Not sure if anyone else has posted this in the past, but I've been curious as to how Tesla plans to protect the Model S from being hacked. Given that there is no ignition system to hot-wire. I found this link (Federal Register, Volume 77 Issue 72 (Friday, April 13, 2012)) which refers to a remote immobilization system. Very interesting. Model S P#3853
Wow. That's really cool. How did you come across this document? Should be good for insurance companies in some way.
Honestly I was just googling the security of the vehicle. Being a tech guy I'm worried that the RFID or drive controller could be easily compromised and steal/modify the car. Simply the fact that the car has an IP address is slightly concerning. I would love to know more about how they intend to protect the vehical.
True (and I expected someone would say that), but some statements about the Bluetooth, 3G, RFID not having access to the sub-systems would be nice. However, now that I'm hearing that update are pushed without user validation makes me wonder what it would take...
adurstewitz - excellent find! I wonder if Insurance companies will treat this in the same way as a lojack and give corresponding discounts? Tesla isn't doing very much to publicize the security aspects of the Model S so it is possible insurance companies aren't correctly taking the full security capabilities into account.
I think they start with nVidia's webkit pkg and then add things. That makes it roughly as secure as a mobile phone. ... which is pretty good. Compared to other vehicle systems, I've no idea.
Has anyone heard anything about this recently? The last I heard, Tesla was going to hire some programmers specifically concerned with security, but nothing beyond that.
What does it take to hack your car? One of two things: 1. Tesla's encryption key. or 2. Your credentials (ID & password) that you use on your MyTesla site. Get this, and you drive the car away. No alarms going off. Guess which thing is weaker and easier to get and/or crack? ...
I would welcome the option to configure a PIN that would be required in addition to the current authentication before the car could be driven.
You dont have to wait for Tesla to do everything. Splice a lockout box on the line for your gear selector. It could have a number PiN pad, or an RFID tag reader if you want it to be invisible. And there you have it, nobody can get your car into gear.