So my 2014 Jeep Cherokee key fob has been hacked by someone. Broken into twice, in 2 weeks, first time stole stuff, no valuables left in car since. I guess it's better than broken windows.
Anyone have experience with replacing FOB with something else, or doing something other than putting FOB in fridge or foil? Do car manufacturers have a new solution out there these days?
I understand there are other hidden cam options etc to possibly catch. But actually just interested in scrapping FOBs or finding a secure upgraded FOB that can't be hacked.
Do you keep the FOB close to the car inside? Move it away from the parked vehicle, toward the back of house.
I have seen video in our old neighborhood of a gang of folks going up to the garage with a scanner of sorts trying to pick up a signal from the FOB, and when they do, it opens they locks.
A couple years ago, my car was broken into. I'm 100% sure the car was locked the night before, but they got access to my car without breaking anything, as if it was unlocked. Because I'd locked my car, I asked the cops about other ways they could have unlocked it. I wondered if maybe my type of vehicle was susceptible to being hacked, etc.
They thought I was being dumb, and likely just forgot to lock the car.
Fast forward several months down the road, the same thing happened. My neighbors car was also 'broken' into (same make as mine)...but it was unlocked, even though he was certain he'd locked it.
I always wondered if there was a way they could scan a key fob, and copy the signal.
Can this also be done with a garage door opener? That would concern me more than my car.
Can this also be done with a garage door opener? That would concern me more than my car.
Can definitely be done with a garage door opener.
In fact, I recently programmed the built-in garage door opener in my Jeep Wrangler. The procedure went like this: 1 - setup your car to "listen" for the garage door signal 2 - trigger your garage door using your garage door opener 3 - hit save (basically)
Now, my Jeep uses the little button by the visor to open/close the garage door and I don't need the opener any more.
But with mine, I needed access to the garage door opener, to program the button in my car.
Wondering if the signal can be 'stolen' somehow, without access to the opener itself.
All radio signals can be stolen. It's a question of whether the encryption or format of the data packets can be decoded by systems other than the intended ones. Many garage door opener signals can be intercepted with inexpensive equipment.
The equipment to intercept wireless car keys is also relatively inexpensive. Search on Google for SARA or PKES attack
They could have also made a copy of your metal blade and opened the door manually.
Right but, that's going to require physical access to the keys. So, unless you valet'd the car with some unscrupulous attendant, it's going to very difficult to make a copy of the key.
But with mine, I needed access to the garage door opener, to program the button in my car.
Wondering if the signal can be 'stolen' somehow, without access to the opener itself.
All radio signals can be stolen. It's a question of whether the encryption or format of the data packets can be decoded by systems other than the intended ones. Many garage door opener signals can be intercepted with inexpensive equipment.
The equipment to intercept wireless car keys is also relatively inexpensive. Search on Google for SARA or PKES attack
Yep. Iran figured this out and stole one of our drones.
They could have also made a copy of your metal blade and opened the door manually.
Right but, that's going to require physical access to the keys. So, unless you valet'd the car with some unscrupulous attendant, it's going to very difficult to make a copy of the key.
There is an ebay key seller that will cut you a copy of a key based on the photo you send him,.
This has been around for a long time. Basically if you open your car with the fob, a receiver can store that broadcasted data and replay it at any time which can fool the car into thinking you've hit the button on you fob again.
This RF sniffer can be hidden in a bush and left running so that it would collect the signals from several houses all around you, or it could have been someone walking down the street with a sniffer in their pocket and whenever you opened your door they caught it.
The whole "wrap your key in tin foil" is not the same. Some cars have RFID chips in the fob and car unlocks as you approach. This is the only type of unlocker that would be foiled (pun intended) by this method.
Theives can not steal your lock/unlock signal by remotely engaging the fob from outside your house. It essentially works exactly like programming a garage door opener or universal TV remote. You hit the button on one device and record it on another.
This could be fixed by using a rolling code system that transmits a different code everytime you hit the button, but this is very difficult and expensive to implement, and would be nearly impossible for the dealerships to fix all the issues of fobs and cars getting "off cycle" of their codes. Both the fob(s) and the car would have to use the same algorithm to code and decode the signal and it would have to be based upon some other factor like a specific time code, which both the fob and the car would need to have perfectly synced time code for it to function.
is there an acronym that spells "f-o-b" that i'm not aware of? what's with the "FOB" spelling of "fob"?
Just for fun: FOB acronyms
Forward Operating Base which as I understand it is typically inhabited by Fobbits.
Fresh Off (the) Boat - referring to recently landed immigrants
Free on Board - having to do with loading freight for shipment
fob (lowercase) - according to Webster 1: WATCH POCKET 2: a short strap, ribbon, or chain attached especially to a pocket watch 3: an ornament attached to a fob chain 4 or key fob : an object attached to a key chain or key ring
They could have also made a copy of your metal blade and opened the door manually.
Right but, that's going to require physical access to the keys. So, unless you valet'd the car with some unscrupulous attendant, it's going to very difficult to make a copy of the key.
There is an ebay key seller that will cut you a copy of a key based on the photo you send him,.
Wow. One thing I found out the hard way with my 2001 Grand Cherokee is that there is some sort of electronic diode in the physical key so that even if you started the car with the key, it won't run because it's missing the electronic signal.
Now in the OPs case, he's just looking for a theft issue of the contents, not theft of the vehicle itself.
Wow. One thing I found out the hard way with my 2001 Grand Cherokee is that there is some sort of electronic diode in the physical key so that even if you started the car with the key, it won't run because it's missing the electronic signal.
Now in the OPs case, he's just looking for a theft issue of the contents, not theft of the vehicle itself.
Wow. One thing I found out the hard way with my 2001 Grand Cherokee is that there is some sort of electronic diode in the physical key so that even if you started the car with the key, it won't run because it's missing the electronic signal.
Now in the OPs case, he's just looking for a theft issue of the contents, not theft of the vehicle itself.
People steal Grand Cherokees?
Quicker than you can say 909 Inland Empire Crystal Meth
Called a couple dealerships and doesn't look like there is a fix. Key FOB is needed to start car, and no way to prevent FOB signal from being stolen when you approach your car and it unlocks. You may prevent FOB signal from being stolen while keys are in home stored sealed, battery out etc., but if someone has the hardware near you, they can steel your latest FOB signal when you lock or unlock your car.
So maybe this is the perfect excuse to get a classic car.
T Theives can not steal your lock/unlock signal by remotely engaging the fob from outside your house. It essentially works exactly like programming a garage door opener or universal TV remote. You hit the button on one device and record it on another.
This is partially accurate. On cars that don't have passive keys, you're absolutely correct, but for most newer cars that allow you to unlock and start the car without hitting a button on the "key" or removing it from your pocket, it's incorrect.
Those keys and the vehicle are constantly transmitting/receiving. If they weren't, the vehicle wouldn't know when the key was close enough to allow you to unlock/start. Those signals can be boosted from inside a house allowing someone with the proper tech the ability to unlock/start the car w/o the key ever being touched.
Exactly. If someone is in an apt/condo in proximity to a garage full of cars, they can steal FOB signal of any car that automatically detects and unlocks/locks as the person approaches/leaves car.
If your FOB is acting up or you feel like it's out of battery, you may have been hacked. You will know if it persists after you change battery or you get jacked.
So maybe this is the perfect excuse to get a classic car.
That was actually a plot point in the 2016 Pierce Brosnan movie that nobody saw called "I.T." Looks like it did $2M USD against an $11M EUR budget. https://www.imdb.com/title/tt2679552/
Yep, I saw the video from my neighbor. It was a Porsche Boxster. They unlocked it with a small box with an antenna near the garage door. proceed to rifle through it looking for handguns the police said. Then gone in just a few minutes.
So my 2014 Jeep Cherokee key fob has been hacked by someone. Broken into twice, in 2 weeks, first time stole stuff, no valuables left in car since. I guess it's better than broken windows.
Anyone have experience with replacing FOB with something else, or doing something other than putting FOB in fridge or foil? Do car manufacturers have a new solution out there these days?
Took me a minute to pull all the pieces together for this story.
Jeep actually had a good solution in the original 1993-1994 ZJ Grand Cherokees.
What they had was an infrared system.
The key fob (shown in the video below) had an optical transmitter on the end of the fob and there was an optical receiver inside the cabin up top where the thermometer, sunglasses holder, garage door opener goes.
You could only open the vehicle if you were standing at the door and pointing the end of the key fob up at the receiver.
The obvious major complaint about this was that you had to be right next to the vehicle to lock/unlock it.
So, in later models, they replaced this secure system with the standard RF type of transmitter.
On a separate note, we had an early 1994 year model Grand Cherokee which had a defect related to the alarm. The alarm circuit from the 1993 year model did not include the rear doors. So, in our cutesy little Apartment in North Austin, our Grand Cherokee got broken into when somebody smashed the small window in one of the rear doors.
They proceeded to climb in and steal our stereo speakers. As they were leaving, they opened the front door which set off the vehicle alarm.
We went round and round with Jeep about this and ultimately they wound up paying for us to get an aftermarket alarm from a window tint and alarm place in Austin.
Now the funny thing about that alarm was that I guess there were only some finite number of codes that they used. So one day, I stopped at a gas station near our apartment and when I went to unlock my Grand Cherokee, I noticed that I also unlocked the car parked next to me. I locked it again just to test and I'll be damn, that guy must have had the same aftermarket alarm with the same code as us.
I agree with an earlier poster that by now, remote keyless entry should have some basic sorts of security - rolling codes, or whatever.
This is interesting. My parents had a 1994 Jeep Grand Cherokee with the infrared sensors.
The alarm would go off at insane times and for no reason. If you even looked at the battery it would go off. Repair shops would call, driven mad by incessant honking that they could not disable while fixing the car.
If you reached your arm into the open drivers side window (say, to retrieve something while you were outside of car) it would go off.
Locked keys in it and opened it with a slim jim and it did NOT go off.
You'd need some kind of handshake between fob and car, or the car would need to issue security tokens to the fob. Or, you move to something like you say with an RSA like fob.
The problem is that that kind of security would get expensive.
T Theives can not steal your lock/unlock signal by remotely engaging the fob from outside your house. It essentially works exactly like programming a garage door opener or universal TV remote. You hit the button on one device and record it on another.
This is partially accurate. On cars that don't have passive keys, you're absolutely correct, but for most newer cars that allow you to unlock and start the car without hitting a button on the "key" or removing it from your pocket, it's incorrect.
Those keys and the vehicle are constantly transmitting/receiving. If they weren't, the vehicle wouldn't know when the key was close enough to allow you to unlock/start. Those signals can be boosted from inside a house allowing someone with the proper tech the ability to unlock/start the car w/o the key ever being touched.
You said it better than I did, but yes. This is what I was referring to with the whole "wrap your keys in tin foil" thing.
The one thing we should not get confused about is that there is the FOB which has an RF transmitter in it to lock/unlock the doors. Then, separately, there is an RFID chip buried inside your key which needs to be read by the vehicle in order to start the car. These are 2 seperate things that have nothing to do with each other.
The "chip key" has been incredibly succesful in reducing car thefts by hotwiring. It has, however caused a huge spike in carjackings though, because the theives need your keys to drive the car! lol.
RF sniffing/spoofing/pentesting of your unlock signal lets theives get into your car and steal anything inside. But they can not steal the car itself.
Don't keep valuables in your car folks. This is the moral of the story.
Reading through all of this, I had a thought. If you are concerned about someone stealing the FOB signal, and you also have a keypad next to your door for keyless entry as many vehicles do, would using the keypad instead of your FOB thwart this activity?
Reading through all of this, I had a thought. If you are concerned about someone stealing the FOB signal, and you also have a keypad next to your door for keyless entry as many vehicles do, would using the keypad instead of your FOB thwart this activity?
Do you have a car with passive keys or one that requires you to put your key in the ignition or a slot to start it?
If you have passive/contactless keys, you can't do anything to stop the signals and still use your car.
If you have traditional keys with no passive start or entry system, then sure using the keypad to get in (unless it's a wireless one - Ford offered this as an add on option), would secure the signals. But - is it really worth going through all of that hassle? If a criminal really wants to get into your car, they're going to do it one way or another
