Anybody can open a car in under a minute if they have a few tools and practice. It will usually set off a car alarm. However, criminals who are really smart or have really smart bosses can also quickly and easily unlock your car and disable the car alarm. If your car uses the keeloq or pkes systems, someone can copy your wireless transponder signature and unlock your car remotely just like you do.
You’ve already heard it but it bears repeating: don’t leave valuables in your car! Especially not in view of windows. It would be terrible if somebody smashed your window with a concrete block to steal $5 to fund their drug habit. You have to pay hundreds of dollars to fix it, and you will NEVER get all the broken glass out of your car!
Why would I link the papers above? A lot of the locksmithing and security world practices “security through obscurity”. They like to put their heads in the sand and hope that criminals don’t learn their tricks, but with the internet criminals will find out and they will do it really fast. Therefore, vulnerabilities must be published and talked about in order to allow people who own property protected by vulnerable security to fix it, and also maybe to shame manufacturers using shoddy security models to update them.