Tesla hackers exploit voltage glitching for feature unlocking.
【Summary】German PhD students from Technische Universität Berlin demonstrated at the Black Hat conference that they were able to bypass the $300 purchase requirement to activate heated rear seats in a Tesla Model 3 by using voltage glitching. They soldered wires to the infotainment and connectivity ECU, causing the voltage to drop at the right time and fool the system into thinking it was being booted securely.
A group of German PhD students from Technische Universität Berlin showcased their ability to bypass paywalled features in a Tesla Model 3 at the Black Hat conference. Instead of approaching the problem as outsiders trying to gain control of the vehicle, the researchers took the perspective of someone with physical access to the car. They attempted to modify the firmware in the Tesla's computer but were stopped by the secure boot process, which is a recent development in Tesla's computers. Previous versions of Tesla computers had vulnerabilities that were fixed through firmware updates.
The researchers discovered that Tesla computers now have a boot chain of trust, firmware and OS signing, and a root of trust in their AMD SoCs. This made it challenging for the researchers to gain access. However, by soldering wires to the infotainment and connectivity ECU, which contains the gateway chip storing software-locked features, they were able to manipulate the voltage and trick the system into thinking it was being booted securely. This allowed them to gain root access and unlock the heated seats. They also managed to extract information about the car and user data stored in the Tesla computer.
When the researchers reported their findings to Tesla, the company's main concern was whether the exploit was persistent. Since it wasn't, Tesla did not respond further. Achieving persistence would require soldering a mod chip to the board itself, which would void the warranty. The researchers have not yet tested their method on an actual Tesla, but an independent security researcher who worked with them has tried it successfully.
While the team has not attempted to duplicate the exploit on other vehicles with software-locked features, they believe other manufacturers may not have the same level of protection as Tesla. The researchers noted that Tesla has invested in attracting hackers to improve their software defense, which may not be the case for other automakers. It is worth mentioning that Tesla's reliance on voltage-vulnerable AMD chips in their computers raises concerns about supply chain security.
The team behind the 2021 AMD voltage glitching paper suggested that software modifications could be made to detect voltage modulation and prevent insecure boots. It remains to be seen if Tesla will release a patch to address this vulnerability. However, the automaker has not responded to inquiries on the matter.
-
Electric Nissan Juke: A Sneak Peek at the Future
-
Electric cars set to become more affordable
-
Major creditor in talks to acquire Volta Trucks
-
Chinese EV maker's valuation close to Tesla
-
EVs' Limited Success in the U.S., Excluding Teslas
-
Toyota's Dedication to Quality Shines in Century Bolt Tightening Process
-
Tragic Accident: Bentley's Speed Questioned in Niagara Falls Deaths
-
Accelerating Car Development with Mazda-backed AI Firm
- Hyundai's India expansion plans
- Carmakers inundating market with fresh electric vehicles
- Carmakers inundate market with fresh electric vehicles
- Soaring Potential: The Future of the 'Chinese Tesla'
- Toyota's readiness for assembly line changes in response to Tesla's 'gigacasting' revolution
- Cybertruck queues evoke memories of early iPhone frenzy
- Innovative Automobile Designs
- Hybrids: Toyota's Current Success
- Bentley Mulsanne returns to Crewe
- Dodge Magnum SRT-8 Up for Auction
About Us
Contact Us
Careers