they are these folks: S.O.S. Diagnostics
sosxfire is SOS

 

could be possible to explain what happens if we use 1 or the other, how difficult the instal would be, and about how much for each 1?
that would make easier to decide which 1.

 

My module works that way, that it extract valid codes from the skreem and double them with a trick. To test my module I have extrakt about 7900 codes from my test skreem befor it is blocked. After reprogramming it to the state the skreem was before I extrakt the codes the skreem works again. I can extract the same amount of codes before it is blocked again.
I have reproduced this three times, so I'm sure that the skreem can only provide a finite amount of codes, if this is because they have only two bytes for the counter variable of the rolling code system or why the only have a 8 byte code, I don't know.

 

I don't thing it is planned obsolescence, I think it is a technikal limit see my post above.

 

sort of memory? memory capacity?
or similar to battery's life?

 

The most part what you say is true and shows that you have a lot of expertise.
I would only disagree in a few points, i don't think that transponders from the 90s are always available. The ones used by mercedes were orginal from phillips and they weren't produced from them since a long time ago.
There are still replicas now, but you always have to see what quality you get. But the demand for these transponders is decreasing year by year because the number of cars using these transponders is decreasing. At some point the replicas are no longer worthwhile.
And as I know the transponders can not be copied so you can make max. 8 pieces for one skreem where mercedes has already preprogrammed the codes in the skreem. And new transponders can only be made with a lot of effort or if you be a dealer you can buy the codes from mercedes/chrysler.
My module would be, depending on the version, a bypass of the immobilizer, which then only needs the original key with transponder to extract new codes from the skreem. But in this version a working key would still be necessary to open and close the car and deactivate the alarm. In the bypass version the immobilizer would also be disabled because you can start the car with all keys who fit or simply by connecting the right wires how often shows in movies.
The Version 2 would also do the opening and closing and disarming of the alarm. And in addition, the transponder would have to be used before the start, so the immobilizer would be retained.
For all versions it would be possible to get a preprogrammed EEPROMs with 8000 codes and instructions how to program the PCM. When the codes are used up you can program the PCM again according to the instructions and use the codes again. This can be repeated infinitely. If you buy two EEPROMs preprogrammed by me you will always have 16.000 codes before you have to reprogram the PCM.
And to disable the immobilizer completely I agree that you have to find first a way to do this and then reprogram the PCM completely.

 

What happened? It does not work now?

IT is my understanding that the immobilizer is a subroutine of the ECM, it is the SKREEM-supervised function of starting the car. It is our problem, and you say you have hacked the problem.

If you are keeping the "immobilizer" function, what is it that you have "Hacked"? What am I not understanding here? I understand that we have a language barrier, so maybe that is the problem with me not understanding what you are saying.

 

perhaps if we try to explain what hacking really means?
Hacking generally refers to unauthorized intrusion into a computer or a network. The person engaged in hacking activities is known as a hacker. This hacker may alter system or security features to accomplish a goal that differs from the original purpose of the system.

 

Viper,
I am an Electrical Engineer and an Arduino enthusiast. I would be happy to help in any way I can, as I only have one key for my Crossfire and am deathly afraid of losing it haha. I don't have ECM programming equipment - unless the USB-OBDII communications cable provided by Eurocharged counts...
From my perspective, the highest value of this product would be a bypass of the immobilizer so that we could use any keys that fit, combined with a simpler "kill switch" that we could hide somewhere to replace the fancy immobilizer.

 

The hack is, that I used valid codes who are extracted from your skreem and double them. Or I can use valid codes form an other skreem (and program the PCM that it accepted this codes) this where eg. my EEPROMs. And this works already now I will install my prototyp hopefully this weekend (unfortunately I am very busy with my job at the moment so that I also have to work on Saturdays so that I have not so many spare time) so that I can make a long time test with my Crossfire.

How sosxfire already wrote the immobilizer works with two parts, the skreem and the PCM. To disable the immobilizer function in the PCM is verry difficult, you have to make a new firmware so that the PCM don't want this codes any more. My hack is, that I found a way that my hardware can use valid codes, double them and send them to the PCM, so that the PCM thinks they are from the skreem. And this work also if your skreem is already broken (with my preprogrammed EEPROMS). This all works now but you need a skremm to open and close the doors and disarmed the sirene. I have to find out how the skreem does this to include this functions also in my module and replace the skreem completely. Than you would also able to install a start button, so that you don't need a key any more.

 

Thank you very much to offer me your help, I think you can help me possible with some electronic functions. I would be really happy if I had someone who can help me solve it. I will contact you again when I am up to it.
The idea with the "kill switch" is not so bad, so you would be able to use my module like is is now and switch it only on when you want to start your car. So you don't completely disable the immobilizer.

 

Hello,
so I have soldered a STEP-Down Converter to the board to convert the 9-14V of the Crossfire to Arduino compatible 5V and 3D printed cases for the board and the display.
Now the prototype can be put into the car for a long term test.

 

Nice, gj
my fingers are crossed on the long term test

 

Hello,
here the next small update, after almost a week I have found only a small problem.
I have connected the module to ignition plus, but since the Arduino needs about 2 seconds to boot is if you turn the ignition key in one go until the engine starts, the skreemulator has not yet managed to send a code, so the immobilizer is not yet disabled.
At the moment I "help" myself by turning the ignition to position 2, fasten my seatbelt and then start the engine. The problem will probably have solved itself when the Arduino is later on permanently power and always running.

 

well, if this is the only thing that we have to remember in order to have it working as we need, we can live with it. is sort of the routine that we must follow.
so seems like good news after all. thank you for telling us.
keep working on it. we hope you will solve all the other details.

the instructions could be something like:
to start the car:
1- fit the key into the slot;
2-turn it to the right until it reaches the 2nd position (lights go on);
3-wait 3 seconds;
4-turn the key to the right until the engine starts;
5-release the key.
(of course, if you fix the arduino to not to need this, still would be better)

 

Great work.
is it set up for plug and play, or need to be programmed per vechicle?
so, just have to wait till the display says code sent then start, didn't take ling
how is the brightness on the screen, to dim at day or to bright at night ?
could a simple small green led light be pigtailed to a location of users choosing, when green light comes on, car can start, and leave the monitor under dash, and just pull out if there is a problem?
or a plug in display, if there is a problem , then can plug in and check / diagnose ?

TY for your work.

 

you said: " could a simple small green led light be pigtailed to a location of users choosing, when green light comes on, car can start, and leave the monitor under dash, and just pull out if there is a problem? "

sounds like the light at the diesel trucks that goes off when the glow plug has warmed up, just the opposite. takes a few seconds and you should not start until then. and could be located anywhere.
anyway, seems a good idea. simple and practical. lets see what Andre decides.

 

If your Skreem just work it will be plug and play, if not your PCM has to be programmed.

That's right!

Sorry it's an OLED, so not dimmable.

That's a great idea!

That is of coarse possible, but I think the Arduino has to reboot to find the display, I have to check this.

 

When do you believe you will be ready to help someone with a car that won't run?
We have a LOT of people in the USA with cars sitting in garages or driveways that won't start due to bad SKREEMS. On our Facebook page, I read about one every few days.

 

As I understand the term "hacking" might have originally referred to the practice of early programmers "using" parts of other programmers "code" (think subroutines and algorythms) to produce code to perform a "similar function" and call their own. The Russian word for "hacker" was synonymous with a Sinclairist , because the Z-80 based UK Sinclair ZX and its American counterpart, the Timex/Sinclair, were readily available and cheap at the time. FWIW..my 2c. on "hacker"
~..Great work on the SKREEM unit, your efforts will not go unrewarded by this community....Peace