Thank you for the clarification derp. That answers the next question of battery life from continual signal (you addressed that with your"listening vs transmitting" explanation).
Presumably the distance is significant - which seems odd... I'd think there would be a failsafe that after a reasonable distance from sending unit, communication would be lost... "reasonable,," imo would be within immediate proximity to vehicle. Is there a reason the sending transmitter needs to reach fob at a distance beyond immediate proximity to truck? Or is it technologically not possible?
I guess I'm getting off topic - I'm just trying to understand the reality of the threat - and whether considerable precautions are warranted or just hypersensitivity.
the fob and truck rf hub are designed specifically to send out a weak enough signal and use antennas that are low enough gain to effectively limit the range of the communication. the hack is to pick up those weak signals using an sensitive radio with good antennas, and then blast that signal back out at a strong enough power that the truck and fob "think" they are close to each other.
we can't accurately measure the time of flight on the signal between the fob and the truck, as that would require synchronized clocks on the fob and truck. a continuously running clock on the fob would be a drain that would shorten the battery life. also, the distances involved even on a boosted signal are measured in dozens of feet, and not effectively subject to a transmission delay as the signal moves at near the speed of light (speed of light in open air being less than a vacuum).
An acceptable mechanical interlock on the fob that would prevent this kind of man in the middle is either the shielding bag, or a toggled switch to actually disconnect the antenna assembly electrically from the communications chip on the fob. This would then require you to " turn on" your key when you get ready to drive your truck. one way that could be implemented physically into the fob would be an idle sleep on the fob that used a vibration sensor to only wake up the key when it has been handled in the last 10 seconds or so. as long as you are walking, holding the key or such, the fob would be "on" and without that, the fob would sleep until handled.
an idle sleep fob would prevent the "kitchen counter, keyhook" type attacks, but not so much the attack where you are chilling in starbucks with your keys clipped to your pocket.