I suspect older immo bypasses used an engine ECU read/write primitive to read & rewrite the firmware over the diagnostics port (K-Line or CAN). Those primitives are usually based on undocumented commands used during a legitimate firmware update process (loading new "calibrations" as it's called in the industry) - there's a chance those same undocumented routines exist in newer ECUs, in which case you don't actually need to break the cryptography if you can rewrite the firmware to skip the check or seed it with your own key material.

I did find an older VW "emergency start" product that claims to only work with Bosch MED17 and MED9, and I suspect it's using a memory-access primitive (either UDS or CCP) to release the immobilizer.

It's trivial to disable an immobilizer in software by re-flashing the ECU, yes, but modern ECUs have two strong protections against this:

* Cryptographic signature checking against update/re-flash payloads (I've done extensive research on these on VW Continental ECUs - https://github.com/bri3d/VW_Flash )

and an even better and more obvious protection:

* The ECU application software won't descend into the re-flash software (Customer Bootloader) unless the immobilizer is free (a valid key is present).

This is a lot of what helps to reduce surface area from an "emergency start" style attack to an AKL attack - now that the Customer Bootloader won't start without the Immobilizer being unlocked, an attacker needs to remove the control unit to flash it with a Supplier Bootloader exploit ( https://github.com/bri3d/simos18_sboot ) or physical access (BDM/JTAG).

Can't the AKL process effectively be turned into an "emergency start" attack anyway?

At least in the US, there are portals for non-official repair technicians to buy access to reprogram ECUs/keys/etc for a given car (keyed by VIN) - I can see this being abused (it can't be that hard to buy access under a false identity), not to mention that professional car theft gangs might convince/coerce an insider to give them even deeper access to the signing service if not the raw private keys.

Once you have access to the signing service in one way or another and a valid network connection, can't you just perform the AKL process in the field by simulating a legitimate AKL procedure that a dealership might do? Presumably writing custom software to automate all that (vs having to manually click through a slow scan tool or the often-terrible official software) would cut down the required time to a couple minutes.

In short: Yes. This is a big threat model that manufacturers try to guard against.

However, there are a few protections here:

* Most manufacturers do fairly aggressive KYC / risk protection for their online programming services. The VW one is called FAZIT/GeKo, you can find the subscription process online and it is similar to opening a business bank account. Still, you're right, aftermarket account sharing is a big thing and as always, a cat and mouse game that manufacturers are usually losing. You can easily rent VW online coding accounts by the hour on shady websites.

There's also second layer of protection for official AKL specifically which is harder to defeat, though:

* Most European manufacturers do not allow an All Keys Lost process to be carried out entirely online. For example, for VW, dealers or aftermarket vendors need to buy specific, physical "dealer keys" for a given VIN. These physical key fobs are seeded with some key material and registered with the shop and VIN in the backend / FAZIT database. The signing server backend for ODIS (GeKo) will not adapt keys to a car unless the key material matches and the VIN was already associated with the key in the backend. Of course, there are social engineering attacks here still, but it's basically 2FA for key programming, with a lead time of "they ship the key to you," and it prevents the attack you describe from being plausible by legitimate means.

HOWEVER, this is also one of the major weaknesses in the VW Immo 5 cryptosystem architecturally - since the actual message authentication is symmetric (MAC based), if the secret AES key material can be extracted from the immobilizer system, aftermarket tools (Abrites, Autel, VVDI/XHorse, etc.) can create and adapt a "Dealer Key" without prior authorization. So we get back to the current state of these systems - because authentication is symmetric, with long-term physical access to the car, specific control units can be removed and secret key material extracted and used for reprogramming. However, drive-by quick-and-dirty "plug two wires from outside" attacks are very challenging.

Very interesting, thanks! Glad to hear there's at least an attempt at actual due diligence and theft prevention as opposed to merely making it difficult/expensive for independent shops or car owners.

The longer and more involved I get in automotive diagnostics and programming as a hobby, the less I believe there is any particular conspiracy against independent shops and owners in the automotive industry (versus in the heavy equipment and ag industry, where there absolutely is a conspiracy).

The threat model most automotive systems are designed against (when they are designed against anything at all) is absolutely not "we want to screw over those damn independent shops trying to run diagnostic routines!" - it's "how do we lock down the immobilizer, the ADAS, and protect ourselves from tuning-related warranty fraud." Independent shops and individual enthusiasts are just caught in the crossfire between thieves, ADAS tampering, and manufacturers/insurance/regulators.

> In this case, the real weakness was that the immobilizer protocol allowed the car to start without message authentication, the CAN-related message injection thing was a sideshow.

Right ? Because the messages are not authentified, once the car stolen, the thieves can even remove the immobilizer and put a DIY with a set of keys when they send the car in a container, to make it 'ready to ride' ouf-the-box

You know that Toyota, the manufacturer here, is a Japanese company, right? European versus American regulations have literally nothing to do with this, which was your original point.

Their original point does not talk about American regulations at all, but rather that European regulations are stricter and therefore European cars will have tighter security.

You're the one that chose to interpret that as "stricter than American".