SoylentNews is people
SoylentNews
Submitted via IRC for chromas
Junked Teslas still held unencrypted video recordings
An experiment conducted by white hat hackers and reported by CNBC show that Tesla vehicles store more information than you might think -- and they even keep your data unencrypted. It's normal for cars to keep some information from the cellphones you pair with them via Bluetooth, such as contact numbers. But a Tesla computer can also store videos, locations and navigational data, since the company's vehicles have built-in dashcams, data recorders and other features meant to gather information. In the event of a crash, the video could even include exactly what happened leading to the accident.
One of the researchers who uses the pseudonym GreenTheOnly told CNBC that he managed to extract all sorts of data from salvaged Model X, Model S and Model 3 cars in the past. To take a closer look at what Tesla computers can reveal, he teamed up with another white hat hacker named Theo and purchased a totaled Model 3 late last year for research purposes.
The result? They found unencrypted information from at least 17 different devices, including the number of times they were paired to the vehicle, as well as 11 phonebooks' worth of contact information. The researchers also found calendar entries with descriptions of planned appointments, along with the e-mail addresses of those invited. In addition, they unearthed the 73 last locations (and navigation information) the car went to and even successfully extracted the video of the crash itself.
The fact that the automaker doesn't automatically delete such information could be a double-edged sword. Yes, it could be helpful for investigators, but someone with the technical knowledge can hack into a salvaged or a reconditioned Tesla's computer and extract data. They don't even have to worry about having to break any kind of encryption.
[...] The Chief Security Officer at BugCrowd, which manages Tesla's bug bounty program, explained to the publication that the company can't just wipe cars automatically. There "could be a forensic need to contain and retain the data," he said. "But I would think that what they will want to work on is a way to have all that stored data encrypted, as it would be on your cell phone," he added.
(Score: 2, Insightful) by Anonymous Coward on Tuesday April 02 2019, @07:24PM
Imagine you have a person who wants to be your friend, and asks probing questions about your eating habits, how much money you have, if you smoke or do drugs, any medications you may be using, records your conversations with him, videotapes you and your visitors by waiting outside your home. Do you still think that person can be a friend?
If you were to see the databases of some of the internet companies you may be using, and seeing how much data they record about you, you'd never use them again.
The system is not your friend. The system was compromised and infiltrated ages ago by the enemy.