Apparently, hackers can steal a Tesla Model S in less than two seconds
The Ludicrous standard in hacking
Tesla recently released a new anti-theft feature that requires you to enter a PIN code on your infotainment screen in order to start the car; yes, exactly, just like those Transporter cars have. However, if your Tesla was manufactured before August, it’s vulnerable.
Wired reports that a team of academic hackers from the KU Leuven university in Belgium developed a $600 system that can hack your car-key signaling and clone your vehicle’s key fob. In 1.6 seconds. That’s because the Tesla Model S’ keyless entry system uses a 40-bit cipher to encrypt those key fob codes. Although it might sound impressive, that’s actually weak ciphering in today’s standards.
After obtaining (any) two key fob codes, the researchers tried every cryptographic key until they found the one that unlocked their test car. From there, the protocol was quite simple: they’ve computed all the possible variants and created a 6-terabyte table of pre-computed keys. In the clip below you can witness a proof-of-concept attack, in which they hack a Tesla Model S using a Yard Stick One radio, a Proxmark radio, a Raspberry Pi, and some batteries.
The white hat hackers from KU Leuven informed Tesla of this security flaw, also pointing out that adopting the 40-bit Pektron solution “was a very foolish decision,” and that “someone screwed up. Epically.” Tesla acknowledged their work, remunerated their effort with a $10,000 “big bounty.” The carmaker then began working on a solution — which came into effect starting June 2018.
The researchers believe the same system can be used for unlocking McLarens, Karmas, and even Triumph motorcycles — the common denominator here being, of course, the Pektron’s key fob system.