Researchers hack and steal a Model S; Tesla says vulnerability now fixed

Stealing a car used to require a blunt object to break one of its windows, and basic electrical knowledge to hot-wire it. Two Belgian security experts discovered an encryption flaw that let them drive away in a Tesla Model S without busting any glass or cutting any wires.

Researchers working at the KU Leuven University in Belgium figured out a relatively simple way to digitally break into a Model S by defeating the encryption in the wireless key fob, according to Wired. It’s a technique that requires about $600 worth of radio and computing equipment, so it’s not something anyone can do with their smartphone, but that’s a small investment considering the price of a Model S. The hardware is used to access the cryptographic key programmed into each fob and copy it, which essentially creates a new key fob. The thieves can thereupon enter any Model S and drive off in it without setting off the alarm.

“Today, it’s very easy for us to clone these key fobs in a matter of seconds. We can completely impersonate the key fob and drive the vehicle,” revealed researcher Lennert Wouters in an interview with Wired. He added figuring out how to hack into a Model S took about nine months.

Tesla awarded the researchers a $10,000 bug bounty when they privately shared their discovery in August of 2017. It then spent nearly a year verifying the technique and developing a fix, which it began rolling out in June of 2018. First, it designed a more secure key fob. That means cars manufactured after that point aren’t affected by the problem.

Earlier models — a vast majority of the ones on the road — received an additional security barrier via an over-the-air software update. This lets owners set a PIN code that must be entered on the car’s touchscreen before it can be driven off. It’s similar to the PIN that protects a smartphone. Tesla told Digital Trends the PIN function will come to the Model 3 in the future.

“Due to the growing number of methods that can be used to steal many kinds of cars with passive entry systems, not just Teslas, we’ve rolled out a number of security enhancements to help our customers decrease the likelihood of unauthorized use of their vehicles,” a Tesla spokesperson told Digital Trends. “Based on the research presented by this group, we worked with our supplier to make our key fobs more secure by introducing more robust cryptography for Model S in June 2018,” the California-based company added.

Wouters and his partner, Tomer Ashur, blame the flaw on a key fob manufactured by British electronics firm Pektron. McLaren, Karma, and Triumph also use Pektron-sourced key fobs so the same hack could allow thieves to break into vehicles made by those brands.

“This attack is out there, and we’re not the only people capable of coming up with it,” Ashur warned.

Update: added statement from Tesla.


Lucid Motors accepts $1 billion investment from Saudi Arabian fund

The Public Investment Fund of Saudi Arabia will invest $1 billion in upstart electric car company Lucid Motors. Lucid hopes to launch a Tesla-fighting luxury sedan called the Air by 2020.

End your dependence on fossil fuels with one of these amazing electric cars

Electric cars are getting smarter, safer, and more capable with each passing year. Here are our picks for the best electric cars on the market, whether you're looking for a performance ride or a family-friendly crossover.

Tesla’s latest update reportedly breaks Autopilot rather than improving it

A recent update meant to improve Autopilot functions for Tesla vehicles went awry, crippling the system. Elon Musk personally tweeted to say he's aware of the issue and made it a priority for Tesla engineers.

Security flaw on modern PCs could leave your encrypted data exposed

Hackers can revive the decade-old cold boot attack to steal your data by exploiting weaknesses in a modern PC's or Mac's firmware, researchers discovered. The hack requires attackers to have physical access to your PC.
Smart Home

Amazon reportedly will introduce an Alexa-enabled microwave, amp, and more

Amazon's Fall 2018 Alexa device rollout is about to begin, sources say. Look for an Alexa microwave, an amplifier, receiver, and subwoofer, and an Alexa voice-responsive device for your car. Amazon is maximizing its voice-command presence.

Elon Musk: Tesla is bringing most collision repair in-house, outsiders too slow

Dissatisfied with third-party collision repair shops, Tesla CEO Elon Musk took to Twitter to announce the firm is bring most repair work in-house. The goal is a car as good or better than new with repair completed in under an hour.

Audi is finally taking the wraps off its Tesla-fighting e-tron electric SUV

The 2019 Audi e-tron is an electric SUV aimed at the Tesla Model X, Jaguar I-Pace, and Mercedes-Benz EQC. It's Audi's first mass-market electric car, but will it make a good first impression?

Volkswagen built a 210-mph Jetta, and broke a land-speed record with it

A modified 2019 Volkswagen Jetta just set a land-speed record at the Bonneville Salt Flats in the G/BGC class. Boasting a 600-horsepower engine, the Jetta hit 210 mph on the salt.
Emerging Tech

Smart sound system will give every car passenger their own wireless audio stream

Can't agree on what to listen to in the car? Imagine if each passenger could get their own way, courtesy of a personal audio stream — no headphones required. Sounds impossible, but it's almost here.
Emerging Tech

No more scraping? Anti-frosting advance could mark end of frozen windshields

Hate frozen windshields in winter? Researchers at Virginia Tech may have found a way to banish them for good, thanks to the world’s first passive anti-frosting surface. Here's how it works.

Ferrari’s latest special editions are stripped down, old-school sports cars

The Ferrari Monza SP1 and SP2 are inspired by some of the Italian automaker's most legendary sports cars. They mix old school rawness with modern carbon fiber construction and 789-horsepower V12 power.

Lyft offers some fun stats to celebrate its 1 billionth ridesharing journey

Lyft cars have made a billion journeys since its ridesharing service launched six years ago. Announcing the milestone on Tuesday, September 18, the company revealed a few fun stats about its rides so far.

Nissan will invite Google into its cars’ dashboards starting in 2021

The Renault-Nissan-Mitsubishi Alliance has joined forces with Google to develop a brand-new infotainment system. Scheduled to launch in 2021, the yet-unnamed software will boast navigation via Google Maps over-the-air software updates.
Product Review

Aston’s stunning DB11 V8 Volante proves exotic cars aren't just about lap times

With the DB11 Volante, Aston Martin’s marriage of luxury and performance is perhaps at its best, offering hustle that doesn’t feel rushed and refinement with emotion still intact.