DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 22, 2017 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 65 people online.

 

Latest Reviews
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
 

Follow us
RSS
 

Hackers remotely activate Tesla Model S brakes (patch is already out)

Posted on Wednesday, September 21 2016 @ 15:53:29 CEST by


For years, researchers have warned that security will be one of the major issues with the Internet of Things. Billions of devices are getting connected to the Internet but a lot of these devices do not have proper security. When someone remotely deactivates your central heating it can be a major inconvenience, but when they start messing with your car it can quickly become a life-threatening situation.

Last year we saw how hackers could take control over Jeep Cherokees and now a team of security researchers from the Keen Security Lab of Chinese Internet firm Tencent demonstrate how they abused vulnerabilities in Tesla's web browser to compromise the car's CAN Bus.

As ARS Technica reports, the hack required the car to be connected to a malicious WiFi hotspot. This enabled the researchers to perform a man-in-the-middle attack and allowed them to perform tasks like remotely opening the doors and trunk, take control of the car's display and activate the brakes of a moving Model S.

Keen Security Lab reported the vulnerabilities to Tesla, which fixed the bugs in just 10 days. A Tesla spokesman responded to media inquiries: "our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly."
With several months of in-depth research on Tesla Cars, we have discovered multiple security vulnerabilities and successfully implemented remote, aka none physical contact, control on Tesla Model S in both Parking and Driving Mode. It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack.

Following the global industry practice on “responsible disclosure” of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team.

Keen Security Lab appreciates the proactive attitude and efforts of Tesla Security Team, leading by Chris Evans, on responding our vulnerability report and taking actions to fix the issues efficiently. Keen Security Lab is coordinating with Tesla on issue fixing to ensure the driving safety of Tesla users.

As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars. We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected. Keen Security Lab would like to send out this reminder to all Tesla car owners:

PLEASE DO UPDATE THE FIRMWARE OF YOUR TESLA CAR TO THE LATEST VERSION TO ENSURE THAT THE ISSUES ARE FIXED AND AVOID POTENTIAL DRIVING SAFETY RISKS.




 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba