General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsHackers turn off Tesla Model S
LAS VEGAS (Reuters) -- Cybersecurity researchers said they took control of a Tesla Motors Inc. Model S car and turned it off at low speed, one of six significant flaws they found that could allow hackers to take control of the vehicle, the Financial Times reported.
Kevin Mahaffey, chief technology officer of cybersecurity firm Lookout, and Marc Rogers, principal security researcher at Cloudflare, said they decided to hack a Tesla car because the company has a reputation for understanding software than most automakers, the FT said.
"We shut the car down when it was driving initially at a low speed of five miles per hour," Rogers told the paper. "All the screens go black, the music turns off and the handbrake comes on, lurching it to a stop."
The hack will be detailed at cybersecurity conference Def Con in Las Vegas on Friday, the paper said.
Tesla is issuing a patch, which all drivers will have by Thursday, to fix the flaws, the FT said.
http://www.autonews.com/article/20150806/OEM06/150809882/hackers-turn-off-tesla-model-s-at-low-speed-report-says
-------------------
TESLA CARS HAVE one security advantage that a lot of other cars don’t: the electric vehicles are impervious to hot-wiring, so a thief can’t just break into your $100,000 vehicle, pop open the steering column, futz with some cables and drive off. But if he has a computer with him, he could “hot-wire” it another way.
Two researchers have found that they could plug their laptop into a network cable behind a Model S’ driver’s-side dashboard, start the car with a software command, and drive it. They could also plant a remote-access Trojan on the Model S’ network while they had physical access, then later remotely cut its engine while someone else was driving.
Both of these hacks require physical access to the car, at least initially, and they require control of the car’s infotainment system, which has the ability to start the car or cut power to it.
But they also found that the car’s infotainment system was using an out-of-date browser, which contained a four-year-old Apple WebKit vulnerability that could potentially let an attacker conduct a fully remote hack to start the car or cut the motor. Theoretically, an attacker could make a malicious web page, and if someone in a Tesla car visited the site, could gain access to the infotainment system
http://www.wired.com/2015/08/researchers-hacked-model-s-teslas-already/
--------------
Hey you kids, quit hacking my car!
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
dembotoz
(16,806 posts)the more complex they make em the easier it is to gum up the works
Baclava
(12,047 posts)I WAS DRIVING 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.
As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.
The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles.
Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.
http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
