News
Details Behind the Tesla Model S Hack
Two researchers broke into the software of a Tesla recently. But there is good news behind the Tesla Model S hack. A fix was sent to all cars within days.
Last week, Marc Rogers, of content delivery network CloudFlare, and Lookout Mobile Security co-founder Kevin Mahaffey completed a digital break-in of a Tesla. But here’s the good news behind the Tesla Model S hack. Tesla quickly released an over-the-air firmware update, to every Model S ever manufactured, that would resolve the security holes uncovered by Rogers and Mahaffey.
The Tesla Hack
Rogers and Mahaffey had to dismantle the dashboard to gain access to an ethernet port. From there, they were able to connect directly to the CAN bus, the controller area network across which car data is sent and received.
After that, they chained together four separate vulnerabilities, first to gain access to the infotainment systems and then the touchscreen used to control vehicle functions. That let them make the speedometer disappear, alter the suspension, unlock the doors and the trunk, and make the windows go up and down. They were also able to shut down the car’s electric motor below 5 mph.
Above that speed, the dashboard screens would go blank but the car would shift into neutral, giving the driver time to find a safe place to bring the car to a stop. “Ironically, that means it’s the only car that can protect itself against a successful cyber attack,” Rogers noted.
Tesla’s Response
“Tesla has taken a number of different measures to address the effects of all six vulnerabilities reported by Lookout. And, we continue to develop further ways to harden our systems, informed by ongoing discussions with the security research community, as well as our own internal analysis. The update has been made available to all Model S customers through an OTA update. We will deploy this update to all vehicles by Thursday,” a spokesperson said in a statement e-mailed to Forbes.
Other auto manufacturers are following in Tesla’s footsteps by making internet updates available for their upcoming line of vehicles, but are starting years behind Tesla.
Rogers and Mahaffey say they also found two potential browser vulnerabilities that they exposed but did not exploit. Those flaws, resident in the WebKit browser engine, could possibly have enabled remote attacks, but Tesla’s new firmware update has resolved those issues as well.
Tesla CTO Toasts Hackers
While Rogers and Mahaffey were explaining their hacks at Def Con 23 last Friday, Tesla CTO J. B. Straubel made a surprise appearance to offer them a toast and personally thank them for their work. J.B. presented the duo with “Challenge Coins,” which will Tesla will be giving to any researcher who finds a serious security hole in their vehicles.
Proud to earn challenge coins, which are given to @TeslaMotors‘s best bounty hunters. pic.twitter.com/1YfRrsOypw
— Lookout (@Lookout) August 7, 2015
As cars acquire more digital capability, the opportunities for outside interference either by "white hat" hackers or those bent on doing actual harm will increase. Tesla, though, has the most robust program for identifying and resolving digital security issues of any manufacturer. That commitment should give every Tesla owner and prospective owner a full measure of confidence in the integrity of Tesla automobiles, now and in the future.
News
The secret behind Tesla’s Cybercab Gold goes well beyond just the color
Tesla has spent years trying to engineer its way out of the automotive paint shop, one of the most expensive, space-consuming, and environmentally costly steps in vehicle manufacturing. With the Cybercab, Tesla confirmed on X this week that a new reaction injection molding process will embed color directly into the panel itself during production.
“Our new reaction injection molding (RIM) process shrinks Cybercab paint cycles from hours to minutes. This cuts those parts’ manufacturing and supply chain emissions by 35% and eliminating 100% of paint volatile organic compounds (VOCs) emitted in traditional paint methods.” noted Tesla.
While the RIM process isn’t necessarily new and has existed since the 1960s, what makes Tesla’s application notable is how it is being used specifically for exterior body panels that traditionally required a separate paint process after forming.
Tesla’s RIM approach integrates the color directly into the panel material during the molding process itself. The pigment is part of the polymer mix injected into the mold, meaning the panel comes out of the mold already colored, with no separate paint application required. The clear coat or protective layer can be applied at the mold stage or through a much faster post-process than traditional multi-stage painting. Tesla claims this compresses what was a multi-hour paint cycle into minutes per panel.
Tesla’s obsession with killing the paint shop is one of the most consistent threads running through the company’s manufacturing philosophy going back years. As far back as 2018, Musk was trimming paint color options to simplify production, tweeting at the time: “Moving 2 of 7 Tesla colors off menu on Wednesday to simplify manufacturing.” Two years later, in a 2020 Automotive News interview, Musk laid out his broader vision, saying he believed Tesla factories could one day be 1,000 times more efficient than conventional plants, and pointing to the paint shop as one of the biggest sources of waste, cost, and complexity. The Cybertruck was the most extreme expression of that thinking. Tesla chose an unpainted stainless steel exterior partly because it would eliminate the need for a $200 million paint facility at Gigafactory Texas. The stainless approach proved harder and more expensive than anticipated, but the underlying ambition never changed. The Cybercab is what happens when that same ambition meets a manufacturing process that delivers on it.
Lifestyle
Tesla app update makes Robotaxi ownership make a lot more sense
Tesla’s app now shows a live indicator when your car is actively driving itself.
A recent Tesla app update, released last week (4.58.5), gives visibility on whether a vehicle is navigating in its semi-autonomous mode or being drive by a human driver. The updated app now displays a live “Self-Driving” indicator in bright blue text directly beneath the vehicle’s speed readout whenever Full Self-Driving is actively engaged, along with the signature glowing blue navigation path that FSD users see on the main touchscreen. It is a small visual update with meaningful implications for how Tesla owners monitor their vehicles remotely.
The feature was first spotted in the wild by X user Jordan Camina, who shared video of a Hardware 3 Model S displaying the new animation through the app while driving. That detail is significant because it confirms the update is not limited to newer HW4 vehicles. It works across hardware generations, and Tesla confirmed it will eventually support all vehicles regardless of chip platform once both the app and vehicle software are updated. The vehicle side requires software version 2026.20.6.1, which has reached nearly 40% of the fleet so far, as monitored by NotaTeslaApp.
The feature makes the most practical sense when viewed through the lens of Tesla’s expanding robotaxi operation. In a robotaxi context, the owner of a vehicle generating ride revenue has a direct financial and safety interest in knowing whether their car is operating under autonomous control at any given moment. The app’s new FSD indicator gives fleet owners exactly that visibility, the same way a logistics company monitors whether a delivery driver is following the planned route. It also carries implications for Tesla’s insurance model. Tesla’s own insurance product prices premiums in part based on FSD engagement rates, and real-time visibility into when FSD is active creates a feedback loop that could eventually tie directly into policy pricing. For individual owners who have opted their personal vehicles into the robotaxi network, the update effectively turns the Tesla app into a fleet management dashboard, one that tells you whether your car is earning money, whether it is driving itself to do it, and whether everything is operating the way it should from wherever you happen to be.
Tesla expands Robotaxi to Florida, marking its third state for autonomy
As Teslarati has reported, Tesla launched unsupervised robotaxi rides in Miami this summer, a milestone that makes a remote FSD status indicator significantly more practical than a cosmetic feature. When a vehicle is operating as a robotaxi without a driver present, the owner or fleet operator needs a reliable way to confirm autonomy is engaged. The app now provides exactly that.
As noted by NotATeslaApp, The update also arrived alongside a hint buried in the same app version that Tesla plans to use the cabin camera to verify driver identity before FSD can be activated. Pairing identity verification with a live autonomy status indicator points toward the infrastructure Tesla is building for a fleet of driverless vehicles that owners can monitor the way you would track a package delivery.
Elon Musk
California snubs Tesla in its newly passed EV incentive that favors Rivian and Lucid
California passed a $135 million EV incentive that rewards Rivian and Lucid while sidelining Tesla
California just drew a line in the EV incentive sand to put Tesla on the wrong side of it. The state recently passed a $135 million program offering first-time electric vehicle buyers a direct incentive with no application required, but the rules were written in a way that leaves Tesla at a structural disadvantage compared to Rivian and Lucid.
The program caps eligible vehicles at $50,000 for new EVs and $25,000 for used ones. That pricing threshold rules out a significant portion of Tesla’s lineup, though some lower-priced Model 3 and Model Y configurations would still qualify. California-based automakers are exempt from the price cap entirely, regardless of what their vehicles cost. Rivian, headquartered in Irvine, and Lucid, based in the San Francisco Bay Area, both benefit from that exemption. Rivian’s R2 starts at roughly $45,000 but has versions above the cap. Lucid’s Air and Gravity start at $70,990 and $79,990 respectively, well above any threshold a non-California company would face.
California hits Tesla Cybercab and Robotaxi driverless cars with new law
Tesla built its reputation and a significant portion of its early market share in California, where EV adoption has consistently led the nation. The company operates its original factory in Fremont, California, and the state was home to Tesla’s headquarters for most of its existence. That changed in 2021 when Tesla moved its corporate headquarters to Austin, Texas. Since then, the relationship between the company and California Governor Gavin Newsom has been openly adversarial, with Musk and Newsom trading public criticism on multiple occasions.
California’s EV incentive landscape has shifted repeatedly in recent years, and Tesla has previously lost eligibility for state-level programs as its vehicles exceeded income-adjusted price thresholds. The federal $7,500 EV tax credit, which Tesla models have qualified for and lost depending on policy cycles, is no longer available after it expired without renewal, making state-level programs more meaningful to buyers than they have been in years.
The practical impact for buyers is more nuanced than the headline suggests. California residents purchasing a Tesla under $50,000 for the first time can still access the incentive. But the exemption written for California-based manufacturers is a structural advantage that rewards where a company plants its headquarters flag rather than where it builds its products, and Tesla moved that flag to Texas.
