Update Nov. 24: According to Spiegel, Tesla fixed this bug with its recent 2020.48 software update from two weeks ago, while also awarded the researchers a $5,000 bug bounty. Our original story is as follows.
—
A number of bugs and design flaws have been unveiled with regards to Tesla’s cars, though likely none as compromising as this one, discovered by a team of researchers in Belgium.
Researchers at COSIC, a research group from KU Leuven, have learned to hack the key of a Tesla Model X to take control of the car and drive it away, as reported by VRT News (via Reddit).
While the news is less-than-ideal for Tesla, Professor Bart Preneel, who led the investigation responsible, said that Tesla responded far better than other companies when asked what their reaction was like.
https://twitter.com/CharPaca/status/1330874408622297088
Preneel told reporters that Tesla’s reaction was “Fairly cool.” He continued, “But unlike other car manufacturers. Earlier this year we hacked millions of keys from other car brands. They found that was impossible and threatened with expensive processes. Tesla reacts completely differently. It sees itself as a computer company and rewards people who succeed in using its system to hack.”
While the bug certainly left a security flaw in Tesla’s system temporarily, it will be fixed by Tesla with an over-the-air software update. Tesla’s tech company prowess again shines above its image as an electric vehicle company in this case. It’d be interesting to see legacy and traditional automakers react this quickly.
According to Wired, “Wouters says he warned Tesla about his Model X keyless entry hacking technique in August. He says the company has told him it plans to start rolling out a software update to its key fobs this week—and possibly components of its cars too—to prevent at least one step in his two-part attack.”
Still, the potential for someone to use the hack is out there – and it could easily cause lots of stolen Teslas in the wrong hands.
This strongly suggests that Tesla have fixed the vulnerability, so why say that “the bug certainly leaves a security flaw in Tesla’s system?
Thanks, updated the article accordingly to reflect the quick Tesla fix. Cheers
So why no upvote for my comment Gary? Don’t it AND this one deserve upvotes?
Edit, quote from Teslarati:
Very different from this article.
We’ve updated our story with those extra details! thanks #upvoted2x
Really? x2? So why does this page show ZERO upvotes for my original post Gary?
And why not say when 2020.48 was initially released- apparently some two weeks ago…
If you respond to a post, then common courtesy requires an upvote in most circumstances!
Thanks for your comments! Love the feedback. I did upvote both of your comments, it should be showing. Cheers! 🙂