Karl`s PC Help Forums Last active: Never
Not logged in [Login ]
Go To Bottom

In memory of Karl Davis, founder of this board, who made his final journey 12th June 2007

Printable Version | Subscribe | Add to Favourites   Post new thread Poll:
Author: Subject: FYI # 5: Chinese Hackers (Lab Research Types) Seized Control Of The Tesla Model S
JackInCT
Custom User Title
*******




Posts: 1484
Registered: 21-4-2007
Theme: KF Blue (Default)
Member Is Offline

Mood: No Mood

[*] Post 504708 posted on 21-9-2016 at 15:51 Reply With Quote
FYI # 5: Chinese Hackers (Lab Research Types) Seized Control Of The Tesla Model S



Chinese Hackers (Lab Research Types) Seized Control Of The Tesla Model S

Tesla's ability to roll over-the-air updates out to its vehicles like they were iPhones is just one of the ways the company is redefining cars—but that advantage can also be a weakness. A group of Chinese hackers recently found a way to seize control of the Tesla Model S using the car's wireless network.

A group of researchers with the Keen Security Lab, a part of Chinese tech and media company Tencent, announced on Monday that they discovered the vulnerability after spending multiple months of "in-depth research" on Tesla vehicles. The group discovered that it was able to take control of the Tesla's Controller Area Network (CAN) bus, the system that allows the different pieces of hardware in the car to interact, when the car was connected to a hacked Wi-Fi hotspot.

Once the hackers remotely made their way into the Tesla's computer, they were able to control the car's infotainment and gauge cluster screens, move the car's power-operated seats, lock and unlock the doors, fold the mirrors, pop the trunk—and worst of all, engage the brakes while the car was rolling.

Unlike the cyber-criminals of the world who might use such information for evil, however, the Keen hackers went to Tesla with their discovery before going public. Tesla employees then confirmed the discovery was a real problem and went to work on a fix, rolling it out to all the afflicted cars in its fleet.

Tesla issued the following statement to The Verge (Verge as per its website:The Verge was founded in 2011 in partnership with Vox Media, and covers the intersection of technology, science, art, and culture. Its mission is to offer in-depth reporting and long-form feature stories, breaking news coverage, product information, and community content in a unified and cohesive manner. The site is powered by Vox Media's Chorus platform, a modern media stack built for web-native news in the 21st century.)

"Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.

We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research."
View User's Profile View All Posts By User
JackInCT
Custom User Title
*******




Posts: 1484
Registered: 21-4-2007
Theme: KF Blue (Default)
Member Is Offline

Mood: No Mood

[*] Post 504710 posted on 21-9-2016 at 17:38 Reply With Quote


YouTube video made by the Keen Lab researchers demoing the various hacks they pulled off; 08:05, audio is Chinese, but English close captioning.

https://www.youtube.com/watch?v=c1XyhReNcHY
View User's Profile View All Posts By User
LSemmens
Undercover MOD
********


Avatar


Posts: 32767
Registered: 19-11-2004
Location: Riverton, South Australia
Theme: Windows XP Silver
Member Is Offline

Mood: Gone crazy, Back soo

[*] Post 504714 posted on 22-9-2016 at 01:17 Reply With Quote


Thanks for that Jack. Sadly, this could well be the new reality. A potential "good" thing might be that the (malicious) hackers might divert their attention to cars and leave Windoze alone........Yeah! Right!
View User's Profile View All Posts By User
Post new thread Poll:

Guest Notice
You are a guest, as a guest you can only see a maximum of 3 posts per thread.

If you want to see the rest, please click here to register.