SoylentNews is people
SoylentNews
Keen Security Lab senior researchers Sen Nie, Ling Liu, and Wen Lu, along with director Samuel Lv, demonstrated the hacks against a Tesla Model S P85 and 75D and say their efforts will work on multiple Tesla models.
The Shanghai, China-based hacking firm has withheld details of the world-first zero day attacks and privately disclosed the flaws to Tesla.
The firm worked on the attack for several months, eventually gaining access to the motor that moves the driver's seat, turning on indicators, opening the car's sunroof and activating window wipers.
The Chinese should not make Iron Man angry...
According to Ars Technica :
Tesla has already issued an over-the-air firmware patch to fix the situation.
Previous hacks of Tesla vehicles have required physical access to the car. The Keen attack exploited a bug in Tesla's Web browser, which required the vehicle to be connected to a malicious Wi-Fi hotspot. This allowed the attackers to stage a "man-in-the-middle" attack, according to researchers. In a statement on the vulnerability, a Tesla spokesman said, "our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly." After Keen brought the vulnerability to Bugcrowd, the company managing Tesla's bug bounty program, it took just 10 days for Tesla to generate a fix.
(Score: 5, Insightful) by LoRdTAW on Wednesday September 21 2016, @12:27PM
I'm glad the car is connected to the internet so it can receive a patch which patches a flaw allowing it to be exploited over the internet. I'm also elated to see that exploiting the cars web browser can take control of the vehicles safety systems.
What other critical systems can we connect to the internet via a web browser? I vote for hooking the web enabled coffee machine in the employee lounge of a power station to the SCADA system.
(Score: 0) by Anonymous Coward on Wednesday September 21 2016, @12:50PM
Is there room by your pond for another 12 x 12 shack, Mr. Thoreau? Perhaps with a few trees between us so we don't see each other from home?
More to the point, Tesla is small and (it appears) agile enough to get a fix out quickly. This will play out again and again and the major car companies (and their interlocked suppliers) will not always be this fast. I see lots of cars sitting at dealers while the customers are driving loaners...
(Score: 1, Informative) by Anonymous Coward on Wednesday September 21 2016, @01:48PM
I had three chairs in my house; one for solitude, two for friendship, three for society. When visitors came in larger and unexpected numbers there was but the third chair for them all, but they generally economized the room by standing up. It is surprising how many great men and women a small house will contain. I have had twenty-five or thirty souls, with their bodies, at once under my roof, and yet we often parted without being aware that we had come very near to one another.
H.D. Thoreau, Walden
(Score: 1, Informative) by Anonymous Coward on Wednesday September 21 2016, @01:12PM
This how to [youtube.com] may be able to help you get started with that shack. There's another video that shows barrel tiles if you prefer that look instead.