Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

News of Tesla Door Handle Hack

This site may earn commission on affiliate links.
I use the same complexity of password to secure my bank accounts as I do my TeslaMotors.com account. So it would be just as easy to steal all my money.

Not to mention getting access to my phone app car controls wouldn't do much to make my car less secure.

As Nigel put it in another thread about the same article. A brick thorough the windows give someone the same access.
 
Not sure if this is the right location, but there is a news article about the potential of the Tesla car door handle to be hacked.

Tesla car doors can be hacked - Mar. 31, 2014

I hope this is just an April Fool's joke, but if it isn't, thought I'd have it posted. Probably just need a fix/upgrade to the account login?

No, it's just a "security researcher" who has "discovered" the feature of the mobile app that allows you to unlock your car remotely. It's not a security hole any more than passwords are a security hole in general.

- - - Updated - - -

BTW, basically the same article that was discussed here:

Stolen Model S? - Page 5

and here:

Tesla’s Model S can be located, unlocked, and burglarized with a simple hack
 
Odds seem very small that someone who is able to hack an account - and get the password for a specific car - will also be in close enough proximity of the car to unlock it and get in.

And even if that happened - the car can't be turned on without the key - so the "brick through the window" is a much simpler method for breaking into a car.

And, if any owners are actually worried about this - turn off remote access..
 
Hope Tesla will fix if for no other reason than to control the bad P.R.

As an owner, I'm not at all worried about this. Ditto to those that have already said thieves looking to get into the car will break a window, not a password.

On the location issue, if I have a stalker that really is that determined to find my location, it would be much easier for them to attach a GPS tracker to my car than to hack into it.
 
Tesla already changed the web site to lock the user out after 5 bad password attempts, so it's already a non issue.

For further security and piece of mind, they could add an option to prevent remote unlocking (but leave the other remote features).

I hope not. I like that feature. Occasionally my wife comes to visit at work and I can unlock the car so she can get in and wait for me (big campus). Or the time we hid her purse in the frunk. It had the key in it. The car auto-locked us out :-/. Phone app to the rescue!
 
Maybe just a secondary pin required to unlock the car when that button is pushed. It would only affect that function of the app.
There definitely should be a additional owner-configurable PIN. Could be used for anything potentially requiring additional security: turning on/off remote access, enabling/disabling valet mode, unlocking, etc.
 
Last edited:
What about third party apps like Visible Tesla. I haven't tried it but doesn't it give access of your car over to the app developer since you must sign in to their app? I'm not concerned, just wondering?
It could. In cases of apps that run locally, like Visible Tesla, the developer could skim the passwords as you enter them and send that back to a server the developer controls. So there's some measure of trust required. Don't type your password in just anywhere.

Web apps like the announced smartcar.io are significantly more concerning, IMO. In order to interface with the Tesla servers, they need to know and store your password on their servers. So you're trusting them to secure them properly and never have a security breach that exposes them. To me, allowing my password to be stored on a server I don't control and may be a target for these kinds of hacks takes a lot more trust that something like Visible Tesla running locally.