Keyless Car Thefts

[Forty_Two]

See here an interesting post on the Porsche Forum (I had a Macan prior to my M3)

I say interesting but perhaps shocking would be a better choice of words

Macans are about to be uninsurable!

Macans are about to be uninsurable! New to the Porsche Macan Forums? Introduce yourself here - Porsche Macan Forums

www.macanforums.co.uk

The OP says .. . . . . .
I had my 2000 mile Macan stolen from road in London W9.
3.30 a.m. Tracker useless and staff are unhelpful (don’t wast money on a sub) Staff told me gps aerial had been removed in 30 secs
Ordered car without keyless and kept keys in faraday pouch….it makes no difference the Scumbags have cracked Porsche security!
3 weeks later my replacement car has been stolen after 2 nights!
Last night had a visitor from the country, this morning her Macan had gone
Now AXA will not cover me in a Porsche….cannot blame them
It is an epidemic and like Landrover, Porsche and Tracker are in denial about the problem

 

[M1tch]

#pintodrive

 

[Zilla91]

3 Macans stolen from the same place in under a month? Sounds like to me

 

[srichards]

There's the gameboy device around that breaches any security with the rolling code vulnerability. That is another step on from the relay theft technique.. More worrying this video suggests it's easy to order replacement keys from abroad with just the VIN so you can just take any car at all.

 

[Forty_Two]

#pintodrive

But if they can clone my 'key' they can change the PIN. It seems that they can clone every other cars key - can they clone a Tesla 'key'?

 

[WllXM]

#pintodrive

Didin't get the hashtag at first and thought your solution was to drive a Pinto...

 

[simon_rb]

But if they can clone my 'key' they can change the PIN. It seems that they can clone every other cars key - can they clone a Tesla 'key'?

I don't think you can order replacement "pre-programmed" keys from Tesla. You can order key fobs and cards but they come unpaired. So they'd need a key to program the new unpaired key..

 

[Foucault]

Does make me wonder if there was more to Porsche stopping sales of the current Macan in the EU than it not complying with new cybersecurity rules.

 

[WllXM]

Coincidentally when the all-new 2024 Macan is set to arrive within a couple months...

 

[dan223]

But if they can clone my 'key' they can change the PIN. It seems that they can clone every other cars key - can they clone a Tesla 'key'?

They can't clone your "key" though, and if they could they can't change your pin without the existing pin or your tesla credentials.

 

[buss]

They can't clone your "key" though, and if they could they can't change your pin without the existing pin or your tesla credentials.

This is an attack vector more people need to know. Having a car secured by a login with no 2FA means your password had better be secure, decent, and unique. If you recycle it on 10 websites and one of them gets the right kind of breach you're in for a hard time.

Better yet, disable any proximty-only privilege and enable 2FA.

 

[Forty_Two]

This is an attack vector more people need to know. Having a car secured by a login with no 2FA means your password had better be secure, decent, and unique. If you recycle it on 10 websites and one of them gets the right kind of breach you're in for a hard time.
Better yet, disable any proximty-only privilege and enable 2FA.

How do I enable / setup 2FA?

 

[Zilla91]

There’s this revolutionary tool called Google, it should be able to give you all the answers you’re looking for

 

[M00cow]

How do I enable / setup 2FA?

https://www.tesla.com/support/multi-factor-authentication

 

[Nouvelle]

And I was thinking about making one of these my next car...