this post was submitted on 12 Mar 2024
695 points (97.4% liked)

Technology

59589 readers
2946 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[โ€“] givesomefucks@lemmy.world 110 points 8 months ago* (last edited 8 months ago) (8 children)

Once logged in, the hackers could even create a new "phone key," allowing them to come back to the vehicle later and drive off with it without raising suspicion.

That's because Tesla doesn't actually notify the user if a new key is created, as Mysk and Bakry point out in their video.

Mysk tested out the vulnerability on his own Tesla and found that he was easily able to create new phone keys without ever having access to the original, physical key card. That's despite Tesla promising that wasn't possible in its owner's manual.

Once he told Tesla about his findings, the EV maker underplayed the vulnerability, telling him it was all by design and "intended behavior," an assertion that Mysk called "preposterous" in his interview with Gizmodo.

"The design to pair a phone key is clearly made super easy at the expense of security," he said.

Mysk argues it would be easy for the automaker to plug the vulnerability by simply notifying users if a new phone key is created.

Weird the dudes name is so close to Musk, but it sounds like this would be something incredibly easy for Tesla to fix, they're just not doing it and denying it's a problem...

[โ€“] Albbi@lemmy.ca 34 points 8 months ago

I'm surprised Tesla hasn't gotten to the point yet where it's just replying with ๐Ÿ’ฉ, but I guess this response wasn't too far off from that.

load more comments (7 replies)