Cybersecurity firm Lookout said all it took to gain full control of the Tesla Model S was to compromise one part of the system directly and go from there.
Researcher Kevin Mahaffey claims it's possible to gain access to all in-car systems by exploiting this weakness - a scary thought for those who enjoy teched-up cars. The hack allowed them to perform any action possible from the car's touchscreen or app, including turning the vehicle off mid-journey.
"At low speeds, the car applies the parking brake and it immediately comes to a stop," Mahaffey wrote in a blog post. "At speeds above about five miles per hour, the Model S gracefully shuts off its engine - just like shifting a gasoline car into neutral - while still providing the driver full control over steering and brakes so they can safely bring the car to a stop."
What's more, Mahaffey and partner Marc Rogers of security firm CloudFlare have already worked with Tesla to issue an over-the-air fix before taking their findings to the 23rd annual Def Con hacking convention in Las Vegas.
This is the third reported hack on connected cars in the last two weeks alone, showing yet again that security in the sector needs revising. First, security experts were able to remotely manipulate a Jeep Cherokee, causing parent company Fiat Chrysler to recall 1.4 million vehicles. Ouch.
And then another hacker revealed a flaw in OnStar's in-car system that left any General Motors-equipped car open to remote door unlocks and ignition starts.
0 comments:
Post a Comment