TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker or making a Paypal contribution here: paypal.me/SupportTMC

Hi-tech cars are a security risk, warn researchers

Discussion in 'Model S' started by Dutchie, Aug 31, 2014.

  1. Dutchie

    Dutchie Member

    Joined:
    Jun 9, 2013
    Messages:
    469
    Location:
    Canada
    Came across this

    BBC News - Hi-tech cars are security risk, warn researchers

    but the interesting part:

     
  2. docrice

    docrice Member

    Joined:
    Jun 21, 2014
    Messages:
    112
    Location:
    Bay Area, CA
    I was somewhat concerned about local and remote vehicle exploitability and whether Tesla is taking these sorts of issues seriously, but I had a chance to meet Kristin Paget at DEFCON where they had a white Model S on display and it's pretty obvious Tesla's actively focused on security. I found that rather reassuring as a future owner.

    While automotive hacking is still in relative infancy, there's some interesting research going on. Here's a talk at the previous year's DEFCON with Charlie Miller and Chris Valasek:

    http://www.youtube.com/watch?v=n70hIu9lcYo

    They also had a talk at this year's Black Hat which was pretty entertaining. An Internet-connected car is going to have quite a few natural attack vectors and it's going to get more interesting as time goes on.
     
  3. mellington

    mellington Member

    Joined:
    Jun 7, 2014
    Messages:
    75
    Location:
    United Kingdom
    The problem with a security researcher is that they are paid to identify risk and potential issues. Given them a standard car with just a dumb key to open it, of course they could identify that with a photo of the key and a 3d printer they would be in the car and driving down the road. With a Tesla or any other high tech car, it's just a more complex key question with other risks and potential issues.

    I would like to know just how many of these risks have turned into real world problems.
     
  4. docrice

    docrice Member

    Joined:
    Jun 21, 2014
    Messages:
    112
    Location:
    Bay Area, CA
    Given the relatively low number of Model S vehicles on the road compared to other brands, I'd guess that the likelihood is low at the moment just from that perspective. That will change over time as more of them are on the road and attackers gain more awareness. Telsa is a highly-visible brand, so that could very well increase the possibility as well.

    It's not just the key fob, of course, as we're talking about the mobile app, it's interaction with Tesla's web front-end(s), other cloud-exposed interfaces, as well as local interfaces (both wireless and functions within the car that store/process data). There's a video where someone replayed the RF signal that opens the charge port using a laptop. I'd hope there's a uniqueness to the signal to ensure it's vehicle-specific, but someone may eventually figure out patterns and reverse engineer it. Software-defined radio opens up many possibilities.

    http://www.youtube.com/watch?v=575TcQJJWok

    Tesla has shown that they're responsive to field issues, and given their rapid update cycle I think they're probably best equipped out of all car manufacturers to mitigate discovered vulnerabilities as they come up.
     
  5. jerry33

    jerry33 S85 - VIN:P05130 - 3/2/13

    Joined:
    Mar 8, 2012
    Messages:
    12,743
    Location:
    Texas
    About the same number as garage doors. Those remotes have been able to be hacked for years but it's still easier to either brute force it or (if there is an exterior key pad) look for the buttons that have the most wear.
     

Share This Page