How secure are keyless entry systems for automobiles? What is there to keep me from recording the signal sent from someone's keychain transmitter, and then retransmitting that same signal at a later time (presumably when no one is around...) to unlock the vehicle?

The only truly secure way to implement a RF keyless entry system, as far as I can figure, is to have a challenge-response protocol, but this REQUIRES the keychain transmitter to actually be a transceiver. The protocol could look something like this:
1. Car transmits a randomly generated token to the keychain device.
2. Keychain device combines the token with a private and unique internal identifier. A one-way hash function is performed on this composition, and that hash is then transmitted to the car.
3. The car determines if the hash of the token with the private ID is correct, and if so, it opens the locks.

No, you don't have to have a challenge response system:

You can have a code hopping system that relies on a pseudo-random number generator. Hash this with a shared key. (AKA private key)

Once a particular code is used, it will never work again.

The reciever checks for the expected code, and if that is wrong, then perhaps the next dozen or so, If one of those matches, then it skips to that one.

If they get too far out of sync, you need some procedure to reset the sequence, but this need not be wireless, and could even be done manually.

Interesting idea.

But, is this really how they are implemented, though? I imagine many people let their little kids play with their keychains and surely the buttons get pressed A LOT then. We would then have a lot of keyless entry system failures, but I've never heard of this problem.

Interesting idea.

But, is this really how they are implemented, though? I imagine many people let their little kids play with their keychains and surely the buttons get pressed A LOT then. We would then have a lot of keyless entry system failures, but I've never heard of this problem.

Yes that is how they work.

http://auto.howstuffworks.com/remote-entry.htm

If you are a mile away from your car and accidentally push the button on the transmitter, the transmitter and receiver are no longer synchronized. The receiver solves this problem by accepting any of the next 256 possible valid codes in the pseudo-random number sequence. This way, you (or your three-year-old child) could "accidentally" push a button on the transmitter up to 256 times and it would be okay -- the receiver would still accept the transmission and perform the requested function. However, if you accidentally push the button 257 times, the receiver will totally ignore your transmitter. It won't work anymore.

There's quite a big margin for error built in.

If someone wants in my car that bad it's much more easy for them to just break a window. Why go through all the trouble of an expensive signal recorder.

If someone wants in my car that bad it's much more easy for them to just break a window. Why go through all the trouble of an expensive signal recorder.A signal recorder could be used many times, and would be very inconspicuous. Someone breaking into your car would look just like the owner of the car. I don't think it's unreasonable.

Btw, modern garage door openers work in the same way.

Not as secure as the car industry will lead you to believe (http://www.wired.com/wired/archive/14.08/carkey.html).