Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

How much would you pay for new fobs so your car cannot be easily stolen?

How much should we pay to get our two Model S fobs replaced?

  • $300 each like most premium car brands charge for a new fob

    Votes: 4 3.6%

  • $150 each which is about what it costs today for a new fob with reprogramming

    Votes: 8 7.1%

  • $100 each is a good price for a fob

    Votes: 17 15.2%

  • $50 each since Tesla is partially to blame

    Votes: 15 13.4%

  • $25 each since they probably cost Tesla a small fraction of that amount

    Votes: 12 10.7%

  • FREE since Tesla knew about the better design, but was sloppy here

    Votes: 56 50.0%
  • Total voters
    112
  • Poll closed .
This site may earn commission on affiliate links.
Reeler

Reeler

Decade of Pure EV Driving
Oct 14, 2015
1,766
1,318
Denver, CO
#1
Your Model S can be stolen with a few hundred dollars of off-the-shelf equipment if you didn't buy in the last few months. Cars sold before June 2018 have this vulnerability, but not any Model X so Tesla has had the solution available for a few years without bothering to update things on the Model S.

They will have a solution soon, but it requires software updates to your car. Apparently you have to replace all your fobs to get the new protection. A PIN-to-start feature was added to the car, but I hate those sorts of things and that is why most phones have gotten rid of it.

How much should we pay to solve their sloppiness to get new fobs?
 
  • Funny
Reactions: robby
#5
AMPd said:
I wouldn’t pay anything. I don’t care if my car is stolen tbh
Click to expand...

You and I think alike. We should definitely talk more, but I can't seem to find your address. Can you resend?

But seriously, I wouldn't pay anything either. No matter the technology, there will always be vulnerabilities. Someone with enough motivation to steal a car will likely be able to do so.
 
  • Like
  • Funny
Reactions: Tes La Ferrari, marksvend, KyleDay and 1 other person
#7
We need to put this all in perspective.

For most Tesla owners, their vehicles are probably not at great risk. Few Tesla vehicles are stolen, and almost all of those are recovered.

The recent PIN software update is likely more a PR move than fixing a real problem facing many Tesla owners, similar to how Tesla quickly reacted to the first vehicle fire in late 2013, when they temporarily disabled automatic air suspension until they could add more armor plating protecting the battery pack.

Adding secondary authentication is useful - and they should consider additional options such as detection of linked smartphones, voice recognition, facial recognition (if they had a driver facing camera), geolocation (when parking in a known safe location), …

But the best solution is to fix the key fob security - and either make that available under warranty or at a reasonable upgrade cost for the affected vehicles.

And they should send e-mail or written notifications to all affected owners, to make it clear which vehicles do or do not have this risk.
 
#8
jorobsand said:
You and I think alike. We should definitely talk more, but I can't seem to find your address. Can you resend?

But seriously, I wouldn't pay anything either. No matter the technology, there will always be vulnerabilities. Someone with enough motivation to steal a car will likely be able to do so.
Click to expand...
I’ll private message you my address

But agree. No one is gonna steal a car like this on a whim. And if someone already decided to do so, well then I’m sure a few more technical hurdles won’t stop them.
 
#12
A common issue in the Bay Area is that thieves break the small back window so they can pull down the backseat to access the trunk. Even people who have nothing in their trunk have fallen victim to this crime. With the vulnerability, there might not be interest in stealing cars, but they could likely access the car to steal the contents. The benefit of the new fob could be protecting the car from that scenario. However, having that vulnerability might mean the thieves would unlock the car and not break the windows, so that would be less of a hassle than getting the window fixed.
 
#14
tranzndance said:
A common issue in the Bay Area is that thieves break the small back window so they can pull down the backseat to access the trunk. Even people who have nothing in their trunk have fallen victim to this crime. With the vulnerability, there might not be interest in stealing cars, but they could likely access the car to steal the contents. The benefit of the new fob could be protecting the car from that scenario. However, having that vulnerability might mean the thieves would unlock the car and not break the windows, so that would be less of a hassle than getting the window fixed.
Click to expand...

When I had a convertible, I always left the doors unlocked so that they wouldn't cut a hole in the top to get access under the same theory. I wouldn't regularly park on the street, but that is what I did.
 
  • Like
Reactions: BerTX and .jg.
#16
The poll has this choice "FREE since Tesla knew about the better design, but was sloppy here"... Not really the case here. If it truly was, Tesla could have quickly released a new firmware to address the issue by updating the encryption used (which is the actual problem).

However, it's important to note that this "radio relay-attack" vulnerability is NOT exclusive to Tesla. Furthermore, the actual issue is from the third-party supplier PEKTRON body controller/lock module in the Model S that is also used by other car manufacturers. These type of attacks are very common in the UK/EU on many other brands such as like MB, BMW, Audi, McLaren etc. Pretty much any luxury brand that has a Passive Keyless Entry and Start (PKES) system.

Sources:
1. Criminals could steal a McLaren and other supercars in seconds using new hijacking scam

2. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars.
https://eprint.iacr.org/2010/332.pdf

3. Yingtao Zeng, Qing Yang and Jun Li. Chasing Cars: Keyless Entry System Attacks.


If you're in the U.S., I would argue that this is not so much of an issue.

Below is the actual paper that is being misquoted by the media, claiming it's only a Tesla Model S security vulnerability which is disingenuous at best.

Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars

Previous Wired Magazine articles about the same issue:

Just Two of These $11 Gadgets Can Steal a Car
Radio Attack Lets Hackers Steal 24 Different Car Models

What's interesting is that Wired now also jumped on the Tesla FUD bandwagon and used a sensational title for their article this year.
Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob
 
Last edited:
  • Helpful
  • Informative
Reactions: Shaggy, jorobsand, TaoJones and 1 other person
#17
bob_p said:
We need to put this all in perspective.

For most Tesla owners, their vehicles are probably not at great risk. Few Tesla vehicles are stolen, and almost all of those are recovered.
Click to expand...
What % of the stuff stolen from Tesla's is recovered? Even if you set the PIN, anyone who clones your FOB can empty your car of anything you leave in there. And in case you're thinking of arguing that "nothing of value should be left in the car", would you buy a car which doesn't lock doors at all (key required for driving only)? You think others may have a problem with such open car?
 
#19
jbolus said:
The poll has this choice "FREE since Tesla knew about the better design, but was sloppy here"... Not really the case here. If it truly was, Tesla could have quickly released a new firmware to address the issue by updating the encryption used (which is the actual problem).

However, it's important to note that this "radio relay-attack" vulnerability is NOT exclusive to Tesla. Furthermore, the actual issue is from the third-party supplier PEKTRON body controller/lock module in the Model S that is also used by other car manufacturers. These type of attacks are very common in the UK/EU on many other brands such as like MB, BMW, Audi, McLaren etc. Pretty much any luxury brand that has a Passive Keyless Entry and Start (PKES) system.

Sources:
1. Criminals could steal a McLaren and other supercars in seconds using new hijacking scam

2. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars.
https://eprint.iacr.org/2010/332.pdf

3. Yingtao Zeng, Qing Yang and Jun Li. Chasing Cars: Keyless Entry System Attacks.


If you're in the U.S., I would argue that this is not so much of an issue.

Below is the actual paper that is being misquoted by the media, claiming it's only a Tesla Model S security vulnerability which is disingenuous at best.

Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars

Previous Wired Magazine articles about the same issue:

Just Two of These $11 Gadgets Can Steal a Car
Radio Attack Lets Hackers Steal 24 Different Car Models

What's interesting is that Wired now also jumped on the Tesla FUD bandwagon and used a sensational title for their article this year.
Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob
Click to expand...

There are two different but similar types of attack:

1. Relay attack: Common to keyless entry systems from all manufacturers. The attackers use a pair of relay devices to relay the communications between the car and the fob. The car thinks the fob is nearby and can be unlocked and started. Once the car is driven away, the attackers can no longer unlock or start the car. This method has been used to steal assorted makes of high end cars in Europe. The thieves probably use cellular and GPS jammers to disable tracking. Typically, the cars are disassembled within hours and sold as used parts. This attack can be mitigated by disabling passive entry or by shielding the fob.

2. Fob cloning: Unique to cars using the Pektron keyless entry system, because Pektron chose to use a 40 bit cipher in their fobs. Demonstrated on the Model S but thought to affect other Teslas, Mclaren cars, Triumph motorcycles and maybe others. In this attack, the attackers use a device to first communicate with the car and then the fob. After this, the attacker's device can emulate a fob, so the car can be unlocked and started on demand. The attack can be mitigated by using "Pin to Drive", by shielding a weakly encypted fob or by replacing the fobs with the newer high encryption type. Disabling Passive Entry will not protect against this attack. This attack is not known to have been used in the wild.

It is true to say that the problem was caused by Pektron's choice of a 40 bit cipher but Tesla owners didn't buy keyless entry systems from Pektron, they bought cars from Tesla, so the customers' issue is with Tesla. In turn, Tesla have all of this mess (including the bad publicity) courtesy of Pektron. IANAL but I would have thought Tesla ought to replace the older fobs FOC but demand that Pektron funds the replacement program. I reckon the attitude of insurance companies may play a role here e.g. if insurers start demanding higher rates or refusing cover for Teslas with low encryption fobs.

Tesla have certainly been more proactive about the while affair than Pektron, Mclaren, Triumph, etc. - I doubt Mclaren owners are too pleased with the lacklustre response from Mclaren.

So far, thefts using such high tech methods have only been seen in Europe but the demand (and prices) for used Tesla parts may encourage such thefts in north America.
 
  • Helpful
  • Like
Reactions: TaoJones and croman
#20
whitex said:
What % of the stuff stolen from Tesla's is recovered? Even if you set the PIN, anyone who clones your FOB can empty your car of anything you leave in there. And in case you're thinking of arguing that "nothing of value should be left in the car", would you buy a car which doesn't lock doors at all (key required for driving only)? You think others may have a problem with such open car?
Click to expand...

If someone wants to steal items inside a car, they only need to break a window and quickly empty the contents of the car - even the frunk isn't really secure. The Model S has storage under the rear floor, frunk and under the trunk cover that keeps items out of sight. The Model X only has the frunk and under floor storage - anything in the above floor cargo area is easily visible through the windows.

The key fob issue is really about stealing the car - not protecting the contents.
 
  • Helpful
Reactions: TaoJones
You must log in or register to reply here.

Similar threads

iamthewaughrus
Replacement Fob for Model S - how much did you pay for the fob and how much to program?
Replies
24
Views
10K
Model S
KalJoMoS
KalJoMoS
tps5352
Problem With Model X Automatic (Self-Presenting) Door Feature -- Fix and Settings Summary
Replies
11
Views
818
Model X: Interior & Exterior
tps5352
tps5352
E
  • Article
Tesla kids science book + Our Model 4 prediction!
Replies
0
Views
282
Tesla, Inc.
EV_Twins
E
L
  • Poll
How much would you pay for the Matrix Lights?
Replies
8
Views
3K
Model S: Interior & Exterior
B-lon
B
Bixby MS
  • Article
First Impressions 2023 Model X LR
Replies
32
Views
5K
Model X: Ordering, Production, Delivery
aerodyne
aerodyne
Top
Back
Blog
New
Forum list
Marketplace
Menu