Tesla: Model S software update will patch flaws exposed by hackers

7 Aug 2015 | Author: | No comments yet »

Tesla Model S hacked, but vulnerability is already fixed, says company.

A month after a Jeep Cherokee made headlines for being hacked on the highway – prompting the company to recall 1.4 million vehicles – experts are asking how best to make the modern automobile more secure.Tesla has issued a security update to its Model S car after security researchers discovered six flaws that allowed them to control its entertainment software and hijack the vehicle.

With access to the entertainment software, Kevin Mahaffey, CTO of security startup Lookout, and Marc Rogers, a security researcher at CloudFlare, turned off the engine while a person was driving, changed the speed and map information displayed on the touchscreen, opened and closed the trunk and controlled the radio. This mindset, along with Tesla’s “responsible disclosure” policy, is leaving many looking to the electric car company for advice on making cars “unhackable.” This week at the Def Con hacker conference in Las Vegas, two security researchers will explain how they were able to gain access to a Tesla Model S and force it to power down and stop. Once gaining access, the team was able to work through the entertainment system and connect to the Model S’s main control, allowing them to stop the vehicle. Mahaffey noted in his post that Tesla did include several security measures that made the process difficult, and in many ways, the company is doing more to focus on cybersecurity for what has essentially become “rolling computers.” For example, the car would not come to an immediate stop unless it was traveling at 5 m.p.h. or less. Any software program can be hacked and the assumption is hackers will be able to eventually remotely attack a car’s entertainment applications, Mahaffey said.

One way to bolster a car’s security is by increasing the protection around individual components, and that way preventing a hacker from using one compromised system to access another. Though Fiat Chrysler responded to its vehicle’s vulnerability with a 1.4 million vehicle recall – which essentially became a 1.4 million USB stick distribution – Tesla released a patch to fix the issue on Thursday. Mahaffey would like other automotive manufacturers to fix security flaws by delivering updates over the air, instead of slower, traditional mass repair methods like recalls. “Your car today has more in common with a laptop than a Model T,” he said, adding that cars will need to be patched more quickly than a piece of computer hardware. This is the difference between Tesla and Chrysler, and something that more car manufacturers are looking to tackle: by treating constantly connected vehicles the same way companies treat computers and software issues, danger can be avoided and the company can save money.

U.S. legislators have taken an interest in this issue and have proposed regulations that would force manufacturers to better protect vehicles from hackers. But if a malicious hacker gains control of a vehicle traveling on a crowded highway or pedestrian-clad street, more than just personal information could be at risk.

Here you can write a commentary on the recording "Tesla: Model S software update will patch flaws exposed by hackers".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

About this site