Slashdot Mirror
Tesla Model S Has Been Hacked
cartechboy writes: First, it was Chrysler last month with its Uconnect system being hacked while being driven down the road. Now, it's Tesla's turn. That's right, the Silicon Valley automaker's very own Model S electric car has been hacked by two white-hat hackers. The duo were able to manipulate the speedometer, lock and unlock the car, and at speeds of less than 5 mph they were able to make all the electronics go blank and shut down the car while engaging the emergency parking brake dragging the car to a stop. Tesla's already issued a software update that owners can download to path the security flaw. Welcome to the new world where cars can be hacked thanks to all their electronics.
IoT sucks! Welcome to the future.
What the summary fails to omit is that you first need physical access to the car and since they have the ability to do updates over-the-air, they don't need to recall more than a million vehicles to fix the issue.
ners can download to path the security flaw.
Some day there will be a market for a car with no on board computer or electronics. The intro to the first Fallout game features a television commercial for a car called the Corvega, with no electronics and no computer for only $199,999.99. In a world on the verge of nuclear war, or one on the verge of computer security catastrophe, sounds like a steal.
Didn't they have to physically "break" the car before they got access into it? Your post is clearly a scare tactic.
Nothing here... So... SHOOO!!!
My Tesla was patched last night. No such luck for my Dodge.
I want my Cat connected to the IoT. Somebody please hack it so it stops leaving hairballs everywhere.
...To protect against nuclear EMP (since we were talking Fallout)? Not so much. Even 70s and 80s cars use coils and ECUs, and that would get fried...
Maybe... and maybe not. Old cars had thick metal hoods. Modern cars often use plastic for parts that don't need to be mechanically strong, but the old ones put the engines inside a pretty good Faraday cage.
http://www.geoffreylandis.com
Tesla's efforts still won't provide the level of electronic security from remote hacks that old Lucas equipment did.
Time to offend someone
as a college grad with more debt than a south american country, I can tell you I was worried about this bug. I came up with a handy countermeasure to avoid nefarious car hackers:
I work two jobs and drive a 2001 Ford crown victoria i bought for six hundred bucks at a police auction. It burns oil, and smells like parking citations and regret. On a hot day it stinks like hamburgers; I do not know why. The jiggle required to get the spare key to engage the ignition is nothing short of a shao-lin kung fu scene. This car still has a throttle cable, and practically came off the line with the check-engine light on. The upholstery is permanently stained with the detritus of an entire cities overweight, underpaid cops.
Hacking my brakes wont work, the pedal goes to the floor to try and stop this 2 and a quarter ton house on wheels so if anything it might be an improvement. randomly triggering the accellerator, assuming one can do this in a vehicle with a throttle cable, will result in a godless heavy metal grunt from the engine as this 210 horsepower v8 struggles to maintain basic lane positioning. The AC hasnt worked since the clinton era, and mysteriously burps up pieces of foam. The door locks are mysterious and random enough already, and functionless for the rear passenger.
Good people go to bed earlier.
It is a handbrake and nothing but a handbrake
From TFA: Green Car Reports reached out to Tesla Motors, which provided the following comment: ...
We've already developed an update for the vulnerabilities they surfaced which was made available to all Model S customers through an over-the-air update that has been to deployed to all vehicles.
Any car or computer can be hacked when you have physical access to the car. Furthermore Tesla has apparently already issued a patch making this pretty much a non-event.
When they get hacked remotely with no physical access (which is conceivable) then we should sit up and pay attention.
The only reason why this is happening is because the software developers are morons. In a mission critical system you never give write access from an entertainment module to critical system. The information system should not have the ability to make any changes in the engine software. The best way to enforce this is to use a hardware read only bus that sits between the entertainment system and engine system and only allow traffic to flow from the engine to the info system but not the other way around.
I use is in emergencies all the time in the winter. Every time I'm in a parking lot after a fresh snow, I urgently need to do 90 and 180 degree turns repeatedly. I assumed that was what it was for as it works perfectly - what do you use it for?
"If you have nothing to hide, you have nothing to fear." - Every fascist, ever
When hydraulic brakes were introduced there was concern that if they failed, the driver would have no way to stop the vehicle. So, regulations were added to require every car with hyrdaulic (or electric) brakes to also have an Emergency brake that was totally manual and not connected to the hydraulic system. This was to satisfy FMVSS 105 (now replaced with FMVSS 135):
" Vehicles shall be capable of stopping under partial failure of the service brake system, inoperative brake power assist unit or brake power unit, antilock failure, variable proportioning valve failure, and with the engine off"
There is a maximum distance and pedal pressure specified.
FMVSS 135 also states:
"Each vehicle shall be manufactured with a parking brake system which, when engaged, shall be capable of holding the vehicle stationary on a specified grade for a specified time. "
I have never seen a passenger vehicle with two separate systems, so the Emergency Brake is also the Parking Brake. Or handbrake if you prefer as it is manual brake.
Why would you NOT use the e-brake in an Emergency? You are barrelling down the highway at 70mph when your oil filter lets go. Your engine overheats and fails within seconds. Do you a) do nothing or b) use the ebrake to slow down and pull over? why would you not want to save your own life?
But it won't require as much replacement wiring smoke as the Lucas electronics did. http://www3.telus.net/bc_trium...
There is no God, and Dirac is his prophet.
Can we stop calling you guys 'editors', and just get on with 'clowns who post story submissions'.
Because it's quite clear you don't actually, you know, edit.
Lost at C:>. Found at C.
Why would you NOT use the e-brake in an Emergency? You are barrelling down the highway at 70mph when your oil filter lets go. Your engine overheats and fails within seconds. Do you a) do nothing or b) use the ebrake to slow down and pull over? why would you not want to save your own life?
Because locking my back wheels at 70mph isn't going to end well for me. I'd use the normal brakes (which still work fine without the benefit of servo assist) so at least I'd have partial steering.
I have actually used the handbrake as a backup brake after a total brake failure (Volkswagen Rabbit, the Segway of cars). Yes, it's an emergency brake.
Having been in several situations with complete loss of oil (one on the road, others in the shop), I can assure you that complete loss of oil pressure does not lead to engine stopping in any reasonable time. Permanent engine damage, yes. Not able to restart, yes. Stops when dropping to idle throttle. But it happily keeps running (and starts making the most unusual noises), especially if the throttle is open.
There are lots of stories of people coming into gas stations/shops/etc with "I noticed this red light on the dash that says OIL" (or equivalent), and when the dipstick is pulled, it's dry.
There are also lots of cases of "oil change but forgot to put the drain plug in, or forgot to refill with oil, because we got distracted". An amazing number will run for a while (causing bearing damage, and needing expensive repairs).
Ditto for coolant loss.
A friend used to work in a commercial vehicle establishment, doing lots of engine rebuilds/replacements. A standard amusement was to cut the radiator hoses off, drain the oil, start the engine, put a brick on the pedal, and see how long it would run, before pulling the engine for the rebuild. After seeing this a couple times, I realized that there is great durability in modern cast iron engines. Sure, the main bearings are shot, but that's about it. Whether an aluminum block, aluminum head engine would be rebuildable, I don't know. The temperature extremes in the bearing areas might alter the metal and warp it beyond rebuildability.
OK, so there's a security patch available. So what? "We regret that you crashed at 85mph yesterday - please download our latest patch?" The problem is not the software per se, but the mere fact that there's external access at all. Because there's simply no such thing as "flawless" code. And the internet's been around long enough to show us that, if there's any legitimate way in, people who want to abuse the system will get in as well, and find a way to subvert it. And right now all we're seeing are "white hat" attacks; just wait until the black hat guys start getting creative.
Why can't you just use the normal pedal brakes? They are still more powerful and easy to control even without the power assist.
Wealth is the gift that keeps on giving.
As opposed to the old world where a car that didn't have any sophisticated electronics was trivial for someone to steal?
File under 'M' for 'Manic ranting'
Why would you NOT use the e-brake in an Emergency?
Because locking my back wheels at 70mph isn't going to end well for me. I'd use the normal brakes (which still work fine without the benefit of servo assist) so at least I'd have partial steering.
Yeah, that wasn't actually a great example. Here's a better one. You're driving down the highway, go to push the brake pedal, and the pedal falls off, the linkage to the master breaks, the plug works out of the master and the piston shoots out, powered by a stout steel spring. What do you do? Yeah, sure, you downshift. That's it?
You or I can reasonably push down the brakes well enough to stop even without servo assistance. At least, I know I can. But in a lot of vehicles, it's very difficult, and not everyone is physically capable of doing that. They should have a second option. And that is why EPBs are evil. They are either on or off. The only thing you can do with them, if you're even allowed, is lock them. A normal parking brake can be partially applied. There's quite a bit of stretch in the cables, so you can moderate clamping force. I know, because I've done it in a car with a proper handbrake. And I will say this to you, and you can believe it or not, but I've never made a "handbrake turn". I've made some power-assisted U-turns before, but only in situations where power and traction levels meant that I could do it either from a near-standstill with throttle alone (or perhaps with some clutch) or while in motion by using the "Scandinavian Flick". But I have played with the handbrake to see whether it was possible to stop a car with it from a good clip safely, and the answer is yes. I imagine it would be tricky to do properly with a foot brake; if you got carried away, you'd probably already be sideways before you found the release.
I played with stopping with the handbrake in a 1989 240SX, which has an ordinary handbrake and doesn't weigh much. But my Audi A8 is first-generation and also has a real handbrake, I don't see why I wouldn't be able to use the same technique there in spite of it being a much heavier car. It also has much larger rear brakes.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
It's not like it's rocket science.....
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Guess you never heard of bot pathing in games. To path a bot is to program it to follow a specified routine.
Catch up with terminology, and keep your mouth shut until you understand the words being spoken.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Why not just have a standard, open and documented interface that allows owners and users to do all of this.
For example, when everyone has easy access to know how to activate the parking brake from a computer or chip plugged into the car then it's not a huge deal that someone "hacked" it.
At that point everyone realizes that these things work like that and that you have to have cable access to make a change.
For the paranoid worried about someone changing the code (making the parking brake not work with the normal lever), give them the ability to reflash the code on the car.
It's the same thing as someone being able to disconnect the cable for a cable operated parking brake because they have the knowledge of how to do it and the owner or driver does not and does not take the time to check things like that.
We should be for knowledge over ignorance and closing the software (or creating an enigma machine for pulling a cable) doesn't work.
Making a big deal out of it is not the way to go.
My parking brake is foot operated.
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Typos are uniquely American...
Maybe he eats a lot of Cracker Jack.
Oh thank God. I have no idea why everyone doesn't do this wirelessly - cuz on the air updates are perfectly secure.
Unless someone has physical access to the car they should be very secure as long as the encryption algorithms used are secure. Key distribution isn't a problem because Tesla can load up the car with a cryptographic key during manufacturing. Hell they could even put in a stack of one time pads if they wanted. Key distribution is usually the big problem but it's not (or shouldn't be) an issue here.
While they could always make an error somewhere along the way, it should be reasonably straightforward to make the OTA updates very secure under most circumstances.
It is his side job as well though if that helps.
While true that this is a lot less worrisome than a remote attack, the fact that someone with an ethernet cable can bollix up the car it still attention worthy.
If a bad guy has physical access to my car, what they can do with an ethernet cable is frankly the least of my concerns.
Yeah, that wasn't actually a great example. Here's a better one. You're driving down the highway, go to push the brake pedal, and the pedal falls off, the linkage to the master breaks, the plug works out of the master and the piston shoots out, powered by a stout steel spring. What do you do? Yeah, sure, you downshift. That's it?
You turn the car off and leave it in gear.
Adblock, Better Privacy and NoScript is coming out for cars - to be released later this year.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
Not going to happen, both the EPA and the CAFE standards have seen to that. There is ZERO chance you can meet the emission and mileage standards for any vehicle which doesn't include some kind of engine and drive train control electronics.
Those only apply to new cars. Old cars are still on the road and probably always will be. Plus you are able to build vehicles yourself that do not meet emissions standards. Not exactly difficult to source an engine and a chassis.
The only way we are safe from the Cylons is to not network all the systems in the ship together.
Can we stop calling you guys 'editors', and just get on with 'clowns who post story submissions'.
Because it's quite clear you don't actually, you know, edit.
They edit, meaning that they modify the text. The thing is that they generally make it worse, not better.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Car hacking is the most ridiculous thing i've ever heard of!
Seriously, why do we need computers in cars? EFI I can understand; some digital sensors, maybe, a and quartz tuned radio with digital display, sure.
But all of this other crap is just asking for trouble. The fact that someone could remotely access, monitor, and even control your vehicle is downright scary.
Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.
Actually, I *HAVE* used the emergency brake in an emergency. I stepped on the brake pedal and nothing happened so I carefully used the emergency brake to come to a safe stop. It sure worked as an emergency brake for me.
Now don't you feel dumb?
The last time my 80s era roadster was patched was when it rolled off the production line. 30+ years on the long-term stable release! Beat that with your Tesla.
That's like bragging that you haven't patched your 486DX computer in 25 years. It's an obsolete POS and nobody is really impressed. Do you still use a Motorola MicroTAC phone or an Apple IIe too?
Why do we need to connect cars to the internet again?
Because you can do interesting and useful things by connecting to the internet. Up to date weather, traffic, and map data. Streaming media, OTA updates, OTA patches, inter-vehicle communications, and much more. Seriously you can't think of any use for internet connectivity in a vehicle?
The ebrake will NOT lock your wheels up as long as you have a bit more finesse than an angry gorilla. Press and hold the button in and lift the lever until you feel it begin to grab. Do not yank the lever up like an idiot.
Isn't the emergency/parking brake required to be mechanical? How can you hack a mechanical cable-pulley system?
And this is why it's called an emergency brake here. Unlike the hydraulic braking system, it's supposed to be able to work no matter what. It's also only connected to the rear wheels, so there's less of a chance the idiot who slams it on will lose control.
--- Keep the choice with the user..
In my 1986 Samurai, there was a small proportioning valve that split the brake fluid pressure to apply more to the front than the back. When I was exiting a parkway, that valve decided that rather than send the fluid to the brakes, it would just be better to dump it on the ground. Fortunately, I was able to use the manual transmission and the wire-connected emergency/parking brake to stop safely.
Because people are trusting their life to a system that has consistently proven that it is not secure
You know what else I'm trusting my life to? You not turning your steering wheel a quarter turn left when we pass each other on the road. I'm trusting that you will actually stop at a stop sign. I'm trusting that my airbag will not malfunction. I'm trusting the ignition to actually work. I'm trusting that you are capable of driving competently unimpaired by alcohol. We trust our lives to a lot of things that have consistently proven to not be secure and this bit of hacking is no where near the top of the danger list. Sure, let's be concerned about it but let's not blow it out of proportion either.
Then what would you recommend one do if their brake fluid leaks out?
The emergency brake works via cable. It will pretty much always work. Pop a leak somewhere and the rest of your braking system.. being hydraulic becomes useless quickly. That's why we call it an emergency brake!
The trick is you don't just yank the handle up and set it like you would when you park on a hill. Stay calm. Keep your finger on the button, you don't want it locking!. Ease the handle up carefully. Don't suddenly force it when you start to feel the resistance.
I haven't had to do this us this in an oncoming traffic, imediate sort of emergency. I have practiced it under more controled conditions so that I would be ready if I do. I did use my e-brake to drive home once when I blew a brake cylindar. Fortunately I noticed this before I was up to speed so I was able to take it very easy and didn't have to use the e-brake for any sudden, unexpected stops.
What a stupid strawman!
Why would you lock your back wheels? Have you actually ever tried your emergency brake? No car I have ever owned is capable of applying enough stopping power to actually lock the wheels. It only slows them down.
Also.. don't yank up on it. You wouldn't slam your foot brake at that speed would you? Hold the button down on your emergency brake so that it doesn't lock and ease it up just like you would with your foot!
Don't look to Tesla to change the OTA acccess their building into their cars any time soon. I'll tell you why.
There's a frightening amount of electricity generated by their cars and mechanics who don't know what they're doing are quite likely to eletrocute themselves.
Then the headline will be:
Another Mechanic Killed By Tesla Car.
To prevent that headline from ever materializing and destroying their market share, they reserve the right and aiblity to remotely brick the car.
If the car is in an accident, it gets bricked and the only result of trying to start the car is a message on the instrument panel which reads (approx) : "Take car to Tesla service station for service".
Mechanics CAN'T work on Tesla cars.
Unfortunately, when you connect a car to the internet or otherwise make it accessible OTA you dramatically increase the attack surface area.
Here's a few characterisitics of the new attack vectors:
*A criminal can effect many cars at once. Previously, a 1:1:1 ratio existed between criminals, cars and some discrete unit of time.
*A criminal can make a criminal event imitate an accident. Previously, if the car blew up Mafiosa-style or was stolen, the criminal event was clearly recognizable as a criminal event. Even cutting the brake lines left tell-tale signs. Obviously, a surreptitious way to access the car's electronics is, well, surreptitious .
*The attack vectors have mutiplied to as many zero-day exploits in as many electronic parts as could be effected by zero day exploits. Previously, even if there was a theoretical way to access the computer that controlled critical systems, it was still a head-under-hood affair involving that system.
*Zero day exploits aren't going away. There is no "recall" that is going to "fix" the problem because the problem is now a changing target. Previously, just as criminals and car thefts (or other crime) were 1:1, so also were defects and defective components. Recalls could fix the componnt and return the car to service. Now the subsystem is known to be fundamentally unfixable.
If we could stop people from exploiting critical computer systems, we would have done it. A car is not going to be special in this regard.
It *IS* awkward but I have actually done exactly that. The handbrake is preferable for that situation, but the foot operated brake is usable in a pinch.
You can always push it down slowly to stop, and then release it.
This is something everyone should practice in a safe area just in case. It's part of being a safe driver.
Hastings was a large adversary for the military industrial complex. When his BMW sped out of control and crashed a couple years ago , most who mentioned auto hacking were labelled conspiracy theorists. How's that looking now? not that whatever technique was used there had to be very high tech.. he even expressed concerns that his car had been tampered with.
Using the foot pedal *IS* awkward but I have actually done it successfully. A handbrake is certainly preferable.
Every driver should practice this in a safe area just in case. It's part of knowing your vehicle and being a safe driver.
With physical access to the car, I can literally take control of ANY car and then run it remotely. I can put plastic explosives under the dash and hook it up to the ignition wire. For the last 100 years. How is it a hack once you've had physical access? There are James Bond movies from the 60s with this as a plot point.
Peter predicted that you would "deliberately forget" creation 2000 years ago...
unless the car has an automatic transmission.
Why would you NOT use the e-brake in an Emergency? You are barrelling down the highway at 70mph when your oil filter lets go. Your engine overheats and fails within seconds. Do you a) do nothing or b) use the ebrake to slow down and pull over? why would you not want to save your own life?
Because locking my back wheels at 70mph isn't going to end well for me. I'd use the normal brakes (which still work fine without the benefit of servo assist) so at least I'd have partial steering.
I've safely stopped a car from 120km/h when the hydraulic braking system failed by using the emergency brake. You use it gently to slow down, and gear down as well. There is no need to yank it all the way up - you can modulate the pressure you exert so that the wheels never lock up.
I'm a minority race. Save your vitriol for white people.
You turn the car off and leave it in gear.
unless the car has an automatic transmission.
Yep. Last I looked over a decade ago, only 40% of cars sold in the USA were even offered with a manual gearbox; Today, that number is even less. It's not just the USA that isn't buying them, either. Now that DSGs are so phenomenally good, there's really no reason for anything else to exist except in the very cheapest of cars — and they're "all" getting CVTs — nearly all, anyhow. But loads of cars still have traditional slush boxes, because they're the cheapest way to get a lot of torque to the wheels, and we love torque.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
The article says that Tesla has "already issued a software update that owners can download..." The update is automatically delivered over the air directly to the car. The owner doesn't need to request anything.
From TFA: "Mahaffey and Rogers acknowledged that they first had to gain physical access to the Tesla in order to accomplish their hack, requiring a physical connection via Ethernet cable that then allowed them to access the Model S remotely."
In the olden days this was called "hot wiring"...
The point is: all bets are off when one has physical access. Even if they don't "hack" it, they can set it on fire or do anything else.
Shut off your automatic transmission on the highway and tell me what your car does.
Emergency brake is not a binary (on/off) switch, but instead a lever that lets you apply variable pressure to the brakes in order to slow down without locking your back wheels. I know that you may be young and only used to modern ABS brakes, so the concept of having to personally restrain how much you apply the brakes in order to not lock the wheels may seem like something alien to you, but that is exactly how all brakes (including the pedal) worked until the 80s' or 90s'.
Bring it.
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
The control unit releases the pressure on all the clutch solenoids, shifting it to neutral?
Thatsthejoke.jpg
Good point, when I first started driving I used to use the (hand operated) parking brake to prevent rolling back when starting on a hill. One foot on the throttle, other foot on the clutch and one hand on the handbrake. Release brake while releasing the clutch and applying throttle. Handy when learning where hills are very steep.
https://en.wikipedia.org/wiki/Inverted_totalitarianism
I don't think this is correct.
Wealth is the gift that keeps on giving.
You needn't turn it off; just ease it carefully into 'Park'.
This is quite false. If your pedal drops to the floor, it means that there is either a hydraulic leak or air in the line. If the system isn't so compromised, then it will continue to work with the engine either on or off - the only difference being the additional pressure required. (If you don't expect the extra pressure, you could easily crash simply because you thought you were already maxing out the brakes.)
Also. the loss of power assistance will typically take several applications, with the pedal effort steadily increasing. (Source: every car I've owned with power brakes. I live in the mountains, and I routinely practice power off coasting, to see how the vehicle handles without power brakes OR power steering.)
If I turn my steering wheel the wrong way, or if I run a stop sign, or even if I'm driving drunk - If i plow into your trusting kester, I might just kill myself as well. I have a really really good reason not to do any of that stuff because I have skin in that game. So that's nota reall good argument except in the case of a suicidal driver.
The fact that you have skin in the game means little. There are over 30,000 deaths each year in the US in automobiles and I assure you that most of them are far from suicidal.
The idea that you trust your ignition key to start the car is just silly.
Really? Ask GM whether we should worry about about trusting our lives to ignition switches.
Says the dumbass who does not realize that it is a separate system which does not use the hydraulic calipers.
You truly are a dumbass. It is an emergency brake for use when the hydraulic breaks fail. If you ever take a look at it it is wire operated and works a separate set of brakes on the rear wheels which are drum brakes. Somehow I doubt you have ever worked on a car beyond checking the oil, if that.
Something tells me you have never done either. Primarily your complete lack of knowledge pertaining to brakes.