SoylentNews

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Teen hacker finds bug that lets him control 25+ Teslas remotely [arstechnica.com]:

A young hacker and IT security researcher found a way [bloomberg.com] to remotely interact with more than 25 Tesla electric vehicles in 13 countries, according to a Twitter thread [twitter.com] he posted yesterday.

David Colombo explained in the thread [twitter.com] that the flaw was "not a vulnerability in Tesla's infrastructure. It's the owner's faults." He claimed to be able to [twitter.com] disable a car's remote camera system, unlock doors and open windows, and even begin keyless driving. He could also determine the car's exact location [twitter.com].

However, Colombo clarified that he could not actually interact with any of the Teslas' steering, throttle, or brakes, so at least we don't have to worry about an army of remote-controlled EVs doing a Fate of the Furious [arstechnica.com] reenactment.

Colombo says he reported the issue to Tesla's security team, which is investigating the matter.

On a related note, early on Wednesday morning, a third-party Tesla app called TezLab reported that it saw [twitter.com] the "simultaneous expiry of several thousand Tesla authentication tokens from Tesla's side." TezLab's app [tezlabapp.com] makes use of Tesla APIs that allow apps to do things like log in to the car and enable or disable the anti-theft camera system, unlock the doors, open the windows, and so on.

← Previous story [arstechnica.com]Next story → [arstechnica.com]

Original Submission