-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
It's an implication more than a direct detailing, but they say:
Keen Security Lab said:
I think you got the exploit wrong or partially wrong. Also Tesla did do a mass firmware update to fix this vulnerability and put out a press release. Did you not get it yet?
In the video they had the guy drive to a charging station. Possibly they had compromised that wifi access point. Don't know.
No they had him *search* for a charging station that was 10 km away.
He drove there and came back. (at least that's what I remember happening). What other reason would they have to do that?
They said, and Tesla confirmed, that the attack is when your car uses a malicious WiFi network. I assume they can just inject some code into the network stream and take control of the car. That is why they wanted him to search for a charging location so that he would connect to their hacked WiFi network and that would give them access to the car.
I don't think they had any access to Teslas network or VPN.
That's what I've been saying all morning. Finally someone understands.
Unless Tesla buys back the car (and I have no intention of selling) They have no right to install ANYTHING on the car without my permission. I have made them well aware of this fact. Even government mandated recalls can not force end customers to comply, they can only force the manufacturer to offer. Any change Tesla wants to do to my car requires either my permission, or a change of law to accomplish.
I'm confident they won't force anything. And I know that full root is possible on my current firmware (and all sorts of other things) so I don't see this coming to an end any time soon.
I have had a bit more progress on the API front, but I'm not quite able to discuss it yet. Suffice to say for the moment that it is possible to get a list of all the REST commands that the CID can accept, and there's a lot you can do there.
I'm confident they won't force anything. And I know that full root is possible on my current firmware (and all sorts of other things) so I don't see this coming to an end any time soon.
I have had a bit more progress on the API front, but I'm not quite able to discuss it yet. Suffice to say for the moment that it is possible to get a list of all the REST commands that the CID can accept, and there's a lot you can do there.
CuriousG
Active Member
Possibly they were able to decrypt the "Tesla Service" password and run their own rogue access point at which point it would connect automatically.
After reading a bit about that exploit this morning, I learned something very interesting. Tesla's press release, along with someone else's confirmation, explain exactly what happened.
The Tesla web browser has a remotely exploitable bug in it... Now I need to find that bug!
The Tesla web browser has a remotely exploitable bug in it... Now I need to find that bug!
I wonder if it wouldn't be easier to just disable the web browser entirely. I don't know if that would block the exploit or not, but I think that most of us do just fine without the web browser anyway.
diamond.g
Active Member
IIRC they will be releasing the source for the attack in the next week or so (they waited until Tesla came up with a fix).
Speak for yourself. I have Tesla Waze up many times plus PlugShare. I have friends who are not smartphone users who use it extensively for things like email and browsing.
We will know more soon but it sounded like it was both a wifi gateway compromise and a browser exploit.
CuriousG
Active Member
Or if they would just update the browser periodically. It's been widely known the web browser hasn't been updated in many years. It appears it took something like this for Tesla to update their browser which people have been asking for a while now. Someone else reported that some sites used to think it was a Firefox browser and now thinks it's Safari.
Fair enough. I was specifically directing that at @green1, who is looking for a workaround to the exploit. Not to the active firmware community.
Sorry
I think @green1 is looking to take advantage of the exploit to get root to the OS on his car not a workaround to the exploit but we can drop it. It's fixed now.
Similar threads
