[Live To Jive]

Quote:

Originally Posted by vidyasagar

1. Somebody just towed your car without starting the car. (check for tyre marks in the place where you parked..if possible).

This is most probably what happened. Most stolen vehicles are stippped apart and sold as spares.

Quote:

Originally Posted by f1fan

To add to this, there was a case in Mumbai where the driver replaced the backup original key with a duplicate ( i.e. absolutely same looking key but no chip inside) and gave it to the owner. The owner all along thought that he had two original keys with him but one of them was fake. A couple of days later, the driver drove the car away with the second original key. Kindly check if someone has swapped one of the keys of your truck.

This is also very possible.

Quote:

Originally Posted by vidyasagar

2. The thief has cloned your mechanical key and the transponder chip in it. This is possible only if you have given the key to some stranger in the past for whatever reason. Cutting the wires and shorting them somehow and making the car start..is the thing of the past, with any immobilizer in place, this is impossible.

Quote:

Originally Posted by nijelj

Sorry to hear this.The immobilizer for the Safari is on the remote keychain isn't it? If the thief picked up the IR signal....?

Quote:

Originally Posted by mercedised

I donot know if this is totally true, but there are FREQUENCY tracking devices, which track the frequencies used by the car to communicate with the transponder inside the key, and with the help of these frequencies they design new keys easily. No tough job for them.
This is the way in which the FOREIGN country thieves steal the most secured cars there.

Quote:

Originally Posted by amitk26

Thats really bad I suspect this is done using cloning of your Key. Those who think RFID based key is any safer need to think twice it can be cloned much more easier then something which needs physical access. In this age when Credit cards and SIM cards can be cloned what a poor RFID or so called iCAT can do? Buying RFID scanner is easiest job. I now think mechanical gear lock / clamp should be there in all cars ( though I don't have that myself)..

I don't think car theives in India are that advanced.

[vidyasagar]

Newer Gen Maruti cars, Ford cars and Fiat Punto, Linea are the safest cars as far as the Immobilization concept is concerned. You can be assured, stealing these cars with duplicate key is impossible. Period.

Anyone interested in knowing about the detailed Immobilizer concept please PM me. I would be happy to help.

[xenxer]

Quote:

Originally Posted by vidyasagar

Newer Gen Maruti cars, Ford cars and Fiat Punto, Linea are the safest cars as far as the Immobilization concept is concerned. You can be assured, stealing these cars with duplicate key is impossible. Period.

Anyone interested in knowing about the detailed Immobilizer concept please PM me. I would be happy to help.

Hey vidyasagar what about the Honda cars? Isn't it having an advanced immobilization system?

[kanuj]

Quote:

Originally Posted by vidyasagar

Fiat Punto, Linea are the safest cars as far as the Immobilization concept is concerned.

While taking the TD of a Fiat Linea the SA was more than happy to inform that the Linea uses rolling codes, making it tougher to steal these cars.

[amitk26]

Quote:

Originally Posted by Live To Jive

I don't think car theives in India are that advanced.

Theaves need not be advanced just they should have acess to advanced tool. Here is one RFID reader and duplicator for 66$ shipped to your door from Hongkong.

DealExtreme: $66.14 125KHz RFID Card Copier/Duplicator with Writable RFID Card and Keychain (Standalone Operation)

Ofcourse this is a simpler version but then systems for reading writing authentication challange based systems such as access cards are also in market. Many offices use them for access control systems. Many major mall in country today are using RFID tags and they are legal users of these products but just as common conman got acess to SIM card cloning devices which were meant for use by mobile operators they can get RFID cloning device also and break Car security system.

FYI SIM cards uses more complicated public key / private key based security mechanism and were still successfully cloned and misused in our country. A Car is much more valuable target.

[longhorn]

AFAIK, the iCATS system (equipped in Maruti vehicles) is fool proof. I'm yet to hear of an iCATS enabled vehicle being lifted. As far as iCATS is concerned, it is purely an engine immobilizer and has nothing to do with those fancy remote locking systems. The codes are rolling so you cannot just scan a code and drive away with the car. Each time you insert the key and turn on the ignition, the code is transmitted from the transponder (which is IN the key) to the unit located in the car. Rules are simple - Unless the codes match, the car won't start. Simple but effective. The shorting techinque mentioned in earlier posts can fry the remote locking systems, but not the immobilizer. Well you can't stop a thief from towing it away, but it certainly can't be driven away. I'm not sure whether the immobilzer is available in the Safari. If you vehicle is equipped with an immobilizer(factory fitted), you can see an orange padlock light up when you turn on the ignition.

[vidyasagar]

Quote:

Originally Posted by xenxer

Hey vidyasagar what about the Honda cars? Isn't it having an advanced immobilization system?

Honda cars sold outside India in markets even like Malaysia, Thailand, have advanced immobilzers. About the Honda cars sold in India, I dont have an Idea.

I suspect all high end cars would be having some kind of Immobilizer in them. Simple rule would be..If you have purchased the car post 2006, and the manual says car has an immobilizer, be assured you have a advanced system on board.

[tsk1979]

There is no transponder in Tata Safari Dicor key.
If your remote goes for a toss, you have to manually enter a security code after inserting the key in ignition. This secure code is given along with your user manual of the security system.

[amitk26]

Dear Vidyasagar,

Please let me know that the advanced immobelizer system as you say match the description below in terms of algorithm or it is something else ?

Quote:

Originally Posted by longhorn

AFAIK, the iCATS system (equipped in Maruti vehicles) is fool proof. I'm yet to hear of an iCATS enabled vehicle being lifted. As far as iCATS is concerned, it is purely an engine immobilizer and has nothing to do with those fancy remote locking systems. The codes are rolling so you cannot just scan a code and drive away with the car.

See the basic of the iCATS security is that RFID emitter is built in key not in the dangling remote ( so takes care of physical aspect) where someone can just break the remote away.

I heard the word rolling quite a few times , I do not know what exactly is meant by rolling but I think should be similar to well known Authentication and Key agreement ( AKA) .


Second part is AKA itself , This mechanism is used in many communication protocol the basic concept is that there is a private key which is embedded in a device and never sent out using protocol ( RF in this case) there is another public key which is known to both the ends. challenge thrown by the receiving device and sender will respond to this challenge by generating a response using it's private key using a known digest algorithm.

There are plethora of these AKA mechanisms some are in public domain some are propriety ( like iCATS) but they are foolproof.
What is not fool proof is if you client itself is physically compromised that is someone takes key from you and without your knowing makes a copy of your key. The key is an embedded system and cloning it means it's private key data is also cloned.
It is quite possible and that is how when some owner looses his duplicate key he makes request to service center and then factory sends him a new key for 3 / 4 K rupees.

It is more secure then any thing but secure as long as the key is not handed over and cloned.

Quote:

There is no transponder in Tata Safari Dicor key.
If your remote goes for a toss, you have to manually enter a security code after inserting the key in ignition. This secure code is given along with your user manual of the security system.
__________________

Yes TSK but I was talking about some of the other systems cited as advanced.
In Safari kind of system a single predetermined key ( code) is used where as in advanced system Challenge response using AKA is used.

[vidyasagar]

The iCATS system in New generation Maruti Cars is Impregnable. It is one of the best available in the whole wide world.

Once you loose a key, report it to ***, get a new key. suppose you find the old key that you thought you have lost, you still cannot use the old key. So even if someone else finds your key and somehow manages to locate your car, he cannot drive it away. He can however get into the car as the mechanical lock still remains the same, but be assured that engine would not budge.

[longhorn]

Quote:

Originally Posted by tsk1979

There is no transponder in Tata Safari Dicor key.
If your remote goes for a toss, you have to manually enter a security code after inserting the key in ignition. This secure code is given along with your user manual of the security system.

That clears the air. So if you have a key copied, you can just walk in, enter the default code and drive away. Child's play for any car thief worth his name.Therein lies the beauty of the iCATS. You cannot start your car even if a thief makes an exact copy of your key onto a blank new key. You car can only be started with the key that comes from the factory.

Quote:

Originally Posted by amitk26

I heard the word rolling quite a few times , I do not know what exactly is meant by rolling but I think should be similar to well known Authentication and Key agreement ( AKA) .

Rolling means the code is not static. It is reset every time the code has been successfully matched based on some algorithm. Of course we cannot say that a car can never be stolen insipte of iCATS because they are far more expensive cars being stolen in the West, where the security systems in place are far ahead of what we use.

Quote:

Originally Posted by amitk26

What is not fool proof is if you client itself is physically compromised that is someone takes key from you and without your knowing makes a copy of your key. The key is an embedded system and cloning it means it's private key data is also cloned..

Agree with you on this one. Not sure whether thiefs in India are that advanced, but cloning (not duplicating) a key requires some expertise and probably could not happen with support from A.S.S. staff.

[vidyasagar]

Dear Amit sir,

The process of cloning the key is a misnomer. Only the mechincal part of the key can be cloned. The transponder in the plastic cladding of the key can NEVER BE CLONED. Every transponder has a Unique ID. It is like finger print for humans.

In case your key is lost the following is done by the factory / service rep:

1. Erase the ID of transponder that is stored in EMS
2. Make a Mechanical clone of the key. (easy as the design has a ref number and can be made quickly by factory)
3. take a blank / virgin transponder and put it in the mechanical key
4. Make the EMS learn the Unique ID of the new transponder
5. Make the transponder learn a few secret parameters thats known only to OEM.

So what is actually being done is, you are getting a brand new transponder and key. Its not the clone. As the ID of previously learnt but lost transponder is erased, the system is doubly safe. Anyone who accidently gets hold of your key and knows your car, still cant start your car.

Further, Once a Transponder chip is mated to an EMS system, It can never be mated to any other EMS system, even if it is same car and variant.

[amitk26]

Quote:

Originally Posted by longhorn

That clears the air. So if you have a key copied, you can just walk in, enter the default code and drive away. Child's play for any car thief worth his name.Therein lies the beauty of the iCATS. You cannot start your car even if a thief makes an exact copy of your key onto a blank new key. You car can only be started with the key that comes from the factory.

Rolling means the code is not static. It is reset every time the code has been successfully matched based on some algorithm. Of course we cannot say that a car can never be stolen insipte of iCATS because they are far more expensive cars being stolen in the West, where the security systems in place are far ahead of what we use.

And how exactly that code rolls and every time ECU knows code has rolled ever wondered.

What you call as rolling has certain defined name in security technology terms and I described most commonly used such rolling scheme known as AKA in my last post.

If you don't belive my words then search on Alibaba ( I did just few seconds back in order to satisfy you ) portable SBB car immobilizer duplicating machines are available , A thief need not understand the algorithm or Challange response mechanism but just can use this cloning machine to clone your iCATS for approx 300$.

Only hindrance here is that law enforcement should control and curb the sale of these cloning machine to unauthorized users. But I heard they are unable to control cloning of currency notes issued by state leave alone car keys.

Quote:

Originally Posted by vidyasagar

Dear Amit sir,

The process of cloning the key is a misnomer. Only the mechincal part of the key can be cloned. The transponder in the plastic cladding of the key can NEVER BE CLONED. Every transponder has a Unique ID. It is like finger print for humans.

In case your key is lost the following is done by the factory / service rep:

1. Erase the ID of transponder that is stored in EMS
2. Make a Mechanical clone of the key. (easy as the design has a ref number and can be made quickly by factory)
3. take a blank / virgin transponder and put it in the mechanical key
4. Make the EMS learn the Unique ID of the new transponder
5. Make the transponder learn a few secret parameters thats known only to OEM.

So what is actually being done is, you are getting a brand new transponder and key. Its not the clone. As the ID of previously learnt but lost transponder is erased, the system is doubly safe. Anyone who accidently gets hold of your key and knows your car, still cant start your car.

Further, Once a Transponder chip is mated to an EMS system, It can never be mated to any other EMS system, even if it is same car and variant.

OK then what exactly is this product and how exactly it works ?

http://www.alibaba.com/product-gs/30...r_machine.html
AUTOMAN V.5.11 Advanced Key Machine products, buy AUTOMAN V.5.11 Advanced Key Machine products from alibaba.com


Once physical key ( mechanical key ) is compromised is there any reason a thief can not repeat the steps 1 to 5 given above ? Given the material cost is so low.


I personally know a case where guy lost his key Honda took some 3 K as advanced and new duplicate key was issued.

[anujmishra]

This is scary to hear that Tata Safari is stolen. Where can I get Gear Lock in Bangalore? Any shop near whitefield, Indiranagar? I would be going for long journey on 1st January and it is very difficult to leave car on road.

-Anuj

[vidyasagar]

Dear Amit Sir,

If you see the link, it refers to Immobilizer system getting Bypassed. Not Key cloning. On Ignition, the EMS of the car talks with Immobilizer and Authenticates the key. This system which is mentioned in link, behaves like an Immobilizer and fools the EMS.

This said, I would like to point out that No security system in the world is fool proof for eternity. with the advances in technology and computing power, tougher security algorithms are being cracked in much lesser times now.

Further, The EDC15x, EDC16X series of ECUs from Bosch are good 10 to 12 years old. cracking the security codes of these systems may be possible as the key length and algorithm complexity in these systems is long outdated. The latest generation EMS systems are Mighty. Forget the Automan v.5.11, Even Alibaba himself will not be able to do it.