Drove someone else’s Tesla using the app

[drtimhill]

You could, it uses Bluetooth. It takes two people. A hacker(1) follows the original owner of the second car and stays near him. The hacker 1 could then transmit the Bluetooth SIG al to hacker 2 near the second car and he can effectively unlock both cars.

No, that doesnt work.

 

[mathewparet@gm]

No, that doesnt work.

Pretty sure it does. I remember seeing a video where someone did it. -

 

[RichardV]

No, that doesnt work.

And here is the white paper by the security researchers detailing their work,

https://act-on.ioactive.com/acton/attachment/34793/f-6460b49e-1afe-41c3-8f73-17dc14916847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf

 

[cafz]

And here is the white paper by the security researchers detailing their work,
https://act-on.ioactive.com/acton/a...16847/1/-/-/-/-/NFC-relay-TESlA_JRoriguez.pdf

That's not relaying the Bluetooth connection, it's relaying the NFC protocol (the one where you tap the card on the B pillar).

 

[drtimhill]

Pretty sure it does. I remember seeing a video where someone did it. -

As others have noted, that is an NFC attack, not a BT attack.

 

[jjrandorin]

This has been debunked and it was faked

Could you perhaps point to the information around where that was pointed out? I have a 2 page thread on this topic in the model 3 subforum too, same basic discussion as in this one, and if it indeed was proven to be fake I would like the information around that so it can be put in that thread.

Tesla Model 3 driven by the wrong owner

Might be the new Hyundai / Kia theft trend? Tesla Model 3 unlocked and driven by the wrong owner Rajesh Randev of Vancouver told Global News that a stranger’s Tesla was parked next to his and was the same model and color as his own. He used his app to open the car, and reality started sinking...

teslamotorsclub.com

 

[mathewparet@gm]

As others have noted, that is an NFC attack, not a BT attack.

Well, the point is it can still be hacked. Doesn't matter what channel they use.

 

[doggy1]

Well, the point is it can still be hacked. Doesn't matter what channel they use.

They had to be within 4 inches of the physical card. However they said that it might be possible in the future to do it from further away by beefing up the electronics. I carry my card, wrapped in aluminium foil, in my wallet and only use the card if the phone has died or I forgot to bring it.

Whereas some years ago I borrowed my parents' Holden. Drove to the shops, shopped, unlocked and loaded up the car and drove away.........only to find 10mins later that the car was a different car belonging to someone else. No, it did not make it onto a forum or international news...

 

[drtimhill]

Well, the point is it can still be hacked. Doesn't matter what channel they use.

Yes, it does. Since the hacks differ in ease for attackers. The NFC attack is very specific, requires special gear, two perpetrators, AND that one person be close to the victim while the other is close to the car (single digit inches in BOTH cases). The BT attack (in the only way it could happen, skipping the faked news report) requires that you somehow convince someone to unlock what they THINK is their car when it is parked right next to their actual car.