Agreed, that's a lovely looking car. Don't forget to get a new number plate before driving off though!
So you don't think pulling out headlights or other devices to get to the CAN bus wiring, but using the OBD port. Not great that this is enough to hack the car "security" but good to know.
The question still unanswered is how they're getting in the car in the first place. Did you have Porsche Connect enabled? The app no longer supports remote unlock, but I'm wondering if the underlying protocol does. i.e. can someone from Porsche still send the relevant commands to the car to unlock it (and tell someone where it is).
GTS Stolen
A few years ago I was working with police on spate of Range Rovers being stolen. All linked to the same dealer, and, yes, the thief was connected to them.
If your vehicle is out of your control or sight, such as being serviced or in a drive-in car wash, there is always opportunity for a tracker to be secreted allowing the thief to locate your car to steal at a more convenient time.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
Ghost devices - I see these are getting a lot of mentions and I have no direct experience of one myself, but I do know how they operate.
I'm temporarily driving a Range Rover Evoque, 23 plate, and it' already broken down once which I wasn't surprised given the general history of Range Rovers, but I got talking to the AA guy that attended (well, JLR call them Land Rover Assist) and he said that he had attended a stolen vehicle fitted with the Ghost device that had been stolen.
Now I caution this with not knowing the full facts, but it raised the question about the ability of thieves to overcome vehicle security via the CAN BUS Injection method.
I'm temporarily driving a Range Rover Evoque, 23 plate, and it' already broken down once which I wasn't surprised given the general history of Range Rovers, but I got talking to the AA guy that attended (well, JLR call them Land Rover Assist) and he said that he had attended a stolen vehicle fitted with the Ghost device that had been stolen.
Now I caution this with not knowing the full facts, but it raised the question about the ability of thieves to overcome vehicle security via the CAN BUS Injection method.
Previously owned:
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
2022 Macan GTS Gentian Blue
Macan SD - Volcano Grey
Boxster S - Polar Silver
How do they operate? I can't see how it could send a start code the engine ECU (as the ECU wouldn't be expecting the code). Does it send a "shutdown" command if it's not given the right code? If so, I can see the CAN bus injection would struggle a bit with that. It would either have to stay on the bus and prevent the Ghost sending the shutdown messages (but as I understand it, that would probably mess up everything else needed to drive the vehicle too), or the thieves would have to physically disable/remove the Ghost.Bazza06 wrote: ↑Thu Nov 09, 2023 1:08 pm Ghost devices - I see these are getting a lot of mentions and I have no direct experience of one myself, but I do know how they operate.
I'm temporarily driving a Range Rover Evoque, 23 plate, and it' already broken down once which I wasn't surprised given the general history of Range Rovers, but I got talking to the AA guy that attended (well, JLR call them Land Rover Assist) and he said that he had attended a stolen vehicle fitted with the Ghost device that had been stolen.
Now I caution this with not knowing the full facts, but it raised the question about the ability of thieves to overcome vehicle security via the CAN BUS Injection method.
Interesting to note that if the car manufacturers add CAN encryption as they should, only the original components will trust each other so the Ghost systems won't work either. But in theory that's fine, as they won't be needed any more.
- Nuclear Nick
- Posts: 3820
- Joined: Wed Feb 17, 2016 3:42 pm
- Location: Bristol
See this article posted by Bluesnose earlier today. Great read!muzziman wrote: ↑Thu Nov 09, 2023 1:54 pmHow do they operate? I can't see how it could send a start code the engine ECU (as the ECU wouldn't be expecting the code). Does it send a "shutdown" command if it's not given the right code? If so, I can see the CAN bus injection would struggle a bit with that. It would either have to stay on the bus and prevent the Ghost sending the shutdown messages (but as I understand it, that would probably mess up everything else needed to drive the vehicle too), or the thieves would have to physically disable/remove the Ghost.Bazza06 wrote: ↑Thu Nov 09, 2023 1:08 pm Ghost devices - I see these are getting a lot of mentions and I have no direct experience of one myself, but I do know how they operate.
I'm temporarily driving a Range Rover Evoque, 23 plate, and it' already broken down once which I wasn't surprised given the general history of Range Rovers, but I got talking to the AA guy that attended (well, JLR call them Land Rover Assist) and he said that he had attended a stolen vehicle fitted with the Ghost device that had been stolen.
Now I caution this with not knowing the full facts, but it raised the question about the ability of thieves to overcome vehicle security via the CAN BUS Injection method.
Interesting to note that if the car manufacturers add CAN encryption as they should, only the original components will trust each other so the Ghost systems won't work either. But in theory that's fine, as they won't be needed any more.
Also see a linked article by Pen Test that shows some of the after market ‘security’ systems can actually introduce vulnerabilities that can easily be exploited making the car less secure than it was originally!
Nick
Defender 90 V8
991.2 C2 GTS
Macan Turbo - sold
BMW K1300S, BMW R1250 GSA
Defender 90 V8
991.2 C2 GTS
Macan Turbo - sold
BMW K1300S, BMW R1250 GSA
I'm don't have enough technical knowledge to answer how the immobiliser is bypassed but it that seems to be what is happening once they have access to the interior / electrics, for example with the RR bootlid intrusions. Where there's a will... and with the tech that seems to be available to these people. There's a whole industry devoted to defeating manufacturer security systems.
Yes, that is what is happening now. What I mean is, if they secure the electronics properly, having a keyhole won’t matter. They wouldn’t be able to drive away. Right now, with the lack of security, someone inside can easily get to the electronics and drive off.
Hi. I’m still investing what happened with my Macan S while waiting for the insurance company to stop faffing about.Tuscanracer69 wrote: ↑Sun Oct 29, 2023 1:04 am Had our GTS stolen from outside the house last night with all the security on and a crook lock steering wheel lock + directly under CCTV, two white males arrived 2:30 and got in without setting anything off, pulled the front dash down and got into the boot and accessed the security on the right hand side,
You mention the thieves got in without setting anything off. From the CCTV, did they appear to interfere with the car at all or just walk up and get in (i.e. no delay).
I’m wondering if the initial access was via a CAN bus attack, or if there’s either a key cloning aspect or perhaps some weakness in the Porsche Connect service that’s allowing them to know both where the car is and remotely unlock it.
Did you have an active Porsche Connect subscription?
-
- Similar Topics
- Replies
- Views
- Last post
-
- 95 Replies
- 10294 Views
-
Last post by Nuclear Nick