You can install our site as a web app on your iOS device by utilizing the Add to Home Screen feature in Safari. Please see this thread for more details on this.
Note: This feature may not be available in some browsers.
There’s several threads in this forum where security researchers were able to get malicious code on our cars and actually take control. The most recent was a Chinese firm that was able to get the car to connect to an access point by impersonating a known WiFi connection. Tesla pushes out security patches to address these when they’re discovered and I would expect if we are vulnerable to these new ones they will do the same here.I would like to think that Tesla's onboard computers are not highly at risk, since you need to first be able to load malicious code on the device itself either by direct access or somehow do it over the air... which for the latter requires a valid key from Tesla to install new code...
Also, if I understand everything correctly... the vulnerability is to steal snippets of "secret" information from the processor... so I wouldn't be overly concern that your car will suddenly drive you off to get slaughter or something like that...
I would be more concerned about your personal computers and mobile devices which can contain much more sensitive information.
There’s several threads in this forum where security researchers were able to get malicious code on our cars and actually take control. The most recent was a Chinese firm that was able to get the car to connect to an access point by impersonating a known WiFi connection. Tesla pushes out security patches to address these when they’re discovered and I would expect if we are vulnerable to these new ones they will do the same here.
And Intel also makes an m3 processor, so which one is it?m3 uses an Intel chip.
Let me fix that for you.I would not recommend using the car's internal browser as both have POCs using JavaScript to exploit the vulnerabilities. Chrome/Safari/Firefox have gotten around these by decreasing the specificity of some of their APIs regarding timing since it is a timing attack.
[/QUOTE]As if...
[QUOTE="Xtek, post: 2504041,
I would not recommend using the car's internal browser
As far as my knowledge of the recently discovered exploits, there are 2 points that I think should be taken into consideration:
- The person delivering the exploit must have physical access to the machine. This particular exploit is not deliverable via network or wireless and would mean someone must have physical access to the car (at which point you already have a different issue at hand).
- The exploit exposes data but offers no means of compromise of the asset itself. So the malicious actor would not be able to inject something that gives them remote access to the car at a later date, only would give them access to memory for pulling data that is otherwise protected.
As far as my knowledge of the recently discovered exploits, there are 2 points that I think should be taken into consideration:
- The person delivering the exploit must have physical access to the machine. This particular exploit is not deliverable via network or wireless and would mean someone must have physical access to the car (at which point you already have a different issue at hand).
- The exploit exposes data but offers no means of compromise of the asset itself. So the malicious actor would not be able to inject something that gives them remote access to the car at a later date, only would give them access to memory for pulling data that is otherwise protected.
And Intel also makes an m3 processor, so which one is it?
Model 3 uses an Intel arm chip for the display and such.
So, this should be great news for people wanting to root their model 3! Since, it allows access to protected memory space and you can exploit it via the browser.....
Exactly.
And at the speed Tesla patchers the browser...
you are wildly and ridiculously overstating the risk. i will personally guarantee no Tesla owner will lose anything of value through the built-in web browser due to this vulnerability in the real world.