On cars, old, new and future; science & technology; vintage airplanes, computer flight simulation of them; Sherlockiana; our English language; travel; and other stuff
ALL IT TOOK for Belgian researchers to unlock and drive a Tesla Model S was the car’s weak encryption code, $600 of minicomputer hardware, and two seconds of effort. Rest easy, Model S owners, because Tesla subsequently paid researchers a bounty and then fixed the problem.
The tale, though, is an example of hacking and its increasing attacks on our computerized world. Details of the Tesla hack are given in CBS Los Angeles, September 12, 2018, and in Automotive News Shift, October 2018. Succinctly, thwarting hackers depends on skilled computer specialists on our side—and less penny-pinching among automakers and their suppliers.
The vulnerability lies with remote devices such as keyless entry systems sending out their electronic messages. If sent en clair, that is, sans any sort of encryption, these messages are easily captured by nearby culprits. And, once captured, the message can be used by the hacker to gain unauthorized access. To unlock a car and drive away, for instance.
Automakers and their electronic suppliers mitigate this by incorporating encoded messages. If the cipher is sufficiently complex, it all but defeats hacking. On the other hand, if it’s designed on the cheap, the encoding can be reverse-engineered and a work-around devised.
DST40 is one such cipher used in automaker remote keyless entry systems. Back in 2005, researchers identified that this cipher’s 40-bit coding was susceptible to hacking. However, Pektron, a supplier of such systems, incorporates DST40 in its encryption technology.
According to Automotive News Shift, “Pektron also designed keyless-entry solutions for manufacturers such as McLaren, Karma, and Triumph Motorcycles. McLaren and Karma responded to the researchers’ findings, but neither acknowledged the vulnerability. Preneel [one of the Belgian researchers] said Pektron and Triumph never responded.”
The Tesla Model S also uses Pektron technology. Indeed, it took Bart Preneel and his colleagues at Belgium’s KU Leuven nine months of reverse-engineering to crack the car’s keyless entry. Once DST40 vulnerability was identified, though, the researchers were able to repeat the attack on several different Model S vehicles using nothing more sophisticated than a Raspberry Pi minicomputer.
Automakers are generally prepared to reward researchers who share such vulnerabilities, in Tesla’s case to the tune of a $10,000 bounty. According to CBS Los Angeles, “A separate software update issued by Tesla allows owners of cars bought before June 2018 to update to a newer, more secure key fob. For those owners who choose not to upgrade their fob, Tesla updated its software last year to allow users to disable passive entry entirely. In addition, all Model S owners can enable the PIN to Drive feature which was rolled out earlier this year.”
KU Leuven researchers are expected to publish a paper on their methodology and findings in the near future. Also, according to CBS Los Angeles, Tesla will be adding the KU Leuven researchers to its Hall of Fame. ds
© Dennis Simanaitis, SimanaitisSays.com, 2018