A Chinese firm that specializes in security research provides proof of a second unauthorized access into the Tesla Model X's systems.
This time, Tencent Cohen Laboratory's Keen Security Lab was able to remotely initiate the infamous "Christmas light" easter egg in two Model X vehicles. If you haven't seen it, it controls all of the lights on the SUV, opens and closes the doors and trunk, and plays music. It's a perfect example of being able to access way too many of the vehicle's features, and all at once.
Tesla Model X hack showing remote control of the falcon wing doors and the trunk.
This is not the first time that Keen has hacked a Tesla vehicle, but as far as Tesla's concerned, the automaker is likely hopeful that it will be the last.
Last fall, when Keen was able to exploit a Model S, the company alerted Tesla of the vulnerability, at which point Tesla quickly "fixed" the issue ... or perhaps not completely. Keen's head researcher, Sen Nie explained (via Teslarati):
“We informed Tesla of the vulnerabilities we found last year and they corrected them. This year our research found new vulnerabilities and we were able to reproduce the same remote control of the car."
At the recent National Governors Association summer meeting, Tesla CEO Elon Musk admitted that a fleet-wide hack is the automaker's number one concern. Musk joked:
“I think one of the biggest concerns for autonomous vehicles is somebody achieving a fleet-wide hack. If someone was able to say hack all the autonomous Teslas, they could say — I mean just as a prank — they could say send them all to Rhode Island and that would be the end of Tesla and there would be a lot of angry people in Rhode Island.”
Despite the fact that Keen was able to get in for the second time, and others have also been successful in hacking Tesla vehicles, Nie said that it's not easy to do. He made it clear that Tesla is no more vulnerable than the next automaker when it comes to such exploits.
Tesla is eager to invite hackers to make attempts, so that it can use the information to make its systems more secure. A few years back, the company went so far as to encourage hackers to attend DEF CON 23 to try to hack a Tesla.
Figuring out any vulnerabilities now rather than later is paramount, since all of Tesla's vehicles are built with the potential to eventually be updated for full self-driving capability.