Cs150
Members-
Posts
235 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Store
Gallery
Tutorials
Lexus Owners Club
Gold Membership Discounts
Lexus Owners Club Video
News & Articles
Everything posted by Cs150
-
Seems like the insurance companies are increasing premiums for these models. Gone from £400 to over £600. As a comparison able to insure a Ford in the household for only £195 appreciate that vehicle is worth less. As a driver I am a low risk being an IAM member with nearly 25 years no claims, it is the ES vehicle itself that is the high risk.....
-
Unfortunately damage to all vehicles including MY23 versions seems a real risk. Lexus should recall all ES vehicles before MY23 and offer a third party immobiliser or Canbus encryption upgrade. The current position is causing loss of reputation in the brand. The office of Chris Hayes ignoring customers has also not helped....
-
Lexus UK have been cagey on this. It is believed MY23 vehicles have Canbus encryption, what strength of encryption has been used is unknown. In theory vehicles built from Aug 2022 should have this additional protection, how effective this is remains unclear. Criminals could still do £5k plus worth of damage to your vehicle in respect of wiring loom damage regardless if encryption is added or not.
-
Really an accurate statement would have been: They designed a Canbus system without encryption for a number of model years and made the physical wiring access very easy and straightforward. The only complexity and sophistication here is the spin that is being added by the Lexus UK customer service team....
-
Very unlikely for Chris Hayes to respond. Typically such communication is ignored from his office. If lucky it may be delegated for one of his minions to send a templated response that will not address the issues raised. Following up with a public TrustPilot review will increase the chance of a templated response rather than the default Lexus UK ignore. Have low expectations....
-
If someone in authority in Japan is reading this please kick out the current UK 'leadership' team. The brand deserves better....
-
As Lexus UK seem to ignore correspondence on this subject it will likely be ignored sadly. Best case would be a condescending template response from the current management team. It would likely need a solicitor involvement to gain traction unfortunately.
-
Lexus absolutely should do a recall, bite the bullet financially and do the right thing by the brand. Lexus UK from my interaction does not do the brand history Any justice and needs a major shake up with higher quality personnel at the helm...
-
Lexus quality and dealerships
Cs150 replied to David lings's topic in Lexus IS 300h / IS 250 / IS 200t Club
Sadly so, a number of vehicles already stolen by accessing wiring near the headlight. Also some damaged with huge bills for new wiring looms. Check out the ES area of the forums some very sad events have occured. Lexus UK will not even fit a protection plate to slow down the thefts and are fobbing off ES owners. -
Lexus quality and dealerships
Cs150 replied to David lings's topic in Lexus IS 300h / IS 250 / IS 200t Club
As a newish owner taking receipt of a new ES nearly one year back I find the dealer terrible. Service appalling and witnessed them nearly damage my vehicle during investigation of an issue when it was only a few months old. Lexus UK have also been abysmal when raising the issue of the thefts of current vehicles through the Canbus not having encryption. Lexus UK even did not respond to a complaint for months. This changed when I posted a public TrustPilot review they responded in 48 hours. Overall this will be the first and last Lexus unfortunately and would rather run a cheaper Toyota or even another make such as Ford... -
If you go for this vehicle be aware of the thefts of the ES model and how vulnerable they are...
-
Very sorry for the situation this could happen to any ES owner. Very embarrassed at the handling of this by Lexus UK. It takes a long time to build a reputation but it can all be lost relatively quickly. After this ordeal not many would return to the Lexus brand....
-
As mentioned previously I believe all vulnerable ES models should be recalled. Lexus should install a third party immobiliser to make up for their design issues. Alternatively all vehicles could be updated to ensure MITM attacks cannot be conducted on the Cambus
-
As a first time Lexus customer it has been a real eye opener the poor dealer experience. Additionally the Lexus UK fob off by default experience has also been a surprise. Always thought Lexus listened and acted on customer feedback but it is clear to me the opposite is true of the current Lexus brand in the UK. Perhaps in the past it differed but today there is nothing 'premium' about Lexus to me relating to interfacing with the dealer or Lexus UK. Also not keen on having to fit steering locks and be overly concerned about the security. Have no finance on the ES but after another year of ownership will almost certainly part ways with it, unless the security issue could be resolved which of course it will not. Would be happier to go back to an old Ford Mondeo which is not a target for criminals or potentially get a second hand Prius, for some reason like the shape of the Gen 4 Prius.
-
Agreed, high value items though need increased protection. Which is why a bank would have high security compared to a retail store. It could be argued a Lexus ES needs greater protection than a Toyota Aygo. My ES fob appears to have no motion sensor to disable keyless when inactive, why would this not be present on such a new design? As mentioned previously there is no reasonable reason strong symmetric encryption cannot be used. For what is essentially high value items enough is not being done by the manufacturers to protect them. In my eyes at least Lexus has been most disappointing when it comes to proactive measures. Fitting a steel plate to the RX to make up for the design flaw of Canbus access is quite frankly a little embarrassing. Then the ES and other vehicles at risk of poorly designed wiring access appear to be ignored and are not even worthy of a steel plate!
-
Indeed but the brochure should have a disclaimer that using this feature could cause increased risk of theft. Vehicle features increasing the risk profile should be made clear. Imagine if Microsoft released a Windows feature and advertised this as an owner\user benefit but it may cause loss of an asset!
-
Good question, Jaguar did switch to using UWB (Ultra-Wide-Band) which uses increased ranges which could be argued is security by obscurity and certainly somewhat proactive. Ford not sure when started to fit motion sensors so the fob stops sending out a signal to minimise exposure when static, not perfect responses of course and falls short of symmetric encryption. What have Lexus UK done?
-
Brochure items that are formally listed as part of the specification should not have to be turned off to protect the asset. They are being advertised as "features" and selling points. Alternatively in the brochure for the car there could be a disclaimer that states it may put the vehicle at increased risk of theft. Of course all things can be "cracked" especially when security is not part of the original design! Manufacturers in other industries will address new security vulnerabilities with fixes, updates or recalls. The position Lexus have taken shows an almost distain for the customer.
-
Not sure about ignorance, sounds like classic cognitive dissonance which would appear to be quite common in the current society of 'Modern' Britain. This situation is no different than Microsoft releasing a hands free convenient method to access Windows. This method is prone to allowing the operating system to be hacked in a production real world setting. In order to protect your Windows system against this flaw you need to fit a physical keyboard lock to make up for this shortcoming! Lexus like other vehicle makers have failed to provide keyless entry with reasonable levels of security. There is no reason why the keyless system cannot have symmetric end to end encryption with keys rotating every few seconds. This would result in MITM attacks being practically impossible. The current deployment of keyless is not secure within a real world environment and therefore you could argue it is misselling to state that this is a vehicle feature which in reality could cause an owner to have the car stolen. The current deployment of keyless is not fit for purpose in its current insecure form. Then there is the Cambus operating without encryption at least until MY23 vehicles, not exactly secure by design!
-
Of course anything that does not meet your specific opinions must be ridiculous. Cognitive dissonance is a wonderful thing. As you say security risks have always existed and this does provide full and robust justification of the current position....
-
Probably just needs some wires soldering and potentially connectors replacing. Likely Lexus would not support repair so will require replacement. There is a reason why those that work at the coalface in the servicing repair functions are called 'technicians' and not engineers....
-
Agree but Lexus should delete keyless entry from the vehicle specification as it cannot be used with reasonable levels of security. Presumably activating the unlock button manually can also be captured and used in a replay or extension type attack? Personally I believe Lexus should fund as part of a recall package installation of a third party approved immobiliser. Given the way the Lexus brand sees customers especially in the UK this of course would not happen. The values and original Lexus ethics of the late 80s when the brand was launched would not leave customers in a vulnerable position like they have currently.
-
Lexus sadly seem to have abandoned customers with this serious issue. Lexus UK typically ignore customers raising this issue with them or at best send a templated condescending response. To avoid damage by the criminals a disklock, stoplock or similar or even clamp seem appropriate. Apparently an encryption update to the Canbus was added to MY23 build but I am unable to validate the date this was done? Can the criminals still get past this update, possibly?
-
It is really sad Imran to have to take so many extra measures to protect a vehicle when the manufacturer could do more in terms of native protection. Have to go to London later this month and may take the wife's Ford rather than the ES!
-
If they capture the code Steve how long would it be of use for do you know? Recall reading the code is recycled after a period of time and the previous code is no longer valid and cannot start the car?