News
Tesla cybersecurity measures fail, hackers win Model 3 at hacking event
Tesla has been hacked at the Pwn2Own hacking event, and the hacking group has taken home a Tesla Model 3 and $100,000.
As electric vehicles and their significant amount of integrated software have become more common in everyday life, the security around them has become significantly more critical. In the worst-case scenario, a hacker could not only gain access to a car but could leak user data or even take control of the vehicle. Now, at the Pwn2Own hacking competition, a group of hackers successfully hacked a Tesla Model 3 and won the vehicle along with a $100,000 prize.
The successful hack completed by the group Synactiv was initially reported by the Zero Day Initiative Twitter account, revealing that the group had used a TOCTOU exploit to gain access to the vehicle.
One of the main highlights from Day One of #Pwn2Own Vancouver 2023: @Synacktiv vs the Tesla Model 3. Their successful demonstration earned them $100,000 and the car itself pic.twitter.com/d7TY5mKHxK
— Zero Day Initiative (@thezdi) March 23, 2023
-->CONFIRMED! @Synacktiv successfully executed a TOCTOU exploit against Tesla – Gateway. They earn $100,000 as well as 10 Master of Pwn points and this Tesla Model 3. #Pwn2Own #P2OVancouver pic.twitter.com/W61NasJPAl
— Zero Day Initiative (@thezdi) March 22, 2023
Thanks to the nature of the hacking competition, the details of how the hack was performed have not been made entirely public to avoid a security risk for Tesla owners. Still, the method the hackers used was relatively straightforward.
The TOCTOU (Time-Of-Check Time-Of-Use) exploit involves altering internal files to gain system access. In essence, the hackers are altering the files that a system will check to ensure someone actually should have access. This could, for example, involve changing login credentials to allow yourself access. However, as the name suggests, this is highly time-dependent, as it involves using the discrepancy of time between the system checking the files and a person actually being logged in.
Pwn2Own is one of the most famous hacking events in the world. It involves teams of hackers attempting to gain access to some of the most popular software available on the market. Each group of hackers and security researchers will be given a list of devices and software and a series of objectives to achieve. The first team to navigate through the list gains a cash prize. In this case, for completing this step of the competition quickest, the Synactive team won the Tesla Model 3 that they hacked.
-->With software becoming ever more interconnected with the vehicles we drive, focusing on keeping that software secure will only become more important as time passes. And with the increasing interconnectedness of these car systems, the consequences of not keeping these systems secure will only become more dire. Hopefully, automakers will take this threat seriously and continue to work to keep their items as safe and secure as possible.
What do you think of the article? Do you have any comments, questions, or concerns? Shoot me an email at william@teslarati.com. You can also reach me on Twitter @WilliamWritin. If you have news tips, email us at tips@teslarati.com!
News
Tesla FSD V14.2.1 is earning rave reviews from users in diverse conditions
Tesla’s Full Self-Driving (Supervised) software continues its rapid evolution, with the latest V14.2.1 update drawing widespread praise.
Tesla’s Full Self-Driving (Supervised) software continues its rapid evolution, with the latest V14.2.1 update drawing widespread praise for its smoother performance and smarter decision-making.
Videos and firsthand accounts from Tesla owners highlight V14.2.1 as an update that improves navigation responsiveness, sign recognition, and overall fluidity, among other things. Some drivers have even described it as “more alive than ever,” hinting at the system eventually feeling “sentient,” as Elon Musk has predicted.
FSD V14.2.1 first impressions
Early adopters are buzzing about how V14.2.1 feels less intrusive while staying vigilant. In a post shared on X, Tesla owner @LactoseLunatic described the update as a “huge leap forward,” adding that the system remains “incredibly assertive but still safe.”
Another Tesla driver, Devin Olsenn, who logged ~600 km on V14.2.1, reported no safety disengagements, with the car feeling “more alive than ever.” The Tesla owner noted that his wife now defaults to using FSD V14, as the system is already very smooth and refined.
Adverse weather and regulatory zones are testing grounds where V14.2.1 shines, at least according to testers in snow areas. Tesla watcher Sawyer Merritt shared a video of his first snowy drive on unplowed rural roads in New Hampshire, where FSD did great and erred on the side of caution. As per Merritt, FSD V14.2.1 was “extra cautious” but it performed well overall.
-->Sign recognition and freeway prowess
Sign recognition also seemed to show improvements with FSD V14.2.1. Longtime FSD tester Chuck Cook highlighted a clip from his upcoming first-impressions video, showcasing improved school zone behavior. “I think it read the signs better,” he observed, though in standard mode, it didn’t fully drop to 15 mph within the short timeframe. This nuance points to V14.2.1’s growing awareness of temporal rules, a step toward fewer false positives in dynamic environments.
FSD V14.2.1 also seems to excel in high-stress highway scenarios. Fellow FSD tester @BLKMDL3 posted a video of FSD V14.2.1 managing a multi-lane freeway closure due to a police chase-related accident. “Perfectly handles all lanes of the freeway merging into one,” the Tesla owner noted in his post on X.
FSD V14.2.1 was released on Thanksgiving, much to the pleasant surprise of Tesla owners. The update’s release notes are almost identical to the system’s previous iteration, save for one line item read, “Camera visibility can lead to increased attention monitoring sensitivity.”
News
Tesla FSD Supervised ride-alongs in Europe begin in Italy, France, and Germany
The program allows the public to hop in as a non-driving observer to witness FSD navigate urban streets firsthand.
Tesla has kicked off passenger ride-alongs for Full Self-Driving (Supervised) in Italy, France and Germany. The program allows the public to hop in as a non-driving observer to witness FSD navigate urban streets firsthand.
The program, detailed on Tesla’s event pages, arrives ahead of a potential early 2026 Dutch regulatory approval that could unlock a potential EU-wide rollout for FSD.
Hands-Off Demos
Tesla’s ride-along invites participants to “ride along in the passenger seat to experience how it handles real-world traffic & the most stressful parts of daily driving, making the roads safer for all,” as per the company’s announcement on X through its official Tesla Europe & Middle East account.
Sign-ups via localized pages offer free slots through December, with Tesla teams piloting vehicles through city streets, roundabouts and highways.
“Be one of the first to experience Full Self-Driving (Supervised) from the passenger seat. Our team will take you along as a passenger and show you how Full Self-Driving (Supervised) works under real-world road conditions,” Tesla wrote. “Discover how it reacts to live traffic and masters the most stressful parts of driving to make the roads safer for you and others. Come join us to learn how we are moving closer to a fully autonomous future.”
-->Building trust towards an FSD Unsupervised rollout
Tesla’s FSD (Supervised) ride-alongs could be an effective tool to build trust and get regular car buyers and commuters used to the idea of vehicles driving themselves. By seating riders shotgun, Tesla could provide participants with a front row seat to the bleeding edge of consumer-grade driverless systems.
FSD (Supervised) has already been rolled out to several countries, such as the United States, Canada, Australia, New Zealand, and partially in China. So far, FSD (Supervised) has been received positively by drivers, as it really makes driving tasks and long trips significantly easier and more pleasant.
FSD is a key safety feature as well, which became all too evident when a Tesla driving on FSD was hit by what seemed to be a meteorite in Australia. The vehicle moved safely despite the impact, though the same would likely not be true had the car been driven manually.
News
Swedish union rep pissed that Tesla is working around a postal blockade they started
Tesla Sweden is now using dozens of private residences as a way to obtain license plates for its vehicles.
Two years into their postal blockade, Swedish unions are outraged that Tesla is still able to provide its customers’ vehicles with valid plates through various clever workarounds.
Seko chairman Gabriella Lavecchia called it “embarrassing” that the world’s largest EV maker, owned by CEO Elon Musk, refuses to simply roll over and accept the unions’ demands.
Unions shocked Tesla won’t just roll over and surrender
The postal unions’ blockade began in November 2023 when Seko and IF Metall-linked unions stopped all mail to Tesla sites to force a collective agreement. License plates for Tesla vehicles instantly became the perfect pressure point, as noted in a Dagens Arbete report.
Tesla responded by implementing initiatives to work around the blockades. A recent investigation from Arbetet revealed that Tesla Sweden is now using dozens of private residences, including one employee’s parents’ house in Trångsund and a customer-relations staffer’s home in Vårby, as a way to obtain license plates for its vehicles.
Seko chairman Gabriella Lavecchia is not pleased that Tesla Sweden is working around the unions’ efforts yet again. “It is embarrassing that one of the world’s largest car companies, owned by one of the world’s richest people, has sunk this low,” she told the outlet. “Unfortunately, it is completely frivolous that such a large company conducts business in this way.”
-->Two years on and plates are still being received
The Swedish Transport Agency has confirmed Tesla is still using several different workarounds to overcome the unions’ blockades.
As noted by DA, Tesla Sweden previously used different addresses to receive its license plates. At one point, the electric vehicle maker used addresses for car care shops. Tesla Sweden reportedly used this strategy in Östermalm in Stockholm, as well as in Norrköping and Gothenburg.
Another strategy that Tesla Sweden reportedly implemented involved replacement plates being ordered by private individuals when vehicles change hands from Tesla to car buyers. There have also been cases where the police have reportedly issued temporary plates to Tesla vehicles.
Tesla FSD V14.2.1 is earning rave reviews from users in diverse conditions
Tesla FSD Supervised ride-alongs in Europe begin in Italy, France, and Germany
