Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tesla Model S Hacking Prize Claimed

Soulskill posted about 2 months ago | from the to-the-victors-go-the-electric-spoils dept.

Transportation 59

savuporo sends word that a $10,000 bounty placed on hacking a Tesla Model S has been claimed by a team from Zhejiang University in China. The bounty itself was not issued by Tesla, but by Qihoo 360, a Chinese security company. "[The researchers] were able to gain remote control of the car's door locks, headlights, wipers, sunroof, and horn, Qihoo 360 said on its social networking Sina Weibo account. The security firm declined to reveal details at this point about how the hack was accomplished, although one report indicated that the hackers cracked the six-digit code for the Model S's mobile app.

cancel ×

59 comments

Sorry! There are no comments related to the filter you selected.

Not how this is supposed to work... (3, Interesting)

iluvcapra (782887) | about 2 months ago | (#47485883)

The security firm declined to reveal details at this point about how the hack was accomplished

So it could be a hoax, but more likely they're black-hatting in public view.

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47485993)

Only if they don't tell Tesla. In fact until they tell Tesla and give them some time to get a fix, they probably shouldn't tell the general public.

Re:Not how this is supposed to work... (1)

iluvcapra (782887) | about 2 months ago | (#47486773)

In fact until they tell Tesla and give them some time to get a fix, they probably shouldn't tell the general public.

The hell you say! O_O

Re:Not how this is supposed to work... (4, Funny)

Ol Olsoc (1175323) | about 2 months ago | (#47487089)

Only if they don't tell Tesla. In fact until they tell Tesla and give them some time to get a fix, they probably shouldn't tell the general public.

Oh my fucking God!

Do you mean to tell me that someone might be able to gain control of a car now!

Those Fuckers at Tesla will cause the downfall of civilization!

We have had cars for well over a hundred years now, and it looks like Tesla is the only company that has cars that can be stolen!. Shit! First fires, now stolen vehicles.This electrical car thing isn't going to work at all.

Umm, Thanks, Obama!

Re:Not how this is supposed to work... (1)

Noah Haders (3621429) | about 2 months ago | (#47489483)

people have been getting carjacked for some time, but it would suck if all tesla cars across the nation were carjacked at 70mPH on the freeway

Re:Not how this is supposed to work... (1)

Ol Olsoc (1175323) | about 2 months ago | (#47490305)

people have been getting carjacked for some time, but it would suck if all tesla cars across the nation were carjacked at 70mPH on the freeway

Don't read the news? The Internetz is a-coming to all cars, not just the evil spawn of Satan Teslas. Perhaps the Internal combustion cars will be immune?

You know, this was a way for Tesla to improve their vehicles. They have a slightly different paradigm. Find the problem, and fix it. Somewhat Different than GM's approach to their deadly ignition switch problem.

http://www.nytimes.com/2014/06... [nytimes.com]

But hey - it was an internal combustion engine, so it's just fine - right?

This isn't aimed specifically at you, but to all the asshats who get a raging boner every time Tesla gets a scratch in a paint job or has a flat tire.

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47486001)

Chinese company hosts prize to hack western company. Chinese group claims prize using secret methods which i'm sure are totally legit and prove how advanced they are. Just like in engineering and construction; look at all these bridges [businessinsider.com] they're building!

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47486101)

They didn't follow the LEGO instructions in the bridge kit.

Re:Not how this is supposed to work... (-1)

Anonymous Coward | about 2 months ago | (#47486111)

Me Chinese. Me play joke. Me put peepee in your Coke.

Re:Not how this is supposed to work... (1)

Anonymous Coward | about 2 months ago | (#47486145)

Because no bridges collapse anywhere else...

http://en.wikipedia.org/wiki/I... [wikipedia.org]

http://en.wikipedia.org/wiki/L... [wikipedia.org]

I count 16 bridge collapses on that list alone in the US since 2000.

Re:Not how this is supposed to work... (-1)

Anonymous Coward | about 2 months ago | (#47486155)

Can I stick my long, thick cock up your tight little sissy white boy ass?

- Nigga Tyrone

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47487047)

And all the US bridge collapses of the last 60 years were old and under maintained.
OTOH, those Chinese bridges were relatively new. Each was less than 5 years old, and all but 1 were operated within specs: IOW, they failed due to poor engineering or construction.

Re:Not how this is supposed to work... (-1)

Anonymous Coward | about 2 months ago | (#47487173)

To spec? Really? Did you check the link?

year 2000 onward: China: 11 bridge collapses listed

1 under investigation
4 because of crash into bridge supports
6 because of overload, like 120t load on a 20t bridge.

Maybe Chinese need to monitor their truck weights a little better.

The US Minnesota bridge collapsed because of poor engineering too. "The NTSB said that undersized gusset plates, increased concrete surfacing load, and weight of construction supplies/equipment caused this collapse."

Anyway, bridges collapse everywhere. Saying that Chinese bridges are shit is a ridicules statement. They are no worse than most of the bridges you travel across, and potentially much better quality.

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47490029)

No self respecting Sinophobe in Northern California would use the Made in China SF-Oakland Bay Bridge [wikipedia.org]

Re:Not how this is supposed to work... (0)

Anonymous Coward | about 2 months ago | (#47486343)

Likely the 6 digit pin is derived from the VIN number off the car which in turn with a little mathematical guess work allows anyone to break the app which controls your car.

Re:Not how this is supposed to work... (1)

kwbauer (1677400) | about 2 months ago | (#47490333)

Or a 6-digit pin only has one million combinations to try so they just brute forced it.

Re: Not how this is supposed to work... (1)

garompeta (1068578) | about 2 months ago | (#47492591)

Or the Vin IS the password lol

Larf, dumbass engineers write software (-1)

Anonymous Coward | about 2 months ago | (#47485885)

Larf, dumbass engineers still think they can write software. What's new. I have been cleaning up their messes for 20+ years. Morons.

Re:Larf, dumbass engineers write software (0)

Anonymous Coward | about 2 months ago | (#47485971)

And I've been cuckolding your dad for 20+ years as well!

Re:Larf, dumbass engineers write software (0)

Anonymous Coward | about 2 months ago | (#47487225)

We all know, and it breaks his heart.
My dad has been gay for 25 years, and you've been doing his boyfriend all that time.

Re:Larf, dumbass engineers write software (0)

Anonymous Coward | about 2 months ago | (#47487409)

Your mom is ugly but it's pretty rude to claim she's a man.

Re:Larf, dumbass engineers write software (0)

Anonymous Coward | about 2 months ago | (#47486887)

and software designers cant make anything that works without turning it into a year long project, fear of being exposed for worthless I guess, but dont worry there's plenty of PHP websites you can fix

A six digit code? (0)

Anonymous Coward | about 2 months ago | (#47485903)

Wouldn't it be better to use something with more.. kick? Key based authentication with a stronger than 6 digit password by default?

So (2)

bswarm (2540294) | about 2 months ago | (#47485915)

Basically they guessed the password to gain control of the accessories you can operate with an android app? Some hacking job there, lol.

Re:So (3, Interesting)

ShanghaiBill (739463) | about 2 months ago | (#47486107)

Basically they guessed the password to gain control of the accessories you can operate with an android app? Some hacking job there, lol.

If that is what they did (and we don't know that) then that is a security flaw. Tesla should not have allowed the PIN to be brute forced. The PIN should be stored by the car, not by the app, and it should have a 30 second lock-out after 3 wrong attempts, and then double the lock-out time for each additional wrong attempt. This is Security 101.

Re:So (0)

Anonymous Coward | about 2 months ago | (#47486127)

They didn't say there wasn't a flaw. But brite forcing is not "hacking". That is unless you're a mouth breather.

Re:So (1)

Jason Goatcher (3498937) | about 2 months ago | (#47488255)

I've never understood the mouth-breathing insult. How does my having an odd nasal passage affect my intelligence?

Re:So (1)

savuporo (658486) | about 2 months ago | (#47486193)

PIN probably shouldnt be stored in the car, store a salted hash.

By the way, my old 91 Camaro used to have a start "security feature", where they had a basic resistor embedded in the ignition key. If the resistance was off or didnt start and blocked further tries after 3 attempts or something for 15 minutes.

Awesome when the contacts got slightly oxidized : )

Re:So (3, Insightful)

unrtst (777550) | about 2 months ago | (#47486207)

Tesla should not have allowed the PIN to be brute forced. The PIN should be stored by the car, not by the app, and it should have a 30 second lock-out after 3 wrong attempts, and then double the lock-out time for each additional wrong attempt. This is Security 101.

At which point, anyone in the world could very very easily DOS your car.

There are ways around that, but the naive and very very common implementation you describe is trivial to DOS. I'd hope that the users key could still get them in and get an override, but the app should use much stronger auth to avoid DOS issues (ex. challenge response with something that requires largish compute time for the client in order to register and calculate a very large shared key - ie. this would be a one time registration per client app; then use the lock out on a per-registered-client basis; thus is would be costly to generate more client ids, and the lock out would make each only worth a few bad tries before forcing re-handshake). PIN would still be used on top of that (adds another factor, and something easily set/changed on the car side).

Re:So (2)

ShanghaiBill (739463) | about 2 months ago | (#47486251)

At which point, anyone in the world could very very easily DOS your car.

Nope. The car should only accept PIN attempts from pre-registered devices. So in order to DOS your car, the DOSer would have to first steal your cell phone.

Re:So (1)

unrtst (777550) | about 2 months ago | (#47486571)

At which point, anyone in the world could very very easily DOS your car.

Nope. The car should only accept PIN attempts from pre-registered devices. So in order to DOS your car, the DOSer would have to first steal your cell phone.

Which is basically what I described immediately following that. As long as the registration is something that is not trivial to spam (thus my suggestion for a challenge response akin to DH), then that'd do fine.

But what is the protocol on the wire? One doesn't *have* to go through the app. If the protocol only has a pin in it, then it doesn't matter what app requirements they make. The client must be uniquely and securely identifiable before that 3 strikes and your locked out stuff goes into place, and it has to have some level of complexity to register a client. These are solved problems in public cryptography but, from the sounds of their "hack", I doubt the existing protocol has space for these extra features.

Re:So (1)

MrL0G1C (867445) | about 2 months ago | (#47487867)

At which point, anyone in the world could very very easily DOS your car.

That could be done with a jammer, no amount of fancy security would stop that... except you know, a car door key.

Re:So (0)

Anonymous Coward | about 2 months ago | (#47487907)

Tesla should not have allowed the PIN to be brute forced. The PIN should be stored by the car, not by the app, and it should have a 30 second lock-out after 3 wrong attempts, and then double the lock-out time for each additional wrong attempt. This is Security 101.

At which point, anyone in the world could very very easily DOS your car.

There are ways around that, but the naive and very very common implementation you describe is trivial to DOS. I'd hope that the users key could still get them in and get an override, but the app should use much stronger auth to avoid DOS issues (ex. challenge response with something that requires largish compute time for the client in order to register and calculate a very large shared key - ie. this would be a one time registration per client app; then use the lock out on a per-registered-client basis; thus is would be costly to generate more client ids, and the lock out would make each only worth a few bad tries before forcing re-handshake). PIN would still be used on top of that (adds another factor, and something easily set/changed on the car side).

They neither hacked the car nor they are able to DOS it. They 'hacked' into an account that is a little better than a guest account. They can't even steal it because they have access to the doors and sunroof and despite being able to enter it they can't use the ignotion. Unless they can also change the PIN all they can do is to annoy people.

Re:So (1)

michelcolman (1208008) | about 2 months ago | (#47489025)

They can't even steal it because they have access to the doors and sunroof and despite being able to enter it they can't use the ignition. Unless they can also change the PIN all they can do is to annoy people.

I'm certainly relieved that they couldn't use the ignition: imagine the mayhem the hackers could cause if they figured out how to ignite those batteries!

Re:So (1)

Marc_Hawke (130338) | about 2 months ago | (#47486301)

Do Tesla's have keys? I think it would be pretty awesome to back up the security with a physical item. So, when you lock your car after too many failures, the smart-phone remote access is just completely disabled until you use the physical key to unlock the door.

I suppose you could do the same thing with the key-fob and it wouldn't be any less secure than the key-fob already is.

That would be quite strong defense against brute forcing the PIN, and I don't think it would be that annoying since....how often do you remote-access your car anyway?

Re:So (0)

Anonymous Coward | about 2 months ago | (#47486693)

one of the guys at work had the phone app. he played with it for the first few days and like just about everything else the novelty wore off. There's not a lot you would want to do since you have limited battery - like cooling or heating for a while before you head out to the car. Yes, it has a fob that activates when you get near the car. there are no traditional keys. The door handles don't even pop out until you get near the car with the fob.

Re:So (0)

Anonymous Coward | about 2 months ago | (#47486725)

The opposite is done in many cars. If you unlock the door with the physical key and the remote isn't within range, it sets off the alarm.
Because locks can be picked.

Re:So (1)

michelcolman (1208008) | about 2 months ago | (#47489045)

Yes, it has a "key fob" to allow anyone to steal your car as long as you are in range with the fob when they drive off (for example if you are standing next to the car). When they get out of range, the car will complain about the missing fob but will still continue to drive until you turn it off (or run out of battery). But you can use the remote control on your phone to honk the horn, lower the windows etcetera while they are driving, hopefully attracting attention to them.

(Note: this is how it worked a while ago, they might have issued an update to fix that particular issue)

Re:So (1)

mspohr (589790) | about 2 months ago | (#47486977)

I'll be so dangerous driving down the road with my headlights flashing, wipers on, sunroof open and doors locked!
Now, if they could do the turn signals, they would really have something there.

Re: So (0)

Anonymous Coward | about 2 months ago | (#47487377)

I have a Tesla. The fancy automatic wipers aren't very smart, wiping too little or too much. But now I can hire a Chinese kid to operate them for me! Yay!

Six digits? (1)

jgotts (2785) | about 2 months ago | (#47485953)

Six digits? What is this, the mid-1980's?

Re:Six digits? (-1)

Anonymous Coward | about 2 months ago | (#47485991)

Fuck yo couch, nigga!!

Remote controlled cars (1)

Abhishek Dey Das (3683551) | about 2 months ago | (#47485979)

And that is how we got remote controlled cars.

Not hacking (1)

Anonymous Coward | about 2 months ago | (#47486003)

So by "hacking" they mean brute forced a weak pin. Lame.

Re:Not hacking (0)

Anonymous Coward | about 2 months ago | (#47486323)

That's why the reward is only $10k!

Re:Not hacking (1)

SpeedBump0619 (324581) | about 2 months ago | (#47486327)

Yeah, hacking. You know, that thing you do to underbrush with a machete. And about that subtle from the sounds of it.

Re:Not hacking (-1)

Anonymous Coward | about 2 months ago | (#47486357)

I bet you'd call it hacking if someone fucked up your day doing the same thing.
 
I know, I know... Tesla fagboys are going to bitch about anything against Tesla but if this were a MS or Apple product you'd all be cheering it on and claiming that MS and Apple are too fucking stupid to earn your money. Whatever.
 
Go suck Elon Musk's dick again.

Re:Not hacking (0)

Anonymous Coward | about 2 months ago | (#47486543)

No, I'd call it brute forcing the PIN since I am not a mouth breather.

Also, I don't own overpriced Tesla shit.

Re:Not hacking (0)

Anonymous Coward | about 2 months ago | (#47486771)

Whatever liar. You're a bullshitter. Go die.

Re:Not hacking (0)

Anonymous Coward | about 2 months ago | (#47486955)

Yeah I'm going to be a moron and spend $80k for a car that has less mile range than a golf cart. Or not.

Re:Not hacking (-1)

Anonymous Coward | about 2 months ago | (#47487113)

Fuck off you god damn stupid niggers.

--
BMO

Re:Not hacking (0)

Anonymous Coward | about 2 months ago | (#47487141)

It's called cracking. You would think slashdot would know this.

China Helps China (1)

Anonymous Coward | about 2 months ago | (#47486023)

Simply put this was faked. The only thing this does it market and promote china and Chinese companies. I wouldn't be surprised if the same people where in control of both groups, or knew each other very well.

BF != Hacking (0)

Anonymous Coward | about 2 months ago | (#47486061)

But oh well. You just gave them ten grand anyway.

BF != Hacking (0)

Anonymous Coward | about 2 months ago | (#47487013)

What if they had to make a custom radio so they could reverse-engineer the protocol with packet sniffers and whatnot, then implemented their own client in assembly code -- no, no, in hex -- to do the brute-forcing? At that point is it 1337 enough to be called "hacking"? (captcha is 'posers'...)

The plan is perfect! (0)

Anonymous Coward | about 2 months ago | (#47486069)

With control of horns and headlights we can cause a plague of road rage across the world!

Hacking a car (0)

Anonymous Coward | about 2 months ago | (#47487447)

Hacking a car, same as breaking into a car physically? There's a will.. Theres a way for mechanical or electronic

Poor password selection (1)

wchin (6284) | about 2 months ago | (#47488571)

This "hack" sounds like they brute forced a weak password on the service that that provides access to the Model S mobile apps. That password is shared with the "My Tesla" owner's website. It is possible to set that password to a far longer and complex password, certainly far longer than 6 characters. I suspect this contest was rigged and someone set the password to "111111" or something like that.

The car itself talks to Tesla using an OpenVPN session over 3G or Wifi.

Re:Poor password selection (1)

aviators99 (895782) | about 2 months ago | (#47492527)

Yes, thank you for correcting the inaccuracies. There is no "PIN" for accessing a Tesla. There is a password, with complexity requirements.

You cannot honk the horn or control the windows from the app while the car is moving.

The "hack" was likely a set-up. Could potentially be done with a MitM/replay attack, but that would still lead me to believe it was a set-up.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>