I laughed out loud! Walmart is the classiest place anywhere! NOT!

I'd honestly rather shop at Fred Meyer or Kmart or some other major chain 'everything' store LOL.  And intend to if there's one nearby.

The only reason I go to Walmart is clear American. That stuff tastes good and it has no calory or sodium.

Clear American? (It must be a product but it sounds like the Walmart culture!)

Yeah, it's pretty good. The pineapple coconut favor is the best IMO.

Well, as far as I know, Wallmart is a subsidiary of British Tesco...
And if I may compare, what I've seen in the south-west US Wallmarts, it was not that much different from the Tesco here (not in GB): buy c***p, sell expensive, make as much money regardless what customers mean about it. The media massaging takes care of that for them...

I thought Wal mart only owned sams club not tesco. I've heard that before but I didn't known if it's true.

We are now getting a severe t storm. It is pouring and lots of lightning. No car alarms have gone off yet.

people never react to car alarms but they react to a loud bang like a shotgun sound so I made my one sound like that a loud deafening boom  it is really funny when some one walks past and you push the button some people jump pretty high

How to dispel the neighbors dogs. 

LOL I'd much rather shop at WalMart than KMart here. The KMarts here are 100% riff-raff lol. WalMart's pretty much the same way but at least WalMart has a good inventory. KMarts here are ghetto, have a narrowed inventory, etc. Never heard of Fred Meyers. Must be a regional thing.

My car is a 1990 Buick Regal, and it doesn't have a car alarm (or key fob for that matter!) which works out fine for me since I always use the key to unlock the door and button inside the car to lock the doors when I leave (even in my parents' vehicles, which have key fobs). We went to Florida last April (2015) and rented a 2015 Chevy Impala. What a car! The car was keyless though, which I didn't like. There was ONLY a key fob to unlock/lock the door and simply a push-button to start/stop the car. Granted, you could only start the car with the key fob inside the car, but I feel like so much could go wrong. The key fob could die and then you're barred from your car! IMO there's no need for technology that advanced for a car. I like a good old-fashioned key.

Wel, just a mechanical key ios by far not sufficient protection - way too easy to overcome. It really needs some electronic authentication - the regular RFID immobilizer onto the key is just good enough.

But definitely the "keyless" concept is completely ill concept. Recently, quite common "modus operandi" became popular among car burglars, mainly at the shopping centers and so on: They use a jammmer, disabling the communication between the remote control and the car, so an unsuspecting driver does pushes the "lock" key, but the car does not locks. And viola, the way for the theft is open.
And because the burglar "hadn't to overcome any barrier", the insurance companies treat that as the car was left unlocked by the owner (so careless behavior), so either reduce, or refuse the compensation at all.
Of course, the easiest prevention method is to pull the door handle after the "locking" and check, whether the car is really locked. But how can you do that, when the car is supposed to lock only when you go away some distance from it?

And an additional "cherry on the cake": Already in 2003, where that was being developed, I've read a lot of articles about the security flaw the (at the time) proposed implementation based just on the signal strength had: When the burglar uses a relay link, the authentication would be possible even when the key (so owner) is far away from the car. The proposed solution was to measure the response time as one of the authentication parameter.
Well, now we have 2016 and I read in newspaper, how "the industry is surprised", when burglars have used an repeater/amplifier to make communication between the key and car even when the key is at home. Again, the insurance have tendencies to treat this as "unlocked case"...

The last hack with the relay link still requires pressing the switch on the remote. Assume the remote is safe in the car owner's pocket. I dont see the problem ?



This requires a design that prevents possibility of capturing the data once and echoing it back later. The design i see is :

Key --> car : "command"

Car --> key : random data (generated by pseudorandom generator in car)

Key --> car :
if switch_pressed :
  signed(random data) w/ private key embedded in key
else
  nothing

Car : verify data w/ matching public key embedded in car and that it match the data that was TXed, accept/decline command

The last hack with the relay link still requires pressing the switch on the remote. Assume the remote is safe in the car owner's pocket. I dont see the problem ?

Not really. Key pressing is required is required only with classic remote and there you suffice with one way communication. There the key data are encrypted by a pseudorandom sequence, that sequence is generated based on the number of key presses since the synchronization. The corresponding generator is implemented both in the key, as well as in the car, the car is programmed so the car know, what sequence to accept next time (so the one already used isn't valid anymore - so recording the sequence by the bulglar and replaying it afterwards does not open the car). The car is programmed so, it accepts codes corresponding to "few" cycles, as it is expected the key could be pressed without the car receiving the data (disturbed or missing signal), this number uses to be in the order of 256 or so, the total repetition of the pseudorandom sequence is then at least 64k cycles in the oldest systems, today are common 32bit generators (then it will never repeat, while allowing even more "lost" cycles).
But still this requires the user to find the fob in the pocket and find and press the button, so it is still considered as manipulation with a key (it does not matter if the key is connected with the car via the radio and not just by mechanic linkages)


The "Keyless entry" works so, you just come to the car with the fob in your pocket (purse,...) and just open the car and eventually drive it, without any need to touch anything on the key fob. This convenience is, what is the reason for the system, nothing else.
The authentication is done either continuously (so the car knows the key fob is nearby) and activates the authentication process in a way like you described or similar (just without any key pressing on the fob). The whole thing is designed so, the key has to be within some distance limit around the car. But most systems implement the limit just by the distance, how far could the LW field from the car transmitter (about 150kHz) reach the key receiver.
And with that is the problem - a relay link could be designed so, it extend this distance a lot (you may connect to some random long metal object to act as the transmitter antenna, or just use brute force power).
Plus other advantage: You never forget to lock the car and because you do not have to remove the keys from your pocket, most likely you will never accidentally leave them locked inside of the car.
The thing is, the advantages of not needing to shuffle the content of your bag to find the car keys is very attractive on the market, so car makers are practically forced to use that feature.

What surprises me: it is more than 10 years ago when the security flaw with the relay ling was described more than 10 years ago, with a possible fix (response time measurement - the relay link may start to transmitt the packet only after it receives it, otherwise it will disturb itself; stronger system may calculate even the time of flight - the relay ling can never be made faster than light, even with 100% perfect feedback suppression; but that would be quite complex - it would need an extra UHF link from the car to the fob, as the LW do not allow better accuracy than 100's meter or so)

I dont like the synced generators thing. It may fail when, for whatever cause, the key is activated >256 times while out of range from the car...

(example : kid takes the key and plays with it. He will activate it 256 times within few 10's minutes, especially if he sees a light on the key lighting up)



The switch-less design is flawed even against simple handle pulling thieves, without any RF equipment

Car is parked in front of house, and you left the keys in the house in the side near the car (if the house is built of RF-transparent materials as most houses in the US are, or if the key is right behind a glass door/window and the car is in front of it). Then the car will just stay unlocked all the time

I dont like the synced generators thing. It may fail when, for whatever cause, the key is activated >256 times while out of range from the car...

(example : kid takes the key and plays with it. He will activate it 256 times within few 10's minutes, especially if he sees a light on the key lighting up)

Well, if you allow that, the remote just stops working, you have to open the car in the old fashioned way (and for that pray, the long time not used mechanical lock didn't got stuck by a corrosion or so). The car key just isn't a toy and definitely not for kids (there is then just very small step for them to try driving "a big car" on their own...)
By the way on many cars after 2008 I haven't seen any light on the key fob at all, so that attraction is not there.
And the 256 allowed "skips" was with the 16-bit system,
The 32bit systems may allow even millions of such cycles (well, the computing power to evaluate all the possibilities within a reasonable time is in fact the limitting factor with the 32bit key systems; don't forget the application is quite limited on supply power - it should not drain the battery that much) even without jeopardizing the security, so there the key will mechanically fail and/or the battery die way sooner than you even approach that limit...
And don't forget after each successful transmission, the receiver become synchronized again (the receiver knows in which state the transmitter is), so that count does not accumulate...
Practically I've not seen any problem with that yet.
Plus the resync while starting (the immobilizer sends to the key fob  a randomly generated state variable) the car is becoming common, while it serves as a good resynchronization method. The main purpose of this is to fix one weakness of the basic system: New cars were not opened that many times, so were not that far in the sequence. So once recordin g any message from the real key, it is becoming not that difficult to find an unlocking sequence just by a brute force (the number of combinations to check is then rather limited to few 100's - quite easy task for present computers).
With this random shifting (depending not only on stepping in an sequence, but as well on e.g. real time or so) each start makes the guessing of the pseudorandom generator state (so generating "valid" opening sequence) really impossible even after first car start with that key (of course, the state registers in the car's computer are separate for each keay, so the number of working keys is limited to the number of state register banks implemented in the car's SW; for door opening and alarm deacticvation it uses to be 8 or 16, for starting the car only 2 keys could be assigned to a single car; of course the resynchronization works with only those two keys authorized to start the car, but normally those are the ones used at most of the time).