Meltdown and Spectre seem to affect almost every computing device out there. Are our cars also vulnerable to these hacks?
Tesla Vulnerable to Intel CPU flaw?
- Thread starter Jack Tripper
- Start date
-
- Tags
- Model S
Veritas1980
Electric Viking
I’m fairly sure that Tesla don’t use intel in the S and X, but they may need to look into the 3 since that is intel.
One of the slightly scary parts of the always connected car for me, is the possibility of security issues.
One of the slightly scary parts of the always connected car for me, is the possibility of security issues.
How So Many Researchers Found a 20-Year-Old Chip Flaw At Once
Actually parts of the combination of the mentioned security flaw also found on ARM and AMD processors. So I would assume it is present on the Tesla as well and more so on the Model S.
Actually parts of the combination of the mentioned security flaw also found on ARM and AMD processors. So I would assume it is present on the Tesla as well and more so on the Model S.
I would like to think that Tesla's onboard computers are not highly at risk, since you need to first be able to load malicious code on the device itself either by direct access or somehow do it over the air... which for the latter requires a valid key from Tesla to install new code...
Also, if I understand everything correctly... the vulnerability is to steal snippets of "secret" information from the processor... so I wouldn't be overly concern that your car will suddenly drive you off to get slaughter or something like that...
I would be more concerned about your personal computers and mobile devices which can contain much more sensitive information.
Also, if I understand everything correctly... the vulnerability is to steal snippets of "secret" information from the processor... so I wouldn't be overly concern that your car will suddenly drive you off to get slaughter or something like that...
I would be more concerned about your personal computers and mobile devices which can contain much more sensitive information.
There’s several threads in this forum where security researchers were able to get malicious code on our cars and actually take control. The most recent was a Chinese firm that was able to get the car to connect to an access point by impersonating a known WiFi connection. Tesla pushes out security patches to address these when they’re discovered and I would expect if we are vulnerable to these new ones they will do the same here.
Pezpunk
Active Member
no, the risk is nil. It's very hard to imagine a practical malicious application of this flaw in a Tesla.
The vulnerability is that if someone is already running code on your processor, then they might be able to read snippets of memory data that they shouldn't have access to. It's a problem for Cloud Computing, where many different users share the same hardware. But in the case of a Tesla, if someone with malicious intentions is running code on your processor -- you are already compromised. There'd be no point in exploiting this vulnerability.
Seems to me this particular flaw is completely irrelevant to our cars. it'd be like looking at photographs of random objects in a house that you were already inside of and walking around in.
Last edited:
Xtek
Member
There are 2 vulnerabilities that were discovered recently
Meltdown which impacts intel CPUs specifically. Specter which is attacking speculative analysis which is a CPU design that almost every CPU uses. It helps guess what the next operation a program is going to run and runs it and caches it.
It's as if I asked you
Me: "It's like we always finish each other's..."
You: "Sandwhiches!"
Me: "And now I know sandwhiches was the password"
It's very bad and likely impacts Tesla's.
I would not recommend using the car's internal browser as both have POCs using JavaScript to exploit the vulnerabilities. Chrome/Safari/Firefox have gotten around these by decreasing the specificity of some of their APIs regarding timing since it is a timing attack.
Mitigations landing for new class of timing attack
EDIT: To clarify these exploits are still being researched but people are now publishing proof-of-concepts that can weaponize these exploits from JavaScript. Meaning you would need to visit a location on your browser that has been compromised. But considering how prolific ad network JavaScript libraries are it's not a big jump to assume a malicious actor would go after those first since they are served everywhere. This doesn't mean your car's controls are at risk but it's better to be safe than sorry.
Meltdown which impacts intel CPUs specifically. Specter which is attacking speculative analysis which is a CPU design that almost every CPU uses. It helps guess what the next operation a program is going to run and runs it and caches it.
It's as if I asked you
Me: "It's like we always finish each other's..."
You: "Sandwhiches!"
Me: "And now I know sandwhiches was the password"
It's very bad and likely impacts Tesla's.
I would not recommend using the car's internal browser as both have POCs using JavaScript to exploit the vulnerabilities. Chrome/Safari/Firefox have gotten around these by decreasing the specificity of some of their APIs regarding timing since it is a timing attack.
Mitigations landing for new class of timing attack
EDIT: To clarify these exploits are still being researched but people are now publishing proof-of-concepts that can weaponize these exploits from JavaScript. Meaning you would need to visit a location on your browser that has been compromised. But considering how prolific ad network JavaScript libraries are it's not a big jump to assume a malicious actor would go after those first since they are served everywhere. This doesn't mean your car's controls are at risk but it's better to be safe than sorry.
Last edited:
CuriousG
Active Member
CuriousG
Active Member
jorobsand
Member
As far as my knowledge of the recently discovered exploits, there are 2 points that I think should be taken into consideration:
- The person delivering the exploit must have physical access to the machine. This particular exploit is not deliverable via network or wireless and would mean someone must have physical access to the car (at which point you already have a different issue at hand).
- The exploit exposes data but offers no means of compromise of the asset itself. So the malicious actor would not be able to inject something that gives them remote access to the car at a later date, only would give them access to memory for pulling data that is otherwise protected.
timvracer
Member
As if...
[QUOTE="Xtek, post: 2504041,
I would not recommend using the car's internal browser [/QUOTE]
[QUOTE="Xtek, post: 2504041,
I would not recommend using the car's internal browser [/QUOTE]
Xtek
Member
timvracer
Member
Not quite, no physical access is required, just need to get malicious code onto the device. It can read data then transmit it anywhere. But yes, it's a read only thing.
Xtek
Member
There is a POC by researchers done in JavaScript. This is what's known and it's still evolving.
https://spectreattack.com/spectre.pdf
Model 3 uses an Intel arm chip for the display and such.
So, this should be great news for people wanting to root their model 3! Since, it allows access to protected memory space and you can exploit it via the browser.....
Xtek
Member
Xtek
Member
Pezpunk
Active Member
Exactly.
And at the speed Tesla patchers the browser...
you are wildly and ridiculously overstating the risk. i will personally guarantee no Tesla owner will lose anything of value through the built-in web browser due to this vulnerability in the real world.
Sorry chief, I think your missing the point. Nobody is going to lose anything of value from the built-in web browser, frankly who cares. HOWEVER, a user now has the ability to ROOT there M3 and get access to the internal network if they choose.
It's not all about risk to the user, sometimes these things are a benefit to the user! This one is a benefit to the curious user, as to the best of my knowledge nobody has rooted an m3 yet, and now with a some JavaScript, you can exploit the root password and party time!
Similar threads
