Model S

Details Behind the Tesla Model S Hack


Two researchers broke into the software of a Tesla recently. But there is good news behind the Tesla Model S hack. A fix was sent to all cars within days.

Tesla Model S hack

Tesla Model S infotainment system also serves as the command center to the vehicle.

Last week, Marc Rogers, of content delivery network CloudFlare, and Lookout Mobile Security co-founder Kevin Mahaffey completed a digital break-in of a Tesla. But here’s the good news behind the Tesla Model S hack. Tesla quickly released an over-the-air firmware update, to every Model S ever manufactured, that would resolve the security holes uncovered by Rogers and Mahaffey.

The Tesla Hack

Rogers and Mahaffey had to dismantle the dashboard to gain access to an ethernet port. From there, they were able to connect directly to the CAN bus, the controller area network across which car data is sent and received.

After that, they chained together four separate vulnerabilities, first to gain access to the infotainment systems and then the touchscreen used to control vehicle functions. That let them make the speedometer disappear, alter the suspension, unlock the doors and the trunk, and make the windows go up and down. They were also able to shut down the car’s electric motor below 5 mph.

Above that speed, the dashboard screens would go blank but the car would shift into neutral, giving the driver time to find a safe place to bring the car to a stop. “Ironically, that means it’s the only car that can protect itself against a successful cyber attack,” Rogers noted.

Tesla’s Response

“Tesla has taken a number of different measures to address the effects of all six vulnerabilities reported by Lookout. And, we continue to develop further ways to harden our systems, informed by ongoing discussions with the security research community, as well as our own internal analysis. The update has been made available to all Model S customers through an OTA update. We will deploy this update to all vehicles by Thursday,” a spokesperson said in a statement e-mailed to Forbes.

Other auto manufacturers are following in Tesla’s footsteps by making internet updates available for their upcoming line of vehicles, but are starting years behind Tesla.

Rogers and Mahaffey say they also found two potential browser vulnerabilities that they exposed but did not exploit. Those flaws, resident in the WebKit browser engine, could possibly have enabled remote attacks, but Tesla’s new firmware update has resolved those issues as well.

Tesla CTO Toasts Hackers

While Rogers and Mahaffey were explaining their hacks at Def Con 23 last Friday, Tesla CTO J. B. Straubel made a surprise appearance to offer them a toast and personally thank them for their work. J.B. presented the duo with “Challenge Coins,” which will Tesla will be giving to any researcher who finds a serious security hole in their vehicles.

Tesla used a white board at Def Con 23 Hacking Conference to invite engineers to join the company

Tesla used a white board at Def Con 23 Hacking Conference to invite engineers to join the company [Source: TheRegister]

While at the show, Straubel announced the company has raised the maximum reward for uncovering a software flaw in its automobiles to $10,000. However, to get the big payout a hacker has to find a command injection flaw or a vertical privilege escalation.

Tesla’s Competitive Advantage

Around the same time of the Tesla hack, Fiat Chrysler also responded to reports of a hack that could affect up to 1.4 million Jeep vehicles. But unlike Tesla which issued the repairs remotely, Fiat Chrysler announced a voluntary recall which would require owners to install a patch via a USB stick that would be mailed to them.

Tesla’s approach to distribute vulnerability and feature updates through over-the-air technology, similar to how one updates software on their mobile device, clearly puts it steps ahead of other automakers.

Chris Evans, who previously worked on Google’s elite Project Zero research team, became head of digital security at Tesla this past week. He was involved in the software update that the company has now sent to all customers. “This gives me really high hopes with Tesla going forward,” says Mahaffey. “I would like to see what they’ve done as a reference model for others. I think they’ve got lessons to learn but they’re 75 per cent there.”

As cars acquire more digital capability, the opportunities for outside interference either by “white hat” hackers or those bent on doing actual harm will increase. Tesla, though, has the most robust program for identifying and resolving digital security issues of any manufacturer. That commitment should give every Tesla owner and prospective owner a full measure of confidence in the integrity of Tesla automobiles, now and in the future.

To Top