The issue is that physical security (such as cars and houses) just works in different ways to information security. Although cars are starting to use secure ECUs etc.

For example , someone with enough brute force is always going to be able to break into your house and someone with enough patience and sneakyness is always going to be able to find an opportunity to steal your car keys.

You can always improve you physical security, but after a while the costs and inconvenience start to become unrealistic. You probably can't afford to fit your home out with bulletproof glass and bank vault style doors for example.

With computer security you can make the brute force (for example deriving an RSA private key from the public key) entry nearasdammnit impossible without spending really any money at all (just implement openSSL).

Of course the downside is that sidechannel type attack can render this security effectively useless. Even a crappy lock or a glass window provides some protection against thieves especially in the sense that they might be spotted when trying to bypass it.

On the other hand, having an information security system that uses strong encryption provides 0 protection against somebody who can use metasploit if the software itself is full of exploitable and publically known bugs.

> With computer security you can make the brute force (for example deriving an RSA private key from the public key) entry nearasdammnit impossible

You can but what if you don't? Verizon for a while was setting their FIOS routers with WEP with a password derived directly from SSID!

Wouldn't that be an argument for the owner of the car having responsibility?