Friday, July 18, 2014
Tesla Model S reportedly hacked at Chinese security conference
Ryan Whitwam
Jul 18 2014
Tesla is working to verify reports from the Beijing Syscan 360 security conference that a Tesla Model S has been successfully hacked. Participants in the conference’sTesla hacking challenge have reportedly demoed a method of controlling the vehicle’s locks, horn, headlights, and skylight while the car is in motion. That’s certainly not the worst thing you can do to a car, but Tesla is still keen to figure out if the vulnerability is real and patch it.
The $10,000 Tesla hacking challenge at Syscan 360 was not sponsored by Tesla Motors, but the company was tracking event. Tesla seems rather zen about the whole thing, saying it supports any environment where responsible security researchers can help identify potential vulnerabilities. That may be a subtle way of encouraging Qihoo 360 Technology Co. (the discoverer of the vulnerability) to disclose the method directly to Tesla so it can be fixed.
There aren’t many details currently on how this was accomplished, though Qihoo 360 probably found a problem with the Tesla remote app just based on the list of functions. Locks, headlights, sunroof, and so on are all things you can control from the Tesla companion app. It wouldn’t even be the first time the app has been a route for unauthorized access to the car’s systems. Security researchers previously developed a way to remotely unlock and track the car’s location via the app.
The Tesla Model S is more at risk from remote attacks that other vehicles simply by virtue of the incredible amount of technology it contains and how tightly it is integrated with the car’s systems. However, it says a lot about how thorough Tesla Motors is that no serious life-threatening attacks have thus far been discovered. Sure, you don’t want people messing with your headlights or locks, but it’s better than the brakes.
Ryan Whitwam
Jul 18 2014
Tesla is working to verify reports from the Beijing Syscan 360 security conference that a Tesla Model S has been successfully hacked. Participants in the conference’sTesla hacking challenge have reportedly demoed a method of controlling the vehicle’s locks, horn, headlights, and skylight while the car is in motion. That’s certainly not the worst thing you can do to a car, but Tesla is still keen to figure out if the vulnerability is real and patch it.
The $10,000 Tesla hacking challenge at Syscan 360 was not sponsored by Tesla Motors, but the company was tracking event. Tesla seems rather zen about the whole thing, saying it supports any environment where responsible security researchers can help identify potential vulnerabilities. That may be a subtle way of encouraging Qihoo 360 Technology Co. (the discoverer of the vulnerability) to disclose the method directly to Tesla so it can be fixed.
There aren’t many details currently on how this was accomplished, though Qihoo 360 probably found a problem with the Tesla remote app just based on the list of functions. Locks, headlights, sunroof, and so on are all things you can control from the Tesla companion app. It wouldn’t even be the first time the app has been a route for unauthorized access to the car’s systems. Security researchers previously developed a way to remotely unlock and track the car’s location via the app.
The Tesla Model S is more at risk from remote attacks that other vehicles simply by virtue of the incredible amount of technology it contains and how tightly it is integrated with the car’s systems. However, it says a lot about how thorough Tesla Motors is that no serious life-threatening attacks have thus far been discovered. Sure, you don’t want people messing with your headlights or locks, but it’s better than the brakes.
