For months, researchers have been hyping up a new set of vulnerabilities in Tesla's Model S — and today, we finally got a look at what they are. In a presentation at the DefCon security conference in Las Vegas, Lookout's Kevin Mahaffey and Cloudflare's Marc Rogers detailed a method for compromising a Model S's onboard computer and display, allowing them to dupe the speedometer and other readouts, or even turn off the car remotely once the implant is installed.
The good news for Tesla drivers is that the attack requires physical access — Rogers and Mahaffey had to physically plug into the car's onboard ethernet port — so it's unlikely to be exploited at scale. Even when the remote shut down is successfully executed, the result isn't as dangerous as it might be. When the Model S shuts down at low speeds, the parking brake is automatically engaged; at higher speeds, the car shifts into neutral, allowing the driver to steer it off the road without an abrupt stop.
Mahaffey and Rogers say they've discovered five other vulnerabilities in addition to the one presented at DefCon, including one that plays off a years-old weakness in Apple's WebKit engine, but the ethernet-based bug is considered the most severe. Fortunately, Tesla has been working quickly to patch the vulnerabilities and has said it's pushing out a full over-the-air patch to the bug later today, leaving almost no time for the bug to be exploited. It's a sharp contrast to more conventional automakers like Chrysler, which required dealership visits or a mailed-out USB stick to fix a similar vulnerability uncovered earlier this month.