Hacking a Tesla Model S Could Net $10,000 Prize 77
cartechboy (2660665) writes "It seems there's a new hack challenge set every week, but this time, it seems different. A challenge has been thrown down to hack a Tesla Model S with a $10,000 prize. The organizers of a computer security conference have set the challenge and it's open to anyone that registers for the Syscan conference. Taking place in Beijing from July 16-17, the rules for the hack competition haven't been revealed yet but a Model S will be on display for hackers to try their luck on. It's important to note that Tesla itself isn't involved in the competition in any official capacity, nor does it support the competition. If successful, this wouldn't be the first time a Tesla Model S has been hacked. In that instance Tesla was quick to warn people that making changes in the Model S' software would immediately void the car's warranty. Given the car's high-tech nature, it's no shock Tesla's taking security seriously. With $10,000 on the line, it'll be interesting to see if anyone manages to crack the code."
Cheap bastards (Score:1)
$10000? Do all security people work for that kind of money? Have some self-respect. An exploit for a software flaw in a luxury car is worth at least ten times that much.
Re: (Score:1)
10K + taxes / fees and the car is good pay.
Re: (Score:1)
Yes 10k is low but say 10K + the car is good pay for an security person.
Re: (Score:2)
Possession is 9/10ths of the law. Not that familiar with China, but I'm pretty sure you could get it titled for less then it's worth.
Re: (Score:2)
You might have mistaken me for a god damn law abider.
Re: (Score:3)
Re:Cheap bastards (Score:5, Insightful)
You do not get the car if you manage to hack into it.
I guess that depends how well he hacks it. :p
Re: (Score:2)
$10'000 gets you something like 4-5 consulting days from good security experts and that is with the $10'000 paid in every case. In that time you can only hack really bad security. Don't expect anybody good to even try this unless they are bored and not interested in the money.
This is a cheap stunt.
hacking can get you a death sentence there also (Score:2)
hacking can get you a death sentence there also how much time will you for GTA??
There better be a waver that no one will be prosecuted and that you will not be on the hook for the full cost of the car if something go wrong
Something missing from the summary (Score:2, Interesting)
Recently a Tesla Model S was stolen from a dealership and destroyed, and they haven't figured out how the guy managed to do it. [freep.com]
Re: (Score:2)
don't know why is split apart like that.
Re: (Score:2)
It just might have had something to do with being involved in a high speed chase, smashing into several other vehicles and then finally hitting a large metal pole sideways.
While some popular US vehicles [google.com] might be able to drive away from that kind of collision, it seems that the Tesla model S isn't in the same league as far as survivability goes.
Re: (Score:2)
In 2013 the Tesla S scored a Vehicle Safety Score (VSS) better than any other [teslamotors.com] vehicle tested including every major make and model approved for sale in the US. It exceeded not only all other sedans, but all SUVs and minivans. In side pole intrusion, it was the only one scoring "good", night-and-day far better than the the Volvo S60.
If Roger Rodas had been driving a Tesla instead of a Porsche, maybe he and Paul Walker would still be alive. For one thing the car would not have burst into a raging inferno while
Re: (Score:2)
He was talking about an M1 Abrams tank. I have an exceptionally hard time believing that a Tesla is going to do better than a military tank when it comes to running into metal poles.
It helps to figure out if a poster is being facetious before you whip out a self-righteous reply.
Re: (Score:2)
I for one would love to see an M1 Abrams tank going sideways at high speed into metal poles...
Re: (Score:2)
Although it would be interesting to know if the Tesla was braking when it crashed, Base model Porsche 911 stopping distance from 60 is 98 feet, the base Tesla is 150 feet. I haven't seen numbers for 100 to 0 on the Tesla, but in the 911 it is reported as 250 feet so I am guessing the Tesla base model is going to be over 400 feet (M*V*V, means 100mph is 3* more energy than 60mph). So if he had slammed on the brakes from 100mph, 200 feet before the crash, the tesla would have still been doing 70 at the cra
Re: (Score:3)
The Tesla S has a keyless ignition. The key just has to be in range of the vehicle and you can press the start button and take off, even the key isn't in the car with you. Only after you park the car will it refuse to go any further. All the guy had to do was get into the car and that's not that difficult even if the door is locked.
Tesla wants to examine the wreckage because it's an unusual accident and could provide insights into ways that they could improve the structure of the car, not because they ca
Void warranty (Score:5, Interesting)
How is voiding the warranty threat show they are taking security seriously? Everyone puts a voids the warranty warning when they don't want you to see whats inside. IF someone hacks your car is the warranty still void?
Re: (Score:2)
They want to lock out 3rd party shops, jiffy lube, DIYer and make so all work is done at the dealer.
Re: (Score:2)
Re: (Score:2)
Service locations then...
http://www.teslamotors.com/ser... [teslamotors.com]
It looks like Tesla "ranger visit" is $100 per trip with the service plan, presumably since it's not explained on the page a "ranger" is someone who comes to you, like AAA, only Tesla.
Re: (Score:1)
Don't know much about how Tesla operates, now do you?
Your conspiracy theories are lacking in convincing evidence.
Re: (Score:2)
They're really pissed they can't replace the engine oil on the model S... Oh, wait...
Re: (Score:2)
Re: (Score:2)
I dunno.. my LEAF's maintenance schedule for the first 150K miles is pretty much "rotate tires, every 7500 miles, check brakes every 15,000". Checking the brakes, of course, involves checking the brake fluid levels, so there is a fluid. At 150K miles you do have to replace the oil used to cool the battery charger.
But, in general, EVs are very close to maintenance-free.
Re: (Score:2)
"At 150K miles you do have to replace the oil used to cool the battery charger."
Why? In a traditional car, the oil looses its ability to lubricate. What exactly does the oil in a battery charger do after 150K?
No idea.
Re: (Score:2)
They want to lock out 3rd party shops, jiffy lube, DIYer and make so all work is done at the dealer.
Jiffy Lube for your Tesla? What are they going to do to a Tesla? Change the oil and filter?
I don't care who you are, that there is funny...
Re: (Score:2)
Well, there's still transmission fluids, brake fluids, steering fluids, coolant fluids.
Re: (Score:2)
Brake fluid, yeah. Coolant for the battery, yeah. Steering is electric so you lose there. The transmission has no gear change, so no synchro wear due to shifting. It does have gear oil - NOT "transmission fluid" (that's for automatics).
The gear oil is scheduled for change at 12 years / 250,000 km. Brake fluid and coolant once a year - that sounds incredibly conservative, but you have to understand this car could last you an AWFUL long time, so it doesn't make sense to push such paltry expenses.
Re: (Score:2)
If you think the guys at the local quickie lube place is going to know what to do with a Tesla, you are nuts. Most of those guys only have experience with changing oil and usually only for as long as they've worked there. You are lucky if they know "rightie tightie, leftie loosie" and don't cross thread the drain plug putting it back in.
I would suggest you just take it to Tesla and pay them the $600/year to do the maintenance you may need.. In the end it will be cheaper than fixing the mess the oil change
Re: (Score:2)
I mentioned it in another thread, but the Tesla's front suspension really isn't any different than any other car, and needs grease like any other car. The components may be sealed - I don't know, but I would hope not. Sealed ball joints, tie rod ends, etc. tend to wear out faster than those with zerks that are properly maintained IME.
Re: (Score:2)
You cannot be serious....
Where a Tesla has similar components and designs as other cars, the front suspension is going to be totally different than 90% of other sedans it's size. The Tesla Model S is rear wheel drive, which is a departure from the normal front wheel drive for most other cars. I'm sure they omitted the CV joints/boots and half shafts from the front end. So, where the design may be classic, it's not all that common any more.
But more importantly, manufacturers have abandoned the use of gre
Re: (Score:2)
Other than the lack of CV joints (I had thought the S was all-wheel drive, but you're correct on this point), what specifically is different regarding the front suspension? Does it not have upper/lower control arms and tie rod ends with joints that wear?
One could argue that sealed systems are less prone to wear because the dust and grit cannot get i
Re: (Score:2)
But my point that open systems require maintenance remains.... Manufacturers are not out to build things that last longer, just long enough, preferably without maintenance. 100K miles is way past the warranty running out and way past the point where the original owner has sold your average car and moved on. As a manufacturer, what would YOU do? Put something in that lasted forever but required maintenance every 3K miles or it wears out in short order, or go with the maintenance free option that usually ma
Re: (Score:1)
Re: (Score:2)
How is voiding the warranty threat show they are taking security seriously? Everyone puts a voids the warranty warning when they don't want you to see whats inside. IF someone hacks your car is the warranty still void?
That's like buying a nice and secure computer, installing Adobe Reader on it and complain to the manufacturer that it got hacked.
He didn't just look around. He installed Firefox. While FF is not as idiotic as Adobe's bloatware, it is still an entry vector. They warned him against that.
Of course Tesla is not responsible when you install a webbrowser on your car, go to some virus ridden site and have a problem. They could have prevented the installation, but they didn't. Instead they warned the idiot that wha
what happens if a failed hack bricks the firmware (Score:1)
what happens if a failed hack bricks the firmware in a way that the next person / group can't do anything more when it is there trun?
also I don't thing there is a way to do a full reset after someones trun is over.
What will they do if one team does park of the hack and an other does the other part will there be a fight over who do what % and who should get paid?
Re: (Score:3)
what happens if a failed hack bricks the firmware in a way that the next person / group can't do anything more when it is there trun?
Then it was a successful hack!
Re: (Score:2)
makeing so that the car fails or goes into some kind of limited safe mode is successful hack? What if goes into a mode there you need to do a dealer only restore that they will not let anyone do other then the dealer and only after they verify that the owner is there to pick up the car when it is done. and that restore may come with a new $1000+ CPU / ECU with $250+ labor to install it?
Re: (Score:2)
makeing so that the car fails or goes into some kind of limited safe mode is successful hack?
Yes, if the goal is just to prove the thing can be hacked.
What if goes into a mode there you need to do a dealer only restore that they will not let anyone do other then the dealer and only after they verify that the owner is there to pick up the car when it is done. and that restore may come with a new $1000+ CPU / ECU with $250+ labor to install it?
OK, first thing - meet your new friend, the comma. [commnet.edu] Learn to understand one another.
Second, you're moving the goalposts. Stop that.
Third, to restate my point, if the idea is to find a flaw and exploit it, than any result other than "no flaw found/exploited" would be a successful one.
Re: (Score:2)
Pretty sure you can figure it out, champ.
Oh I see... (Score:1)
Re: (Score:2)
Read about all the timing tricks etc you can do with a brush-less 3 phase motor. Check an RC truck forum, their motors are relatively cheap, hence they experiment a lot.
You can easily double a motors torque. Of course you will drastically shorten it's life. If you restore the firmware, I don't see how Tesla could prove you were hot rodding your car.
Re: (Score:2)
That is easy, when you flash the firmware on many of the high security types of systems it increments a counter when the bootloader loads the new firmware. they simply look at the counter and see if it matched the last time it was in for an update or was reported on the last update.
It's as simple as a small cheap i2C eeprom hidden away on the system that is not easily read from the running OS. the hacker would haveto disassemble the system hardware and basically reverse engineer the board to discover it.
Let me get that (Score:2)
With $10,000 on the line, it'll be interesting to see how anyone manages to crack the code.
Fixed that for you. Not a question of "if"...
Figures (Score:1)
Summary sucks (Score:2)
Re: (Score:2)
Excellent point. What on earth do they mean by "hack"?
You give me a Tesla and a box of tools, I can hack the thing in some interesting way. Perhaps I can make it produce toast and keep your coffee warm.... In today's parlance, that would be a "hack" of a Tesla. I saw a story where a guy "hacked" his Prius by adding his own charging circuits to get more distance out of the battery pack, then figured out that he could run most of his home electronics directly from the 200V DC the battery provided. Billed
Already Hacked? (Score:1)
Is that really worth it? (Score:2)
OK, so they have a $10K prize.
Now, purely to play devil's advocate -- if someone manages to exploit the system and doesn't tell anybody, is there more to be gained by that?
Even if it's just maliciously 'bricking' these cars, it seems like this incentive isn't as much as some other activities could be.
Hell, you could probably ransom people's cars back to them for more than that.
Re: (Score:2)
Re: (Score:2)
Hell, you could probably ransom people's cars back to them for more than that.
There aren't that many quality goods and services to spend your ransom money on in prison -- my understanding is that the selection is mainly limited to cigarettes, cell phones, drugs, and "protection".
Re: (Score:2)
well did you reed the EULA? also it seems you said no the Norton antivirus car offer at the time of sale.
Re: (Score:2)
Gas powered car: Someone puts a bunch of mothballs in your gas tank. Your power doubles (but your expected engine life falls to less then 100 miles).
Electric car: Someone reprograms your motor controller. Your power doubles (but your expected engine life is halved or worse).
In ether case you should know that your car suddenly smoking it's tires is not natural and have it checked.
brilliant reselling opportunity! (Score:2)