Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

How Secure Are Teslas/Tesla Thefts

This site may earn commission on affiliate links.
#261
12Pack said:
So if passive entry is disabled, and pin to drive is enabled, what vulnerabilities remain?
Click to expand...
If Model S/X (which I presume it is, given you mention disabling passive entry) you may want to check what version of the keyfobs you have. If v1 you may wish to consider replacing them with new fobs as v1 keyfobs can easily be cloned.

EDIT: Also, on S/X, check your keyfob firmware is up-to-date.
 
#263
Maka344 said:
I’ve had my Model Y for nearly two weeks now and I’ve been thinking about security. You hear stories about car signals being exploited and stolen within minutes etc.

How secure are our Tesla’s? I know they emit a Bluetooth signal for the phone unlocking etc.

I’m also thinking of installing a drive way security post as we have a lot of cars stolen in this area (Bexley) such as Range Rovers and BMW’s.
Click to expand...
well you can't be too secure, but the cars are at least as secure as a regular ICE car. They can be broken into about as easily (hard?) as a BMW, but not so easy to steal. And even if they do steal it (how?), your phone will tell you (and the police) where the car is.

At present, there is one known man-in-the-middle attack on the car, but that requires sophisticated snooping equipment, one set of which is close to your car and one close to your phone at the same time ("close" being about 20 feet away max). If this concerns you, add a PIN to drive and you are about as safe as you can possibly be.
 
#264
Two new, closely related exploits for Model 3/Y, that appear to have been discovered independently at around the same time. Both relate to the process for registering new keys. If you use a keycard to lock and unlock your vehicle, an attacker within bluetooth range at the time you use the keycard (tens of metres) can register a new key. Rather more alarmingly, one of the researchers has also demonstrated that once they have a key registered with your car, they can use that key to send a BLE remote start command to the car, bypassing PIN-to-drive.

https://www.reddit.com/r/teslamotors/comments/v86pc1

arstechnica.com

Gone in 130 seconds: New Tesla hack gives thieves their own personal key

You may want to think twice before giving the parking attendant your Tesla-issued NFC card.
arstechnica.com arstechnica.com

Be careful out there!
 
  • Informative
Reactions: NewbieT and Beady3647
#265
That sounds like something that'll be fixed fairly sharpish.. may already have been. For all their faults Tesla are pretty good at that.

Seems odd that it's possible to register a key without going through the registration process in the car.. someone screwed up there.
 
#268
I read this thread with great interest, as on Tuesday this week my 2018 Tesla Model S was stolen from the driveway. It was locked, passive entry was off, both key fobs and my phone were safely in the house, and it had pin-to-drive enabled. They were still able to drive it away - CCTV captured it, and had also captured the same pair of crooks snooping around the car the previous night. The side window was smashed - a clue that whatever they did had to be from the inside and that they did not have a code or fob to unlock it. A neighbour heard a wailing sound about the right time - so the alarm did go off, but it must have been quickly silenced. The thieves worked inside the car for almost 40 minutes (CCTV captured the lights flashing several times during the period) and were eventually successful. When I discovered the theft at 8am I checked the app - no connectivity or response then or since - and no assistance from Tesla in providing telemetry data. I am stunned that they appear to have got away with this, but have been thinking about how they might have done it. ... and I'm starting to think that its can't be all electronic wizardry. That visit the previous day? Perhaps to plant a snooping device to capture the fob key code, or watch for the pin with a buttonhole cam stuck on the roof or rear window? Or a powerful pair of binoculars focussed on the screen from afar? Be careful out there with pin 2 drive - if somebody records it or sees you enter it, its dead in the water as a layer of security. It might even be something no-tech, like being able to see the pattern of fingerprints onscreen which would allow a crook to narrow down the combinations to a guessable list? Top Tip: Wipe the screen more often than I did, check for unwanted devices, and cover your hand with your other hand when entering your pin. The things that puzzle me - why smash the window if they had a method to authenticate/unlock? And it they didn't have a method to authenticate, how did they drive it away?
 
  • Informative
Reactions: PeteSanders and NewbieT
#270
justvisiting12 said:
I read this thread with great interest, as on Tuesday morning at 3:47am my Tesla Model S was stolen from my driveway. Here's the puzzle - passive entry was switched off, I still have both key fobs and my phone safely with me (nowhere near the car at the time), and it had pin-to-drive enabled. So, did they tow it away? No - I have CCTV footage from neighbours which shows two thieves driving the car away. They were also on CCTV scoping the area out on the previous day. The side window was smashed (glass on the floor), we think the alarm sounded as another neighbour heard a wailing sound that woke her up at about the right time, but it must have been quickly silenced. When I called Tesla the morning after they told me there was a failed authentication alert at 3:10am, which tallies with CCTV which shows the lights flashing at that time, as if the alarm were triggered. The thieves worked inside the car for almost 40 minutes - doing what I don't know - but they eventually drive it away. When I discovered the theft at 8am the following day I immediately checked the app to track it - no response. And no response in the 4 days since then. I am stunned that they go away with it - they needed everything to go right for them to do it and I needed just one thing to go wrong for them to still have my car. I have been mulling over how they might have done it in the days since ... and it may not all be electronic wizardry, could there be some real-world physical things they did on the previous visit??
Click to expand...
My guess is once they can physically access your car like hooking their cables to the CAN bus or something similar, it's possible to drive your car away provided there's enough time.
 
#272
justvisiting12 said:
I read this thread with great interest, as on Tuesday this week my 2018 Tesla Model S was stolen from the driveway.
Click to expand...

Oh so sorry to hear of this, it's always a gutting experience.

I likewise wonder if the 40 minutes was them trying different pin to drive codes. I don't think the car adds a longer delay on each attempt, which it really should do. Not sure if it even alerts after too many failed attempts, unless that is what the flashing lights meant and they kept disabling the alarm. Maybe there is an automated way to keep trying pin to drive codes. The 40 minutes is a very long time for any car thief, so this would fit with ongoing attempts.

The original model S/X keyfob could be cloned, then patched, then hacked again, then patched, then hacked again.

threatpost.com

Tesla Hacked and Stolen Again Using Key Fob

Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
threatpost.com threatpost.com

I guess it could be that fingerprint smudges help narrow down the combinations to try, although it's far from perfect as the pin code entry does move around the screen. As you say, entering the pin is visible to someone standing next to the car and looking in. Arguably, it might actually be better to never clean the screen since the smudges will be all over it. A clean screen shows recent patterns much more clearly

I do wonder if anything else in the CCTV gives some clue.

Were both crooks sat in the car for all of that 40 minutes?
 
  • Like
Reactions: Toblerone and Js1977
#274
The moving pin2drive would negate any reading of the fingerprints.
The amount of time in your car is astonishing for a professional thief. They normally want to be gone in seconds.
What you describe is an unusual scenario. But by all accounts any theft is itself still an unusual occurrence.

I am sorry for your loss and hope your insurance claim is straight forward. With the CCTV footage it should help.
 
  • Like
Reactions: drtimhill and Js1977
#279
justvisiting12 said:
I read this thread with great interest, as on Tuesday this week my 2018 Tesla Model S was stolen from the driveway. It was locked, passive entry was off, both key fobs and my phone were safely in the house, and it had pin-to-drive enabled. They were still able to drive it away - CCTV captured it, and had also captured the same pair of crooks snooping around the car the previous night. The side window was smashed - a clue that whatever they did had to be from the inside and that they did not have a code or fob to unlock it. A neighbour heard a wailing sound about the right time - so the alarm did go off, but it must have been quickly silenced. The thieves worked inside the car for almost 40 minutes (CCTV captured the lights flashing several times during the period) and were eventually successful. When I discovered the theft at 8am I checked the app - no connectivity or response then or since - and no assistance from Tesla in providing telemetry data. I am stunned that they appear to have got away with this, but have been thinking about how they might have done it. ... and I'm starting to think that its can't be all electronic wizardry. That visit the previous day? Perhaps to plant a snooping device to capture the fob key code, or watch for the pin with a buttonhole cam stuck on the roof or rear window? Or a powerful pair of binoculars focussed on the screen from afar? Be careful out there with pin 2 drive - if somebody records it or sees you enter it, its dead in the water as a layer of security. It might even be something no-tech, like being able to see the pattern of fingerprints onscreen which would allow a crook to narrow down the combinations to a guessable list? Top Tip: Wipe the screen more often than I did, check for unwanted devices, and cover your hand with your other hand when entering your pin. The things that puzzle me - why smash the window if they had a method to authenticate/unlock? And it they didn't have a method to authenticate, how did they drive it away?
Click to expand...

Do you think it possible they could have replaced/bypassed the car computer with their own pre-programmed version? Unplug or access the harness, extend it out to a computer they brought with them. A new computer might still need some setup for a particular donor car’s config.
 
#280
Met police released some info following a FOI request. Unfortunately it doesn’t go down to specific models, and the reduction in 2020 and 2021 might be Covid related, but gives you an idea of overall numbers.

Somebody who knows some of the terminology might be able to say if this is just the Met police region or national figures.


No consolation if you’re one of them
 
You must log in or register to reply here.

Similar threads

T
How likely is keyless theft 2023
Replies
107
Views
10K
The UK and Ireland
FastLaneJB
F
M
Protecting Your Tesla From Theft
Replies
10
Views
534
Model X
MikeChicago
MikeChicago
G
Phone key doesn't always connect
Replies
27
Views
2K
Software: Firmware Updates, Features, Tesla App
MOE J
M
S
Stolen Tesla X Plaid
Replies
83
Views
7K
Model X
sorka
S
emptyspaces
2018 Model 3 Flashing Hazard Lights when driving off
Replies
2
Views
297
Software: Firmware Updates, Features, Tesla App
emptyspaces
emptyspaces
Top
Back
Blog
New
Forum list
Marketplace
Menu