The Mystery of the Missing Car
MSNBC: was happy to recover my car, but found myself confronting a 21st-century quandary: how was our unstealable car so easily stolen? How is an undriveable car (without the right keys) taken on what appears to be a joy ride? Had Honda’s much ballyhooed transponder technology been hacked?

Automobile manufacturers have been using some kind of antitheft technology in keys since 1986 when General Motors introduced its original Pass Key system for Chevrolet Corvettes. The system worked using a small resistor chip embedded in the key with one of 15 different code combinations. When the key was pushed into the ignition, a controller module would read the resistance on the chip and, if it held the correct value, would start the car. There were lots of problems with the technology. The contact in the cylinder would erode and then even the right key couldn’t start the car. And thieves could easily guess among only 15 different possibilities.

Fifteen years later, the technology has improved markedly. Small passive transponder chips are now embedded into the majority of new-car keys. They have no batteries, but when inserted into the ignition cylinder, enter an electromagnetic field and awake, sending out a unique code. The newest systems, including my hybrid’s, employ something called a rolling code. The code is one of 4 billion variations and changes every time we start the car, making it almost impossible to hack it with a black box that cycles through the possibilities.

The new technology has had a demonstrable effect on car thefts. The Highway Loss Data Institute reports that factory-installed immobilizing antitheft devices reduce the stolen car rate by 50 percent. “It doesn’t go to zero, because you still have the ever-popular method of rolling cars onto a flat-bed truck,” says institute president Brian O’Neil.

But our car had indeed been stolen and driven, bucking the trend. After we recovered the car, I called a batch of auto security experts plus Honda’s own researchers, who all concluded that Honky had not been hotwired. “There is no way they could have driven it without really extensive damage or replacement of very large components,” said Ed Castaldi, a researcher at Honda. That left only one bizarre but unmistakable conclusion: someone had the key. And since we still had our keys, it suggested an inside job at the dealership, or that someone approached a Honda dealership pretending to be me and asking for a replacement key. Security experts say such a ruse is shamefully easy to pull off. Still, that’s a lot of work for a joy ride.
- posted by Sophont @ Saturday, March 13, 2004