Tesla called me to ask if I wanted to order new key fobs

[aikisteve]

At first Tesla couldn't confirm, but now they've called me to ask whether I wanted to order new key fobs to replace my old ones that have the security flaw. But I would have to pay for them.

 

[kirkbauer]

What is the cost?

 

[SSedan]

Hopefully the cost is very modest since this is arguably an avoidable flaw.
There is history of manufacturers making parts cheap if they can avoid an outright recall.

I suspect reprogramming will be required and if they can subsidize the labor with a modest cost it is cheaper than a recall.

I will inquire next time my car is in for service.

 

[BigD0g]

$150 / key

 

[aikisteve]

What is the cost?

It's in the video, guys! : €132 each

 

[kirkbauer]

I'd pay $150/key, that's reasonable.

 

[BigD0g]

I'd pay $150/key, that's reasonable.

So, if Apple / Microsoft came out and said you need to pay $300 to patch a 0 day exploit because they comissioned poor software from a vendor that you should know at the time is very poor for your computer, you'd give them your check book?

40 bit DES was destroyed before Tesla even became a thing, so to use it as the "key" to the car is quite sad, maybe CA worthy, but I'm no lawyer

I'l just buy a blocking sleeve.

 

[aikisteve]

So, if Apple / Microsoft came out and said you need to pay $300 to patch a 0 day exploit because they comissioned poor software from a vendor that you should know at the time is very poor for your computer, you'd give them your check book?

40 bit DES was destroyed before Tesla even became a thing, so to use it as the "key" to the car is quite sad, maybe CA worthy, but I'm no lawyer

I'l just buy a blocking sleeve.

Any metallic box basically does the trick. But I also had the discussion whether you'd want Mickeysoft to charge for every security patch they release. I feel Tesla should have know and they commissioned an order for those specific keys. Somebody did not check the specifics, it seems. Could have been avoided, but at least Tesla offers a solution.

 

[SSedan]

$150 is not reasonable. Pretty sure a replacement fob a year ago was $120.

Higher price to fix a security flaw known at production is too steep.

 

[Twiglett]

what do the other car companies charge to replace a key fob.
Most of them have the same issue, not sure that many of them even offer the option to replace it.

 

[Cirrus MS100D]

My used FIAT 500e came with only 1 ("laser cut" / switchblade style) key. I was quoted $400 to cut a (1) new key and reprogram it. I was able to talk my local dealer into a lower price, they offered to do it for $225.

 

[markb1]

$150 is not reasonable. Pretty sure a replacement fob a year ago was $120.

Higher price to fix a security flaw known at production is too steep.

Whether or not they knew about it at production, the flaw was certainly present at production, and therefore should be covered by the warranty.

 

[Whitmarsh]

So, if Apple / Microsoft came out and said you need to pay $300 to patch a 0 day exploit because they comissioned poor software from a vendor that you should know at the time is very poor for your computer, you'd give them your check book?

40 bit DES was destroyed before Tesla even became a thing, so to use it as the "key" to the car is quite sad, maybe CA worthy, but I'm no lawyer

I'l just buy a blocking sleeve.

Or use PIN to Drive.

 

[glide]

Excellent customer service

I guess they are really trying to make money this quarter if they are cold-calling for key sales.

 

[MP3Mike]

I guess they are really trying to make money this quarter if they are cold-calling for key sales.

It sounded to me like the OP contacted Tesla to find out about it and they didn't know yet. Then they called him back with details. (So not a cold call.)

 

[thegruf]

i didn't think the relays decoded the signal, just relayed it, I dont believe anyone is hacking 40 bit DES at this level.
If this is the case it doesnt matter the security protocol because it is just an rf capture.

The new keys might have better randomization though which is more likely to make the difference.
I dont think Tesla are offering the new key as a definitive cure all for relay type hacks.

Personally I loathe the PIN entry method, but understand why it has been implemented.
I'm still hoping for a more advanced solution to emerge from Tesla in due course.
Until then no PE or metal holders for the keys for me.

 

[MP3Mike]

i didn't think the relays decoded the signal, just relayed it, I dont believe anyone is hacking 40 bit DES at this level.
If this is the case it doesnt matter the security protocol because it is just an rf capture.

The new keys might have better randomization though which is more likely to make the difference.
I dont think Tesla are offering the new key as a definitive cure all for relay type hacks.

I don't think the new fobs have anything to do with the relay attacks. The new fobs prevent the hacks on the 40-bit encryption that allows your fob to be cloned in seconds. (So somebody would just need to be near your car when you get in and drive one time and then they could steal your car anytime even if you had your fobs in a faraday cage or another country.)

 

[Lawsteve]

Funny timing. A week ago I emailed the Tampa FL service center and asked for information on key fob replacement for the security issue, including any cost. They replied yesterday afternoon: “We do not have any information on this topic at this time.”

 

[Helmuth]

$150 is not reasonable. Pretty sure a replacement fob a year ago was $120.

Higher price to fix a security flaw known at production is too steep.

We paid $75 plus tax for our Model X fob back in January 2017... A few weeks later they doubled the price to $150!

 

[TaoJones]

Or use PIN to Drive.

Except it's a pita to use. I use valet mode frequently and one has to enter the pin even to activate that. It's just an annoying extra step.

I have a metal frame-style fob holder. I wonder if that's enough to block or alter the signal - doubtful.