TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker or making a Paypal contribution here: paypal.me/SupportTMC

News of Tesla Door Handle Hack

Discussion in 'Model S: User Interface' started by Apoclyps, Apr 1, 2014.

  1. Apoclyps

    Apoclyps Member

    Joined:
    Feb 28, 2013
    Messages:
    525
    Location:
    Taipei, Taiwan
    Not sure if this is the right location, but there is a news article about the potential of the Tesla car door handle to be hacked.

    Tesla car doors can be hacked - Mar. 31, 2014

    I hope this is just an April Fool's joke, but if it isn't, thought I'd have it posted. Probably just need a fix/upgrade to the account login?
     
  2. ElSupreme

    ElSupreme Model S 03182

    Joined:
    Jan 13, 2012
    Messages:
    4,279
    Location:
    Atlanta, GA
    I use the same complexity of password to secure my bank accounts as I do my TeslaMotors.com account. So it would be just as easy to steal all my money.

    Not to mention getting access to my phone app car controls wouldn't do much to make my car less secure.

    As Nigel put it in another thread about the same article. A brick thorough the windows give someone the same access.
     
  3. markb1

    markb1 Active Member

    Joined:
    Feb 17, 2012
    Messages:
    2,318
    Location:
    San Diego, CA
    No, it's just a "security researcher" who has "discovered" the feature of the mobile app that allows you to unlock your car remotely. It's not a security hole any more than passwords are a security hole in general.

    - - - Updated - - -

    BTW, basically the same article that was discussed here:

    Stolen Model S? - Page 5

    and here:

    Tesla’s Model S can be located, unlocked, and burglarized with a simple hack
     
  4. bob_p

    bob_p Member

    Joined:
    Apr 5, 2012
    Messages:
    939
    Odds seem very small that someone who is able to hack an account - and get the password for a specific car - will also be in close enough proximity of the car to unlock it and get in.

    And even if that happened - the car can't be turned on without the key - so the "brick through the window" is a much simpler method for breaking into a car.

    And, if any owners are actually worried about this - turn off remote access..
     
  5. Byoung

    Byoung Member

    Joined:
    Aug 16, 2013
    Messages:
    18
    Location:
    Decatur
    Hope Tesla will fix if for no other reason than to control the bad P.R.

    As an owner, I'm not at all worried about this. Ditto to those that have already said thieves looking to get into the car will break a window, not a password.

    On the location issue, if I have a stalker that really is that determined to find my location, it would be much easier for them to attach a GPS tracker to my car than to hack into it.
     
  6. liuping

    liuping Active Member

    Joined:
    Jul 23, 2013
    Messages:
    1,858
    Location:
    San Diego
    Tesla already changed the web site to lock the user out after 5 bad password attempts, so it's already a non issue.

    For further security and piece of mind, they could add an option to prevent remote unlocking (but leave the other remote features).
     
  7. Gizmotoy

    Gizmotoy Active Member

    Joined:
    Sep 16, 2013
    Messages:
    3,143
    Location:
    Bay Area, CA
    I hope not. I like that feature. Occasionally my wife comes to visit at work and I can unlock the car so she can get in and wait for me (big campus). Or the time we hid her purse in the frunk. It had the key in it. The car auto-locked us out :-/. Phone app to the rescue!
     
  8. Kraken

    Kraken Member

    Joined:
    Nov 20, 2012
    Messages:
    799
    Location:
    Voltageville, CA
    Maybe just a secondary pin required to unlock the car when that button is pushed. It would only affect that function of the app.
     
  9. Gizmotoy

    Gizmotoy Active Member

    Joined:
    Sep 16, 2013
    Messages:
    3,143
    Location:
    Bay Area, CA
    #9 Gizmotoy, Apr 2, 2014
    Last edited: Apr 2, 2014
    There definitely should be a additional owner-configurable PIN. Could be used for anything potentially requiring additional security: turning on/off remote access, enabling/disabling valet mode, unlocking, etc.
     
  10. invisik

    invisik Member

    Joined:
    Mar 13, 2014
    Messages:
    620
    Location:
    Minneapolis
    I agree with the PIN number.

    -m
     
  11. Canuck

    Canuck Active Member

    Joined:
    Nov 30, 2013
    Messages:
    3,958
    Location:
    South Surrey, BC
    What about third party apps like Visible Tesla. I haven't tried it but doesn't it give access of your car over to the app developer since you must sign in to their app? I'm not concerned, just wondering?
     
  12. Gizmotoy

    Gizmotoy Active Member

    Joined:
    Sep 16, 2013
    Messages:
    3,143
    Location:
    Bay Area, CA
    It could. In cases of apps that run locally, like Visible Tesla, the developer could skim the passwords as you enter them and send that back to a server the developer controls. So there's some measure of trust required. Don't type your password in just anywhere.

    Web apps like the announced smartcar.io are significantly more concerning, IMO. In order to interface with the Tesla servers, they need to know and store your password on their servers. So you're trusting them to secure them properly and never have a security breach that exposes them. To me, allowing my password to be stored on a server I don't control and may be a target for these kinds of hacks takes a lot more trust that something like Visible Tesla running locally.
     

Share This Page