PIN to drive

[Krokkodillo]

Hi all,

I've recently serviced my M3 in Dartford SC. I was asked to hand over the key card and also I was asked for PIN to drive. I did not setup the pin but apparently this is a good practice to set it. If someone attempts to pick up Bluetooth signal from your phone to get access to your car it won't be able drive off without knowing the pin. I think prevention is better than a cure? Any thoughts on PIN to drive mode?

 

[Cowpring]

I don't think people can intercept the Bluetooth signal like they can with a normal car fob. It's far more secure I believe.

I always have PIN to drive set. While its a very minor inconvinence to enter it every time I want to drive, i'd much rather that than someone driving off with the car if they did manage to get access.

Plus my kids love entering the PIN when they sit in the front seat. I'd probably be in trouble if I disabled it.

 

[Krokkodillo]

I found a video of such occurrence:

 

[freekie]

I use PIN to drive to prevent theft. (Advised by insurance company too). When it goes into SC, they don’t ask for the PIN but they ask me to disable PIN to drive. I then reactivate it when I get the car back.

 

[Glan gluaisne]

I found a video of such occurrence:

The Model S remote doesn't use Bluetooth, and has been identified as being prone to relay attack. The Model 3 uses Bluetooth and a different type of key fob to get around the relay attack vulnerability. Tesla introduced PIN to drive as the default setting on the S and X as a way to circumvent fob relay attacks.

The key fob for the Model 3 isn't vulnerable to the relay attack vulnerability as far as we know. Bluetooth LE, as used by the 'phone proximity sensing, is also immune to relay attack as far as we know.

[edited to remove typo]

 

[jmaddr]

Bluetooth LTE, as used by the 'phone proximity sensing, is also immune to relay attack as far as we know.

I will say this, you have to be really close for the BT unlock to work. Like if the phone is in your rear pocket your have to turn around and do the “butt” bump in order for it to sense it. Front pocket no problem.

 

[Glan gluaisne]

I will say this, you have to be really close for the BT unlock to work. Like if the phone is in your rear pocket your have to turn around and do the “butt” bump in order for it to sense it. Front pocket no problem.

The same seems to be the case for the Model 3 key fob. The car will lock if you just move a couple of feet away from it.

 

[NastyNick83]

I've recently started using pin to drive and think it's worth the minor inconvenience of entering a 4-digit code each time.

Like the good ol' days of Citroen Saxo's (if I remember correctly).

As others have said - can't relay the bluetooth signal, so that's good - but pin code helps if someone steals your phone / wallet. Also someone attacked my wife's work colleague with knives as they were getting out of their car (Merc A35) but they couldn't drive away as it had a Ghost immobiliser - pin to drive will work in a similar way.

 

[Jason71]

It's one thing for the SC to ask you to deactivate PtD but they should not be asking you to hand over your PIN. And you shouldn't let them have it even if they do. That is just bad practice. I am surprised they don't have an override the way the app can.

 

[pgkevet]

It's one thing for the SC to ask you to deactivate PtD but they should not be asking you to hand over your PIN. And you shouldn't let them have it even if they do. That is just bad practice. I am surprised they don't have an override the way the app can.

Disbaling PIN doesn't stop it being nicked while parked awaiting collection. You can always reset the PIN to one you use for the SC and have another private one after.....unless you are having to go back every week..

 

[Alex987854]

That is just bad practice. I am surprised they don't have an override the way the app can.

If they had it, its likely that thieves would have it as well.

 

[vitesse]

It's one thing for the SC to ask you to deactivate PtD but they should not be asking you to hand over your PIN. And you shouldn't let them have it even if they do. That is just bad practice. I am surprised they don't have an override the way the app can.

I've been asked for my PIN. If you are given a loaner to use it won't even have P2D available (or at least set). Just set a new PIN when you get the car back.

 

[vitesse]

I though a pinpad in a car was such a great idea - about ten years or more ago and even today wonder why it never caught on.

 

[RichieC]

I don't think people can intercept the Bluetooth signal like they can with a normal car fob. It's far more secure I believe.

I always have PIN to drive set. While its a very minor inconvinence to enter it every time I want to drive, i'd much rather that than someone driving off with the car if they did manage to get access.

Plus my kids love entering the PIN when they sit in the front seat. I'd probably be in trouble if I disabled it.

The Model S remote doesn't use Bluetooth, and has been identified as being prone to relay attack. The Model 3 uses Bluetooth and a different type of key fob to get around the relay attack vulnerability. Tesla introduced PIN to drive as the default setting on the S and X as a way to circumvent fob relay attacks.

The key fob for the Model 3 isn't vulnerable to the relay attack vulnerability as far as we know. Bluetooth LE, as used by the 'phone proximity sensing, is also immune to relay attack as far as we know.

[edited to remove typo]

I know it's been said that the phone's bluetooth connection with a Model 3 is immune to a relay attack, but a simple way to make sure would be to just turn off bluetooth on the phone at night - then there's literally nothing for it to "relay" the bluetooth connection to!

 

[Doudeau]

My wife couldn’t find her key fob the other week and so I set a PtD as a precaution.

A couple of days later I found the key fob in the boot.

I’m keeping the PtD as I found it’s no real hassle and I’ve ordered aftermarket bulbs - so, next time, I won’t need to use a torch to find the black key fob just sitting in the middle of trunk .

 

[Glan gluaisne]

I know it's been said that the phone's bluetooth connection with a Model 3 is immune to a relay attack, but a simple way to make sure would be to just turn off bluetooth on the phone at night - then there's literally nothing for it to "relay" the bluetooth connection to!

Good idea!

Doesn't effect me, as I rarely even have my 'phone on, let alone have BT turned on, but I have wondered how the car recognises the key fob (I use the fob all the time). AFAICS, the key fob for the Model 3 works in much the same way as a 'phone with BT turned on, in that keyless entry and walk away locking work just the same.

The fob only has a small CR2032 battery, though, so it can't be using BT, I think, and must be using something else, although I've no idea what that might be. Other cars with keyless entry seem to use a low frequency transmission from the car to activate the fob, but doing this opens up the relay attack vulnerability, I believe.

 

[RichieC]

Good idea!

Doesn't effect me, as I rarely even have my 'phone on, let alone have BT turned on, but I have wondered how the car recognises the key fob (I use the fob all the time). AFAICS, the key fob for the Model 3 works in much the same way as a 'phone with BT turned on, in that keyless entry and walk away locking work just the same.

The fob only has a small CR2032 battery, though, so it can't be using BT, I think, and must be using something else, although I've no idea what that might be. Other cars with keyless entry seem to use a low frequency transmission from the car to activate the fob, but doing this opens up the relay attack vulnerability, I believe.

I don't have a key fob for my model 3, but i had assumed it would use bluetooth - not sure how much power new Bluetooth LE low power devices use, but as you say it seems unlikely that a small battery like a CR2032 would provide enough power (I could be wrong).
Do you have to add the fob as key the same way that you do for phones and key cards in the car menu?

 

[Glan gluaisne]

I don't have a key fob for my model 3, but i had assumed it would use bluetooth - not sure how much power new Bluetooth LE low power devices use, but as you say it seems unlikely that a small battery like a CR2032 would provide enough power (I could be wrong).
Do you have to add the fob as key the same way that you do for phones and key cards in the car menu?

Yes, the fob is added just like a 'phone or RFID card in the car menu.

I've been wondering if the key fob detects the very weak RFID signal that's constantly transmitted from the door pillars. Seems a bit unlikely, but it's hard to see what else could be activating it as you walk up to the car.

 

[Drmouse]

You can always reset the PIN to one you use for the SC and have another private one after

That's probably a good option

If they had it, its likely that thieves would have it as well.

Always remember this. It's the same as the reason the govt shouldn't have back doors into encryption: If the govt have it, thieves and fraudsters* soon will, too.

*Always assuming you don't consider them one and the same lol

 

[VanillaAir_UK]

Bluetooth LE can be used to detect devices even when they appear to be turned off - I used it once to find a misplaced device several days after it would have 'died'. Power drain can be negligible.