-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Hacking the Model S for evil...
- Thread starter Herbys
- Start date
-
- Tags
- Driving Dynamics Model S
I guess I shouldn't single out that particular app.. Any 3rd party apps that have you send them your credentials in the clear and, I'm betting, store them in the clear.. might be a risk.
How positive are you that a hack couldn't bypass the need for a fob and allow a car to be driven off?
Just food for thought.
Please correct me if I'm mistaken though.. I have the impression we are trusting software authors with the keys to our cars to some degree.. that is not to accuse them of being potential thieves, but while I think the software is awesome.. I wish there were a more secure way to have the app interface with the car.
There's an awful lot of control that can be accessed over the air.. Tesla has that access "locked down" but what if it were hacked.. never say never.. far more secure sites are hacked every day.
HankLloydRight
No Roads
From what I understand about VisibleTesla is that it does not permanently store your credentials -- it only uses them to log into the SOAP API (and stay logged in). That doesn't mean the app couldn't ship them off to the developer via a back door channel, but I really doubt that he would do that. I'm also assuming that when the app does send the login credentials, it does so over HTTPS, so that's secure (except well, maybe to the NSA 
).
And in terms of increasing security, as I said before, two-factor authentication is a simple and effective method to thwart most password/login attacks. And/or like gmail does, assigning specific one-time passwords to specific apps that can be easily revoked if necessary is also something they could do if they wanted.
And because the Model S is still always geo-trackable by Tesla, even if the attackers were able to unlock and start your car, the thieves probably wouldn't get very far anyway, making the car a much less valuable target, unless they were to drive the car into a faraday cage to prevent any network access, but that's pretty unlikely. And even in THAT case, if they successfully unlock, start, and steal your car so it can't be recovered, that's what insurance is for.
).And in terms of increasing security, as I said before, two-factor authentication is a simple and effective method to thwart most password/login attacks. And/or like gmail does, assigning specific one-time passwords to specific apps that can be easily revoked if necessary is also something they could do if they wanted.
And because the Model S is still always geo-trackable by Tesla, even if the attackers were able to unlock and start your car, the thieves probably wouldn't get very far anyway, making the car a much less valuable target, unless they were to drive the car into a faraday cage to prevent any network access, but that's pretty unlikely. And even in THAT case, if they successfully unlock, start, and steal your car so it can't be recovered, that's what insurance is for.
Threat from highway hackers
Although this isn't new, it may still be a problem:
Highway hacking poses huge threat - Wheels.ca
Will software 6.0 address this sufficiently?
Although this isn't new, it may still be a problem:
Highway hacking poses huge threat - Wheels.ca
Will software 6.0 address this sufficiently?
NigelM
Recovering Member
hans
P631
This is a scare piece. Most of the "vulnerabilities" mentioned simply do not apply to Tesla. For example, you cannot download and install
apps on the Tesla, so there is no malware. Tesla does not use the Google store so that doesn't apply. The entire center console, and
dashboard, can be rebooted while driving so there is limited concern about viruses gaining control of these android devices.
Just keep a strong tesla password and make it different from any other you use at other online sites. That will keep someone from honking
your horn remotely.
I am a computer security researcher... and am looking to purchase a model s in the near future. So this topic has been of interest to me, and I've started studying it. The security of cars, Tesla or otherwise is getting some decent attention these days both from mainstream press (where it is mostly fud) and from actual hackers. Case in point I will link to the actual Defcon talk that provides probably the most realistic view of what you can expect to be worried about: https://www.youtube.com/watch?v=n70hIu9lcYo
In terms of security concerns the Tesla is not really unique; at a very basic level there are two methods of entry into the CAN... physical, and remote. Many other cars offer similar features (built-in cellular, wifi, bluetooth, usb, cdrom, and obviously the OBD-II port) any one of which may offer an avenue for attack. The physical method of entry is basically impossible to secure, once someone has access, given time and skill they can do what they want... This is true of regular computers, or those in cars... Remote attacks are what is scary in terms of a hacking a car, where the possibility for actual damage is very real.
So after viewing the video above and reading their whitepaper, I can conclude that it is highly likely that the model s is prone to similar attacks. Judging from the capabilities that the software API has, I would venture to guess that there are ECU hooks to control pretty much everything but the accelerometer and steering... for example if you have the air suspension upgrade then potentially a hacker could remotely raise or lower your suspension!
Why do I feel that Tesla is also susceptible to the same vulnerabilities shown in the video? I have yet to do any research of my own (no vehicle yet to do so), but it is fairly obvious in the poor security posture of their website and iOS app authentication as detailed here: http://broadcast.oreilly.com/2013/08/authentication-flaws-in-the-tesla-model-s-rest-api.html. It really comes down to how well they secured the CAN from the rest of the networking gear they put in the car. The CAN inherently must be connected to the software that controls it via the center console via some interface, I'm guessing it's not free of bugs, potentially some of which expose access to the CAN and it's underlying ECUs directly.
In terms of security concerns the Tesla is not really unique; at a very basic level there are two methods of entry into the CAN... physical, and remote. Many other cars offer similar features (built-in cellular, wifi, bluetooth, usb, cdrom, and obviously the OBD-II port) any one of which may offer an avenue for attack. The physical method of entry is basically impossible to secure, once someone has access, given time and skill they can do what they want... This is true of regular computers, or those in cars... Remote attacks are what is scary in terms of a hacking a car, where the possibility for actual damage is very real.
So after viewing the video above and reading their whitepaper, I can conclude that it is highly likely that the model s is prone to similar attacks. Judging from the capabilities that the software API has, I would venture to guess that there are ECU hooks to control pretty much everything but the accelerometer and steering... for example if you have the air suspension upgrade then potentially a hacker could remotely raise or lower your suspension!
Why do I feel that Tesla is also susceptible to the same vulnerabilities shown in the video? I have yet to do any research of my own (no vehicle yet to do so), but it is fairly obvious in the poor security posture of their website and iOS app authentication as detailed here: http://broadcast.oreilly.com/2013/08/authentication-flaws-in-the-tesla-model-s-rest-api.html. It really comes down to how well they secured the CAN from the rest of the networking gear they put in the car. The CAN inherently must be connected to the software that controls it via the center console via some interface, I'm guessing it's not free of bugs, potentially some of which expose access to the CAN and it's underlying ECUs directly.
NigelM
Recovering Member
That article was discussed in depth here - Authentication-flaws-in-the-REST-API-(if-you-give-3rd-party-your-private-login-info) - the overall conclusion being that you don't have to worry if you keep your login info secret.
- - - Updated - - -
A lot of talented folks not under time pressure have tried their best. Take a look here - Successful-connection-on-the-Model-S-internal-Ethernet-network
- - - Updated - - -
Take a look around TMC, you can use the search box (top right on this page). Hopefully you already saw Hans' post above.
Even if you don't keep your login secure, the worst thing that can be done remotely via the REST API is your car can be unlocked. I haven't seen any evidence of vulnerabilities that allow anything worse to be done remotely.
The sunroof can be opened while it's snowing. The GPS information could be used to find your car (and you if you're with it). The AC can be turned to "quite uncomfortable". These can be done while you're in motion, which could be distracting and potentially hazardously distracting.
roblab
Active Member
Having led a sheltered life, having done nothing to need hiding, not having lived in fear of much of anything, the thought of anyone even wanting to steal my car, my stuff in my house, my wallet, etc., is a remote thought. I have often felt sorry for people who spend a lot of time with those concerns, and I don't lock my house, didn't used to lock my car (though it is so easy now that it does it itself) and I live in an area of virtually no crime (according to the County Sheriff).
So my thoughts here are probably stupid, or at least uninformed. But why would they want to steal your Model S? Can't hardly sell it anywhere. Might take a joy ride, but you can track it, and the worst that might happen is that it gets some damage, which is why we have insurance. It's not like a cell phone with lots of personal data on it.
It also seems comparable to your house. It doesn't matter how much you lock and bar and hide things, if someone really wants to break in, they probably will. Oh, you can take pictures of the whole thing, but they can do it. Most people are trying to find something they can sell, and your house would probably be a better target, would it not?
As far as I have heard, the cars that get stolen are those which can be sold for parts, and Tesla is not yet in that category. Maybe Gen III?
So my thoughts here are probably stupid, or at least uninformed. But why would they want to steal your Model S? Can't hardly sell it anywhere. Might take a joy ride, but you can track it, and the worst that might happen is that it gets some damage, which is why we have insurance. It's not like a cell phone with lots of personal data on it.
It also seems comparable to your house. It doesn't matter how much you lock and bar and hide things, if someone really wants to break in, they probably will. Oh, you can take pictures of the whole thing, but they can do it. Most people are trying to find something they can sell, and your house would probably be a better target, would it not?
As far as I have heard, the cars that get stolen are those which can be sold for parts, and Tesla is not yet in that category. Maybe Gen III?
I didn't know you could adjust the AC or open the sunroof while the car was moving. Whether those things are worse is subjective. What I haven't seen is evidence that you can do something to the car remotely that you can't do with the official app, like control the accelerator.
Good idea or bad? What do you think?
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes
KenN
Member
$10 grand prize for anyone who can hack a Tesla MS during SyCon Internet Security conference ...
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes
Should be interesting to follow this one.
$10,000 Is On Offer For Anyone Who Can Hack A Tesla Car - Forbes
Should be interesting to follow this one.
If they do it right, it should be $10,000 or a Tesla.
Indeed. But if they do gain access, this will be a nightmare for tesla as the media will spin this one for all it's worth. Of course the media did nothing when they hacked Toyota and ford, but with tesla it will be front page.
TLDR - I think the model S is safe today, but it's a computer connected to the internet, so we do need to give full consideration to potential problems.
The fact that one can remotely send rest queries (like the phone app does) that go to a Tesla does mean there is a potential issue, just like your cell phone. They didn't start out to make internet explorer and adobe flash subject to all those malware attacks, or build windows with special features so that when you install certain sony cds you'd get a root kid installed. That was just later things that people figured out.
Google wants to make chrome on windows as safe as possible, so they included flash in it rather than relying on people separately patching flash. And they still keep patching it (chrome+flash) to fix the latest vulnerabilities. And Google is a very large company with a large dedicated security staff - and they still have to pay attention to security and make new fixes. Tesla seems to be doing a good job paying attention to security, and we just have to hope that they keep doing it.
It's imminently reasonable to think about how the computing systems on the Tesla work and how they are protected. I personally would like (1) a user option to disconnect from the internet in the car (controlled by pin maybe), and (2) a hardware control to shut down the internet connection (pull a fuse?) and (3) a way to kill the computer (whole car) in an emergency. I'm a programmer, and if it can be done, someone will do it. I'm sure it can be hacked, its a computer!
The fact that one can remotely send rest queries (like the phone app does) that go to a Tesla does mean there is a potential issue, just like your cell phone. They didn't start out to make internet explorer and adobe flash subject to all those malware attacks, or build windows with special features so that when you install certain sony cds you'd get a root kid installed. That was just later things that people figured out.
Google wants to make chrome on windows as safe as possible, so they included flash in it rather than relying on people separately patching flash. And they still keep patching it (chrome+flash) to fix the latest vulnerabilities. And Google is a very large company with a large dedicated security staff - and they still have to pay attention to security and make new fixes. Tesla seems to be doing a good job paying attention to security, and we just have to hope that they keep doing it.
It's imminently reasonable to think about how the computing systems on the Tesla work and how they are protected. I personally would like (1) a user option to disconnect from the internet in the car (controlled by pin maybe), and (2) a hardware control to shut down the internet connection (pull a fuse?) and (3) a way to kill the computer (whole car) in an emergency. I'm a programmer, and if it can be done, someone will do it. I'm sure it can be hacked, its a computer!
I don't want killing the computer to be a feature in my car. No matter what the trigger.
Similar threads
