Essentially, with the newer cars keyless entry cars, it's the car that transmits the signal to the fob (so you can't get stranded with a flat battery).
The protocol itself is secure, but open to a MITM attack. The exploit works essentially like a WiFi booster.
Perp #1 places himself near the car, receiving the car's transmission. This is relayed to perp #2, who is near the owner (and the key). The key communicates with the car (via the relay) - the door opens, the car starts, and off you go.
Essentially, with the newer cars keyless entry cars, it's the car that transmits the signal to the fob (so you can't get stranded with a flat battery).
The protocol itself is secure, but open to a MITM attack. The exploit works essentially like a WiFi booster. Perp #1 places himself near the car, receiving the car's transmission. This is relayed to perp #2, who is near the owner (and the key). The key communicates with the car (via the relay) - the door opens, the car starts, and off you go.