this post was submitted on 04 Aug 2023
566 points (99.1% liked)

Technology

59340 readers
5442 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

The researchers will present their research next week at the Black Hat cybersecurity conference in Las Vegas.

Christian Werling, one of the three students at Technische Universität Berlin who conducted the research along with another independent researcher, said that their attack requires physical access to the car, but that’s exactly the scenario where their jailbreak would be useful.

“We are not the evil outsider, but we’re actually the insider, we own the car,” Werling told TechCrunch in an interview ahead of the conference. “And we don’t want to pay these $300 for the rear heated seats.”

The technique they used to jailbreak the Tesla is called voltage glitching. Werling explained that what they did was “fiddle around” with the supply voltage of the AMD processor that runs the infotainment system.

“If we do it at the right moment, we can trick the CPU into doing something else. It has a hiccup, skips an instruction and accepts our manipulated code. That’s basically what we do in a nutshell,” he said.

With the same technique, the researchers said they were also able to extract the encryption key used to authenticate the car to Tesla’s network. In theory, this would open the door for a series of other attacks, but the researchers said they still have to explore the possibilities in this scenario.

The researchers said they were also able to extract personal information from the car such as contacts, recent calendar appointments, call logs, locations the car visited, Wi-Fi passwords and session tokens from email accounts, among others. This is data that could be attractive to people who don’t own that particular car, but still have physical access to it.

Mitigating the hardware-based attack that the researchers achieved is not simple. In fact, the researchers said, Tesla would have to replace the hardware in question.

Tesla did not respond to a request for comment.

you are viewing a single comment's thread
view the rest of the comments
[–] autotldr@lemmings.world 10 points 1 year ago (2 children)

This is the best summary I could come up with:


A group of researchers said they have found a way to hack the hardware underpinning Tesla’s infotainment system, allowing them to get what normally would be paid upgrades — such as heated rear seats — for free.

This may also give owners the ability to enable the self-driving and navigation system in regions where it’s normally not available, the researchers told TechCrunch, though they admitted that they haven’t tested these capabilities yet, as that would require more reverse engineering.

“We are not the evil outsider, but we’re actually the insider, we own the car,” Werling told TechCrunch in an interview ahead of the conference.

Werling explained that what they did was “fiddle around” with the supply voltage of the AMD processor that runs the infotainment system.

With the same technique, the researchers said they were also able to extract the encryption key used to authenticate the car to Tesla’s network.

In theory, this would open the door for a series of other attacks, but the researchers said they still have to explore the possibilities in this scenario.


I'm a bot and I'm open source!

[–] j4k3@lemmy.world 18 points 1 year ago (1 children)

This bot needs a conditional check implemented to count the number of lines in the original post's comment, then only post if the length is shorter than some arbitrary value or percentage of its own results.

[–] RamSwamson@lemmy.sdf.org 10 points 1 year ago (2 children)

Now I want a nuisance bot. Maybe start things off like:

This is the longest summary I could come up with:

[–] eager_eagle@lemmy.world 3 points 1 year ago

or a shortest summarization bot that always copies the title

[–] RobotToaster@infosec.pub 2 points 1 year ago

A sesquipedalian loquaciousness bot