Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Transportation

Tesla Car Hacked Remotely From Drone Via Zero-Click Exploit (securityweek.com) 126

wiredmikey shares a report from SecurityWeek: Security researchers have shown how a Tesla -- and possibly other cars -- can be hacked remotely without any user interaction from a drone. This was the result of research conducted last year by Ralf-Philipp Weinmann of Kunnamon and Benedikt Schmotzle of Comsecuris. The attack, dubbed TBONE, involves exploitation of two vulnerabilities affecting ConnMan, an internet connection manager for embedded devices. A hacker who exploits the vulnerabilities can perform any task that a regular user could from the infotainment system. That includes opening doors, changing seat positions, playing music, controlling the air conditioning, and modifying steering and acceleration modes. They showed how an attacker could use a drone to launch an attack via Wi-Fi to hack a parked car and open its doors from a distance of up to 100 meters (roughly 300 feet). They claimed the exploit worked against Tesla S, 3, X and Y models. "Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan," the report notes. Since the ConnMan component is widely used in the automotive industry, similar attacks could be launched against other vehicles.
This discussion has been archived. No new comments can be posted.

Tesla Car Hacked Remotely From Drone Via Zero-Click Exploit

Comments Filter:
  • Why (Score:5, Insightful)

    by LeeLynx ( 6219816 ) on Tuesday May 04, 2021 @05:12AM (#61345548)
    Do we need to hook every conceivable system to the internet? Are we seriously concerned that we may find ourselves thinking "you know, my seat was a little bit off on the ride to work today. I think I need to adjust it from my desk"?
    • Re:Why (Score:5, Insightful)

      by geekmux ( 1040042 ) on Tuesday May 04, 2021 @05:23AM (#61345566)

      Do we need to hook every conceivable system to the internet? Are we seriously concerned that we may find ourselves thinking "you know, my seat was a little bit off on the ride to work today. I think I need to adjust it from my desk"?

      Because Greed. The remotely accessible system can be maintained by someone remotely at half the cost.

      Anyway, back to your point, I would 100% agree that things like modifying steering and acceleration controls are NOT what I would call part of the "infotainment" system, and therefore should be separated and even air-gapped. Now the question is, just how many features do you disable by doing that?

      The answer is it doesn't matter, because you should have done that in the first place.

      • by Anonymous Coward
        Actually WHO, WHAT AND HOW. Which other devices affected. Fancy home locks? Bank Cameras. Internal safe workings, Jail doors, White House Cameras? Yep, the ABA or American Burglar Association will be giving lots of devices their tick of approval.Can I do a few pings and see what targets are in the neighbourhood? Can people still paint US planes, to project UFO images on their screens?
      • Re:Why (Score:5, Insightful)

        by AmiMoJo ( 196126 ) on Tuesday May 04, 2021 @06:08AM (#61345646) Homepage Journal

        There are some very useful features that remote access brings, like being able to pre-heat/cool the car or monitor charging status.

        Unfortunately even with minimal functionality like that there is scope for mischief. A few years back Nissan had an issue where anyone could command any Leaf to pre-heat/cool on demand, potentially running the battery down if the car is unplugged.

        We should be able to engineer this stuff so that it is secure, it's not beyond the wit of man. I won't defend the Tesla system though, there is way too much functionality in there.

        • Absolutely, but as open-source has demonstrated security is hard. Everything visible, with a 1,000 smart eyes looking at it, and we still have CVE after CVE. Yeah we could regress functionality and QOL, but then we'd have to do the same with the computers right in front of us because they've been driven by the same forces* that made the modern car what it is (greater QOL and more functionality) and just as vulnerable.

          *Continue to be as witnessed by the current GPU quest.

          • by sinij ( 911942 )

            Absolutely, but as open-source has demonstrated security is hard. Everything visible, with a 1,000 smart eyes looking at it, and we still have CVE after CVE.

            It is time to admit that humans are lousy at writing secure code and that modern approach of always reusing someone else's unverified code is never going to result in secure systems. No matter how good your own code is, there inevitably going to be someone else's code included in the whole product. I think the only feasible solution is keep developing automated code analysis tools. Yes, currently they generate A LOT of false-positives, but it is still better than doing nothing.

          • by AmiMoJo ( 196126 )

            Defence in depth is the key. The problem here is that one vulnerability gets them the keys to the kingdom (car).

        • by sinij ( 911942 )

          We should be able to engineer this stuff so that it is secure, it's not beyond the wit of man. I won't defend the Tesla system though, there is way too much functionality in there.

          Who is this mythical "We" ? We can't even manage to secure OS on a locked down hardware with secure enclave where the user does not have root privileges (i.e. smartphone) after decade of trying. Why do you think "We" can do better with connected cars?

      • by DarkOx ( 621550 )

        While they may not be infotainment they are also not high risk. CAM bus firewalls exist and its not necessarily unsafe with a proper implementation to allow some controls on that interface to send behavior flags over to systems that might be more critical than other body module type stuff.

        Tesla's I know for example have settings like enable and disable creep mode (simulates what automatics do where the car will creep forward with your foot off the break at idle.) They also like a lot of high end power steer

        • Same thing with wheel feedback. You might be asking why does this feel different all of sudden, and thinking tire loosing air? road surface changed? and start assessing the situation but it does not alter the steering behavior of the car so much that if you are operating it inside a half way reasonable safety envelope to begin with your are going to lose control or something.

          My Jeep has something similar, and it produces exactly what you speak of. In 4WD, it has mud, sand and snow modes, and when it goes into a mode, you think something went wrong, because the steering, brakes and throttle response all get changed. This is in addition to traction control, which is always on.

          It works very well after you get used to it.

        • You mean CAN, and no it does not have a firewall.
          Having done extensive experimentation (project started as an attempt to get non-standardized OBD-2 codes, specifically cylinder-specific misfire counts) on CAN bus, a firewall on it is nonsensical.
          Think of it as a layer-2 protocol. There's no 3 way handshake.
          There are addresses. You're free to spoof as needed.

          Now, is everything tied to the CAN bus?
          No. But these day, more and more things are.
          Can you have separate CAN buses (i.e., infotainment on one, EC
    • Customer Satisfaction! Or just spying, whichever you want to call it. There's an insatiable thirst to keep track of what goes on, and since they can, they will. Just like the question: why does a dog lick its balls? Answer: because it can. (Answer to the question why pop singers date top models asked of the front man of Duran Duran in the James Bond theme song days...)
    • No more than your mouse is a system connected to the internet but that doesn't mean a determined hacker with software vulnerabilities couldn't get into it.

    • Because we can.

    • by invid ( 163714 )
      Man, I really wish I hadn't sold my '78 Chevy Nova.
      • Man, I really wish I hadn't sold my '78 Chevy Nova.

        Have you seen the prices they are fetching lately?

    • by jwhyche ( 6192 )

      The correct answer is, "no we don't." But that seems to be getting harder every year. I found a damn crock pot with wifi. Seriously? It is still possible to buy thing that are not hooked up to the internet. Hopefully, this will continue. I don't need my toaster oven to be internet aware but it couldn't have been if I wanted it too.

    • Well for cars, we had features like remote start for decades now. Where you can start your car in the winter without having to go outside so when you enter you car it is nice and warm.

      Also we have fobs that wireless open the doors, and some will start the car without a key and a bunch of other things.

      For Electric Cars especially where a lot of its components are controlled by software updates can improve performance or battery life, as they had found a new optimal way of doing something.

      Oddly enough having

    • Every generation of system designers learn from the scratch

      Toilets are big tech in Japan. Jets of water to wash the butts with so many settings on pressure, temperature, more patterns than a jacuzzi... And they had the bright idea to make it controllable from your cell phone! Via blue tooth! No authentication between the cell phone app and the toilet computer. Hotels have adjacent bathrooms separated by just thin walls ...

      Very funny to read the disastrous roll out ...

      • Reminds me of a comedian's story about attending a festival and staying in a crappy motel. His RF TV remote was interfering with his neighbor's, and vice-versa. He was trying to watch the hockey game, his neighbor was trying to watch porn. Hijinks ensue. It's probably obvious who won.
    • I'm not following, could someone make a car analogy? :_)

      hawk

  • by DrXym ( 126579 ) on Tuesday May 04, 2021 @05:15AM (#61345556)
    I wonder if Teslas can be hacked to bake dogs (or children) that someone has decided to lock in the car with the AC turned on.
    • Well, not using this exploit. You'll note the the entirely dishonest summary said,

      Security researchers have shown how a Tesla -- and possibly other cars -- can be hacked remotely without any user interaction from a drone...."Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan,"

      Entirely dishonest reporting! Security researchers have shown that Teslas USED to be able to be hacked remotely from a drone. It is far more accurate to say that other car makers likely are vulnerable to this exploit than to say that Tesla still is. After all, they still use the code, while Tesla doesn't.

      Until they spot a similar flaw in Tesla's new code, the real story is that as soon as this was discovered Tesla pushed a software update out to its cars and fixed the problem, while other car makers did not do likewise.

      • Yea. Something that happened in the dark ages of 6 months ago would never happen in the modern world. We're not savages any more.

        • Tesla's have an over the air auto-update feature, so it is very unlikely that someone is using the old code. So 6 months ago is a long time for a Tesla Software to be running.

          • by DrXym ( 126579 )
            Unless the exploit manifests some other way and exactly the same possibility arises. The sensible thing would be for the car to default to not allow remote control of actions and require the usually manually enable them from their car console before they can be used remotely.
      • Entirely dishonest reporting! Security researchers have shown that Teslas USED to be able to be hacked remotely from a drone. It is far more accurate to say that other car makers likely are vulnerable to this exploit than to say that Tesla still is. After all, they still use the code, while Tesla doesn't.

        Tesla generates clicks, either from it's rabid haters, or it's rabid lovers. And this headline is the perfect example.

        The only tiny bit of honesty was that short para at the end. But making Tesla into the villain, when they are the sole automaker who fixed the issue as soon as it was shown seems a bit like shilling for the others who haven't. Most read the headlines maybe a paragraph, then gloat how Tesla is vulnerable, and what a pity - their Chevy Whatsit is perfectly safe.

        Only the Whatsit isn't.

      • by AmiMoJo ( 196126 )

        According to TFA they discovered this as a zero day last year for a competition that was subsequently cancelled due to COVID. So at the time it worked on the latest version of the software.

        They reported it to Tesla who fixed it, and are now reporting it publicly since enough time has passed that most cars will be patched.

      • Yep, fixed in Oct 2020, so not a problem on Teslas... is a problem on other cars.

        Also worth note, acceleration and steering options aren't life threatening changes ... I mean they can make the car accelerate slower like a normal gas car. And make the steering softer or harder. Annoying if someone hacked your stuff to do that, but not a big deal. The thing I'd be worried about the most is the seat controls... if I were to get squished while driving it would not be safe. But on the Tesla Model 3 and Y, you do

    • Being that they patched the problem 6 months ago, I doubt it is a problem.

      However other cars who use "ConnMan" (BTW: Who the Hell would think buying a software product called ConnMan would be a good idea! I don't care how good their marketing is, and what reviews they have, a name like that would just be a huge Red Flag!) will have the problem, and those just don't get the Press coverage that Tesla has.

      News: Tesla are ScArRrRy! Because they are new, (and they don't do advertisements, so the news companies

  • by Anonymous Coward on Tuesday May 04, 2021 @05:17AM (#61345560)
    Sweet! A friend of mine suggested hacking several thousand Telsas, have them self drive to the Utah salt flats and park them such that they form a grey alien face, or a hammer and sickle. Then sit back with soda and popcorn and enjoy the inevitable conspiracy theories, Q-drops and of course the unhinged Tucker Carlson rant. This puts us one step closer ...
    • Better yet, use them in a corn field and make crop circles.
      • by Misagon ( 1135 )

        Make crop circles at night and return the car to its parking spot before sunlight, so that the owner won't notice.

        • Make crop circles at night and return the car to its parking spot before sunlight, so that the owner won't notice.

          Hello, National Enquirer? Yes it happened again, my Tesla is spontaneously creating dirt and corn again, but this time I have pictures!

  • by Joce640k ( 829181 ) on Tuesday May 04, 2021 @05:42AM (#61345590) Homepage

    I can't wait to be able to use your Tesla to commit a crime for me while you're busy sitting at your desk, eg. deliver a shipment of drugs.

    Good luck pinning that one on me!

    • Hey look a car with your License plate was found.
      A warrant for information about that cars account from Tesla later.
      You are being arrested for such and such charges. Because Tesla is showing that your phone is being used to tell the car to go to that location.
      Then lets cross reference it with data from your Cell phone company, yep, it shows that you had your phone while you were at work all day.

      It is like a Q-Anon idiot who is afraid the Covid vaccine has a tracking chip on it, while complaining that Apple

  • Expect more (Score:5, Insightful)

    by quonset ( 4839537 ) on Tuesday May 04, 2021 @05:46AM (#61345602)

    Is anyone surprised this happened? Even though this vulnerability was patched that doesn't mean there are others which have not.

    So long as manufacturers insist on shoving computers into every minuscule aspect of a vehicle, even when not warranted, this will continue. Just wait until the first instance of a vehicle being taken over while driving on the highway is used to cause a massive pile up. How many dead and wounded will we have to suffer until manufacturers get it through their skull this crap isn't needed?

    • It's not the fault of computers, any more than it's the fault of your computer when you go crazy on social media. Fix people and you'll find that a lot of problems go away, oh like say the desire to break into things that aren't theirs.

    • Re:Expect more (Score:4, Interesting)

      by DarkOx ( 621550 ) on Tuesday May 04, 2021 @07:21AM (#61345806) Journal

      Except all of these driver assist features require some amount of 'computer' even if its just a little micro controller.

      EFI is way more efficient than mechanical FI or carbs, but it requires a computer.

      Electronic stability control can make a huge safety difference over just simple ABS or nothing - but it requires a computer.

      Things like lane assist - the jury is out on if these really improve safety much but they require a computer.

      Pure nice to have features like adjustable power steering behavior etc - maybe it could be done with some analog control but practically a computer control implemenation will be more flexible, more reliable, and general superior while also being cheaper.

  • Comment removed (Score:5, Informative)

    by account_deleted ( 4530225 ) on Tuesday May 04, 2021 @05:55AM (#61345624)
    Comment removed based on user account deletion
    • Oof, that's actually somewhat hilariously bad.

    • ...a better way would require you to e.g. get inside the car and press a service-button or similar first!

      They'll fix that in the next software update. It'll be wired to the door handle. On the outside at first. Minor oversight discovered after that funny looking dildo-drone flew by the Tesla dealership and slap-hacked the lot of them.

      Then they'll wire it to the trunk release where it should be.

      (Baby steps people. We're replacing bugs here, not developers.)

    • by sinij ( 911942 )

      They configured Connman to automatically connect to any access-point called "Tesla Service" with a hard-coded password stored in the car's firmware!

      Seriously? Someone going to deservingly get fired over this.

      • I am sure someone got fired. Hope it is not the lowly developer who implemented this brain dead piece of code, he/she at best deserves a slap on the wrist. The manager who signed off on the code and agreed to implement the feature should get a more serious reprimand. If it turns out the development was proposing a stronger security model and other managers and higher ups were diluting the requirements or applied pressure to open it up, they need to face very severe consequences, fired for cause, all stock o
    • by GoRK ( 10018 )

      Yes; this was a pretty bonehead move by Tesla; now imagine when Ford or Nissan or Subaru do it on one of their cars that can't even be updated. Oh wait, they have had this kind of problem hundreds of times already and nobody apparently gives one shit.

    • But that was patched 6 monts ago. And over the air updates had applied them a while ago. I am more scared about other automakers (who also have inexperienced devs, and often more-so than Tesla) who put it in the cars, without any sort of way to update other than going to your dealer.

    • by King_TJ ( 85913 )

      Interesting ... but in Tesla's defense, the ability to have the car auto-establish a wifi connection to any Tesla Service SSID was something many Tesla owners traditionally considered a handy feature. People lacking a good Internet connection would often find their vehicle missed several of the software updates that only get pushed over wifi (vs 3G or 4G cellular connections, which they try not to use except for smaller or really critical patches). The standard advice for these situations was to try to par

    • Tesla cars are location aware. They have cameras. The A pillar has an RFID reader. The car has enough memory to store 10 driver profiles.

      Tesla coming within GPS coords of service center could contact Tesla servers via LTE network, download the access point name and a one time use password. Can connect safely, securely without any involvement of the technicians. There are dozens of assets Tesla could deploy and ensure a secure log in.

      More importantly they can upgrade every car already sold and in service

  • by Ecuador ( 740021 ) on Tuesday May 04, 2021 @06:04AM (#61345638) Homepage

    I mean I don't expect Teslas to be less vulnerable than other cars - I have no reason to believe one way or the other, but since the specific vulnerability used was on the 3rd party 'ConnMan', which Tesla does not use since last year while other manufacturers still do, why not demonstrate on one of those manufacturers? Is it just to feed on Tesla hate by getting 'Tesla hacked' headlines (which sort of imply it is the one vulnerable brand).
    At least I am confident my older Ford cannot be hacked. It has a bluetooth enabled sony mp3/cd/dab media center that refuses to cooperate with practically any other device be it android, ios etc to do simple things like play streaming music or receive calls. So when it does not do things it's supposed to do, good luck getting it to do things it's not.

    • Comment removed (Score:5, Informative)

      by account_deleted ( 4530225 ) on Tuesday May 04, 2021 @06:10AM (#61345652)
      Comment removed based on user account deletion
      • by Ecuador ( 740021 )

        Ah, OK, that makes sense, it is not new research. I obviously, in /. tradition, did not RTFA.
        Now that I have, this bit is interesting:

        Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan. Intel was also informed since the company was the original developer of ConnMan, but the researchers said the chipmaker believed it was not its responsibility.

        The researchers learned that the ConnMan component is widely used in the automotive industry, which could mean that similar attacks can be launched against other vehicles as well.

        So, Intel makes (the rather serendipitously named) ConnMan and they couldn't care less it has vulnerable :D

        • ConnMan creates a vulnerability when Tesla configures it to connect to an AP called "Tesla Service" with a hardcoded password.

          It's not clear that it is a problem out of the box.

      • That doesn't address the write-up of this, which is all, "Tesla is vulnerable to this, maybe some other people are too.", then at the bottom, oh BTW Tesla stopped using this code but others didn't.

        Tesla is not vulnerable to this! They used to be, sure. But not anymore. You can't lead with, "Here's how Teslas can get hacked!" when that's not true anymore. Any reporter without an anti-tesla viewpoint would have written down the facts, not started with an outdated lie.

        How hard is it to write, "Researchers plan

    • by Entrope ( 68843 )

      The ability to exploit this was apparently enabled by having Tesla's onboard computer automatically connect to a certain WiFi ESSID with a fixed password (see Gaygirlie's comment above). Maybe other vehicles aren't so gullible, and that's another reason why this was demonstrated on a Tesla?

    • People here hate Tesla for some reason so the stories generate clicks. You'd think they would be thrilled their car uses open source software but instead its always Oh fuck that electric bullshit.

      • People are generally thrilled by the OSS, but dismayed by the insecure design.

        For instance, the software partition should not be writable without throwing a write enable switch.

        This ain't that complicated. I mean, security is complicated, but Tesla is failing at it pathetically. They aren't even trying to use best practices. This is inexcusable in a vehicle with the high level of integration that Tesla uses.

    • I wondered this myself. There is a push on to hurt and tear down at Tesla and Elon Musk. Are there organized people trying to short his stock? Weren't these the same people putting him on a pedestal for pushing electric cars so hard?

      Is his success making him a target for lawsuits, hence the trumpeting and over-hyperventillation at these issues, building a background hate meme in the populace useful in such?

      Is he not playing the game of political donations?

      I haven't seen stuff like this since the week Tas

  • by Registered Coward v2 ( 447531 ) on Tuesday May 04, 2021 @06:13AM (#61345658)
    Seems the later is more appropriate...
  • by 140Mandak262Jamuna ( 970587 ) on Tuesday May 04, 2021 @06:14AM (#61345660) Journal

    "Tesla patched the vulnerabilities with an update pushed out in October 2020, and it has reportedly stopped using ConnMan," the report notes. Since the ConnMan component is widely used in the automotive industry, similar attacks could be launched against other vehicles.

    Tesla can, and did, fix such vulnerabilities discovered after shipping the product. The same vulnerability in other cars can not be fixed so easily and it would involve bringing the car to the stealership, if the car maker agrees to fix it. Not very sure they will fix it for free.

    But that story will not get the clicks, so Tesla hacked is bandied about.

    • True, but as the post above yours demonstrates there are mistakes, then there are MISTAKES. In other words security 101 says it shouldn't have happened in the first place. This is why security is both a profession as well as a process, and companies (as well as open-source) need people who live and breath this stuff.

      • Definitely the Tesla developers were morons to come up with a code like this. There is no question about it.

        But they were not more moronic than competition, and the Tesla managers were as pointy head bosses as any in competition.

        The only saving grace in this fiasco, is Tesla has the means to fix such mistakes.

    • by jeremyp ( 130771 ) on Tuesday May 04, 2021 @07:05AM (#61345760) Homepage Journal

      I regard the fact that my car cannot have its software updated without me physically taking it to a dealer as a feature, not a bug.

      • by green1 ( 322787 )

        Having lived with Tesla's continuous feature removal and UI downgrades over the air, I'm inclined to agree with you.
        I must say that Tesla has really soured me to the whole concept of ota updates on future vehicles, they so often use it to remove functionality or degrade the UI, and almost never to add anything or improve anything. If my car still had the same UI, and the same features it had when I bought it in 2015 it would be a much better vehicle than it is today.

    • https://www.autoblog.com/2019/... [autoblog.com]

      Granted the story is old, but the point won't go away.

      It's not like Win10 May 2021 is substantively more secure than Win10 2016. Better, sure - but more vulnerabilities are always possible. It's not like hackers are going out of business anytime soon.

  • automated drone wifi hacking is going to be a bad time

  • How to get publicity (Score:4, Informative)

    by Ada_Rules ( 260218 ) on Tuesday May 04, 2021 @06:54AM (#61345734) Homepage Journal
    Me: Hey boss, I want to do a demonstration and then a press release about cyber vulnerabilities in cars. My plan is to use this Hyundai and show how I can change the radio from AM to FM.

    Boss: boring. nobody will read that. Can we make it a Tesla?

    Me: Well sure, but then we'd be demonstrating something that is not really relevant anymore and we'd have to find a car that was prevented from getting any updates which they generally do automatically...

    Boss: No problem, I know a guy at a junk yard who recovers scrapped Teslas and fixes them and prevents getting updates.. Still, I don't think this is really going to be eye catching enough. I mean there are lots of stories about cars being hacked.. Can we spice it up some more?

    Me: Well, I suppose we could say something about a drone

    Boss: Is a drone required for this?

    Me: No, but it will sound cool.

    Boss: Great. Still needs something else.

    Me: We could call this old irrelevant attack "T-Bone" to bring forth imagery of a horrible car crash.

    Boss: Can this attack be used to create a T-Bone accident?

    Me: I guess not really..but maybe.

    Boss: It's a go!

    ----

    I am not saying that this is not interesting - doing a test like this to 'demonstrate' something that is well known and patched is a semi-publicity stunt....it does work..so there is that.

  • Most of modern cars have some kind connectivity. While Tesla is a high-profile target, so security researchers would target it for PR, the actual malicious actors are likely have zero-day exploits for all Chevys and Hyundais out there. So if your budget car with "infotainment" is connected you can be sure that it is vulnerable even when it was new. The only way to mitigate it is to find cell modem antenna and disconnect it.
  • It is important to note that Dr. Weinmann and Mr. Schmotzle discovered the vulnerability and created a reliable exploit for it without having access to an actual Tesla car. “We emulated Tesla’s ConnMan entirely in our own emulator - KunnaEmu.

    Slashdot has a long tradition of people posting without reading the article, but it's beginning to look like the Slash editors are the worst of these.

    • by green1 ( 322787 )

      Hard to test it on a car when the vulnerability was patched 6 months ago and the manufacturer basically forces the updates to all their users.

      • by clovis ( 4684 )

        wtf is wrong with you people.
        The discovery of the exploit came before the Tesla patch, so yeah it could have been tested on an actual car.
        But it wasn't. so the slashdot article title is a lie.

        From the embedded link you had not read ...

        Named “TBONE”, these exploits were originally written for the PWN2OWN 2020 contest, which was cancelled due to COVID-19. They later disclosed these vulnerabilities to Tesla, who patched them in update 2020.44 in late October 2020.

        • by green1 ( 322787 )

          So "news" is the part missing, specifically the "new" part.

          • by clovis ( 4684 )

            So "news" is the part missing, specifically the "new" part.

            lol, yes. There is that.
            You've expressed the crux of the matter better than I.

  • by DrYak ( 748999 ) on Tuesday May 04, 2021 @09:06AM (#61346114) Homepage

    Tesla Car Hacked Remotely From Drone Via Zero-Click Exploit

    "3d printer" !!!
    You forgot to cram 3d printer into the title!

    Damn you, I was that close to crossing out my bullshit buzzword bingo!

  • There can't be good karma using this.

    Maybe somebody thought it was "cute", but I would think that nothing but trouble would come out of something called that.

  • ...sends a fleet of self-driving cars off a bridge?

  • TSIA.

    We are astonishingly far away from where I'd confidently get into an autonomous car without thinking some darknet script-kiddie isn't going to fuck with me (or worse). This Tesla example is only a faint hint at the data stream and connective systems involved that an autonomously driving car is going to have.

    I do *not* understand why we are pushing so bloody hard to adopt something NOT READY FOR PRIME TIME.

"Nuclear war can ruin your whole compile." -- Karl Lehenbauer

Working...