On January 13, there were media reports that a 19-year-old teenager abroad found a software vulnerability in Tesla Motors, which could unlock the windows, control the safety warnings in the car, and even drive away without a key. He said more than 25 Tesla electric vehicles in 13 countries have been hacked through the vulnerability, all of which have shut down their security systems.
Xiao Lei learned that the teenager is David Colombo, a German security researcher, who said on Twitter that the software vulnerability of Tesla Cars can allow hackers to remotely open doors and windows, start without a key, close the vehicle safety system at the same time, but also remotely check whether there is a driver in the car, operate the car's audio system, danger warning lights and so on.
Imagine if you were driving a Tesla car, a hacker remotely operating your car lights, or opening windows, doors, etc., the degree of danger can be imagined. The wrong car lights can even send the wrong driving signal to other drivers on the road, and the chance of a car accident is greater.
The researcher said that the effect of this interference is relatively limited, and the owner's operation and driving function will not be affected. Even so, Xiao Lei believes that if his vehicle is at risk of being manipulated, it is as if the car is not his own, which cannot bring people a sense of security.
At present, cars are gradually transforming to intelligence and electrification, which means that various functions in the car may be connected to the car computer, or even networked. Since the computer has the possibility of being hacked, then new energy vehicles must also have, so manufacturers pay special attention to the security and privacy of the car. Positioned relatively high-end electric vehicles often have automatic assisted driving systems, in case of hacking in the process of automatic driving, the consequences are unimaginable.
While the security researchers did not disclose details of the software vulnerability, it claimed that the vulnerability was not in Tesla's software and vehicle hardware, and that only a small percentage of Tesla owners would have been affected by the hack. In addition, he is in contact with tesla security teams, which are investigating issues that Tesla users don't need to worry about.
In response to the security risks in the car, Tesla has also set up a vulnerability disclosure platform, on which security personnel can register their vehicles for testing, and those who find vulnerabilities can get the company's rewards. Some time ago, Tesla rewarded a vulnerability whistleblower with $15,000.
Of course, Xiao Lei does not recommend that others take the risk of using loopholes to twist their minds, and if they engage in this kind of thing in China, they will definitely have to eat prison, and others at least did not steal cars through loopholes. This incident is also a warning to Tesla and other new energy vehicle manufacturers, the on-board computer is gradually upgraded, the performance can even catch up with the PS5, but car companies should not ignore the danger of security vulnerabilities.