Keen Security Lab senior researchers Sen Nie, Ling Liu, and Wen Lu, along with director Samuel Lv, demonstrated the hacks against a Tesla Model S P85 and 75D and say their efforts will work on multiple Tesla models.
The Shanghai, China-based hacking firm has withheld details of the world-first zero day attacks and privately disclosed the flaws to Tesla.
The firm worked on the attack for several months, eventually gaining access to the motor that moves the driver's seat, turning on indicators, opening the car's sunroof and activating window wipers.
The Chinese should not make Iron Man angry...
According to Ars Technica :
Tesla has already issued an over-the-air firmware patch to fix the situation.
Previous hacks of Tesla vehicles have required physical access to the car. The Keen attack exploited a bug in Tesla's Web browser, which required the vehicle to be connected to a malicious Wi-Fi hotspot. This allowed the attackers to stage a "man-in-the-middle" attack, according to researchers. In a statement on the vulnerability, a Tesla spokesman said, "our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly." After Keen brought the vulnerability to Bugcrowd, the company managing Tesla's bug bounty program, it took just 10 days for Tesla to generate a fix.
(Score: 1, Informative) by Anonymous Coward on Wednesday September 21 2016, @01:48PM
I had three chairs in my house; one for solitude, two for friendship, three for society. When visitors came in larger and unexpected numbers there was but the third chair for them all, but they generally economized the room by standing up. It is surprising how many great men and women a small house will contain. I have had twenty-five or thirty souls, with their bodies, at once under my roof, and yet we often parted without being aware that we had come very near to one another.
H.D. Thoreau, Walden