You can devices on ebay to duplicate microchip keys, and there are signal booster devices out there, sold by electronics shops that have been used to steal high end cars from outside of cafe's.
That sounds pretty poorly designed.
Part of my current project involves collecting data from millions of consumer devices. The customers register their device using their cell phone (they are kind of forced to do this, the device isn't that cool if it isn't registered on the internet).
We have a team dedicated to security (its not my team, but I talk to them and know what they are doing). Security is a big deal (for obvious reasons)... our customers trust us to properly maintain a product in their home that connects to the internet. They customers don't want to think about it, but a front page story about a data breach could destroy our business.
We hire very good security experts and use industry best practices. This includes dual-key cryptography (which in my opinion is very cool).
I am surprised the high end car companies aren't more careful.