Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

Key fob relay thefts, should we be concerned?

This site may earn commission on affiliate links.
#2
The video does say "relay" not "replay" so that's correct.

This can be mitigated using time of flight validation techniques. It could potentially be added via software update, depending on Tesla implementation details I am unfamiliar with.

My question is: what happens when they get the car to wherever they are going to drive it? It won't start a second time without a fob, so this is similar to loading the car on a flatbed and towing it away, right?
 
  • Like
Reactions: e-FTW
#3
e-FTW said:
...Theft takes a minute...
Click to expand...

I think to prevent this, the owner should have removed the fob's battery off which would shut down a fob's signal before going to sleep.

May be someone might want to invent an on/off button instead of removing the battery each time.

For Tesla, it gives you an option to disable "Passive Entry" if you want to prevent this.
 
  • Like
Reactions: Rusty1 and brkaus
#4
I get the mitigation strategies, like sticking your fob in a Mylar bag and away from exterior walls, or disabling passive entry.
Was just wondering if Tesla cars were vulnerable, or if some advanced technical details were in play to prevent it.
 
#7
e-FTW said:
...Was just wondering if Tesla cars were vulnerable, or if some advanced technical details were in play to prevent it.
Click to expand...

Tesla didn't develop an option to turn off "Passive Entry" until there were a number of reports of stolen Tesla cars in Netherlands while owners still have all the fobs accounted for.

"The publication got a comment from Jon McNeill, Tesla President of sales and service, about the situation. He said that the method used is not unique to Tesla:

“The method used by the thieves is also used to steal other cars,”"
 
#8
Over last summer nearly 30 Model S/X were stolen in the Netherlands. All through a relay hack (information on how to execute is trivially found on the darker places of the web). So yes, Teslas are not immune, this attack vector works against a number of brands. Keep your fob away from places that can be approached easily (like your frontdoor) or better yet, keep it in an small enclosure that acts as a cage of faraday. Or turn passive entry off, but that's obviously a denial of service.

PS. Cars were all parted out. Lucrative enough because (some) Tesla parts are difficult to come by but otherwise fine salvage car are not.
 
  • Informative
Reactions: Rusty1, pilotSteve, cwerdna and 1 other person
#9
I think the real solution to this problem is a change in behavior by the users. Many people walk into their house, and dump the keys in a bowl near the front door (or a hook, or whatever). Simply moving that key place further into the house prevents the attack, or at least slows it down. (A high-gain antenna would probably still work, but look a bit suspicious.)
 
#10
mal_tsla said:
This can be mitigated using time of flight validation techniques. It could potentially be added via software update, depending on Tesla implementation details I am unfamiliar with.
Click to expand...
This is what I was actually asking about. Does seem that Tesla would be vulnerable to this, but there might be extra validation that Tesla could implement?
(This is about what is enabled by default, and does not require users to change or do anything, which is important to mitigate the risk for everyone. Informed users can mitigate today, yes, but that is a small percentage of the population.)
 
#11
Indeed. Here's apple talking about their solution at a high level as it relates to relay attacks on their Unlock Mac using Apple Watch feature:

"The unique challenge with auto-unlock is that you don’t want a kind of relay-attack, where Phil is actually well far away from his office and someone basically has a bluetooth listener that will forward a signal to you, because you’re now by his Mac, and this Mac is having a conversation with Phil’s watch over a very long distance. And so, we’re actually able to do time of flight calculations using peer-to-peer Wi-Fi where we literally can measure how long at the speed of light it’s taking for the signal to travel from your Mac to your watch and back.

And because of that, if you interposed any kind of relay, it would introduce a delay that would immediately tell us that there are hijinks afoot. So that piece is critical."

Apple’s Craig Federighi explains the built-in security features of Auto-Unlock
 
  • Informative
Reactions: masamitsu, PrGrPa, AnxietyRanger and 1 other person
#16
mal_tsla said:
Are you sure? I don't think the X will "start" if the key is not inside the car. It will certainly unlock, but it says "key not in vehicle" if the key is outside the car, even if it is very close by.
Click to expand...
The signal transmitter used by the thief looks just like the fob electronically. When he gets in the car with his transmitter, the car thinks the fob is in the car.
 
#17
Rusty1 said:
The signal transmitter used by the thief looks just like the fob electronically. When he gets in the car with his transmitter, the car thinks the fob is in the car.
Click to expand...

Serves me right for not quoting. My reply was for KMTG.

But while I have you, the time of flight method can stop the car from thinking the fob is in the car when it's really just a relay/repeater. See above.
 
#18
mal_tsla said:
Are you sure? I don't think the X will "start" if the key is not inside the car. It will certainly unlock, but it says "key not in vehicle" if the key is outside the car, even if it is very close by.
Click to expand...
Yes, I have done it many times. Key in the kitchen and drove the X out of garage to push out our trash cans. And it will not warn about key not in the car until outside the range.
 
#20
Dennisj00 said:
Not on my S. Don’t know your layout, maybe garage is directly under fob in room above. But if I walk out without fob 30’ away, she ignores me.
Click to expand...
Oh yeah, our house is not that big. Kitchen is right next to the garage, so our keys are at most 20' away. However, this doesn't negate the issue that key doesn't need to be inside the car to start driving the car. You can try it by putting you key outside of the car, say a shoe rack next to the car in the garage, and then hop in the car and drive it away. I bet you won't get any warning initially as you are driving away, even though the key is outside. Unless S is designed differently.
 
You must log in or register to reply here.

Similar threads

3Sweet
Deleted keyfob from car, but its still paired to the car
Replies
29
Views
5K
Model 3
3sr+buyer
3
W
Can tesla be broken into/ open with a key fob repeater?
Replies
3
Views
3K
Tesla, Inc.
EVer Hopeful
EVer Hopeful
CMc1
[UK] 2020.48.x
Replies
194
Views
25K
The UK and Ireland
CMc1
CMc1
ColR
  • Article
My Tesla Model 3 Highland experience – 1000 kilometres and 2 weeks later (in Ireland)
Replies
54
Views
3K
Model 3
noelslekkie
N
rgedad
Bluetooth Attack can steal Model X in Minutes
Replies
2
Views
1K
Model X: User Interface
mswlogo
M
Top
Back
Blog
New
Forum list
Marketplace
Menu