Stories
Slash Boxes
Comments

SoylentNews is people

Teen Hacker Finds Bug That Lets Him Control 25+ Teslas Remotely

posted by janrinok on Sunday January 16 2022, @12:59AM   Printer-friendly
from the going-soon-from-outside-a-house-near-you dept.

upstart writes:

Teen hacker finds bug that lets him control 25+ Teslas remotely:

A young hacker and IT security researcher found a way to remotely interact with more than 25 Tesla electric vehicles in 13 countries, according to a Twitter thread he posted yesterday.

David Colombo explained in the thread that the flaw was "not a vulnerability in Tesla's infrastructure. It's the owner's faults." He claimed to be able to disable a car's remote camera system, unlock doors and open windows, and even begin keyless driving. He could also determine the car's exact location.

However, Colombo clarified that he could not actually interact with any of the Teslas' steering, throttle, or brakes, so at least we don't have to worry about an army of remote-controlled EVs doing a Fate of the Furious reenactment.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Teen Hacker Finds Bug That Lets Him Control 25+ Teslas Remotely | Log In/Create an Account | Top | 12 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Informative) by Fnord666 on Sunday January 16 2022, @05:08AM (2 children)

    by Fnord666 (652) on Sunday January 16 2022, @05:08AM (#1213077) Homepage

    A Bloomberg article [bloomberg.com] has some additional details. It looks like there's a third party app that can interact with the Tesla.

    As far as the issue goes,

    The problem involves an insecure way the software stores sensitive information that’s needed to link the cars to the program, Colombo said. In the wrong hands, that information could be stolen and repurposed by hackers to send malicious commands to the cars, he said.

    I'm not sure how that translates into:

    Colombo states "it's the owners faults" he has managed to gain access to their cars.

    He has apparently disclosed the issue to both Tesla and the third party software vendor.

    Colombo said that he has been in touch with members of Tesla’s security team and the maker of the third-party software.

    but

    He[Colombo] asked that Bloomberg not publish specifics because the affected organization hasn’t yet published a fix.

    With regard to his qualifications,

    A self-described Tesla fan, Colombo said he started coding when he was 10 years old. Frustrated with high school coursework, his father helped him petition German authorities to let him go to school two days per week and spend the rest of his time expanding his cybersecurity skills. He also developed a company called Colombo Technology.

    Additional sources cited:
    PCMag [pcmag.com]
    Fortune [fortune.com]

    Starting Score:    1  point
    Moderation   +3  
       Troll=1, Interesting=1, Informative=3, Total=5
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 1, Insightful) by Anonymous Coward on Sunday January 16 2022, @10:39AM (1 child)

    by Anonymous Coward on Sunday January 16 2022, @10:39AM (#1213094)

    The only thing I'd like to know is how can I vote for this young genius for President? We need someone up with the Cyber.

    • (Score: 1, Funny) by Anonymous Coward on Sunday January 16 2022, @12:49PM

      by Anonymous Coward on Sunday January 16 2022, @12:49PM (#1213111)

      more likely to claim he was a global terrahaxor, and back him into a south american embassy for a few years before sending hime to a blacksite where Snotnose gets to quiz him on obscure trs80 assembly syntax into the wee small hours under harsh lighting.