-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
How Secure Are Teslas/Tesla Thefts
- Thread starter Maka344
- Start date
Tam
Well-Known Member
AirTags could be used to track your Tesla as long as there's a cooperative device near it.
There have been successful reports of locating a stolen car but there have been way more complaints that unknown AirTags stalking them. For example, thieves would attach one on a nice car to track it and steal the car at their own choosing.
Tam
Well-Known Member
Tam
Well-Known Member
Prior to 2021 production, S and X use regular radio wave (non-BLE).
However, from 2021 production and later, all Tesla S, X, 3, and Y are now unified with the same technology BLE. That technology is what being demonstrated that researchers can do a relay attack too.
kelvin 660
White SR+ with LFP battery
I could imagine that with the right software that thieves would only need a couple of smart phones to make a relay attack. Potentially making this easier and cheaper than traditional attacks!
Hopefully, Tesla are working on a countermeasure for this issue...
Hopefully, Tesla are working on a countermeasure for this issue...
I suspect the system would need to be more sophisticated as there are latency issues which would immediately get flagged by the security system. I’ve no doubt they will patch the system to make it more secure. Pin to drive seems like the best solution right now.
Tam
Well-Known Member
That would defeat the convenience of Keyless entry where you keep keys in a pocket or purse, developed over the last decade or so. But as always convenience is achieved through compromises on security. If there was a way of enabling/disabling that via a toggle on the car then why not, but I’ve never seen this afaik
Has Tesla stated it is unhackable and is therefore now not to spec? what about every other vehicle with smart keys sold in the last 20 years which are much easier to relay - should they all be recalled too?
What about all those old Ford vehicles in the 70s and 80s you could open with any other key or a screwdriver
I think it used to be a half Tennis ball, over the lock and a sharp tap and the air being forced into the lock spun it open.Has Tesla stated it is unhackable and is therefore now not to spec? what about every other vehicle with smart keys sold in the last 20 years which are much easier to relay - should they all be recalled too?
What about all those old Ford vehicles in the 70s and 80s you could open with any other key or a screwdriver
All these measures do is make it harder, which is no bad thing, they're already good enough to put off joy riders, but organized crime, stealing a Tesla to order, aren't going to be deterred, the last resort and they'll break in and if they need your phone or key card and pin number they'll find a way of enticing you to give it to them. I'm happy for the bar to be raised, but there's a tiny bit of me that says I'd prefer they got it without waking me up with physical threats. I just try and make my car harder than the next Tesla, I park behind gates at home, I have a steering discklock thing I use maybe 3 times a year in certain places, and after that I let my insurance company do the worrying.
I completely agree and think this is being blown all out of proportion. If someone is worried about this new relay hack, which I am not, then don't pair a phone with the car as a key and use the supplied Key Cards. Keyless entry is a convenience feature that no one is being forced to enable. Unlike our Land Rover, for example, where relay attack has been around much longer yet there is no means of shutting it off.
Indeed ... but I was making a clarification when responding to your post that said:
My clarification was related to "prior to the implementation of pin-to-drive" ... when Tesla Model 3 (Y didn't exist) was not subject to the same issues so to say "relay attacks were actually quite popular to steal a Tesla" only applied to Model S and X. You have since also confirmed exactly what I was saying so we are actually in agreement! I may be mistaken but I thought the new BLE relay attack remains at the proof of concept level rather than a routine criminal approach as had been the case for Models S and X in the past.
The old attack against the S and X was a much more simple relay attack against the key. As the 3 and Y don’t use the same system unless you buy the key then a much more sophisticated attack seems to be needed. As Bjorn Nyland pointed out in his video about this, 3 and Y thefts are non existent. Pin to drive removes the relay risk entirely.
12Pack
Member
So if passive entry is disabled, and pin to drive is enabled, what vulnerabilities remain?
Only a threat then if they have access to your tesla registered email account to get around p2d. Currently the password reset from the pin to drive menu in the cars circumvents MFA (even if enabled in your online account AFAIK, but haven’t checked recently)… hopefully that gets changed soon. But frankly, if they have all of that then you’re in a world of hurt anyway.
