a bit disappointed with current Nuvi security

 

I was messing around with a friend's Nuvi 205, and set a random PIN number on it.

When I purposely tried to enter the wrong PIN numbers, it would just beep, but allowed me to quickly erase and enter a new # to try.

This is a big difference from what I remember on the Nuvi 200, in which if you punch in a wrong PIN # it takes you to another screen that would tell you that you must enter the correct PIN or take the GPS to the security location to unlock and use it. Then you have to shut it off and turn it back on.

The entire process of entering a wrong pin # and turning it off and back on to enter another pin # took at least 30 seconds to a minute, from what I remember.

The current Nuvi 205's process doesn't take any extra time to enter a new pin #, which means it's much shorter time required to enter a new pin #.

With 9999 possible combinations, it wouldn't take a bored / determined thief too long to brute force the security pin #. Say the average pin # is 5000 combinations or less, depending on whether you start at 0000 or 9999, and each try takes 3 seconds, it would takes roughly 30 minutes to an hour to brute crack a Garmin manually by testing out keys sequentially.

With the older nuvi 205 it would take 5-10 times as long, which should deter all but the most determined thief.

While the best solution is to never lose your GPS, there should be a more secure solution to the pin #. Either make it any length from 4 digits to 7 digits, or a combination of numbers and letters (which would increase the possible combinations from 9999 to 1.5 million possible codes). These would make brute physical cracking nearly impossible.

I'm hoping Garmin will address this in the future and make it more difficult to crack, with a firmware update.

--
http://www.poi-factory.com/node/21626 - red light cameras do not work

Mine don't do that

My original nüvi 200 and my new 255 both act like your friend's 205. I have never had to turn the unit off to re-enter a PIN.

--
><> Glenn <>< Garmin nüvi 2598

Suppose your PIN was either

Suppose your PIN was either 0000 or 1111 or 2222 or 3333 or 4444 or 5555 or 6666 or 7777 or 8888 or 9999? The thief would crack it in less than 1 minute.

My Nuvi 760 requires you

My Nuvi 760 requires you turn it off and then on again after getting it wrong each time.

yea don't do that

withashout wrote:

Suppose your PIN was either 0000 or 1111 or 2222 or 3333 or 4444 or 5555 or 6666 or 7777 or 8888 or 9999? The thief would crack it in less than 1 minute.

Yea never do that.

By the way, I messed up in my calculations.

If on average the PIN code takes 5000 tries, and it takes 3 seconds per try, it would take 4+ hours to crack it.

My math is: 5000 * 3 seconds = 15,000 seconds, divided by 60 seconds, and divided by 60 minutes, should come out to 4.17 hours or so.

I guess if a thief is bored and has nothing better to do they could try to hack it in 4- 8 or 9 hours (if unlucky the first 9,000+ times).

--
http://www.poi-factory.com/node/21626 - red light cameras do not work

could be the earlier Nuvi units

Fluxuated wrote:

My Nuvi 760 requires you turn it off and then on again after getting it wrong each time.

The Nuvi 200 I remember was from dec 2007, so maybe the newer Nuvi XX0 units use the newer CPUs and the newer firmware which did away with the turning off and back on again for security lock.

Maybe some customers complained about how long it took. Too bad.

--
http://www.poi-factory.com/node/21626 - red light cameras do not work

Wrong math

nuvic320 wrote:

My math is: 5000 * 3 seconds = 15,000 seconds, divided by 60 seconds, and divided by 60 minutes, should come out to 4.17 hours or so.

I guess if a thief is bored and has nothing better to do they could try to hack it in 4- 8 or 9 hours (if unlucky the first 9,000+ times).

My Nuvi's sleep for several minutes when you enter an incorrect PIN. Changing 3 seconds to 3 minutes makes it 250 hours to try them all. I hope the thief brings a power supply! wink

How old was this Nuvi?

nuvic320 wrote:

When I purposely tried to enter the wrong PIN numbers, it would just beep, but allowed me to quickly erase and enter a new # to try.

This is not how my Nuvi 350 and 760 behave. They go to sleep for a couple minutes in between incorrect entries. My 350 is 1.5-2 years old.

Slowly and carefully does it for me

johnc wrote:
nuvic320 wrote:

When I purposely tried to enter the wrong PIN numbers, it would just beep, but allowed me to quickly erase and enter a new # to try.

This is not how my Nuvi 350 and 760 behave. They go to sleep for a couple minutes in between incorrect entries. My 350 is 1.5-2 years old.

-------

Having a Garmin sleep for 1 to 2 minutes between inputting PIN numbers would cause you to wait it out in the parking lot.

When I power up and the unit asks for my 4-digit PIN, I would slowly and carefully punch in the numbers, select a destination and then I would start the car.

My 750 is about a year old.

My 750 is about a year old. If I were to enter the wrong PIN I can either turn it off and back on again or wait the 30 seconds (approx.) for the "Move to your security location to automatically unlock" screen to go away.

--
Fletch- Nuvi 750

You're Right!

nuvic320 wrote:
withashout wrote:

Suppose your PIN was either 0000 or 1111 or 2222 or 3333 or 4444 or 5555 or 6666 or 7777 or 8888 or 9999? The thief would crack it in less than 1 minute.

Yea never do that.

By the way, I messed up in my calculations.

If on average the PIN code takes 5000 tries, and it takes 3 seconds per try, it would take 4+ hours to crack it.

My math is: 5000 * 3 seconds = 15,000 seconds, divided by 60 seconds, and divided by 60 minutes, should come out to 4.17 hours or so.

I guess if a thief is bored and has nothing better to do they could try to hack it in 4- 8 or 9 hours (if unlucky the first 9,000+ times).

But how many thieves are bored enough, and have enough time available, to spend 4-8 hours cracking the security on a unit that you can buy new for less than $200 and is worth MUCH less than that on the black market.

They are probably out looking for something else to steal.

Security

I hate entering PINs on my 360. The keyboard is very wonky (sometimes you enter a value without feedback, sometimes you get feedback with the entry registering). Thus, mis-entry is very common. The unit makes me wait a minute or so before I can try again. That, plus the start-up time is just too long a delay.

Balancing the security provided by the PIN with the hazard of making it work while driving means that I don't use their security measures.

security...

How many bad attempts did you try before putting the correct code in? The behavior you described is not a problem, as described.

Internally the software might allow, say 10 attempts before a reset or some idle time is required. After 10 attempts, it might continue _acting_ like it's taking entries, while it silently ignores them (i.e. after 10 bad tries, even the correct password won't work unless there's a reboot or a wait of a minute or two before trying again). A bad guy could go on forever and not find the code.

The whole "security" concept is silly

I find any security lockout, at best, useless. Say a thief breaks into my car and steals my GPS.

The best thing that could happen is the thief takes my GPS, and then is unable to break the code and unable to profit. I'm sure he would continue his behavior until he finds an unlocked unit.

However, the thief might also turn on my GPS right away, discover it is locked, get angry, and cause more damage to my car.

Tell me when I can "lojack" my GPS and have cops pinpoint the thief. Until then, I'll not going to leave my unit in my car.

.

rocketwidget wrote:

I'm sure he would continue his behavior until he finds an unlocked unit.

And how long would he continue if all the units were locked? When people choose not to lock their unit, they ensure that thieves will continue to find it profitable. Do you really believe that a smash and grab thief is going to take it personal that your unit is password protected and do more damage?

If you search the history here, you'll find some very legit advantages to setting a password.

--
Nuvi 660 -- and not upgrading it or maps until Garmin fixes long-standing bugs/problems, and get maps to where they are much more current, AND corrected on a more timely basis when advised of mistakes.

but...

bentbiker wrote:
rocketwidget wrote:

I'm sure he would continue his behavior until he finds an unlocked unit.

And how long would he continue if all the units were locked? When people choose not to lock their unit, they ensure that thieves will continue to find it profitable. Do you really believe that a smash and grab thief is going to take it personal that your unit is password protected and do more damage?

If you search the history here, you'll find some very legit advantages to setting a password.

I agree with you in principle here, but I claim that you could have the same effect if everyone brought their GPS inside as well! If people never left valuables in their cars, criminals wouldn't break into them. And despite the fact that the world is not perfect, and not everyone will always do the smart thing, you would still be guaranteed to keep your unit!

I am assuming that almost all GPS theft happens from cars. Please correct me if I am mistaken.

My nuvi 255w security dont

My nuvi 255w security dont even work (or atlease) i dont think... I set the pin and the outdoor location. turn off/on and enter the wrong pin to see what happened, and it unlocked it with wrong pin.. what a waste. My security for my nuvi is: If im in the car its in the car, if im out of the car its in its case in my pocket.

It you are at the security

It you are at the security location you set it at you don't need a pin number.

Edit See page 37 of the owners manual.

--
Charlie. Nuvi 265 WT and Nuvi 2597 LMT. MapFactor Navigator - Offline Maps & GPS.

A thief wouldn't spend an

A thief wouldn't spend an hour trying codes. They'd spend that hour ripping off another 10 units.

IVE never

charlesd45 wrote:

It you are at the security location you set it at you don't need a pin number.

Edit See page 37 of the owners manual.

IVE never been one to read a manual or directions... And look at the stupid post i did ha ha

Thanks for clearing it up

Well

Well do you really think A THEIF is smart enough to even try to come up with all the possiable combos to unlock,,,hhhmmmm I don't thinks so,,people who steal are not the brightes people out there confused

--
><-><-><-><-><-><-><-><-><-><-><-><-><-><-><-><-><-><-><-><- 4-Garmin Nuvi 760>>>> Owner: Sunrise Mechanical A/C & Heating,, Peoria, Arizona

Chucked straight

into the dumpster is whats going to happen, I can't see a thief working a four digit combo past one try.

The best security is to always take your GPSr with you and you will never wish you had.

--
Using Android Based GPS.The above post and my sig reflects my own opinions, expressed for the purpose of informing or inspiring, not commanding. Naturally, you are free to reject or embrace whatever you read.

Please take your GPS unit with you

BobDee wrote:

The best security is to always take your GPSr with you and you will never wish you had.

---------------
Garmin could issue a firmware revision that adds a verbal "Please take your GPS unit with you." after Jill says "You have arrived at your destination on your right."

How much labor for $25-$50?

royalty wrote:

But how many thieves are bored enough, and have enough time available, to spend 4-8 hours cracking the security on a unit that you can buy new for less than $200 and is worth MUCH less than that on the black market.

They are probably out looking for something else to steal.

The articles I have read said that most stolen units are sold for $25-$50. It's just not worth it for a thief to spend hours and hours trying to crack a code on something he'll only get $25 for. That's WAY too much like having a job!

Should show that it is locked?

In most recent model-year cars, the radio is locked with a pin. The designers made a point to make a LED flash when the radio and power is off to specifically show that the radio is "theft protected". Also, many car alarm systems display their "active" status to potential thieves with a flashing light (in my case, they've put one on each door.)

The question is "are these flashing warnings working?" If yes, there is no equivalent on the GPS units to show they are locked, visible from outside the car (before smashing the window) warning that it is not a resellable unit! Should it? Of course a flashing LED would actually attract attention but isn't it what the radio flashing LED does? Maybe a small label on the edge of the unit?

Food for thoughts... Comments welcome.

won't matter

I agree that it won't hinder them if yours is locked. they will just move on. I can't see them spending hours trying to unlock it. Most of them couldn't do the math.

Like others have said, the

Like others have said, the PIN won't deter thieves. The will steal your GPS, and if they can't use it due to a PIN, they will probably just throw the GPS away. They won't give it back to you wink So I would recommend not worrying about it and not using the pin.

.

importvenom wrote:

Like others have said, the PIN won't deter thieves. The will steal your GPS, and if they can't use it due to a PIN, they will probably just throw the GPS away. They won't give it back to you wink So I would recommend not worrying about it and not using the pin.

I'd rather use the pins, and have them throw the unit away, than not use the pin and getting a free GPS. At least if they throw it away, they won't profit from stealing it.

To be 100% accurate, there

To be 100% accurate, there are 10,000 possible combos. But I don't think the one additional is going to be a make or break. That said, I use the security feature. I take just a little comfort in knowing that most thieves are opportunist/lazy and won't bother to crack the pin. Therefore won't be able to use or sell MY gps.