Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register
  • We just completed a significant update, but we still have some fixes and adjustments to make, so please bear with us for the time being. Cheers!

Keyfob and 40bit crappy encryption and stupid password requirements

TOBASH

TOBASH

Supporting Member
Aug 6, 2014
676
265
Rockaway Beach, New York
I want to curse the idiots who went out of their way to crack and then post the hackability potential of the key fob.

Then I want to curse the morons who actually publish the information "as a public service".

First, TESLA shoulda used a company that had better key fob encryption! How did they miss this! 40 bit encryption! Honestly!

Second, the hackers who spent months figuring out and publishing the hack are @$$#013s.

Now I need to input a combination at the middle of my screen while ANYONE can watch. TESLA couldn't even place the combination kaypad on the screen in a lower left and less visible area.

Now I'm told there will be new keyfobs that we will probably need to purchase, and in the mean time the combination only prevents moving the car and thieves can still break into my car to look around and steal stuff.

Way To Go to the buttmunch Hackers looking to publish! Way to go TESLA!

TESLA provided poor key fobs! If TESLA tries to charge I will be glad to create a class action suit.

Big thumbs down all around.
 
  • Disagree
  • Funny
Reactions: JeroenNL, MP3Mike, jeffro01 and 2 others
bayx

bayx

Member
Jul 29, 2018
487
208
San Francisco
Huh? On the bright-side, at least now Tesla knows it can be hacked and will learn from this am sure to give us better encrypted key-fobs. They would have to charge us because there is no way they will be able to replace all the key-fobs for free without taking a substantial financial hit, which I doubt they can afford to at this time!
 
  • Like
Reactions: Kacey Green
NHK X

NHK X

Member
Nov 18, 2017
759
616
PNW
Chill.

You are posting in the model x section, do you drive an x? If so from what I’ve read the issue doesn’t affect our key fobs. So you don’t have to initiate pin to drive. Seems to affect model S Keyfobs with production prior to 2018.

Also this affects a wide array of non Tesla brands... unlike other car brands, at least we have an option to use software to improve security short term until a hardware fix is finalized. Most other brands you just drive the car around until the hardware fix is available. Again, it’s your choice to use pin to drive, nobody is forcing you to use it. Weigh the risks for yourself and make that decision.
 
  • Like
Reactions: Kacey Green and jboy210
B

brkaus

Well-Known Member
Jul 8, 2014
7,637
6,172
Austin, TX
TOBASH said:
I was told by the dealership that we are vulnerable with model X also. Was the dealership wrong?
Click to expand...
I know the X has a different FCC ID, so it has different guts. I’m 100% sure I’ve read it is BLE based. Unlike the S. However, the S did change in early 2018.

I’m 90% sure those sources are correct.
 
  • Like
Reactions: Kacey Green
dlsspy

dlsspy

Member
Jan 9, 2018
83
91
San Jose, CA
Curse the people who sell you insecure security products. Praise the people who demonstrate the vulnerabilities.

I do not prefer a world where only criminals know about vulnerabilities and as long as they keep quiet and don't cause too much harm, vendors keep telling you everything's irie.
 
  • Like
Reactions: JeroenNL, Kacey Green and davidc18
Tam

Tam

Well-Known Member
Nov 25, 2012
8,295
7,137
Visalia, CA
I am not an expert but I guess if there's a lock, then there's a locksmith.

I am not sure if there is such a cryptographic algorithm that is impossible to break. I think a harder one or the best one just takes more time to decipher it but eventually, it'll be cracked if you give it time.

Thus, it is very useful to have an ethical hacker to educate us that the one we just thought impossible to be broken into, now just did!

With that knowledge or feedback, it's time for another revision to get ahead of all those bad hackers.
 
J

jboy210

Supporting Member
Dec 2, 2016
4,673
2,902
Northern California
TOBASH said:
I want to curse the idiots who went out of their way to crack and then post the hackability potential of the key fob.

Then I want to curse the morons who actually publish the information "as a public service".

First, TESLA shoulda used a company that had better key fob encryption! How did they miss this! 40 bit encryption! Honestly!

Second, the hackers who spent months figuring out and publishing the hack are @$$#013s.

Now I need to input a combination at the middle of my screen while ANYONE can watch. TESLA couldn't even place the combination kaypad on the screen in a lower left and less visible area.

Now I'm told there will be new keyfobs that we will probably need to purchase, and in the mean time the combination only prevents moving the car and thieves can still break into my car to look around and steal stuff.

Way To Go to the buttmunch Hackers looking to publish! Way to go TESLA!

TESLA provided poor key fobs! If TESLA tries to charge I will be glad to create a class action suit.

Big thumbs down all around.
Click to expand...

Are you a lawyer trying to drum up business?
 
  • Love
  • Funny
Reactions: Mrcook4590 and jeffro01
K

Krazaak

Member
Jul 30, 2017
891
994
Charlotte, NC
As I understand it, Model S keyfobs use weaker encryption and can be cloned. Newer Model S and Model X keyfobs can't be cloned, but may be subject to relay attacks.

Neither of those problems are unique to Tesla and a professional car thief is going to get your car if they want it.

Valet Mode, the option to disable Passive Entry and the PIN to Drive feature add an extra level of security that I certainly never had on any of my BMWs and they definitely didn't add features to make my car more secure while I owned it.
 
  • Like
Reactions: Kacey Green
B

brkaus

Well-Known Member
Jul 8, 2014
7,637
6,172
Austin, TX
TOBASH said:
No. Not everyone with a valid point or complaint is a lawyer looking for an easy score.

I'm pissed off overall with the key fob. This crap just adds grist to the grind.
Click to expand...

Why are you pissed with the key fob? The security concern?

Note that many cars have security risks with fobs -

Radio Attack Lets Hackers Steal 24 Different Car Models

And of course many cars can be accessed with a slim jim or a rock to the window. Older cars can be easily hot wired.
 

Similar threads

jpfive
Changing Tesla Account Password?
Replies
13
Views
2K
Model 3: User Interface
jeffnz
J
Generator
24 hours with the Polestar 2
Replies
109
Views
11K
The UK and Ireland
browellm
B
T
20,000 mile USA road trip with a Model 3
Replies
16
Views
2K
Model 3: Driving Dynamics
RKowch
R
Fact Checking
Reporting on Tesla by Russ Mitchell (LA Times)
Replies
66
Views
9K
TSLA Investor Discussions
Puma2020
Puma2020
Dutchmeeuw
Wiki Sudden Loss Of Range With 2019.16.x Software
Replies
15K
Views
948K
Model S: Battery & Charging
Florian500
F

About Us

Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.

Meta

Contact Us
Advertise with Us
Become a Vendor
Terms of Service
Privacy Policy
DMCA Notice

Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


SUPPORT TMC
Copyright © 2006-2021 Tesla Motors Club LLC. All rights reserved.
Tesla Motors Club LLC (TMC) is an independent enthusiast organization and is not affiliated with Tesla Motors, Inc. or its subsidiaries. TESLA, TESLA MOTORS, TESLA ROADSTER, MODEL S, MODEL X, and the “TESLA,” “T” and “TESLA and T in Crest” designs are trademarks or registered trademarks of Tesla Motors, Inc. in the United States and other countries.
Top