Successful connection on the Model S internal Ethernet network

[Adrian]

A friend who is a Tesla technician and ranger in Norway has informed me you need an access code to send traffic after 5.11. It's as described here earlier, plus an "authenticator" with a rolling / random code. So probably no dice for us in the future :/

 

[jcstp]

$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes

 

[capt601]

$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes

was just going to post this. I can only imagine if they are successful how the media will blow this up to be something when it is probably not. and of course, i never read a thing about how they were successful with connecting to the Toyota and ford cars. but the Model s will be all over the shorts media.

 

[jcstp]

if they can hack the Tesla, this means there are also vulnerabilities in ubuntu (linux), so the result will have repercussions on a much bigger scale!
Linux is used in much more than just Tesla

 

[apacheguy]

Not necessarily. There is a lot of TM custom code that can be targeted that has little to do with the security of the underlying OS.

 

[brianman]

Agreed, apacheguy. In modern times, the browser is a quite, um, "fruitful" attack vector. I suspect we'll see some interest in that area.

 

[wk057]

I tried some basics with the browser but didn't have much luck.

 

[rdrcrmatt]

I was told by the SC that one of the recent software updates causes the password for this to be rotated every 4 hours.

 

[aviators99]

Interesting that in this video an S60 is Supercharger-enabled via the Ethernet port.

Tesla Supercharger - Cranberry Twp, PA - YouTube

 

[apacheguy]

So is that a Tesla Ranger's laptop in the video? I thought that they could enable supercharge access remotely.

 

[markb1]

So is that a Tesla Ranger's laptop in the video? I thought that they could enable supercharge access remotely.

I don't think it was a ranger, but rather someone from Tesla's supercharger field team, who was there to commission the supercharger.

 

[bradhs]

I was driving a S60 loaner that did not have Supercharging enabled and I was driving to LA. Needless to say, they remotely activated the option for me. The car had to be stopped and in park for them to do it. Happened very fast.

 

[apacheguy]

They did not get "pwned" by Tesla. For all you know, they may have reestablished a connection but are choosing not to post here because that would give Tesla the upper hand. And simply preventing access to a LAN bridge that requires internal access to the car in the first place is not what I considering fixing a security hole.

 

[NigelM]

Mod Note: some posts went to snippiness. Apologies to the innocents who got moved along with the bad stuff, and thanks to those who offered calming comments.

 

[chickensevil]

Soooo, with Tesla known to be running linux (and a version of Ubuntu/Debian at that), anyone tried making use of shell shock to attempt to get access?

 

[widodh]

Soooo, with Tesla known to be running linux (and a version of Ubuntu/Debian at that), anyone tried making use of shell shock to attempt to get access?

They cut off access to the Ethernet network. When it still was working all services were closed, there was no CGI available to try shell shock on.

 

[markwj]

DHCP client is another vector being discussed.

 

[chickensevil]

They cut off access to the Ethernet network. When it still was working all services were closed, there was no CGI available to try shell shock on.

I guess I was thinking through the REST API, but I guess that isn't vulnerable to that type of attack, so nevermind...

 

[wk057]

The stupid bash exploit is being blown way out of proportion.

Whatever lets you get arbitrary data to bash, *that* is the exploit.

If you can access bash generally you already have legit access unless you find an actual security hole *in something else*.

Corrected headline: Linux software that lets users do things lets users do things!

 

[pgiralt]

The stupid bash exploit is being blown way out of proportion.

Whatever lets you get arbitrary data to bash, *that* is the exploit.

If you can access bash generally you already have legit access unless you find an actual security hole *in something else*.

Corrected headline: Linux software that lets users do things lets users do things!

I disagree that it's being blown out of proportion. This issue is extremely serious. There are many places where data gets put into a bash shell as an environment variable that a programmer would have no reason to think that action would cause arbitrary code execution. I'm willing to bet this is somehow exploitable on the Model S, but would require access to the internal network connection and is therefore not a big problem for the Model S, however for the industry and Internet as a whole, it's a very serious problem.