Researchers Find Super Simple Way to Hack Tesla Keys

Security researchers have found numerous vulnerabilities in some of today’s most popular vehicles, including finding ways to access owner data, take control of vehicle systems, and more. Tesla’s vehicles aren’t immune, and a team of researchers recently showed how easy accessing one of the advanced EVs with a simple electronic device can be.

Read more
Revenge of the Nerds: OEMs Pay Hackers Less Than Most Other Industries

Most readers will remember Dennis Nedry from the first Jurassic Park movie, a computer subcontractor who brought down the entire park for numerous reasons – most of which had to do with money. In other words, John Hammond seemed to have “spared no expense” except for Nedry's services, and therefore Nedry ruined the entire project.


A new report suggests that some car companies may be acting in a similar manner – at least when it comes to the amount of cash they’re paying computer experts to find bugs in their code.

Read more
Seeing Ghosts: Self-driving Cars Aren't Immune From Hackers

Autonomous vehicles “feel” the road ahead with a variety of sensors, with data received sent through the vehicle’s brain to stimulate a response. Brake action, for example. It’s technology that’s far from perfected, yet self-driving trials continue on America’s streets, growing in number as companies chase that elusive driver-free buck.

In one tragic case, a tech company (that’s since had a come-to-Jesus moment regarding public safety) decided to dumb down its fleet’s responsiveness to cut down on “false positives” — perceived obstacles that would send the vehicle screeching to a stop, despite the obstacle only being a windblown plastic bag — with fatal implications. On the other side of the coin, Tesla drivers continue to plow into the backs and sides of large trucks that their Level 2 self-driving technology failed to register.

Because all things can be hacked, researchers now say there’s a way to trick autonomous vehicles into seeing what’s not there.

Read more
Wrecked Cars Are Now a Treasure Trove of Personal Information

As cars grow more dependent upon computer-controlled driving aids and automakers implement permanent internet connectivity, we’ve grown increasingly concerned with how automakers handle their customer’s data.

It sounds conspiratorial, but there’s a series of events to hang the tinfoil hat on. In 2017, General Motors announced it had successfully monitored the listening habits of 90,000 motorists in a study aimed at improving marketing insights. It also rejiggered OnStar and introduced the Marketplace app for seamless in-car purchasing options. Our take was that it was as impressive as it was ominous — and GM is only leading the charge into a what analysts believe will eventually become a multi-billion dollar industry.

Naturally, this led to privacy concerns over how automakers will protect customer data on future models. But we might want to start worrying about the cars we have now. A couple of white-hat hackers (those are the good ones) recently probed the internal computer networks of wrecked and salvaged Teslas and found a mother lode of personal information waiting inside.

Read more
Hackers Digitally Invade Tesla Model 3, Winning One

Computer experts successfully broke a Tesla Model 3 at the “Pwn2Own” hacking event held recently in Vancouver. However, Tesla Motors isn’t biting its nails over someone finding vulnerabilities in its system, as it was privy to the plan. The automaker has operated a “bug bounty program” for the past 4 years, rewarding anyone who can pull it off — going so far as saying it wouldn’t void a vehicle’s warranty if a customer successfully hacked it in “good faith.” It even offered a maximum reward of $15,000 (USD) last year.

Meanwhile, the group that managed to break the Model 3 in Canada this month received more than a sack of cash from the automaker.

Read more
Uber Paid Hackers to Delete the Stolen Data of 57 Million People

In the midst of Uber Technologies’ corporate restructuring and cultivation of a squeaky-clean new image, the ride-hailing company was apparently hiding a dark secret. Striving for transparency, the company has now confessed that hackers stole the personal information of 57 million customers and drivers in October of 2016.

The coverup, apparently conducted by the firm’s chief security officer and another staff member, involved over $100,000 in payments to the hackers in the hopes to keep them quiet. The data lost included names, email addresses, and phone numbers of around 50 million Uber riders across the globe. Another 7 million drivers were also subjected to the digital attack, with over half a million of those losing their driver’s license numbers.

Read more
Yes, Your Autopilot-Equipped Tesla Will Film a Crash

It’s common knowledge that Tesla vehicles store and transmit data back to the company’s Fremont, California home base, but a hacker working on a wrecked Model S just discovered something startling.

In an interview published by Inverse (h/t to Hybrid Cars), North Carolina computer programmer Jason Hughes claims that Tesla’s Autopilot system actually records video. While working on a center display unit from a wrecked Model S, Hughes found footage of the vehicle’s crash.

Read more
100 Million Volkswagen Group Vehicles Can Be Unlocked With a Cheap Hacking Device

Two decades’ worth of Volkswagen Group vehicles are vulnerable to a simple, cheap hack that can unlock their doors.

A research paper released this week (first reported by Wired) describes how multiple Volkswagen, Audi, Seat and Skoda models built since 1995 can be unlocked using a handmade radio that copies key fob signals.

Read more
Hackers Burrow Into a Jeep Again - Will FCA Give Them $1,500?

The same two guys who brought you last year’s remote hacking of a Jeep Cherokee on a Missouri highway (and resulting 1.4 million vehicle recall) are at it again.

This time, Charlie Miller and Chris Valasek entered the same Cherokee’s electronic brain, bypassing security software to gain control over key driving functions, according to Wired.

Read more
Security Experts Say Fiat Chrysler's 'Bug Bounty' Reward Isn't Big Enough

Fiat Chrysler Automobiles will give you up to $1,500 to find weaknesses in its vehicles’ security, but cybersecurity experts want the automaker to pony up more dough.

After the company announced its industry-first “bug bounty” program on July 13, many professional hackers say FCA’s reward isn’t enough to attract real talent in the search for software breaches, Forbes reports.

Read more
Fiat Chrysler Will Give You Cash to Find Cyber Threats

In a few weeks, after Pokémon Go jumps the shark and we all head back to our homes for nights of solitude, Fiat Chrysler Automobiles will offer another opportunity for high-tech geekery. And a lucrative one, too.

Announced today, the automaker will hand tech-savvy individuals cold, hard cash in return for information on weaknesses in its vehicles’ cybersecurity. Exposing a hidden backdoor that hackers could sneak through will net you up to $1,500.

Read more
Jeep and Ram Owners in Houston Targeted by Laptop-Wielding Thieves

It looks like car thieves in Houston have found a way to break into (and make off with) Jeep and Ram vehicles without using a slim jim, crowbar or screwdriver.

Surveillance video from a Houston garage shows a Jeep Wrangler being methodically commandeered by a man using a laptop and tablet. After last year’s remote-control Grand Cherokee incident, this is another hacker-related headache for Fiat Chrysler Automobiles.

Read more
Stupidity, Laziness Are Connected Car Security's Weak Links

My email address is dwallach@gmail.com, and this XKCD comic is a very real part of my life. Others confuse me for all sorts of other Wallachs out there in the world. I’ve been invited to bachelorette parties in New York, received electronic court filings from Florida, and recently I got something new: an email welcoming me to my new Lexus that invited me to take part in exclusive consumer surveys.

Of course, I didn’t recently purchase a Lexus, and there was no “hey, wrong email address” button anywhere to be found. So what did I do? I “forgot” my password, logged in to someone else’s Lexus account, and figured out who actually owned the Lexus. After all, they’d probably want to know.

Read more
Life in Prison for Car Hacking? Michigan Takes the First Steps
Hoping to access and remotely take charge of a vehicle’s operating system via your laptop? Expect to shower with strange men in a place where the Wi-Fi sucks.Life behind bars is the penalty proposed by two Michigan senators seeking to regulate the state’s connected and autonomous vehicle industry, Automotive News reports.The bills introduced yesterday make it a super-duper felony to intentionally access a vehicle’s electronic system for the purpose of damaging it or gaining control of the vehicle.
Read more
Relax, Your Car Will Soon Be Safe From Revenge-Driven Extortionist Hackers

Apparently, it’s Technology Tuesday here at TTAC, so we can bring you news of a device that will kick your deeply held fears to the curb.

Vehicle hacking has been an issue ever since a Jeep Cherokee had its steering, transmission and brakes commandeered last summer, and an Israeli firm is now offering protection against keyboard warriors, according to CNBC (via Business Insider).

Read more
  • Arthur Dailey Good. Whatever upsets the Chinese government is fine with me. And yes they are probably monitoring this thread/site.
  • Jalop1991 WTO--the BBB of the international trade world.
  • Dukeisduke If this is really a supplier issue (Dana-Spicer? American Axle?), Kia should step up and say they're going to repair the vehicles (the electronic parking brake change is a temporary fix) and lean on or sue the supplier to force them to reimburse Kia Motors for the cost of the recall.Neglecting the shaft repairs are just going to make for some expensive repairs for the owners down the road.
  • MaintenanceCosts But we were all told that Joe Biden does whatever China commands him to!
  • Rick T. If we really cared that much about climate change, shouldn't we letting in as many EV's as possible as cheaply as possible?