Researchers hack and steal a Model S; Tesla says vulnerability now fixed

Stealing a car used to require a blunt object to break one of its windows, and basic electrical knowledge to hot-wire it. Two Belgian security experts discovered an encryption flaw that let them drive away in a Tesla Model S without busting any glass or cutting any wires.

Researchers working at the KU Leuven University in Belgium figured out a relatively simple way to digitally break into a Model S by defeating the encryption in the wireless key fob, according to Wired. It’s a technique that requires about $600 worth of radio and computing equipment, so it’s not something anyone can do with their smartphone, but that’s a small investment considering the price of a Model S. The hardware is used to access the cryptographic key programmed into each fob and copy it, which essentially creates a new key fob. The thieves can thereupon enter any Model S and drive off in it without setting off the alarm.

“Today, it’s very easy for us to clone these key fobs in a matter of seconds. We can completely impersonate the key fob and drive the vehicle,” revealed researcher Lennert Wouters in an interview with Wired. He added figuring out how to hack into a Model S took about nine months.

Tesla awarded the researchers a $10,000 bug bounty when they privately shared their discovery in August of 2017. It then spent nearly a year verifying the technique and developing a fix, which it began rolling out in June of 2018. First, it designed a more secure key fob. That means cars manufactured after that point aren’t affected by the problem.

Earlier models — a vast majority of the ones on the road — received an additional security barrier via an over-the-air software update. This lets owners set a PIN code that must be entered on the car’s touchscreen before it can be driven off. It’s similar to the PIN that protects a smartphone. Tesla told Digital Trends the PIN function will come to the Model 3 in the future.

“Due to the growing number of methods that can be used to steal many kinds of cars with passive entry systems, not just Teslas, we’ve rolled out a number of security enhancements to help our customers decrease the likelihood of unauthorized use of their vehicles,” a Tesla spokesperson told Digital Trends. “Based on the research presented by this group, we worked with our supplier to make our key fobs more secure by introducing more robust cryptography for Model S in June 2018,” the California-based company added.

Wouters and his partner, Tomer Ashur, blame the flaw on a key fob manufactured by British electronics firm Pektron. McLaren, Karma, and Triumph also use Pektron-sourced key fobs so the same hack could allow thieves to break into vehicles made by those brands.

“This attack is out there, and we’re not the only people capable of coming up with it,” Ashur warned.

Update: added statement from Tesla.


Smishing sounds funny, but it’s a serious threat to your phone’s security

We all know phishing is a huge security problem, but most people still believe it’s a problem limited to email. According to new reports, however, phishing scams are attempting to exploit your trust in text messages.

Many adults believe fully self-driving cars are already traversing U.S. highways

The American Automobile Association tested cars with features such as lane-keeping and adaptive cruise control and found them lacking in real-world conditions. Forty percent of surveyed U.S. adults think self-driving cars exist now.

BMW’s 2020 M340i will show off mix of tech and luxury at the Los Angeles show

The 2020 3 Series represents the seventh generation of BMW's bread-and-butter luxury sedan. Where previous generations emphasized the driving experience, the 2020 3 Series focuses more on tech than ever before.

Tesla brings track mode to Model 3 Performance

The new Track Mode introduced for the Tesla 3 Performance model adds stability to the drive while you're behind the wheel and is specifically designed for driving on closed track courses.

Lime’s first carsharing service motors into Seattle this week

Lime may be better known for its app-based bike and scooter rental services, but in Seattle, Washington this week it's launching its very first carsharing service, similar to Car2go and Zipcar.

Land Rover shows its artsy side by previewing the 2020 Range Rover Evoque

Land Rover made life-sized wire sculptures to preview the 2020 Range Rover Evoque. The all-new SUV will make its debut during a private event held in London on November 22, and deliveries will begin in 2019.

Car parts maker ZF is using drones to deliver components to its factories

ZF recently became the first entity in Germany to receive approval to use drones to deliver spare parts, and the company now uses them to deliver parts from its central warehouses to its workshops.

These headlights have 4 color settings to help save lives under all conditions

Boslla headlights are an easy-to-install solution to achieve all-weather lighting for your vehicle. After a quick ten-minute install, these lights have up to four settings to get you through anything.

The DBX SUV will go where no Aston Martin has gone before

When it launches in 2019, the Aston Martin DBX will be the British automaker's first SUV. In the meantime, camouflaged DBX prototypes will undergo strenuous testing around the world.

Ford teams up with Walmart to study consumer response to autonomous delivery

Last week it was Ford and VW, and this week Ford and Walmart are signaling a desire to work together on autonomous vehicles solutions. Ford and the giant retailer will study consumer reactions to self-driving delivery vehicles.

Our favorite fuel-efficient cars are as frugal as they are fun

You don't need to opt for a hybrid or an all-electric ride in order to achieve good fuel economy. These vehicles pack both performance and style, whether you're in the market for a luxury sedan or a game-changing pickup truck.

Out of juice? Learn how to jump-start a car with this quick guide

Jumping a car is a simple procedure, but not everyone knows how to properly do so. To make things easier, we've put together a quick-hit guide on how to fire up your vehicle using jumper cables and a second power source.

Born to run (forever): The most reliable cars you can buy right now

We all dread the thought of our car turning into a money pit, but choosing a dependable vehicle from the start can help us rack up countless care-free miles. Here, we've rounded up some of the most reliable cars available.

Prep your car for the coming snow and sleet with these cold weather tips

Driving in the winter, whether downtown or across the country, is rarely easy. Luckily, we've put together a quick rundown of a few things you should do to winterize your car before the snow officially hits.