Tesla Model S Gets Hacked – Tesla Promises Immediate Action To Fix Any “Legitimate Vulnerability”

JUL 30 2014 BY ERIC LOVEDAY 7

Tesla Model S Interior

Tesla Model S Interior

“Qihoo 360 Technology Co. has found ways to remotely control the Tesla car’s locks, horn, headlights and skylight while the car is in motion, the Beijing-based Internet security company said in a posting on its Sina Weibo account. Wu Jing, a director of investor relations for the company, said its information technology department conducted the experiment, without elaborating.”

That’s what came of the recent Tesla Model S hacking contest in Beijing, in which a successful Tesla hacker gets $10,000 in award money.

The hack itself was rather minor in that no access to the vehicles powertrain was achieved.  Regardless, Tesla releases this statement:

“While Tesla is not associated with the conference and is not a sponsor of the competition, we support the idea of providing an environment in which responsible security researchers can help identify potential vulnerabilities.  We hope that the security researchers will act responsibly and in good faith.”

Tesla added that if a “legitimate vulnerability” was identified, the automaker would take immediate action to rectify the situation.

The Weibo post from Qihoo reads as follows (translated via Google Translate):

“Our safety performance Tesla recently conducted a series of tests and found that the certificate can be used to unlock the remote control of the vehicle, whistle, flash and so on. And can open the sunroof while driving the vehicle. Tesla owners recently to be careful when driving rain suddenly open sunroof, become a drowned rat [laughing]. We will publish more on SyScan360 for everyone Madden, more interesting research results, uncover the mystery of Tesla break. @ Syscan360”

Not a serious threat to Tesla security.  Furthermore, it’s still uncleaer how the hack was accomplished.  We’re the hackers directly connected to the vehicle?  Anywho, the end result of the hacking contest was that no group or individual received the $10,000, as access to the Model S’ powertrain (a stipulation of winning the award) was not achieved.

Source: Bloomberg

Categories: Tesla

Tags:

Leave a Reply

7 Comments on "Tesla Model S Gets Hacked – Tesla Promises Immediate Action To Fix Any “Legitimate Vulnerability”"

newest oldest most voted
Joshua Burstyn

These are the same functions exposed by the mobile app. Big deal.

Leptoquark

I would really like to see this hack performed on a random car in front of an audience in a believable way, before I believe it. I get the feeling that Qihoo is boasting about it for the publicity.

Omar Sultan

Sounds like they compromised the mobile app, not the car, which would seem to be easier. BTW, you can only vent the sunroof, not fully open it and the car ignores commands from the app when its in motion.

Regardless, I am sure Kristen Paget is on the case and I am glad Tesla is not going the usual “no comment route.”

O

Joshua Burstyn

Agreed. The mobile app is an easy target and there is still no ability to control the powertrain, brakes or steering. Does their compromise involve spyware on a mobile phone or a true hack… or is it even related to social engineering… which aren’t even related to the car’s security…

Eric Cote

Skylight??

kdawg

A really easy hack is a rock through a window. No computer required.

io

Tesla’s wording brings the question, what would an “illegitimate vulnerability” be?