看板car
作者: doctorpi (Dr.Pi) 看板: Gossiping
標題: [新聞] 駭客可在幾秒內偷走特斯拉Model S
時間: Wed Sep 12 05:51:22 2018
1.媒體來源:
International Buisness Times
2.完整新聞標題:
Tesla News: Hackers Discover Way To Clone Model S Key Fob?
3.完整新聞內文:
Electric car manufacturer Tesla, Inc. (TSLA) has dealt with its share of
scandals and controversies, some of which involved the company’s electric
vehicles and many of which did not. The latest problem came to light Monday,
when a group of researchers from Belgium’s KU Leuven University reported
that they had found a way to easily hack the Tesla Model S’s keyless
ignition, Wired reported.
Like many modern vehicles, the Model S is unlocked and started by a key fob
that sends an encrypted signal to the car to start it, rather than by
inserting and turning a key. KU Leuven’s team of hackers spent several
months trying to crack the system, and they were successful. After
reverse-engineering the keyless entry system, they were able to clone the key
fob signal in less than two seconds using around $600 worth of gear, per
Wired.
They also released a short video demonstration of the hypothetical car theft
process. Perhaps the most dangerous aspect of KU Leuven’s findings is that
the cloned key fob can be used more than once, allowing the hacker to
continue driving the Model S.
The good news for Model S owners is that Tesla was alerted to the security
crack more than a year ago. A recent update added the ability to lock the
Model S behind a four-digit PIN code, similar to unlocking a smartphone, as
an added measure of authentication. Aside from that, any Model S made after
June 2018 should be immune to the attack.
Model S owners who got their cars before June may want to turn on the PIN
code function to avoid potential car thefts. The key fob tech was designed by
a firm called Pektron, who made similar tech for auto manufacturers like
McLaren.
Keyless ignition has become more standard in cars in recent years, but it
does not come without flaws. Aside from hacking concerns like what KU Leuven
found, some car owners have actually died because they forgot to turn their
cars off. The engine kept running in enclosed spaces, like garages, which led
to carbon monoxide poisoning.
The security flaw in the Model S was caught and remedied before it became a
widespread issue, but it could be seen as another hurdle on Tesla’s path to
profitability. In recent months, the electric car manufacturer has dealt with
everything from PR scandals involving CEO Elon Musk to the departures of
multiple high-level executives.
4.完整新聞連結 (或短網址):
https://goo.gl/fidXXH
5.備註:
被刪或自刪也算額度內
小弟第一次在八卦發文,本來想用爆卦的但已經有許多外電新聞了不確定會不會違反版規
,這是強者我同事的研究成果,他們成功破解了特斯拉Model S的無線鑰匙系統,能在幾
秒內將40-bit的密鑰用暴力法破解,使用的系統也是可以攜帶型的,只靠行動電源就能驅
動,詳細可參考影片。
https://www.youtube.com/watch?v=aVlYuPzmJoY
他們去年就已通知特斯拉,讓他們有時間改善,前幾天有看到新聞有關要提供安全系統更
新,但看起來是由車主自行選擇要不要自費更換,所以未來應該還有很多車子能用相同方
式破解。另外這次主要出問題的是外包廠商,而使用他們系統的不只Tesla,有名的還包
括McLaren,對相關研究有興趣的朋友可以參考我們研究所的blog。
https://goo.gl/1htiVN
最後溫馨小提醒,影片中的車是自己家的,有任何研究成果也千萬不要隨便對路邊的車子
嘗試啦!
--
※ 批踢踢實業坊(ptt.cc)※ 文章網址: https://www.ptt.cc/bbs/car/M.1536704014.A.FF5.html
→ formatted: 這種事遲早的 38.142.231.154 09/12 05:53
推 JingP: 推 36.227.68.240 09/12 05:54
推 kid725: 玩命關頭的劇情 112.104.2.97 09/12 05:54
推 cattgirl: 推114.137.118.176 09/12 06:01
推 tyrande: 我們的 狗 是不是也這麼好偷 也許更簡單 220.129.61.3 09/12 06:02
噓 rex9999: 建議你朋友來台中 全台TESLA最密集城市 1.169.33.3 09/12 06:03
推 TaiwanNeko: 傳統油車更好偷吧 09/12 06:43
推 iosian: 放心吧,以後會有駕駛監控相機,要偷車先要有車主的照片 09/12 06:48
→ tabrisPTT: 偷了以後就被自動駕駛送到警局... 09/12 07:12
推 sinpi: T大推文超有未來可能性 09/12 07:18
→ maniaque: 然後就被老婆發現老公把車借給小三開的事實 09/12 07:20
→ maniaque: 更重要的是....小三還是男的 09/12 07:21
→ suntex01: 科科,之前還有人特別貼了篇說特斯拉特別安全不怕偷. 09/12 07:26
推 hcshin: 加傳統機械鎖還是有用的 09/12 07:29
→ maniaque: 很快掏保就可以買得到了.....:D 09/12 08:41
→ maniaque: 哪天高科技Model S 裡面加個拐杖鎖也不意外..... 09/12 08:43
→ MUMUKON: 物聯網一定會發生的事情 不EY 09/12 09:26
推 ariesd: 這還要先靠近車主複製KEY...還以為是免KEY直接暴力破解 09/12 09:33
→ DYE: 實體鑰匙有一定的必要性 09/12 09:34
→ drift024: 結果還是要靠近車主啊 還是yo叔厲害 09/12 09:41
推 nnaeo: 還要靠近車主根本就不是暴力法了吧 XD 09/12 09:51
→ axzs1111: 教主快來護駕 09/12 10:21
推 YJM1106: 可以去香港啊 滿街的特斯拉 09/12 11:05
推 JEON: 香港幾乎沒再賣了..... 都以前特價的時候買的 09/12 11:08
推 Scape: 這組駭客有跟Tesla合作,這問題早在今年6月份就解決了 09/12 14:44
→ Scape: 而且他們還拿到了Tesla給的獎金。 09/12 14:45
→ Scape: 正確的說,這問題在2017年就已經發現,但由於是承包商硬體 09/12 14:46
→ Scape: 上的問題,所以一直到今年才完全解決。Tesla 也推出了 09/12 14:47
→ Scape: PIN to Drive功能,來加強安全性。 09/12 14:47
→ Scape: 出事的供應商是Pektron,他們用超弱的40bit密碼才導致這樣 09/12 14:48
→ Scape: 的問題,這家同時也是McLaren和Karma的供應商 09/12 14:50
推 cyc4aa12: 狗肉都做到256位元了!不過遇到複製金鑰應該也沒輒。 09/12 15:06
噓 juunuon: 哪裡暴力了 40bit硬試有這麼快可以賣很多錢喔 09/12 16:46
推 endless0121: 需要鑰匙的話... 乾脆key都不帶好了...用手機 09/12 19:41
推 RPHero: 好像GTA 09/12 20:39
推 cobrabaton: 其實偷車主手機可能比較快 12/26 16:01