Forgot your password?
typodupeerror

RFID-enabled Vehicles: Pinch My Ride 429

Posted by Hemos
from the dude-where's-my-car dept.
Billosaur writes "Wired has an excellent article on the problems with the theft of RFID-enabled vehicles and how insurance companies are so over-confident in the technology, they are denying claims when such vehicles are stolen. Example: "Emad Wassef walked out of a Target store in Orange County, California, to find a big space where his 2003 Lincoln Navigator had been. The 38-year-old truck driver and former reserve Los Angeles police officer did what anyone would do: He reported the theft to the cops and called his insurance company. Two weeks later, the black SUV turned up near the Mexico border, minus its stereo, airbags, DVD player, and door panels. Wassef assumed he had a straightforward claim for around $25,000. His insurer, Chicago-based Unitrin Direct, disagreed." Their forensic examiner concluded that since all the keys were accounted for, there was no way the engine could have been started, despite the evidence that the ignition lock had been forced and the steering wheel locking lug had been damaged."
This discussion has been archived. No new comments can be posted.

RFID-enabled Vehicles: Pinch My Ride

Comments Filter:
  • by dfn_deux (535506) * <datsun510&gmail,com> on Monday July 31, 2006 @12:49PM (#15818104) Homepage
    Obviously you have no clue as to what you are speaking about. The column would steal need to be opened in order to remove/disable the wheel lock detent. The computer portion of the anti-theft system is often over ridden by clever theive who are either privy to the manufacturers over ride methodology (I.E. a prius allows a certain pattern of engaging and disengaging the parking brake to over ride the security system and other systems will be disabled by simply removing a specific fuse from underhood) OR they simply aquired an ECU with the secuirty system already diusabled and then swapped the computers to allow starting w/o the "correct" rfid embedded keys.

    Both of these methods are not only possible, but are common and becoming more common every day, especially on high dollar cars which are a big time target for theft, cadillac escalades and lincoln navigators are high on the list in my neck of the woods...

    I question your methodology for assesing this man's involvment as well, you remarks smack of ad-hominem attack fueled by your distaste for his choice of driving a "gas guzzling SUV", however you seem to be suffering from the same shortsightedness that many of the savagely anti-SUV crowd does, you neglect to account for the possible neccesity of such a vehicle, perhaps this many has a large family and a boat which he frequently tows? Oh, but then you'd have to get off your high horse ;)

  • RFID madness? (Score:4, Informative)

    by Elektroschock (659467) on Monday July 31, 2006 @12:58PM (#15818191)
    The European Union currently conduct a consultation on rfid [rfidconsultation.eu]. I really would like to know what the role of governments should be. Governments are lobbied like hell on rfid. Some civil rights groups call them spychips. And lobbyists approach governments. And the question is why? Shouldn't markets decide?

    Anyway, I suggest you to fill out the questionaire [europa.eu].

    Other intresting consultation links can be found here and [ffii.org]here [europa.eu]. It is important to get more people involved in these political procedures and legislature who actually know what they are talking about. And I would like to spam politicians with the request for 'better interoperability'. Here the regulator has to take measures. I found it very nice that the EU already considered it. "Interoperability, standardization, governance, and Intellectual Property Rights (1 June)"

    So maybe it makes sense to report cases like these to the authorities to avoid madness. I guess they do not read Slashdot.
  • by kidgenius (704962) on Monday July 31, 2006 @01:09PM (#15818282)
    First part you asked how the car knows the token isn't present. Well, there is a transmitter/receiver in the dash/steering column that sends a signal to the key/fob when the key is inserted. Then, because the circuitry of the RFID tag is excited, it transmits back a code to the receiver in the car. The receiver reads this code and the computer in the car verifies that it is the proper code for that car. If it is, it allows the car to start. If the code is incorrect, it prevents the car from starting.

    When the RFID token is not present, the computer prevents the car from starting. Without the ECU, your engine can't run. It is vital to the operation of your car. If the software in the ECU actively prevents operation of the car, there isn't anything you can do about it except to load new software onto the ECU that you cooked up (good luck).

  • by OlivierB (709839) on Monday July 31, 2006 @01:18PM (#15818358)
    A friend of mine works in a very large dealership of Germand made cars.
    New cars all come with a little plastic keyring with a tab attached to it. You scratch the surface of this tab to reveal a "Master Key".
    This key is akin to the RFID code needed to start the car, the dealer is supposed to give it up to the customer so that he can order a new set of keys, reprogram the other ones etc..
    This dealer has some people scratch all of these tags before they are given to the client, because as we well know, joe client will lose this in a blink.
    Without this key you need to contact the factory, wait two weeks, pay a fee and than program some new keys.
    On this particular brand, you can program/pair up to 5 keys per car if I remember correctly; only 5 keys can have the same code, I you lose one, you can only have four more etc.. After you've lost these you will need to reprogram all keys once again.

    My point is that at any level in this process you could have an insider job from the dealer, the manufacturer, or even some thief which goes through the dealer's bin picking these tabs if they aren't securely destroyed.

    Forensic evidence for this kind of theft is nearly impossible to tell, the cars ECU don't usually keep a whole lot of historical data.

    Nevermind that, if you get ahold of a dealer's servicing computer and a new ECU worth only a few thousand dollars you can actually reprogram the keys without need for the master key (plus you get to keep the ecu and put the old one back in when you abandon the car).
    The difficulty with this method however is not damaging the stering column or the physical lock.
  • by flooey (695860) on Monday July 31, 2006 @01:30PM (#15818453)
    When the RFID token is not present, the computer prevents the car from starting. Without the ECU, your engine can't run. It is vital to the operation of your car. If the software in the ECU actively prevents operation of the car, there isn't anything you can do about it except to load new software onto the ECU that you cooked up (good luck).

    To elaborate, cars nowadays have their engine computer-controlled by an Engine Control Unit (ECU). It often does everything from telling the spark plugs to fire to regulating the amount of fuel injected into the engine. When the key hasn't been properly authenticated, the ECU simply refuses to allow the engine to do anything.
  • by rworne (538610) on Monday July 31, 2006 @01:34PM (#15818490) Homepage
    It is certainly possible to get new keys. The reason there is an "urban legend" that it's impossible is because of the dealers - who charge ridiculous amounts to replace said keys: typically $80-$120US.

    I find that odd, since key blanks are really cheap. That and the RFID industry is claiming the technology is so cheap they can put these tags on merchandise for mere pennies.

    Honda can reprogram the immobilizer system even if you have no keys. It does require the dealer's help - just because they have access to the HDS (Honda Diagnostic System) that is required to perform the task:


    REPLACING ALL PROGRAMMED IGNITION KEYS
    If your customer has lost all of the programmed ignition keys, you need to replace all of the keys and rewrite the ECM/PCM with the HDS. The HDS clears all transponder codes from the memory of the ECM/PCM and stores the transponder codes of the replacement ignition keys.


    Each manufacturer does this differently, so there are some manufacturers that have immobilizer systems that cannot be reprogrammed without an ECU change if the master/learning key is lost.

  • by Akaihiryuu (786040) on Monday July 31, 2006 @01:36PM (#15818518)
    I used to work at a convenience store in Charlotte, NC as an assistant manager a few years back. Back in early 2003 there was an ice storm that took out power to 75% of the city for almost a week. My store was without power for 4 days. The insurance company denied the claim for the perishable stuff that had spoiled, because it turned out the policy stated that the only way they would pay for such a thing was if the transformer was completely removed from the poll and was on the ground. The transformer had not fallen off the pole, so they denied the claim, even though the entire area was without power for at least 4 days. I actually read the policy myself, couldn't believe it. I guess you should read the fine print of a policy before you get it.
  • Re:Denied (Score:3, Informative)

    by dankstick (788385) on Monday July 31, 2006 @01:56PM (#15818722) Homepage
    I would hope that Lloyd's denied the claim due to the fact that Cunard Lines had no insurable interest in the HMS Titanic. White Star Lines owned the ship. Hull and Machinery Insurance was paid by several Insurers who reinsured with Lloyds'.
    http://www.abc.se/~pa/publ/titan-own.htm [www.abc.se]
    http://en.wikipedia.org/wiki/Marine_insurance [wikipedia.org]
  • by Sax Maniac (88550) on Monday July 31, 2006 @01:59PM (#15818754) Homepage Journal
    MOD PARENT UP! They've already made their money. they win even when they lose. Otherwise the actuary should be fired.
  • by Svartalf (2997) on Monday July 31, 2006 @02:13PM (#15818892) Homepage
    Yep. Odds are, they found something not unlike this, and an ECU is mostly modular, with cable jacks
    in the device housing to allow the manufacturers to easily install the things on the new vehicle and
    to easily install a new one if the thing fails (which they do occasionally do...)- all it takes is
    is knowing where the ECU is on the vehicle, develop a procedure for swapping it out that takes 10 or
    less minutes to execute.

    You break in, break the column cover to get the ignition switch access without the key, you swap the
    ECU out with power tools and practice behind you and just go. It's not QUITE "Gone in 60 Seconds"
    speeds, but it's still within the timeframe of doing the deed and not getting caught speed.
  • Re:Here's an idea (Score:4, Informative)

    by vivian (156520) on Monday July 31, 2006 @02:33PM (#15819116)
    The wear and tear on a road surface is proportional to the fourth power of it's weight [about.com](see the section on maintenance) so actually a light fuel efficient vehicle should have to pay a lower price per gallon of fuel, or large vehicles pay a higher price per gallon.

    eg. if you have a 1000 kg car compared to a 2000 kg car, then the 2000 kg car is causing 32 times as much wear on the road surface, so the road will need repairs much sooner. a 4000 kg car would be causing 256 times the wear.

  • by Anonymous Coward on Monday July 31, 2006 @02:36PM (#15819155)
    No, not at all. The Claims Examiner is doing his job - denying your claim, and trying to get away with it. What, you think the insurance company WANTS to pay your claim. hahahahahaha

    An insurance company will use ANY excuse to disclaim - and I'll tell you what, if that exaiminer didn't, he would not be working long
  • by Software (179033) on Monday July 31, 2006 @03:46PM (#15819824) Homepage Journal
    >Insurance - especially car insurance, which one is required by law to carry - is forced extortion. I have seen denied claims, paid claims with increased premiums that beyond-covered the paid-out claim, my own insurance premiums rise after my car was hit while parked, etc., etc., etc.

    At the risk of nitpicking, in the four states where I've registered car insurance, only liability insurance was required. Comprehensive and collision coverage is not required by law, though it will be required by contract if you're leasing or still paying off your car. I typically drop comp & collision coverage when my car gets below $10K in value.

  • by pnutjam (523990) <slashdot@b o r o w icz.org> on Monday July 31, 2006 @03:56PM (#15819926) Homepage Journal
    My wife just had two tests done. One was a simple test for mono. It was billed at roughly $250.00. Insurance negotiated discount was $238.00. Total amount paid by the insurance company $12.00. You can bet your ass I would have paid a hell of alot more then $12 if I was paying cash. It's so insane...

    The other test was around $1200, with the insurance company only being charged $740 or so. I payed nothing but a $20 copay out of pocket, but the very fact that the system works this way is repugnant.
  • by Fastolfe (1470) on Monday July 31, 2006 @04:27PM (#15820195)
    ... paid claims with increased premiums that beyond-covered the paid-out claim

    The goal of bumping up your premium is not to compensate the insurance company. By having an accident, you have shown your insurance company that you are now in the class of people that have recently had an accident. Statistically speaking, you are more likely to have another accident than someone who has not recently had an accident. Your premium is adjusted to match their new information, not to compensate them for the amount they paid out.

    Once you are no longer in this class, your premium will drop back down. Your premium isn't dropping because you've "paid them back"; it's dropping because you are now in the class of people that haven't had an accident in a long time. Statistically speaking, you're less likely to have an accident than you were before, so your premium is adjusted.
  • Re:In other news (Score:3, Informative)

    by Schraegstrichpunkt (931443) on Monday July 31, 2006 @06:01PM (#15820989) Homepage
    Modern hard drives don't use stepper motors to position their heads. Instead, they use a voice coil [wikipedia.org] between two strong magnets. By varying the current through the coil (under closed-loop control) they can vary the position of the heads.
  • by Fastolfe (1470) on Tuesday August 01, 2006 @01:49PM (#15826243)
    Looking beyond simple statistics, it might even be LESS likely to happen again since a person whose car has recently been damaged while parked is more likely to park in a less crowded part of the lot in spite of the longer walking distance.

    I agree. But given that having accurate statistics and making accurate risk assessments is the very lifeblood of an insurance company, and the primary way that insurance companies are able to compete with one another, I really have to give them the benefit of the doubt.

    But keep in mind that I wasn't trying to explain the increase due to his parked car. That appeared (to me at least) to be an independent thought. I was just trying to explain why premium increases seemed to exceed the actual cost of the claim that was paid out.

* * * * * THIS TERMINAL IS IN USE * * * * *

Working...