Simanaitis Says

On cars, old, new and future; science & technology; vintage airplanes, computer flight simulation of them; Sherlockiana; our English language; travel; and other stuff

HACK MY TESLA? EASY-PEASY FOR A WHILE THERE

ALL IT TOOK for Belgian researchers to unlock and drive a Tesla Model S was the car’s weak encryption code, $600 of minicomputer hardware, and two seconds of effort. Rest easy, Model S owners, because Tesla subsequently paid researchers a bounty and then fixed the problem.

Tesla Model S key fob. Image from teslafixes.com.

The tale, though, is an example of hacking and its increasing attacks on our computerized world. Details of the Tesla hack are given in CBS Los Angeles, September 12, 2018, and in Automotive News Shift, October 2018. Succinctly, thwarting hackers depends on skilled computer specialists on our side—and less penny-pinching among automakers and their suppliers.

Automotive News Shift is a new magazine published monthly by Automotive News. Its October 2018 issue discusses cybersecurity—and hackers.

The vulnerability lies with remote devices such as keyless entry systems sending out their electronic messages. If sent en clair, that is, sans any sort of encryption, these messages are easily captured by nearby culprits. And, once captured, the message can be used by the hacker to gain unauthorized access. To unlock a car and drive away, for instance.

Automakers and their electronic suppliers mitigate this by incorporating encoded messages. If the cipher is sufficiently complex, it all but defeats hacking. On the other hand, if it’s designed on the cheap, the encoding can be reverse-engineered and a work-around devised.

DST40 is one such cipher used in automaker remote keyless entry systems. Back in 2005, researchers identified that this cipher’s 40-bit coding was susceptible to hacking. However, Pektron, a supplier of such systems, incorporates DST40 in its encryption technology.

According to Automotive News Shift, “Pektron also designed keyless-entry solutions for manufacturers such as McLaren, Karma, and Triumph Motorcycles. McLaren and Karma responded to the researchers’ findings, but neither acknowledged the vulnerability. Preneel [one of the Belgian researchers] said Pektron and Triumph never responded.”

Tesla Model S. Image from Car and Driver.

The Tesla Model S also uses Pektron technology. Indeed, it took Bart Preneel and his colleagues at Belgium’s KU Leuven nine months of reverse-engineering to crack the car’s keyless entry. Once DST40 vulnerability was identified, though, the researchers were able to repeat the attack on several different Model S vehicles using nothing more sophisticated than a Raspberry Pi minicomputer.

Katholieke Universiteit Leuven, in Flanders, Belgium, is the largest university in Belgium and the Low Countries. Its predecessor institution was established in 1425.

Automakers are generally prepared to reward researchers who share such vulnerabilities, in Tesla’s case to the tune of a $10,000 bounty. According to CBS Los Angeles, “A separate software update issued by Tesla allows owners of cars bought before June 2018 to update to a newer, more secure key fob. For those owners who choose not to upgrade their fob, Tesla updated its software last year to allow users to disable passive entry entirely. In addition, all Model S owners can enable the PIN to Drive feature which was rolled out earlier this year.”

KU Leuven researchers are expected to publish a paper on their methodology and findings in the near future. Also, according to CBS Los Angeles, Tesla will be adding the KU Leuven researchers to its Hall of Fame. ds

© Dennis Simanaitis, SimanaitisSays.com, 2018

One comment on “HACK MY TESLA? EASY-PEASY FOR A WHILE THERE

  1. MikeB
    October 18, 2018

    Would it be reasonable to suppose that any keyless entry or keyless ignition (operated with a fob) from before this vulnerability was published is hackable? I suspect so. There was a story several years ago about a group that (with VW’s grudging acceptance) looked for ways into a Jetta – and discovered a bunch of them including the keyless entry system.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: