A team of researchers has discovered a way to hack Tesla's infotainment system, allowing them to download free upgrades that they would normally have to pay for – like heated rear seats.
Οι ερευνητές βρήκαν ουσιαστικά έναν τρόπο να κάνουν jailbreak στο αυτοκίνητο. Το hack μπορεί να δώσει στους ιδιοκτήτες τη δυνατότητα να ενεργοποιήσουν το σύστημα αυτόνομης οδήγησης και πλοήγησης σε περιοχές όπου κανονικά δεν εfiberi available, like they said researchers at TechCrunch, though they admitted they haven't tested those features yet, as that would require more effort.
The researchers will present their research next week at the Black Hat security conference in Las Vegas.
Christian Werling, one of three students at Technische Universität Berlin who conducted the research along with another independent researcher, said their attack requires physical access to the car.
"We're not evil outsiders, but we're actually insiders, we have the car," Werling told TechCrunch in an interview ahead of the conference. "And we don't want to pay that $300 for rear heated seats."
The technique they used to jailbreak the Tesla is called voltage glitching. Werling explained that they "sculpted" the supply voltage of the AMD processor running the entertainment system.
“If we do it at the right time, we can trick the CPU into doing something else. It causes a hiccup, skips an instruction, and accepts our tampered code. This is what we do in a few words".
Με την ίδια τεχνική, οι ερευνητές δήλωσαν ότι ήταν σε θέση να εξαγάγουν το κλειδί κρυπτογράφησης που χρησιμοποιείται για τον έλεγχο ταυτότητας του αυτοκινήτου στο network της Tesla. Θεωρητικά, αυτό θα ανοίγει την πόρτα για πολλές άλλες επιθέσεις, αλλά οι ερευνητές ανέφεραν ότι πρέπει να διερευνήσουν τις δυνατότητες που τους δίνει αυτό το σενάριο.
The researchers were also able to extract personal information from the car, such as contacts, recent calendar appointments, call logs, locations the car visited, Wi-Fi passwords, and session tokens from email accounts, among others.
The attack block based hardware that the researchers achieved is not simple. In fact, they indicated that Tesla should replace the hardware in question.
