Q7 STOLEN
Login  | |
|
Q7 STOLEN - 12/31/2006 1:00:51 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Q7 IS GREAT AND COOL
I BOUGHT ONE A MONTH AGO FULLY LOADED, BUT THE WEIRED THING THE CAR WAS STOLEN DURING DAY TIME IN LESS THEN 30 MINUTES AFTER I SAW THE CAR, IT WAS GONE , CAN ANY BODY EXPLAIN TO ME HOW SUCH A NEW ADVANCED THECNOLOGIE CAR CAN BE SO EASY TO STEEL... YEH THE CAR IS GREAT I WAITED TO HAVE ONE SINCE IT WAS ANNOUNCED IN 2005...BUT I REALY WANT TO KNOW HOW CAN audi EXPLAIN THIS, I LIVE IN UKRIANE AND CARS HERE ARE NEARLY DOUBLE THE PRICE THEN THE USA ...AND INSURANCE IS A JOKE THEY COVER LESS THEN THE VALUE OF TEH CAR , AND POLICE TO DO THEIRE JOB ASKED ME FOR MONEY FOR PETROLE AND PHONE CALLS THEY WOULD HAVE TO DO ....CAN ANY BODEY EXPLAINE OR HELP
cheers
|
|
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 1:12:24 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 1:44:45 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
why the smiles dave ??? do you think its funny?
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 1:49:51 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
yep you must have gave them the keys so be honest as the insurance will investigate
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 1:58:47 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
man if you knwo something about this i would appreciate, cause no i did not give them the keys first of all cause insurance covers less then waht i payed and credit intrest here is up to 12% discounted before hands by the bank , so i dont have any finacial intrest to give away my keys...my question is how could they do it ...from your reply it shows that your sure that nobodey can steel it unless they have the key code...how can i proove that cause that would point the finguer to my dealer who was the only one who handeled the keys .. i am deperate here and any info would help
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:02:54 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
bugger off your having me on
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:24:21 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
no am not i realy need help
if i can proove that audi is fulll proof then i can wide down the suspect list i have even contacted interpole myself cause police wont do it here i realy need help juts immagine how it feels you finaly buy what you need and after a month on christmas they steel it from you ...no i ant kidding i need help so please again if you knwo anything about protection form theft system in audi q7 please please help..police told me stories that my code was stolen...or even it can be hacked ...i need to make a case ..cause even insurance here witch cost 10 times more then in a normal country, wont moove a fingure till maybe after 3 month..so am on my own please help if you can
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:30:30 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
contact your insurance not Interpol
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:38:37 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Dave please you seem to be an expert on AUDI , PLEASE IF YOU CAN GIVE ME ANY INFO, ABOUT TEH SECURITY SYSTEM , so i can proove things , i would much appreciate, insurance ....well theire on holiday till 10th of january, by then i have no idea where the car would be
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:41:20 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
you provide the legit info on the car and ill check it out
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 2:57:09 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
WA1BV74L87D030769 THATS THE WIN NUMBER THE SALON WHERE I BOUGHT THE CAR HAD BOUGHT IT THEM SELVES FROM USA it was fully loaded, i can provide you of copy of the title etc... the car keys where handeled by other person then my self only on 2 occasions, by the salon that sold me the car and by the audi dealer here in ukriane where i changed oil for the first time
thanks
|
|
|
|
|
RE: Q7 STOLEN - 12/31/2006 6:35:20 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Also happy new year ...i wish all teh best and that no bodey ever suffer his car being stolen
cheers
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 1:14:56 AM
|
|
|
DenimTT
Posts: 397
Joined: 6/14/2006
Status: offline
|
Well that IS a Q7 vin #, that much I know for sure. If your story is true, then I am sorry for your turn of events this holiday season. As for security you have to have a key to START the vehicle, but not to drag it onto a flatbed and take it wherever you want and rip it apart. So as far as narrowing down the suspect list, good luck with that.
Theres more ways to stealing a car then just driving one away, mate. Did you get both remote keys and the valet upon purchase? Even then you can order and code more...
I've never had a car stolen, let alone one so expensive, but I have been ripped off a time or two. I've lost a couple stereos to punk ass thieves so I know how the violation feels for the most part. Unfortunately I know squat about the Ukraine (other then how to find it on the map), so I cant even tell you where to start your efforts.
All I can tell you is even the BEST, most advanced security systems on the market are nothing more then deterrents. If someone wants something bad enough theres no stopping human ingenuity and willpower. I mean it took me all of 15 seconds to think of a way around the Q7 security and I'm no thief. How do you think the repo men get them back? Hell with the vin # you just posted for public knowledge I could go order a key for your car first thing Tuesday morning, man. All it takes its a little knowledge and wit and you can steal anything on the road with fairly little hassle.
I would imagine no amature going after a Q7 (or any other high end late model) though. Sounds like you got hit by a pro and if thats the case you are fighting an uphill battle.
I do have one question though: why import an Audi from the US to Ukraine? Why not buy direct from Germany? Seems to be the most expensive way to get from point A to point B. No matter, good luck with your fight. For what its worth I hope you do find them and get justice, I hate thieves.
_____________________________
Samco TIP, Neuspeed P-Flo, NX IC Fogger, Methanol Injection, Forge 007, SIRIUS, Kenwood, JL, IPod, Autometer
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 5:34:54 AM
|
|
|
ou2mame
Posts: 204
Joined: 11/19/2006
Status: offline
|
I say move to the US lol
|
|
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 9:00:17 AM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Denim thank you for your reply, much truth there is in what you said....as for why form the USA import to here the answer is easy, price..all cars in usa are about 30 to 40 % cheaper then europe, for example you get the premium Q7 in usa for a max of 72k $ fully loaded and so on, while in germany were talking about 90k Euro..thas why here its a thriving business , all car sloons mostly import form teh USA, and it gets worst , the price variation on a range rover is even bigger...mercedes...etc...i payed for the Q7 amnerican one 112k usd, if i wanted teh same but european then i have to pay 132k euro. As for ordering the Key with the code, how can anybodey order it if they dont have the title for the car ?? thats an intresting point pls. can you elaborate pls.
cheers
happe new year all
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 4:11:41 PM
|
|
|
DenimTT
Posts: 397
Joined: 6/14/2006
Status: offline
|
Well not just 'anybody' could go order a key for your ride, but I work at a dealership so it would be no sweat. We order new keys all the time. All anyone needs is an inside connection at any dealership and your VIN and they can source a set of keys.
As for price variations around the world, I understand now. thanks. On the same tangent I was informed by a customer last week my TT would be worth over $100K in south korea. If I decided to export it, I could still pull a healthy profit consiering I only paid $14k here in the states.
_____________________________
Samco TIP, Neuspeed P-Flo, NX IC Fogger, Methanol Injection, Forge 007, SIRIUS, Kenwood, JL, IPod, Autometer
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 4:48:24 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
the criminal element is very resourceful with expensive cars I guess it was transported by trailer and stripped for spares or its in some dodgy country with a new key ( money talks ) if they really wanted a key that bad
_____________________________
Dave
UK member
|
|
|
|
|
RE: Q7 STOLEN - 1/1/2007 5:30:31 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Well i visited teh police today and tehy told me a million formula how its done, on top we were able to find traces of pouder in the place where the car was parked, and how they explained to me that the criminals have sufficiant equipment to scan the key code, but since it changes evrytime we start the car, they had to spry pouder over the wheeels in order to chek if the car was mooved or not after that they have scanned the key last time i used it, so it seems they did not use other set of keys but scanned the code...and police said i have 0.001 chance for it to be found ...i was shoked by the numbers they told me about ..25 cars form the same price range were stolen on that day in the capital of ukraine kiev ..infinity's q7's X5's they said the scan can occure anywhere if i went to supermarket or a restaurant..as long as they were able to scan the last code used evry time . so at least it took them some days of monitering ion order to gather the probabilites of the gathered scanns ...finally it seems that when we buy an expencive car we pay in part a certain value including the price for teh immobilizer and the alarm etc...and if anyone with connection can order teh keys ..or simply scan the code when its used ...i wonder what for all these expencive gadgets are placed in teh car and we pay dearly for them i quote here from audi site canada :
<<The immobilizer is an electronic anti-theft device. It is activated when the ignition key is removed and, together with the engine control unit, largely prevents unauthorized starting of the engine. The system uses a transmitter and receiver unit in the ignition key (transponder). Whenever an attempt is made to start the engine, it transmits a new code to the car’s electronics. The immobilizing is only cancelled if the key sends an authorization code. New encryption technology protects the system against electronically copied vehicle keys.
Note:
No system can provide 100% protection against theft. If thieves possess the necessary skill and determination, they may even be able to overcome the electronic immobilizer>>
So what for is it ..police here said proudly that the Q7 is toy car for theives ..i only wish i knew all these things before i bought the car ..Audi tell us how soffisticated it is ..and note us that its no real protection ...i think this is a major issue ...i mean they can SCAN the codes of the key ..is teh encryption so volatile ..i think as audi fans and clients we should have the right for better protection..or simply not advise us the system along with the car
cheers
|
|
|
|
|
RE: Q7 STOLEN - 1/3/2007 6:24:42 PM
|
|
|
pturbo
Posts: 4478
Joined: 9/10/2005
Status: offline
|
Sorry about your car getting stolen. It's happened to me before too.
In the future, you should look into GPS monitoring for your car. They have devices that can be mounted in hidden locations that will reveal where the car is - and once you get close(with or without the police) you can also remotely shut the car down via satellite. This gives you time to move in and recover the vehicle if nothing else.
< Message edited by pturbo -- 1/3/2007 6:25:05 PM >
|
|
|
|
|
RE: Q7 STOLEN - 1/3/2007 8:49:08 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
I thank you for your advice yeh its a way ..but even that they can detect and disable..i think the only thing left iks to use pulse clearance and voice recodnition for cars to start,
i mean these things are availiable in high end note booke, and they cost much less then the whole enchelada of imobilizer and alarms...simply car wont start till it knows your voice and your pulce..simple as windows do ...but no they wont use that though technology is availiable ...it does not cost much..this si why they wont use it...so we end up being stolen and we pay our hearts out ...just cause we like a barnd and have truct in the company that govern's it ....sorry for being so sour but been to the cops again and beleive me so GPS no immobilizer...no alarm...nothing can stop theives...the more sophisticated and more expencive ...easier to break ...i think were being fooled as consumers...not only audi ..merc.s bmw..all the high end cars they should provide protection ..and choose teh best methode..to my mind now...i think when cars are stolen...companie's dont mind ..you would have to buy another car..with insurance money witch will charge you a higher premiuim...while they get tax reduction and other benefits for paying out....the only person who loose is teh consumer..cause were so naive..we get attached to our cars..our kids also ..and the hurt ...can not be covered by any insurance..
sorry again ...the more i think ...and dig...the these things seems ........
cheers
|
|
|
|
|
RE: Q7 STOLEN - 1/4/2007 2:29:35 PM
|
|
|
fady
Posts: 17
Joined: 12/31/2006
Status: offline
|
Hello again everybodey, please do not get bored form thi ssubject i think its in evry bodey 's conacern...i have searched ..and look what i found on yahoo...i realy think var producers should do the same reaserch before they implement any security system in theire cars and then they sell it to us ..please read:
( this information is for educational purposes only, to help you with security)
You could find out what kind of cryptography they are using for the locks that would make it 10x easier to pick the lock and your one step closer to stealing it. Organic vs Electronic security have both their flaws. A metal key or an electronic key, both can be breached using brute force. Normally the Diablo or typicllay any Lamborgini will have radio-frequency keylocks and igigniton starters. Using Radio-Frequency Identification (RFID) from your labtop you could easily unlock the Diablo and start it. That is were my knowledge comes in handy.
I myself have cracked RFID, and TI DST. The encryption algorithm used in the TI DST tags is an unpublished, proprietary cipher that uses a 40-bit key. The algorithm was designed in the early 1990's by engineers at Texas Intruments, but is still being deploying in current systems. By today's standards, a 40-bit key is unacceptably short: advances in computing power have made such keys succeptable to brute-force key guessing attacks. Therefore, the actual security of the DST system rests with the secrecy of the proprietary algorithm used in the tags. One of the most important principles in cryptographic design states, however, that the security of a system should be based only on the secrecy of the keys, never on the secrecy of the algorithm.
We used some new special-purpose cryptanalytic techniques to reconstruct the algorithm used in the DST tags, by simply observing the responses that actual DST tags computed when presented with a large number of specially chosen challeneges. Using this black-box reverse-engineering method, we were able to implement a software program that, when given the same challenge and key as an actual tag, would compute the same response.
Our next step was to recover the secret key from a deployed DST device, using a brute-force key search. Unfortunately, it would have taken more than 2 weeks for our software implementation to find a key when running on 10 very fast PCs. We therefore implemented our key-search on a field programmable gate array (FPGA). The FPGA evaluation board we used is available online for under $200 in single quantities with all of the neccesary development software and cabling. Our implementation cracks 32 keys in parallel on a single FPGA running at 100MHz. At this rate, a single FPGA is expected to crack a key in just over 10 hours.
To decrease this key-cracking time even furthur, we connected 16 FPGAs together at a total cost of under $3,500. Texas Instruments provided us with 5 DST tags whose keys we did not know. The 16-way parallel cracker was able to recover all 5 keys in well under 2 hours.
We are currently developing and testing even faster and cheaper methods for recovering DST keys and will update this page with these results when they become available. The details are available in our academic paper.
After recovering a key, in order to attack a real DST system, we needed to create a radio device that could speak the same protocol as a hardware DST tag. This device would allow us to quickly extract the information needed to recover a key from a target DST device, and once the key was cracked, completely emulate the DST to a legitimate reader.
To accomplish this, we equipped a small and easily portable PC with a Measurement Computing digital-to-analog conversion (DAC) board; this board is also capable of analog-to-digital conversion. The DAC board can perform 12-bit A/D conversions on an input signal at a rate of 1.25 MHz and can perform D/A conversions and generate an output signal at a rate of 1 MHz.
We connected the input and output channels on our DAC board to an antenna tuned to the correct frequency range. We wrote modulation and demodulation software routines to decode and produce the analog AM signals transmitted by the TI reader as well as FM-FSK analog signals transmitted by the transponders. Using these routines, our equipment can eavesdrop on the communication protocol between a DST reader and transponder, or participate actively in a protocol by emulating either device. More details on this software radio solution are available in the academic paper.
To validate our attack, we extracted the key from our own SpeedPass token and simulated it in our independent programmable RF device. We purchased gasoline successfully at an ExxonMobil station multiple times in the course of a single day using this digital simulator. Similarly, we recovered the cryptographic key from a DST in the ignition key of our 2005 model Ford Escape SUV. By simulating the DST, we spoofed the immobilizer authentication system and started the vehicle with a bare ignition key, that is, with one that possessed no DST at all. Viewed another way, we created the pre-conditions for hot-wiring the vehicle.
Our attack on the DST cipher by no means implies wholesale dismantling of the security of the SpeedPass network, nor easy theft of automobiles. The cryptographic challenge-response protocols of DST devices constitute only one of several layers of security in these systems. The SpeedPass network has on-line fraud detection mechanisms loosely analogous to those employed for traditional credit-card transaction processing. Thus an attacker that simulates a target DST cannot do so with complete impunity; suspicious usage patterns may result in flagging and disabling of a SpeedPass device in the network. The most serious system-wide threat lies in the ability of an attacker to target and simulate multiple DSTs, as suggested in our example scenarios below. In some sense, the threat to automobile immobilizers is more serious, as: (1) An automobile is effectively an off-line security system and (2) A single successful attack on an automobile immobilizer can result in full compromise of the vehicle. While compromise of a DST does not immediately permit theft of an automobile, it renders an automobile with an immobilizer as vulnerable to theft as an automobile without one. Such a rollback in automobile security has serious implications. As noted above, significant declines in automobile theft rates - up to 90% - have been attributed to immobilizers during their initial introduction. Even now, automobile theft is an enormous criminal industry, with 1,260,471 automobile thefts registered by the FBI in 2003 in the United States alone, for a total estimated loss of $8.6 billion.
Extracting the key from a DST device requires the harvesting of two challenge-response pairs. As a result, there are certain physical obstacles to successful attack. Nonetheless, bypassing the cryptographic protections in DST devices results in considerably elevated real-world threats.
There are effectively two different methods by which an attacker may harvest signals from a target DST, and two different corresponding physical ranges.
The equipment needed to capture the data required to clone a DST tag at close range. From left, a microreader, a laptop, and a serial cable.
The first mode of attack is active scanning: The attacker brings a reader in her control within scanning range of the target DST. DSTs of the type found in SpeedPass and automobile ignition keys are designed for short range scanning - on the order of a few centimeters. In practice, however, a longer range is achievable. In preliminary experiments, we have achieved an effective range of several inches for a DST on a keyring in the pocket of a simulated victim using a tiny antenna. A DST may respond to as many as eight queries per second. Thus, it is possible to perform the two scans requisite for our simulation attacks in as little as one-quarter of a second. At the limit of the range achievable by a given antenna, however, scanning becomes somewhat unreliable, and can require more time.
The second mode of attack is passive eavesdropping. Limitations on the effective range of active scanning stem from the requirement that a reader antenna furnish power to the target DST. An attacker might instead eavesdrop on the communication between a legitimate reader and a target DST during a valid authentication session. In this case, the attacker need not furnish power to the DST; the effective eavesdropping range then depends solely on the ability to intercept the signal emitted by the DST. We have not performed any experiments to determine the range at which this attack might be mounted. It is worth noting purported U.S. Department of Homeland Security reports, however, of successful eavesdropping of this kind on 13.56 Mhz tags at a distance of some tens of feet. The DST, however, operates at 134 kHz. Signals at this considerably lower frequency penetrate obstacles more effectively, which may facilitate eavesdropping; on the other hand, larger antennas are required for effective signal interception.
Only careful experimentation will permit accurate assessment of the degree of these two threats. Our cursory experiments, however, suggest that the threats are well within the realm of practical execution.
The most straightforward architectural fix to the problems we describe here is simple: The underlying cryptography should be based on a standard, publicly scrutinized algorithm with an adequate key length, e.g., the Advanced Encryption Standard (AES) in its 128-bit form, or more appropriately for this application, HMAC-SHA1. From a commercial standpoint, this approach may be problematic in two respects. First, the required circuitry would result in a substantially increased manufacturing cost, and might have other impacts on the overall system architecture due to increased power consumption. Second, there is the problem of backwards compatability. It would be expensive to replace all existing DST-based immobilizer keys. Indeed, given the long production cycles for automobiles, it might be difficult to introduce a new cipher into the immobilizers of a particular make of vehicle for a matter of years. TI has indicated to the authors that they have more secure RFID products available at present; in lieu of specifying these products, they refer to the site www.ti-rfid.com for information.
In fact, RFID chips with somewhat longer key-lengths are already available in the marketplace and used in a range of automobile immobilizers. Philips offers two cryptographically enabled RFID chips for immobilizers. The Philips HITAG 2, however, has a 48-bit secret key, and thus offers only marginally better resistance to a brute-force attack-- certainly not a comfortable level for long-term security. The Philips SECT, in contrast, has a 128-bit key. The HITAG 2 algorithm is proprietary, while Philips data sheets do not appear to offer information about the cryptographic algorithm underpinning their SECT device. It is difficult to say, therefore, whether these algorithms are well designed.
Faraday shielding offers a short-term, partial remedy. In particular, users may encase their DSTs in aluminum foil or some suitable radio-reflective shielding when not using them. This would defend against active scanning attacks, but not against passive eavesdropping. Moreover, this approach is rather inconvenient, and would probably prove an unworkable imposition on most users. A different measure worth investigation is the placement of metal shielding in the form of a partial cylinder around the ignition-key slot in automobiles. This could have the effect of attenuating the effective eavesdropping range.
In the long-term, the best approach is, of course, the development of solid, well-modeled cryptographic protocols predicated on industry-standard algorithms, with key lengths suitable for long-term hardware deployment.
I found these videos to help you out. With your little hacking adventure.
http://answers.yahoo.com/question/index?qid=20061125202357AAXeTQB&show=7#cooliris
|
|
|
|
|
RE: Q7 STOLEN - 1/4/2007 2:37:27 PM
|
|
|
techbod
Posts: 12536
Status: offline
|
yep a laptop and bluetooth works well on the newer cars and the software is quite cheap
_____________________________
Dave
UK member
|
|
|
|
|
Printable Version
