As another idea but there's cars with hands off motorway driving which use Face ID type cameras to check you are looking at the road. That would be a useful additional to Tesla's but also could intentify the driver to switch to the correct profile or not start the car if it doesn't recognise you. Again more secure and all done in the background without any impact on the end user.
-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Security of Phone/Card/Key?
- Thread starter EV1980
- Start date
Wouldn't it be better to identify you and adjust the seat before you get it, like it does already ? In general the sort of biometrics we are used to like FaceID or Windows Hello are about the same level of security as entering a PIN, they are more convenient rather than more secure, but require additional hardware in the camera. You can make biometrics more secure, but then it's less convenient.
Tesla already have the code for driver attentiveness monitoring, although it doesn't seem to be used in the UK software stack.
There really isn't any significant issue with the level of security we have in Model 3/Y, which is why we don't hear about thefts in this forum. Enabling Pin 2 Drive is a step above any car with a key as it's no long possible to steal the key.
Zilla91
Active Member
What two physical devices? All you need is the phone you've already used to unlock the car.
If you're referring to using a USB key, then yes but the benefit is you don't need to key in a code. If having two devices is too much of an inconvenience then just use your phone to get a code.
Not really.
Let's take a look at this scenario; a thief uses some kind of relay method to extend the Bluetooth signal to gain access to your vehicle on your driveway. They would then need to get the phone to generate the TOTP - without that they can't drive the car away.
This is more secure than just reusing the same pin, which can be guessed by studying finger prints on the screen, have been observed by the thief previously or correctly guessing your DOB.
A bit like our opinions on pair programming, I think we should agree to disagree
Please stop straw-manning this.
At this point, I can only assume that I'm being trolled
Zilla91
Active Member
Uh oh, I didn't realise 2FA wasn't actually 2FA because I logged in and got my TOTP on the same devicePlease stop straw-manning this.
At this point, I can only assume that I'm being trolled
View attachment 904347
Sure but how many different locations does the pin pad move to? Will be a limited, preset number of locations, isn't it?
IMHO a balance must always be found between security and usability. The current methods works well enough. Of course UWB would be an improvement if they add it to the next gen but that's about it.
I get in my car several times a day. I can live with PIN2Drive even when sometimes it's a hassle. But having to use a yubikey, TOTP, etc... anything that would take me even an additional 5 seconds to shift into drive while I'm in the driver seat definitely seems way over the top.
You'll tell me they can make it optional, but then, if less than 1% of Tesla owners use it, is it really worth the dev time + potential facepalm issues described above when a not-so-clever user will undoubtedly lock himself out?
You'll never be able to prevent a motivated, skilled and resourceful robber out of any car. But Tesla does a pretty good job of discouraging the lower bunch of them. They are connected cars. Unless you're stealing it for parts not much you can do driving a stolen one. And if you manage to disable communications with the mothership, goodbye superchargers, nav, apps... which is already 50%+ of the appeal of the vehicle itself.
I get in my car several times a day. I can live with PIN2Drive even when sometimes it's a hassle. But having to use a yubikey, TOTP, etc... anything that would take me even an additional 5 seconds to shift into drive while I'm in the driver seat definitely seems way over the top.
You'll tell me they can make it optional, but then, if less than 1% of Tesla owners use it, is it really worth the dev time + potential facepalm issues described above when a not-so-clever user will undoubtedly lock himself out?
You'll never be able to prevent a motivated, skilled and resourceful robber out of any car. But Tesla does a pretty good job of discouraging the lower bunch of them. They are connected cars. Unless you're stealing it for parts not much you can do driving a stolen one. And if you manage to disable communications with the mothership, goodbye superchargers, nav, apps... which is already 50%+ of the appeal of the vehicle itself.
It's a fair point about relay attacks. PIN-to-drive also mitigates this, and your proposed solution mitigates this at the expense of giving anyone with control of the phone all the information required to drive off with the car, which is not the case with something-you-know as one of the two factors.
Let's take a look at this scenario.
Alice and Bob come from a household that promotes poor security hygiene. Both drive Teslas, and Alice uses a key and PIN-to-drive, and Bob uses his phone as a key and a TOTP authenticator on his phone. Just as Alice insists on using her YOB as her PIN despite all the evidence that this is a bad idea, Bob also uses his YOB as his phone PIN. Just as Alice leaves fingerprints on her Tesla screen, so does Bob on his phone screen. Just as Alice allows herself to be observed typing in her Tesla PIN, Bob allows himself to be observed entering his phone password.
Please tell me why, given the above, the thief would have a significantly harder time:
- stealing Bob's phone, unlocking Bob's Tesla, entering his poorly-chosen PIN, opening the authenticator app, and entering a TOTP
- stealing Alice's car key, unlocking Alice's Tesla, entering her poorly-chosen PIN
I don't know how many locations, but it seems to move anything from 1cm to inch's. I suspect there is a large number of locations to cover the whole screen.Uh oh, I didn't realise 2FA wasn't actually 2FA because I logged in and got my TOTP on the same device
Sure but how many different locations does the pin pad move to? Will be a limited, preset number of locations, isn't it?
Jason71
Well-Known Member
I think as already mentioned this could also solve the his and hers problem of both mobile phones getting into the car at the same time.
I'd argue that FaceID / Windows Hello are more secure than a PIN in general and less hassle. Someone else can see your PIN, you've also got to tap it in vs just sitting down infront of the camera in the drivers seat and going. I think a good balance between convience and security is a must. Once you've got Ultra Wideband in use on the phones / keyfobs also thieves shouldn't be able to get into the car but even if somehow they did won't have your face to start the car. It would be way beyond what most cars have currently and they'll just target easier to steal cars rather by that point.
Zilla91
Active Member
I guess we're not agreeing to disagree. Oh well.
If by chance you come across the phone and it's unlocked, again, you'll need to unlock the authenticator app to access the TOTP (at least you need to on the one that I use).
Compare that to stealing Bob's phone, getting into the car but not being able to do much more because you can't get into his phone to get the TOTP. Good luck trying to have an educated guess and driving the car away.
If you want actual security then you need something more.
Just because you have the phone doesn't mean you have access to the TOTP as you'll need to unlock the phone to get to the authenticator app.
If by chance you come across the phone and it's unlocked, again, you'll need to unlock the authenticator app to access the TOTP (at least you need to on the one that I use).
Because you can relay Alice's phone signal to unlock the car and possibly decipher her pin from the prints on the screen or making an educated guess as to what her poor choice of pin is.
Compare that to stealing Bob's phone, getting into the car but not being able to do much more because you can't get into his phone to get the TOTP. Good luck trying to have an educated guess and driving the car away.
Yeah, it's convenient. To claim it's somehow secure is for the birds, that's all I'm getting at.
If you want actual security then you need something more.
You seem to have a baked-in assumption that Bob doesn't make similarly poor security choices with his phone. If you're suggesting that Bob's Tesla is more secure because he can have longer passwords/biometric auth on his phone, then a simpler and more sensible solution would be to advocate for Tesla increasing the entropy of PINs. I'd be fine with that, if it was opt-in.
The thing I'm clearly failing to explain is that Alice and Bob's situations are functionally equivalent.
Alice: needs a physical object (key) and a secret (Tesla PIN)
Bob: needs a physical object (phone) and a secret (phone password)
The same steps are happening, just in different places.
The PIN would remain more secure than face recognition using the current hardware.
The relative poor definition of the internal camera might be enough to identify (i.e : recognise you) for those less important matters like adjusting driving position (seat/steering wheel), but not to authenticate you (verify it's really you and not someone holding a picture or a mask) to let you drive away.
Cf FaceID using a flood illuminator and an IR camera for depth rather than the 2d selfie camera.
Zilla91
Active Member
Not at all, he could have the pin of 1234 on his phone but chances are he uses biometrics so there won't be prints on his screen giving away what the pin is or has been observed entering his pin into his device by looking over his shoulder.
Similar threads
- Suggestion
