TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

How much would you pay for new fobs so your car cannot be easily stolen?

Discussion in 'Model S' started by Reeler, Sep 13, 2018.

?

How much should we pay to get our two Model S fobs replaced?

Poll closed Nov 1, 2018.
  1. $300 each like most premium car brands charge for a new fob

    4 vote(s)
    3.6%
  2. $150 each which is about what it costs today for a new fob with reprogramming

    8 vote(s)
    7.1%
  3. $100 each is a good price for a fob

    17 vote(s)
    15.2%
  4. $50 each since Tesla is partially to blame

    15 vote(s)
    13.4%
  5. $25 each since they probably cost Tesla a small fraction of that amount

    12 vote(s)
    10.7%
  6. FREE since Tesla knew about the better design, but was sloppy here

    56 vote(s)
    50.0%
  1. Reeler

    Reeler 9th Year of Pure EV

    Joined:
    Oct 14, 2015
    Messages:
    1,319
    Location:
    Denver, CO
    Your Model S can be stolen with a few hundred dollars of off-the-shelf equipment if you didn't buy in the last few months. Cars sold before June 2018 have this vulnerability, but not any Model X so Tesla has had the solution available for a few years without bothering to update things on the Model S.

    They will have a solution soon, but it requires software updates to your car. Apparently you have to replace all your fobs to get the new protection. A PIN-to-start feature was added to the car, but I hate those sorts of things and that is why most phones have gotten rid of it.

    How much should we pay to solve their sloppiness to get new fobs?
     
    • Funny x 1
  2. SabrToothSqrl

    SabrToothSqrl Active Member

    Joined:
    Dec 5, 2014
    Messages:
    3,121
    Location:
    PA
    Yea, and I can steal anything with this "one simple trick" involving a firearm.

    Get over yourself.
     
    • Funny x 13
    • Like x 5
    • Disagree x 2
  3. tranzndance

    tranzndance Member

    Joined:
    Sep 10, 2017
    Messages:
    235
    Location:
    Bay Area
    The questions in the title and the post differ enough in meaning as to have different answers. I would pay more than I think I should.
     
    • Like x 2
  4. AMPd

    AMPd Active Member

    Joined:
    Nov 27, 2012
    Messages:
    2,893
    Location:
    Northern California
    I wouldn’t pay anything. I don’t care if my car is stolen tbh
     
    • Like x 5
  5. jorobsand

    jorobsand Member

    Joined:
    Nov 12, 2017
    Messages:
    179
    Location:
    Charlotte, NC
    You and I think alike. We should definitely talk more, but I can't seem to find your address. Can you resend?

    But seriously, I wouldn't pay anything either. No matter the technology, there will always be vulnerabilities. Someone with enough motivation to steal a car will likely be able to do so.
     
    • Like x 3
    • Funny x 1
  6. Need

    Need Active Member

    Joined:
    Nov 22, 2017
    Messages:
    2,089
    Location:
    SoCal
  7. bob_p

    bob_p Active Member

    Joined:
    Apr 5, 2012
    Messages:
    2,821
    We need to put this all in perspective.

    For most Tesla owners, their vehicles are probably not at great risk. Few Tesla vehicles are stolen, and almost all of those are recovered.

    The recent PIN software update is likely more a PR move than fixing a real problem facing many Tesla owners, similar to how Tesla quickly reacted to the first vehicle fire in late 2013, when they temporarily disabled automatic air suspension until they could add more armor plating protecting the battery pack.

    Adding secondary authentication is useful - and they should consider additional options such as detection of linked smartphones, voice recognition, facial recognition (if they had a driver facing camera), geolocation (when parking in a known safe location), …

    But the best solution is to fix the key fob security - and either make that available under warranty or at a reasonable upgrade cost for the affected vehicles.

    And they should send e-mail or written notifications to all affected owners, to make it clear which vehicles do or do not have this risk.
     
  8. AMPd

    AMPd Active Member

    Joined:
    Nov 27, 2012
    Messages:
    2,893
    Location:
    Northern California
    I’ll private message you my address

    But agree. No one is gonna steal a car like this on a whim. And if someone already decided to do so, well then I’m sure a few more technical hurdles won’t stop them.
     
  9. Reeler

    Reeler 9th Year of Pure EV

    Joined:
    Oct 14, 2015
    Messages:
    1,319
    Location:
    Denver, CO
    I think he wants your address since he is planning to steal your car using the fob hack. Since you don't care, his is guilt free in doing so. You might just send him your spare fob so he doesn't have to invest the few hundred required to lift your ride. :D:p:););)
     
    • Funny x 2
    • Like x 1
  10. Reeler

    Reeler 9th Year of Pure EV

    Joined:
    Oct 14, 2015
    Messages:
    1,319
    Location:
    Denver, CO
    Spoken like a guy who has a nut-thieving squirrel as an avatar. LoL
     
    • Funny x 1
  11. Darmie

    Darmie Supporting Member

    Joined:
    Jan 13, 2016
    Messages:
    663
    Location:
    Clear Lake TX. (Currently in lake Charles LA)
    Now if I can just have all your email and passwords please.
    To me this is where the venerability potentially could be.
     
    • Funny x 2
  12. tranzndance

    tranzndance Member

    Joined:
    Sep 10, 2017
    Messages:
    235
    Location:
    Bay Area
    A common issue in the Bay Area is that thieves break the small back window so they can pull down the backseat to access the trunk. Even people who have nothing in their trunk have fallen victim to this crime. With the vulnerability, there might not be interest in stealing cars, but they could likely access the car to steal the contents. The benefit of the new fob could be protecting the car from that scenario. However, having that vulnerability might mean the thieves would unlock the car and not break the windows, so that would be less of a hassle than getting the window fixed.
     
  13. boonedocks

    boonedocks Active Member

    Joined:
    May 1, 2015
    Messages:
    1,910
    Location:
    Gainesville, GA
    The introduction of PIN to drive was just more static by Tesla to get the conversation away from the rest of their demons. V9 / EAP / FSD / NagGate / you know....the important stuff ¯\_(ツ)_/¯
     
    • Like x 1
  14. Reeler

    Reeler 9th Year of Pure EV

    Joined:
    Oct 14, 2015
    Messages:
    1,319
    Location:
    Denver, CO
    When I had a convertible, I always left the doors unlocked so that they wouldn't cut a hole in the top to get access under the same theory. I wouldn't regularly park on the street, but that is what I did.
     
    • Like x 2
  15. Shaggy

    Shaggy Member

    Joined:
    Aug 9, 2015
    Messages:
    406
    Location:
    Austin
  16. jbolus

    jbolus Member

    Joined:
    Jun 6, 2018
    Messages:
    51
    Location:
    Boise, ID
    #16 jbolus, Sep 15, 2018
    Last edited: Sep 15, 2018
    The poll has this choice "FREE since Tesla knew about the better design, but was sloppy here"... Not really the case here. If it truly was, Tesla could have quickly released a new firmware to address the issue by updating the encryption used (which is the actual problem).

    However, it's important to note that this "radio relay-attack" vulnerability is NOT exclusive to Tesla. Furthermore, the actual issue is from the third-party supplier PEKTRON body controller/lock module in the Model S that is also used by other car manufacturers. These type of attacks are very common in the UK/EU on many other brands such as like MB, BMW, Audi, McLaren etc. Pretty much any luxury brand that has a Passive Keyless Entry and Start (PKES) system.

    Sources:
    1. Criminals could steal a McLaren and other supercars in seconds using new hijacking scam

    2. Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars.
    https://eprint.iacr.org/2010/332.pdf

    3. Yingtao Zeng, Qing Yang and Jun Li. Chasing Cars: Keyless Entry System Attacks.


    If you're in the U.S., I would argue that this is not so much of an issue.

    Below is the actual paper that is being misquoted by the media, claiming it's only a Tesla Model S security vulnerability which is disingenuous at best.

    Fast, Furious and Insecure: Passive Keyless Entry and Start in Modern Supercars

    Previous Wired Magazine articles about the same issue:

    Just Two of These $11 Gadgets Can Steal a Car
    Radio Attack Lets Hackers Steal 24 Different Car Models


    What's interesting is that Wired now also jumped on the Tesla FUD bandwagon and used a sensational title for their article this year.
    Hackers Can Steal a Tesla Model S in Seconds by Cloning Its Key Fob
     
    • Helpful x 2
    • Informative x 2
  17. whitex

    whitex Active Member

    Joined:
    Sep 30, 2015
    Messages:
    4,589
    Location:
    Seattle area, WA
    What % of the stuff stolen from Tesla's is recovered? Even if you set the PIN, anyone who clones your FOB can empty your car of anything you leave in there. And in case you're thinking of arguing that "nothing of value should be left in the car", would you buy a car which doesn't lock doors at all (key required for driving only)? You think others may have a problem with such open car?
     
  18. whitex

    whitex Active Member

    Joined:
    Sep 30, 2015
    Messages:
    4,589
    Location:
    Seattle area, WA
    Poll if faulty. I think new fobs should be free for my 2018 car, since Tesla was fully aware of the issue before I got the car. For my 2015, I would pay $50 each fob.
     
  19. .jg.

    .jg. Member

    Joined:
    Feb 27, 2018
    Messages:
    351
    Location:
    Weston Super Mare, England
    There are two different but similar types of attack:

    1. Relay attack: Common to keyless entry systems from all manufacturers. The attackers use a pair of relay devices to relay the communications between the car and the fob. The car thinks the fob is nearby and can be unlocked and started. Once the car is driven away, the attackers can no longer unlock or start the car. This method has been used to steal assorted makes of high end cars in Europe. The thieves probably use cellular and GPS jammers to disable tracking. Typically, the cars are disassembled within hours and sold as used parts. This attack can be mitigated by disabling passive entry or by shielding the fob.

    2. Fob cloning: Unique to cars using the Pektron keyless entry system, because Pektron chose to use a 40 bit cipher in their fobs. Demonstrated on the Model S but thought to affect other Teslas, Mclaren cars, Triumph motorcycles and maybe others. In this attack, the attackers use a device to first communicate with the car and then the fob. After this, the attacker's device can emulate a fob, so the car can be unlocked and started on demand. The attack can be mitigated by using "Pin to Drive", by shielding a weakly encypted fob or by replacing the fobs with the newer high encryption type. Disabling Passive Entry will not protect against this attack. This attack is not known to have been used in the wild.

    It is true to say that the problem was caused by Pektron's choice of a 40 bit cipher but Tesla owners didn't buy keyless entry systems from Pektron, they bought cars from Tesla, so the customers' issue is with Tesla. In turn, Tesla have all of this mess (including the bad publicity) courtesy of Pektron. IANAL but I would have thought Tesla ought to replace the older fobs FOC but demand that Pektron funds the replacement program. I reckon the attitude of insurance companies may play a role here e.g. if insurers start demanding higher rates or refusing cover for Teslas with low encryption fobs.

    Tesla have certainly been more proactive about the while affair than Pektron, Mclaren, Triumph, etc. - I doubt Mclaren owners are too pleased with the lacklustre response from Mclaren.

    So far, thefts using such high tech methods have only been seen in Europe but the demand (and prices) for used Tesla parts may encourage such thefts in north America.
     
    • Helpful x 1
    • Like x 1
  20. bob_p

    bob_p Active Member

    Joined:
    Apr 5, 2012
    Messages:
    2,821
    If someone wants to steal items inside a car, they only need to break a window and quickly empty the contents of the car - even the frunk isn't really secure. The Model S has storage under the rear floor, frunk and under the trunk cover that keeps items out of sight. The Model X only has the frunk and under floor storage - anything in the above floor cargo area is easily visible through the windows.

    The key fob issue is really about stealing the car - not protecting the contents.
     
    • Helpful x 1

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


    SUPPORT TMC