-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
docrice
Member
I was somewhat concerned about local and remote vehicle exploitability and whether Tesla is taking these sorts of issues seriously, but I had a chance to meet Kristin Paget at DEFCON where they had a white Model S on display and it's pretty obvious Tesla's actively focused on security. I found that rather reassuring as a future owner.
While automotive hacking is still in relative infancy, there's some interesting research going on. Here's a talk at the previous year's DEFCON with Charlie Miller and Chris Valasek:
http://www.youtube.com/watch?v=n70hIu9lcYo
They also had a talk at this year's Black Hat which was pretty entertaining. An Internet-connected car is going to have quite a few natural attack vectors and it's going to get more interesting as time goes on.
While automotive hacking is still in relative infancy, there's some interesting research going on. Here's a talk at the previous year's DEFCON with Charlie Miller and Chris Valasek:
http://www.youtube.com/watch?v=n70hIu9lcYo
They also had a talk at this year's Black Hat which was pretty entertaining. An Internet-connected car is going to have quite a few natural attack vectors and it's going to get more interesting as time goes on.
The problem with a security researcher is that they are paid to identify risk and potential issues. Given them a standard car with just a dumb key to open it, of course they could identify that with a photo of the key and a 3d printer they would be in the car and driving down the road. With a Tesla or any other high tech car, it's just a more complex key question with other risks and potential issues.
I would like to know just how many of these risks have turned into real world problems.
I would like to know just how many of these risks have turned into real world problems.
docrice
Member
Given the relatively low number of Model S vehicles on the road compared to other brands, I'd guess that the likelihood is low at the moment just from that perspective. That will change over time as more of them are on the road and attackers gain more awareness. Telsa is a highly-visible brand, so that could very well increase the possibility as well.
It's not just the key fob, of course, as we're talking about the mobile app, it's interaction with Tesla's web front-end(s), other cloud-exposed interfaces, as well as local interfaces (both wireless and functions within the car that store/process data). There's a video where someone replayed the RF signal that opens the charge port using a laptop. I'd hope there's a uniqueness to the signal to ensure it's vehicle-specific, but someone may eventually figure out patterns and reverse engineer it. Software-defined radio opens up many possibilities.
http://www.youtube.com/watch?v=575TcQJJWok
Tesla has shown that they're responsive to field issues, and given their rapid update cycle I think they're probably best equipped out of all car manufacturers to mitigate discovered vulnerabilities as they come up.
It's not just the key fob, of course, as we're talking about the mobile app, it's interaction with Tesla's web front-end(s), other cloud-exposed interfaces, as well as local interfaces (both wireless and functions within the car that store/process data). There's a video where someone replayed the RF signal that opens the charge port using a laptop. I'd hope there's a uniqueness to the signal to ensure it's vehicle-specific, but someone may eventually figure out patterns and reverse engineer it. Software-defined radio opens up many possibilities.
http://www.youtube.com/watch?v=575TcQJJWok
Tesla has shown that they're responsive to field issues, and given their rapid update cycle I think they're probably best equipped out of all car manufacturers to mitigate discovered vulnerabilities as they come up.
About the same number as garage doors. Those remotes have been able to be hacked for years but it's still easier to either brute force it or (if there is an exterior key pad) look for the buttons that have the most wear.
