The Fast And The Furious Or Just Gone In ... Three Minutes?

In a video, hackers show how they can steal a BMW 1M Coupe in about three minutes.

Using technology to steal high-tech cars is not new. In my book, When Gadgets Betray Us, I use the example of Radko Soucek, a car thief from the Czech Republic who could steal high-end cars in about twenty minutes. He used a laptop preloaded with an algorithm to help him decipher the car's keyless entry and ignition sequence and managed to nab about 150 cars before his arrest.

What the hackers did in this case is much more old school, but also much more effective.

In a video within a blog posted by 1addicts a group of men first break the BMW's window to gain access to the vehicle's On-Board Diagnostic (ODB) port located under the steering column. This is the diagnostics port from which mechanics glean error codes from the car's computer and also update software. Apparently there is no sensor to tell whether the glass has been broken, and no sensor to tell whether someone is using the ODB port. Lastly, the ODB port is constantly powered, even when the car is turned off, allowing a criminal who can gain access the ability to compromise the car's computer system.

According to ZDNet BMW has acknowledged these flaws but so far has not committed to making changes.

The ODB scenario has always existed: a parking valet might have physical access to the ODB port as well, with minimal damage to the car. Physical access is always preferable to remote access. What's different is that in March 2012 alone over 300 cars have already been stolen in this way, according to 1addicts.

The break-in video can be seen here.

Other videos include:

  • BMW Key programming
  • BMW 2011 keyprogrammer tool