Locking Your Cars!

The earliest RKE systems were quite vulnerable to the sort of attack described in the warning e-mails quoted above. Their RF transmitters (usually built into key fobs) sent unique identifying codes that could be picked off by 'code grabbers,' devices that recorded the codes sent out when drivers pushed buttons on their remote key fobs to lock or unlock their cars. However, times change and technology advances. In response to the fixed code security weakness, automakers shifted from RKEs with fixed codes to systems employing rolling random codes. These codes change every time a given RKE system is used to lock or unlock car doors and thus renders 'code grabbers' ineffective. That form of more robust code system became the industry standard for remote keyless entry systems in the mid-1990s, so automobiles newer than that are not vulnerable to being quickly and easily opened by criminals armed with code grabbers. It is theoretically possible for a very determined thief armed with the right technology and the ability to manipulate it correctly to snatch a keycode from the air and use it to enter a vehicle. However, the complexity and length of time involved in that process means your typical crook can't simply grab an RKE code in a parking lot and open up the corresponding car within a minute or two: the would-be thief would need specialized knowledge and equipment and would have to spend hours (if not days) crunching data and replicating a device to produce the correct entry code, then hope he could locate the same vehicle again once all the other steps had been completed. (In most parking lot scenarios, the target car would be long gone before the putative thief was able to open it.) As Microchip Technology, the manufacturer of KEELOQ brand RKE systems, noted of this possibility: The theoretical attack requires detailed knowledge of the system implementation and a combination of data, specialized skills, equipment and access to various components of a system which is seldom feasible.