"Tesla Model S Hacked, Shut off while driving"

[13CA350]

Original Source: http://globalnews.ca/news/2151042/tesla-model-s-hacked-shut-off-while-driving/?hootPostID=e5da0c923af90a7adc031fafa9394d73

 

 

TORONTO – Cybersecurity researchers were able to take control of a Tesla Model S car and shut it off while it was driving thanks to a security flaw found in the vehicle’s software, according to a new report.

Kevin Mahaffey, chief technology officer of cybersecurity firm Lookout, and Marc Rogers, principal security researcher at Cloudflare, told the Financial Times they were able to turn off the car while it was travelling at five miles per hour.

“We shut the car down when it was driving initially at a low speed of five miles per hour,” Rogers told the Financial Times.

 

So, initially this seems bad, but after reading you will see this:

 

 

 

“All the screens go black, the music turns off and the handbrake comes on, lurching it to a stop.”

 

So it appears that this time, the software has been updated so that it is at least more "secure" and harder to actually gain control of the accelerator and brake systems. Now the brake will be applied immediately, limiting the risk of injury.

 

But your wodering, again? Yes, it was actually posted on here last year that chinese hackers were able to gain control of the door locks, wipers, sunroof, headlights, and horn.

 

So if I owned a Tesla I would probably drive another car untill the problem is fixed

 

 

[AlwaysFSX]

Separate. Systems. Can you idiots understand that?

[TheKDub]

Ooooo Elon isn't gonna be happy about this!

[LiamApex]

that Chrysler issue sparked loads of people to hack cars i think this will be a regular thing

[ShadowCaptain]

Separate. Systems. Can you idiots understand that?

 

Agreed, but the issue is Tesla want to upgrade car software over the net so need access to all systems

 

However I think "steering, braking and locks" should all be on a seperate none connected circuit 

[Deletive]

Knew it wasn't going to be long before something like this happened. 

[AlwaysFSX]

Agreed, but the issue is Tesla want to upgrade car software over the net so need access to all systems

1024 bit hashed security key then. -__- Or people can suck it up and go to a Tesla charging station and pick up their update while charging their car.

[ShadowCaptain]

1024 bit hashed security key then. -__- Or people can suck it up and go to a Tesla charging station and pick up their update while charging their car.

 

That still leaves room for things though

 

Surely they use encryption? 

[Trik'Stari]

Separate. Systems. Can you idiots understand that?

My thoughts exactly.

[Codymm03]

that Chrysler issue sparked loads of people to hack cars i think this will be a regular thing

Yes

[AlwaysFSX]

That still leaves room for things though

 

Surely they use encryption? 

It makes it much harder to break in to though.  Honestly the only reason this came about is because people are too lazy to go somewhere (even if it's some place they have to go to) to update their damn car and that allows more chances for flaws to access the car.

[Dubesta11]

Ooooo Elon isn't gonna be happy about this!

 

Actually, this is a very good thing. Developers can now fix the problem before other hacks and problems occur.

[79wjd]

Separate. Systems. Can you idiots understand that?

Require a special key to be placed inside the car in order to allow for the car's systems to communicate with the outside world. Have two independent systems, one for the vehicle itself and one for the GPS/Radio/etc... and the only way to access the car's systems would be to have a key inserted that completes a circuit creating a physical lock to prevent hackers from accessing any essential systems.

[ShadowCaptain]

It makes it much harder to break in to though.  Honestly the only reason this came about is because people are too lazy to go somewhere (even if it's some place they have to go to) to update their damn car and that allows more chances for flaws to access the car.

 

Well Telsa did it so they can keep upgradings peoples cars with new features, you cant keep asking people to bring their car in every 10 minutes

 

also I dont think there are tesla dealerships etc so that would be hard

[ShadowCaptain]

Require a FOB of sorts to be placed inside the car in order to allow for the car's systems to communicate with the outside world (have two independent systems, one for the vehicle itself and one for the GPS/Radio/etc... and the only way to access the car's systems would be to have a FOB inserted that completes a circuit creating a physical lock to prevent hackers from accessing any essential controls. 

 

OR

 

The car cannot receive communications when moving, only when parked with no keys

[AlwaysFSX]

Require a FOB of sorts to be placed inside the car in order to allow for the car's systems to communicate with the outside world (have two independent systems, one for the vehicle itself and one for the GPS/Radio/etc... and the only way to access the car's systems would be to have a FOB inserted that completes a circuit creating a physical lock to prevent hackers from accessing any essential controls. 

And what ShadowCaptain said would help security while driving:

 

OR

 

The car cannot receive communications when moving, only when parked with no keys

That also works.

[79wjd]

OR

 

The car cannot receive communications when moving, only when parked with no keys

And what ShadowCaptain said would help security while driving:

 

That also works.

The only issue with having a motion lock is that it's not a physical lock -- meaning there could potentially be an exploit to get in (iirc the iOS 6 jailbreak was done through the alarm clock). 

[AlwaysFSX]

The only issue with having a motion lock is that it's not a physical lock -- meaning there could potentially be an exploit to get in (iirc the iOS 6 jailbreak was done through the alarm clock). 

Not sure how that'd create an issue if you use something like a speed sensor and a yes/no output.

[79wjd]

Not sure how that'd create an issue if you use something like a speed sensor and a yes/no output.

Software can always be tricked -- it's just a question of how -- but it's physically impossible to complete a disconnected circuit without physically connecting the two. 

[Solkia]

Well Telsa did it so they can keep upgradings peoples cars with new features, you cant keep asking people to bring their car in every 10 minutes

 

also I dont think there are tesla dealerships etc so that would be hard

 

I value my life over features

[AlwaysFSX]

Software can always be tricked -- it's just a question of how -- but it's physically impossible to complete a disconnected circuit without physically connecting the two. 

Always possible to make a chip that has unchangeable code, and then have the systems disconnected while driving.

 

The thing is, it's entirely possible.

[ShadowCaptain]

I value my life over features

 

 I agree, but they obviously thought it was safe, and Tesla were trying to push the boundaries

[Solkia]

 I agree, but they obviously thought it was safe, and Tesla were trying to push the boundaries

 

Push the boundries? Why the hell would you give a car even a chance of it's breaks hacked? This isn't like crypto locker of keylogging, this could kill someone.

 

Always FSX said it all, seperate vital functions from non-vital ones, this isn't rocket surgery.

[Real_PhillBert]

Separate. Systems. Can you idiots understand that?

 

The problem is Traction control, and stability control need access to engine, and brake systems. Isolating them is not as easily done as you would think, especially not with an electric car. 

[ShadowCaptain]

Push the boundries? Why the hell would you give a car even a chance of it's breaks hacked? This isn't like crypto locker of keylogging, this could kill someone.

 

Always FSX said it all, seperate vital functions from non-vital ones, this isn't rocket surgery.

 

none of us here know the security protocols in place or how the hack was done

 

I am sure Tesla took the steps they thought necessary to protect the system,

 

Its not like they did this on purpose