a company that manufactures a product called the "No Key Required Bypass Kit", which bypasses the transponder key system in any vehicle made. A salesman might tell you that because of these factory-installed systems, you do not need any extra security for your vehicle, but this is NOT TRUE! Many vehicles equipped with these systems have been stolen.

 

The remote "keyless entry" capability for locking and unlocking the doors of a vehicle with an alarm system is a great option to have, but as far as security is concerned, the remote control alarm system only interrupts the starter wire, and this can easily be bypassed under the dash. Electronic "code grabbers" or "scanner boxes" can defeat alarm systems made today in seconds. Even the alarms that claim to have anti-scan or anti-code grabbing technology were still defeated. This was demonstrated on recent telecasts of CBS's The Early Show and 48 Hours (click here to see the video).

 

Source: www.ravelco.com

anyone care to comment?

 

More info here:

http://www.carthiefstoppers.com/Abou...ments-DST.html

Scary stuff.

 

there is a tab on the coil that can be at least temporarily disconnected so the engine will turn over but not start. maybe not all car theives will know this. i know a mechanic that uses it to turn the motor over for around 10sec. after an oil change to circulate the oil before actually starting the car.

 

[SIZE=+1]Graduate Cryptographers Unlock Code of 'Thiefproof' Car Key [/SIZE]
[SIZE=2]New York Times[/SIZE][SIZE=2] [/SIZE][SIZE=2]| January 29, 2005 | JOHN SCHWARTZ[/SIZE]



BALTIMORE - Matthew Green starts his 2005 Ford Escape with a duplicate key he had made at Lowe's. Nothing unusual about that, except that the automobile industry has spent millions of dollars to keep him from being able to do it.
Mr. Green, a graduate student at Johns Hopkins University, is part of a team that plans to announce on Jan. 29 that it has cracked the security behind "immobilizer" systems from Texas Instruments Inc. The systems reduce car theft, because vehicles will not start unless the system recognizes a tiny chip in the authorized key. They are used in millions of Fords, Toyotas and Nissans.
All that would be required to steal a car, the researchers said, is a moment next to the car owner to extract data from the key, less than an hour of computing, and a few minutes to break in, feed the key code to the car and hot-wire it.
From left, Prof. Aviel D. Rubin, Adam Stubblefield, Matthew Green and Stephen Bono working with cards programmed to conduct an assault on a car-key chip.


An executive with the Texas Instruments division that makes the systems did not dispute that the Hopkins team had cracked its code, but said there was much more to stealing a car than that. The devices, said the executive, Tony Sabetti, "have been fraud-free and are likely to remain fraud-free."
The implications of the Hopkins finding go beyond stealing cars.
Variations on the technology used in the chips, known as RFID for radio frequency identification, are widely used. Similar systems deduct highway tolls from drivers' accounts and restrict access to workplaces.
Wal-Mart is using the technology to track inventory, the Food and Drug Administration is considering it to foil drug counterfeiting, and the medical school at the University of California, Los Angeles, plans to implant chips in cadavers to curtail unauthorized sale of body parts.
The Johns Hopkins researchers say that if other radio frequency ID systems are vulnerable, the new field could offer far less security than its proponents promise.
The computer scientists are not doing R.&D. for the Mafia. Aviel D. Rubin, a professor of computer science who led the team, said his three graduate students did what security experts often do: showed the lack of robust security in important devices that people use every day.
"What we find time and time again is the security is overlooked and not done right," said Dr. Rubin, who has exposed flaws in electronic voting systems and wireless computer networks.
David Wagner, an assistant professor of computer science at the University of California, Berkeley, who reviewed a draft of a paper by the Hopkins team, called it "great research," adding, "I see it as an early warning" for all radio frequency ID systems.
The "immobilizer" technology used in the keys has been an enormous success. Texas Instruments alone has its chips in an estimated 150 million keys. Replacing the key on newer cars can cost hundreds of dollars, but the technology is credited with greatly reducing auto theft. - Early versions of in-key chips were relatively easy to clone, but the Texas Instruments chips are considered to be among the best. Still, the amount of computing the chip can do is restricted by the fact that it has no power of its own; it builds a slight charge from an electromagnetic field from the car's transmitter.
Cracking the system took the graduate students three months, Dr. Rubin said. "There was a lot of trial and error work with, every once in a while, a little 'Aha!' "
The Hopkins researchers got unexpected help from Texas Instruments itself. They were able to buy a tag reader directly from the company, which sells kits for $280 on its Web site. They also found a general diagram on the Internet, from a technical presentation by the company's German division. The researchers wrote in the paper describing their work that the diagram provided "a useful foothold" into the system. (The Hopkins paper, which is online at www.rfidanalysis.org, does not provide information that might allow its work to be duplicated.
The researchers discovered a critically important fact: the encryption algorithm used by the chip to scramble the challenge uses a relatively short code, known as a key. The longer the code key, which is measured in bits, the harder it is to crack any encryption system.
"If you were to tell a cryptographer that this system uses 40-bit keys, you'd immediately conclude that the system is weak and that you'd be able to break it," said Ari Juels, a scientist with the research arm of RSA Security, which financed the team and collaborated with it.
The team wrote software that mimics the system, which works through a pattern of challenge and response. The researchers took each chip they were trying to clone and fed it challenges, and then tried to duplicate the response by testing all 1,099,511,627,776 possible encryption keys. Once they had the right key, they could answer future challenges correctly.
Mr. Sabetti of Texas Instruments argues that grabbing the code from a key would be very difficult, because the chips have a very short broadcast range. The greatest distance that his company's engineers have managed in the laboratory is 12 inches, and then only with large antennas that require a power source.
Dr. Rubin acknowledged that his team had been able to read the keys just a few inches from a reader, but said many situations could put an attacker and a target in close proximity, including crowded elevators.
The researchers used several thousand dollars of off-the-shelf computer equipment to crack the code, and had to fill a back seat of Mr. Green's S.U.V. with computers and other equipment to successfully imitate a key. But the cost of equipment could be brought down to several hundred dollars, Dr. Rubin said, and Adam Stubblefield, one of the Hopkins graduate students, said, "We think the entire attack could be done with a device the size of an iPod."
The Texas Instruments chips are also used in millions of the Speedpass tags that drivers use to buy gasoline at ExxonMobil stations without pulling out a credit card, and the researchers have shown that they can buy gas with a cracked code. A spokeswoman for ExxonMobil, Prem Nair, said the company used additional antifraud measures, including restrictions that only allow two gas purchases per day.
"We strongly believe that the Speedpass devices and the checks that we have in place are much more secure than those using credit cards with magnetic stripes," she said.
The team discussed its research with Texas Instruments before making the paper public. Matthew Buckley, a spokesman for RSA Security, said his company, which offers security consulting services and is developing radio frequency ID tags that resist unauthorized eavesdropping, had offered to work with Texas Instruments free of charge to address the security issues.
Dr. Wagner said that what graduate students could do, organized crime could also do. "The white hats don't have a monopoly on cryptographic expertise," he said.
Dr. Rubin said that if criminals did eventually duplicate his students' work, people could block eavesdroppers by keeping the key or Speedpass token in a tinfoil sheath when not in use. But Mr. Sabetti, the Texas Instruments executive, said such precautions were unnecessary. "It's a solution to a problem that doesn't exist," he said.
Dan Bedore, a spokesman for Ford, said the company had confidence in the technology. "No security device is foolproof," he said, but "it's a very, very effective deterrent" to drive-away theft. "Flatbed trucks are a bigger threat," he said, "and a lot lower tech."

 

well the other cool thing with the mini is if the guy just breaks the window to gain entry he would have to climb in thru the window, when the car is loked with the key the doors handels and the unlock button on the dash will not open the door, basically if you had a freind in the car you could lock him in the car and he could not get out,try it sometime sit in your mini roll down the window lock the door from the outside, or just use the key fob now try to unlock the door without using the key nothing will work unless you insert the key into the ignition or reopen the car with the key fob button so if the theif is a big guy he may have trouble

 

That's the reason I bought the LoJack security sys. Piece of mind.
Sorry for your loss. That just plain and simply sucks.

 

Not my loss but that of someone in the Miami area looking for help in finding their MINI so I thought I'd post it here to get it more attention as odds are slim of finding it anyway.

 

LoJack is useless in non-served areas.
I thought of getting it but after looking into it I found out that the only area served by LoJack in Oregon was Portland and they only have about 4 Patrol cars equipped and the state police don't have any plans to equip themselves with it.
So someone steals a LoJack equipped car takes it to an area were there is no LoJack service and the device is useless.

 

some areas - like Miami - have quite the coverage.

A friend of mine bought a used p/u. It was stolen in Miami and he reported it to the police. The same day they told him it had been recovered via the lo-jack.... funny thing was he didn't know it had lo-jack. Police just automatically forward the VINs and bingo....