I saw an interesting note on the Tesla Motors Club forum a few weeks ago about some “white hat hackers” who were going to hack a Tesla Model S at a big hacker event and thus reveal some vulnerabilities that Tesla should address.
It was an interesting read about white hat hacking and various ways of revealing vulnerabilities to big (and small) companies and governments.
I was curious what the hackers would actually do, but I wasn’t too concerned since I figured Silicon Valley–based Tesla had a superb security team and hadn’t left many holes in place.
Indeed, the hackers actually had to break into the Tesla Model S physically first, and then wire it up with an Ethernet cable in order to gain any access to it remotely. Already, this shows how strongly Teslas are protected, that you can’t really hack it remotely unless you break in and hack it physically first.
But anyhow, once in, what can you accomplish? The hackers, Kevin Mahaffey, CTO at Lookout, and Marc Rogers, principal security researcher at Cloudflare, could “manipulate the speedometer to show the wrong speed, lower and raise the windows, lock and unlock the car and turn the car on or off.” Doesn’t sound like a big deal considering they had to first break into the car anyway to do these basic things. Of course, a good spy movie would use these vulnerabilities wisely, but otherwise…?
Aside from those things, if the car was driving 5 miles per hour (8 kilometers an hour) or slower, they could shut down the car and stop it. Hmm, 5 mph, eh? (Yawn.)
No offense to the hackers, of course, but the point is that Tesla has done a pretty excellent job of protecting its cars. Above 5 mph, if a Tesla was hacked in such a way as to turn the screens black, the driver could still maintain control of the steering wheel and pull over until things got worked out.
Anyway, based on the slight security vulnerabilities these hackers identified, Tesla’s security team quickly patched up the holes and issued an over-the-air update. No other car company I’m aware of implements such updates (something the white hat hackers praised Tesla on), and here’s yet another reason to be in awe of how deeply Tesla is disrupting the car industry. It’s one of Tesla’s 5 big competitive advantages, imho. Imagine if these hackers decided to show the world what can be done with some of the other vehicles on the road… like the ones from Detroit-based companies.