A group of Chinese hacker reported that the Model S has a security flaw. We say, welcome to reality. Any system that is connected, whether physical or wireless, has a potential security flaw.
Model S has a security flaw
The Tesla Model S security flaw is making its round lately. It has to make you wonder when reports on security exploits related to computer systems appear. Modern computers, including cars and their wireless technologies have many open ports and channels. A long, long time ago, when I was learning about Novell servers, (yes, I’m that old) my teacher taught me that a truly un-hackable computer is one without a mouse, keyboard or Internet connection. It helped to understand that once a port is open, either with a keyboard of wireless connection, even if secured, there is still a potential vulnerability.
The Model S open connections mean potential security flaw
The Model S is not really a car. It’s more of a future template of what every car will soon look like. It is more of a rolling computer on wheels, which handles quite well. But the Tesla Model S is always connected, either to Tesla Motors, or the Internet, as well as many other types communication is happening. What this means is that the Model S is, by definition, as vulnerable as its weakest point in the security chain. So is it any wonder to hear that the Model S, the most Internet-connected and remotely-connected electric vehicle (EV) on the market today, has a major security flaw? It shouldn’t. Anything connected cars, even Tesla’s Model S means it can be hacked and has security flaws.
According to TransportEvolved, Sina Weibo announced a Chinese Internet security company called Qihoo 360, found Tesla Model S security flaw. This is one of the most common security issue with anything connected and it means a crafty hacker can remotely access and unlock your Tesla Model S, as well as sound the horns, use the headlights, wipers, and even the panoramic sunroof. Are you scared yet? At the very least, if it rains, you might get annoyed.
Making sense of the Tesla Model S security flaw
Once we take a few steps back, we can see a pattern emerging from this Tesla Model S security flaw news. First, it was announced a day before one of the biggest security conference in China, the 2014 SyScan +360. Add to this that the conference is awarding a $10,000 prize to whoever successfully hacks into a Tesla Model S, and you get a better picture of what is happening. The Tesla Motors Model S is as secured as can be, and will continue to be more secured as each individual security flaws are discovered.
Tesla Motors was quick to reassure us with the following: “While Tesla is not associated with the conference and is not a sponsor of the competition, we support the idea of providing an environment in which responsible security researchers can help identify potential vulnerabilities. We hope that the security researchers will act responsibly and in good faith.” Whether open or closed sources, nothing is 100% secured if it is connected.
But joking apart, news of the Tesla Model S security flaw is a welcome relief in a world of over-confidence and side-blinders. In the meantime, as user and hacker feedback rolls in, Tesla will rewrite some APIs and take a closer look at some of the certificates it uses. So far, if sounding your horn, opening your doors and sunroof are the biggest threats, we can say that the latest Tesla Motors Model S security flaw is only a potential… so far.