-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Security of Phone/Card/Key?
- Thread starter EV1980
- Start date
I’m with Dilbert above. I might jump through hoops if the theft rate in my area goes through the roof or if insurers drop my rates for using pin to drive or something else. But until then, it’s a car.
The most likely thing is for someone to bust a window to steal something, not take the car.
The most likely thing is for someone to bust a window to steal something, not take the car.
Sorry, that would really piss me off…
WannabeOwner
Well-Known Member
A recommendation made by the UK Tesla Owners Group
when PIN-to-drive was first introduced - Version 1 was at a static location on screen. (introduced following a spate of highly publicised thefts of cars that were susceptible to relay attack - and to which PIN-to-drive was an OTA solution within a very short time, and Mercs / Range Rovers carried on being knicked until owners bought expensive replacement keys that stopped transmitting when "stationary")'Coz the phone always has the same location for smudgy fingerprints
Yeah I did mean new hardware to allow this and not a bog standard camera which as you say can be fooled with a photo. They need to add in Ultra Wideband at some point you'd think also to improve security.
andylaight
Member
Facial recognition probably possible already using the interior camera ?(not actually activated yet)
WannabeOwner
Well-Known Member
Definitely bizarre IME - mine have always moved all around the screen (over the course of several different cars and models)
Or you’ve only just noticed because of this thread? It doesn’t move a huge amount, just enough to not leave smudges through continuous use of the same numbers.
Zilla91
Active Member
Not an expert in this field but I'm led to believe facial recognition uses infrared not images from a camera so it won't be possible.
This thread has given a few chuckles.
agreed on the dilbert side - at some point the usability has to be factored in, but if there was a suggestion box that Tesla devs monitored, at the very least they could look to upgrade the Pin-to-drive setup and add in "anti-peep' entry i.e if your pin is 1-2-3-4, then allow entry of random numbers within a fixed character limit containing the correct passcode to mitigate immediate snooping.
E.g.
Prior: 1-2-3-4
After: 7-3-4-0-1-2-3-4-5-2-8-1
After alt: 3-8-1-2-3-4-8-3-6-3-4-8
Removes the easy "read the finger print routine" and helps obfuscate a four-pin entry.
Make it optional and then let folk live within their risk appetite.
- Pin to drive = optional
- Pin to drive 'enhanced' = optional still
Going down the route of 'more MFA' via Phone auth is not really practical (though be great as an option for those that wish it), as you really don't want to be relying on the phone if you're A) in the middle of nowhere with no signal and B) have no phone, but have the keycard and need to get to your destination.
Just a car at the end of the day - annoying as it is when someone breaks a window, thats the social contract everyone signs up to (bad as itd be) for using any car on the roads!
agreed on the dilbert side - at some point the usability has to be factored in, but if there was a suggestion box that Tesla devs monitored, at the very least they could look to upgrade the Pin-to-drive setup and add in "anti-peep' entry i.e if your pin is 1-2-3-4, then allow entry of random numbers within a fixed character limit containing the correct passcode to mitigate immediate snooping.
E.g.
Prior: 1-2-3-4
After: 7-3-4-0-1-2-3-4-5-2-8-1
After alt: 3-8-1-2-3-4-8-3-6-3-4-8
Removes the easy "read the finger print routine" and helps obfuscate a four-pin entry.
Make it optional and then let folk live within their risk appetite.
- Pin to drive = optional
- Pin to drive 'enhanced' = optional still
Going down the route of 'more MFA' via Phone auth is not really practical (though be great as an option for those that wish it), as you really don't want to be relying on the phone if you're A) in the middle of nowhere with no signal and B) have no phone, but have the keycard and need to get to your destination.
Just a car at the end of the day - annoying as it is when someone breaks a window, thats the social contract everyone signs up to (bad as itd be) for using any car on the roads!
Zilla91
Active Member
Christ, how many times does this need repeating; you don't need a phone signal, the internet or other connectivity to generate a TOTP MFA code
Yeah, no need for taking the temperature up - i never mentioned anything to do with push notifications or one time codes!
MFA is more than just an authenticator app, and no-one has a crystal ball to what will be available from Tesla as 'options' in future!
No connectivity equates to no push prompts for approval, no emailed one-time codes, no sms one-time codes, no verification (or limited verification) for access based on "where you are" ....... etc.
Entering a randomised 6-digit pin is "an approach", but not really something you'd want as default option with the traditional 60second generation windows + add in kids screaming + wanting to get home.
Was just expressing the opinion "going down the phone route for MFA might not be the best when it equates to still needing ready access to use your vehicle!"
No worries if this wasn't a discussion!
Similar threads
- Suggestion
