vogz
Member
You do understand the apps use the Tesla authentication that provides full access to the car to unlock, drive, etc right?
Therefore, your "access to data" statement is not sufficient, it should be "access to my car in all ways/methods including controlling all aspects of the car available remotely",
Ok, so you do understand that you have provided a third party full access to drive away your car, but you've additionally added PIN to drive (which many owners do not).
The point was made many times upthread, full access is the current situation. IF these user/passwords were to leak from this trusted third party, there is no practical way to prevent wide spread use of these authenticated access until the authentication tokens are invalidated by Tesla.
Since we are purely dealing in rather unlikely hypotheticals (that my data would be stolen and then someone would access my car IN PERSON when I'm not at home or at work), I guess I'll just say that's why I have insurance.
The far more likely scenario is that someone clones my BLE key while I'm actually unlocking my car with my phone, or someone straight smashes out the window to gain access. Either way, that's why I activated the pin-to-drive. Even with the key, they aren't stealing it unless it's a car-jacking situation which is also probably more likely that the hypothetical that you are positing.
We all decide the level of risk we are comfortable with in any situation. If Teslas were being accessed through stolen tokens, then I might reconsider my position. Until then I'm not going to go all chicken little about it and I'll sleep fine at night while my car is safely in my alarmed garage.