Separate names with a comma.
Discussion in 'Model S: User Interface' started by hemants, Feb 19, 2015.
A 14-year-old hacker caught the auto industry by surprise
Well, Tesla did hire Kristin Paget who I'm sure is working on this kind of stuff. Most of the "hacks" I've seen require gaining physical access to the car's diag port or something first. Obviously they didn't share any details in the article but I'm curious what system would allow that level of access to the car's systems purely over the air.
However, there are 2 vectors that Tesla (and all automakers) will have a hard time surmounting.
1) Access to the app is secured only by your MyTesla username and password which can be insecure. There are things they can do here like 2-factor auth, require additional info if it's a new device accessing your car for the first time, etc.
2) RFID repeaters. It is fairly trivial to build an RFID repeater and use that to trick your car into thinking the fob is nearby. The frequencies are published since they require FCC licenses. You need 2 people for this. One person stands near the car and the other stands near you in the grocery store or wherever you are. With most cars if you try to open the door it will cause the car to send a signal looking for the key fob. The repeater forwards that signal into the store where your fob, upon receiving the signal, responds. That signal goes back outside and unlocks the car. One more back and forth when the person presses the brake pedal and they can drive as far as they want as long as they don't turn the car off.
Welcome to the Internet of Things! IoT is the Frankenbeast of Information Security - HP Enterprise Business Community
Of course, if they are like most thieves, they won't buckle up, so the first time they back up and lift out of the seat, it's game over.
It's certainly possible that at some point, our cars will be vulnerable to hackers. Then the question is, "what are they going to do with it?". Some mischievous kids could conceivably steal a $100k GPS-enabled luxury car with 250 miles of range, but they'd probably get caught pretty quickly.
On the other end of the spectrum, against an advanced persistent threat, nothing is safe and everything is compromised.
True, but those perpetrating an advanced persistent threat are typically doing it for monetary reasons. There isn't a black market for Tesla parts currently, and likely won't be for many years. And even if there eventually is one, it will be easier to use a tow truck.
Tesla could (should?) put a second factor right in the car, not just protect MyTesla with it.
Enter code to drive. (Something you know.)
Or make the second factor physical, like a metal stick with dimpled ridges down the sides, oh! Ya like a key. (Something you have.)
or have all 3... RF key present or App password AND a PIN code AND a physical key
Or ask for any two of the 3
- - - Updated - - -
Kid put a bluetooth enabled OBD plug in the port and hacked away from his iphone. Good googling skills got into the CANbus. Toggled settings.... oooo!
Can that happen on model S? No. The OBD port has power and zero data connections.
However, kid would find the ethernet port and buy an even cheaper thing, a cable, and have at 'er from his laptop.
It's always easier to hack if you have physical access to the device. The automatic locking of the Model S, assuming you have enabled it, goes a long way to prevent this.
I agree which is why I mentioned it. They could easily make it optional, just like the lock screen on a cell phone. Though I wish they licensed Blackberry's unlock mechanism. By far the best out there. People can watch me unlock my phone over and over and still can't do it themselves.
+1. So this was not an OTA hack? Then I call a big 'ole pile of BS and scaremongering. Hell if they're already in your car they're not going to plug something into a port and then leave. They're just going to take the car right then. -<shrug>- Where's my tempest in a teacup graphic?
I don't think anything is. As they say, if man can make it, man can break it.
Garage doors use rolling codes to prevent this kind of hack. Do key FOBs have rolling codes?
The security on a proximity key is much more advanced than that used by garage doors. It uses AES 256 encryption to talk over the ISM radio band. If someone has the capability to break AES 256, they can do a lot more lucrative things with that knowledge than steal cars since it is the underlying technology used for essentially all internet secure communications. No one has ever demonstrated the ability to break it and one can infer from the Snowden leaks that even the NSA cannot do that, because they have gone to extraordinary trouble to find other ways to compromise https.
However, there has been a demonstrated vulnerability for proximity keys that applies to essentially every car. Basically, someone who knew you could set a repeater near your key (several feet away would be fine) and another unit could be next to your car and they could bridge the gap and make the car think it was talking directly to your key, when they were really networking the signal themselves. You can read about this attack vector here: http://jalopnik.com/5736774/how-hackers-can-use-smart-keys-to-steal-cars
The hack discussed in the original article is done via the ODBC port and Tesla is most likely just as vulnerable as other vendors to that vector, since they use standard parts. Tesla also has an ethernet port, which offers a theoretical vulnerability although to my knowledge no one has yet accessed any vital driving or starting functions that way. Finally, the Tesla iPhone app offers a Tesla-specific path to gain access. Given that you could start the car with that method, if I was interested in trying to hack someone's car that would be the one I'd target.
I'm assuming you mean OBDII port and not OBDC... And no, Tesla isn't vulnerable to this vector because the OBDII port is neutered in the MS... It only has +12v and ground. No other live lines to the car or CANBUS.
Likewise, the Ethernet port is neutered. It's disabled by default and only turned on with a remote command from the mothership.
Nothing is safe from hackers. As soon as you build a better mouse trap, someone will build a better mouse. It never ends. This is not something I would ever worry about.
It's called Picture Password
BlackBerry 10 Picture Password Walkthrough - YouTube
I saw a news report about thieves in China and they use something much simpler to gain access to a car: they just use a jammer to jam your key fob and then go in your car to steal things once you are away from it. Of course, this method only works if you don't notice your car hasn't locked.
Au contraire, this is something we should worry a great deal about. Perhaps there's not much one can do as an individual but as a citizen this is an issue we should all be urging our leaders to work on.
Well, the right way to think about this is that one is always trying to balance security and usability. As they say the only secure computer is one that is unplugged and buried in concrete. Anything else is a compromise to security as you gain usability. A Nest thermostat (and other IoT devices) is incredibly usable as you can access it from your smartphone, it leverages processing power in the cloud to improve it's function, etc. but from a security standpoint these things are horrible as they introduce many more vectors for attack. Same goes for the fancy auto-pop-out handles on our cars. It's cool and usable but it causes the car to constantly be pinging for the fob which is an opening for someone to gain access. IIRC in non-tech cars you have to push the key fob button to unlock and so the repeater attack won't work as they would have to trick you into pushing your key fob.
, just one digit long password but using the complexity of the image for us to place it...and a randomized starting grid .
Finally something for us humans that we are naturally good at: remembering visual patterns instead one dimensional strings of complicated characters
This is the perfect, observable, unlock feature for a second factor using center console
TESLA pay attention to this!