Tesla recently issued a few security updates to make its vehicles less susceptible to hacking, but it’s still possible for thieves to thwart those safeguards if they aren’t used: In a new video, a duo of car bandits hack into a Model S using a tablet and phone to commandeer signals from the car’s keyfob.
Anthony Kennedy was the carjacking’s victim. He posted surveillance video to YouTube in an effort to highlight how enterprising thieves can remotely access Tesla keyfobs, overcome their encryption, and pop open the car’s doors. The bandits hit a hiccup when they couldn’t figure out how to detach the car’s charger, but still managed to drive into the night at an alarmingly quick pace. Researchers have highlighted how keyfob hacks only require a few minutes.
The heist could serve as a tutorial for prospective Tesla thieves, but only because Kennedy failed to use the car’s security features: In the video’s caption, Kennedy notes he hadn’t activated the Model 3’s “Pin to Drive” feature, which requires drivers to input a numerical code before turning the car on. The car’s passive entry feature was also enabled, allowing the thieves to open the doors once they had access to keyfob data. The key was apparently “at the back of the house,” per the video’s caption.
@elonmusk My @tesla was stolen this morning, with just a tablet and a phone extending my fob range from the back of the house. I get that I should enabled PIN access. I wish it was harder for them to disable remote access though. I can’t track it or disable it. 🙁
— Antony Kennedy (@booshtukka) October 21, 2018
Unfortunately for Kennedy, the hackers either removed the car’s SIM card, or blocked its access to the internet, rendering it un-trackable. In June, Tesla unveiled “Pin to Drive” and improved cryptology for its keyfobs to guard against hacks, although its apparent that the security protocol can only do its job if its switched on.
Originally posted on Popular Mechanics