Modern cars are brilliant. Fuel efficient, comfy, smooth-riding, fast, and often packed to the hilt with gadgets and gizmos, all designed to make our lives easier.
BUT….
They often come with little to no security built in to those time-saving gizmos.
In modern vehicles, there are numerous communication systems which constantly send data between various modules to enable things such as autonomous emergency braking, auto wipers when it rains, auto headlights for when it gets a bit dark, tilting wing mirrors for when you reverse, auto stop/start for the eco-conscious, and so much more.
In modern vehicles, the main communication system in use is the CANbus (Controller Area Network bus). CAN is a fairly simple technology which consists of a network of just two wires: CAN high (CANH) and CAN low (CANL).
Other communications busses used in modern vehicles include FlexRay and Automotive Ethernet and whilst these offer faster response times than CANbus, they are often more expensive to implement, so it seems that for now, the CANbus is the choice for most vehicle manufacturers.
Accessing the various Busses in a vehicle is typically done via a connector known as the OBD-II (On-Board Diagnostics v2) – this connector is sometimes also called the Diagnostic Link Connector (DLC).
The OBD-II connector is most likely to be found in a vehicle under the dashboard, near the steering wheel. and looks like this…
You should be able to see in the image, that whilst there are 16 possible connectors in the OBD-II port, in this case, only 5 actually have pins in them for connectivity. This is fairly common, and will differ by manufacturer, but also by geographic region.
Many products are available for the home automotive aficionado to access the CANbus via the OBD-II port to read data from the vehicle for ease of error diagnosis and repair, or just to display telemetry data.
Because the CANbus has no mechanism for security, it is fairly trivial for manufacturers to build a wide range of devices to read and over-write the data being sent via CANBus.
This is where the criminals can now take advantage.
By gaining access to the CANBus, criminals can effectively control a vehicle to make it do anything they want.
One quick method used to steal a vehicle is to fool the vehicle into thinking that the signal it is receiving is coming form the real keyfob, when in fact it’s just the signal being relayed via a signal amplifier.
If your vehicle has keyless operation, then your keyfob will contain a tranceiver which it uses to send and receive data to and from your vehicle. Criminals can use a high-gain antenna to receive this signal from your fob, amplify it and re-broadcast it to your vehicle to unlock and start it.
The signal is recieved by your vehicle and passed through the CANBus to the imobiliser which verifies that it is the correct data, and thus allows the car to be unlocked and started.
This Youtube video shows a Mercedes car being stolen in the West Midlands in just this manner.
One solution to this type of theft is to keep your keys as far away from your vehicle as possible to avoid the signal being picked up by a scanner. This however, is not always the answer as the scanners have quite a long range to pick up signals. So you could keep your keys in a Faraday pouch which will block any signals from being sent or received whilst the fob is in the pouch.
Another option is to fit an old-school steering wheel lock to the vehicle which will stop the car from being driven away, even if it is able to be unlocked.
If possible, install some driveway security posts to further deter criminals from targeting your car.
Whilst these physical security mechanisms will stop most attempts to take your car, if a criminal really wants your car, they will just burgle your house, take the keys for the car, the disklock, and the security post and drive off whilst you sleep.
But what if they don’t even need to do that?
What if they can just make a new key for your car, code it to the vehicle and simply drive off?
The video below is what inspired me to write this post. I advise anyone who has managed to read this far to spend the next 11 minutes watching this video – you may very well be shocked by what it shows…
In the video, you will notice that in both cases, the locksmith who reprogrammed the keys to the car had to access the OBD-II port to a) stop the alarm, and b) program the key to the car.
So, here’s my final tip to prevent your vehicle from being stolen
Buy an OBD-II port protector (Amazon link)…
These simple devices work in principle in the same way as your alloy wheel security nuts. The protector is a cap that locks into the ODB-II port and has a unique security nut that requires a specific socket to allow it to be unscrewed.
By locking physical access to th OBD-II port, criminals can no longer easily attach an OBD-II device to your vehicle to over-ride the immobiliser, cancel the alarm, re-code keys, etc.
With the addition of the OBD-II port protector, a disklock, Faraday pouch and driveway security posts you should never worry about your prized possession being taken from you whilst you sleep.
Just remember to take the protector off when you have the car serviced or the technician will not be happy…