Thursday, November 24, 2011



The navigation system in my car has an anti-theft feature that’s interesting, in that it relies entirely on a sort of herd immunity. The system is installed in the car’s dashboard, so it’s somewhat involved to pull it out. Easy for a pro, to be sure, but I mean that it’s not like one of those that sits on top, and one can just grab it and run.

When it’s first powered on after installation, the owner has the option of setting a password. If a password is set and the unit is ever disconnected from the battery, as it would be if it were stolen (or, of course, when the car battery is replaced, or when servicing the car requires disconnecting the battery), the password has to be entered in order for the device to be used again. The only way to recover from a forgotten password is to have the manufacturer reset the system — and they will, one presumes, take some measures to ensure that you hadn’t simply boosted it.

The interesting thing about this mechanism is that there’s no way for a thief to know whether or not a password is set. This anti-theft feature does nothing to actually prevent theft, but only to prevent the use of the system after it’s stolen. That’s only a deterrent if the thief knows two things: that this model has this feature and that almost all owners set a password (so that the likelihood of stealing a usable unit is too low to be worth the trouble).

Setting a password does absolutely nothing for your own device’s security — once it’s stolen, no thief will come put it back when he finds that he can’t use it nor sell it. Rather, we all depend on the widespread knowledge, at least among thieves, that everyone sets one. If I opt out, I’m covered by the rest of you. But if too many people opt out, then no one’s unit is safe.

And there is a big down side to setting a password: when your battery’s disconnected for service, if you’ve forgotten the password (which you only used once, maybe several years ago) your nav system becomes a brick.

Perhaps all in-dash navigation systems use this mechanism, and thieves are well aware of that (and new thieves soon will be). I wonder, though, how many owners choose not to set a password.

No comments: