Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

admin
Pinned September 11, 2019

<> Embed

@  Email

Report

Uploaded by user
Researchers found another way to potentially clone Model S key fobs
<> Embed @  Email Report

Researchers found another way to potentially clone Model S key fobs

Mariella Moon, @mariella_moon

August 28, 2019
 
Researchers found another way to potentially clone Model S key fobs | DeviceDaily.com
 

Last year, researchers discovered a vulnerability in the Tesla Model S key fob that would’ve allowed thieves to clone it in just a couple of seconds. The automaker and the key fob’s manufacturer, Pektron, created a new version that upgrades its 40-bit encryption to an 80-bit one to make it harder to crack. But now Lennert Wouters of Belgian university KU Leuven has revealed (as reported by Wired) that it’s still possible to wirelessly crack the new key fob’s encryption.

Apparently, the vulnerability allows hackers to break the 80-bit encryption by cracking two 40-bit keys instead. The new attack has a shorter range than the first, and it takes a bit longer than a couple of seconds, but it’s still doable. Model S owners don’t have to worry about bad actors using the flaw to break into their cars, though — all they have to do is upgrade their fobs. Tesla has already fixed the issue, and unlike last year, it doesn’t require new hardware. The automaker has started rolling out an over-the-air software update for existing key fobs. In fact, it already implemented the change for all newly manufactured Model S vehicles last month, so new owners don’t even have to upgrade.

Wouters was impressed by the way Tesla handled the problem, but he warns that plenty of other cars’ key fobs are vulnerable to similar encryption-cracking techniques. Especially since most automakers get their key fobs from third-party manufacturers, and some of them aren’t capable of pushing over-the-air updates like Tesla is.

As for Tesla, the automaker seems to be confident that its vehicles are secure enough. A spokesperson pointed out in a statement to Wired that the company introduced a PIN to Drive feature last year that gave owners a way to prevent anybody from driving their vehicles if they can’t key in the right PIN.

The spokesperson said:

“While nothing can prevent against all vehicle thefts, Tesla has deployed several security enhancements, such as PIN to Drive, that makes them much less likely to occur. We’ve begun to release an over-the-air software update (part of 2019.32) that addresses this researcher’s findings and allows certain Model S owners to update their key fobs inside their car in less than two minutes. We believe that neither of these options would be possible for any other automaker to release to existing owners, given our unique ability to roll out over-the-air updates that improve the functionality and security of our cars and key fobs.”

Engadget RSS Feed

(9)