Researchers from Germany have successfully performed a ‘jailbreak‘ on a Tesla Model 3, thereby gaining free access to in-car features normally reserved for paid upgrades. The white hat hackers, three of whom are students at Technische Universität Berlin, utilized a unique hardware manipulation technique to bypass the vehicle’s in-built security measures.

The researchers managed to extract the encryption key that authenticated the car to Tesla’s network

Christian Werling, one of the students involved, explained that this approach could be beneficial for owners unwilling to pay additional fees for upgrades already incorporated into their vehicle, such as heated rear seats. He stated, “We’re not the evil outsider; we own the car. And we don’t want to pay these $300 bucks for the rear heated seats.” This intriguing revelation suggests a shift in traditional perspectives on ‘jailbreaking’.

Tesla Model 3

The team achieved this feat using a technique known as “voltage glitching,” manipulating the supply voltage of the AMD processor running the infotainment system. The strategic timing of this process causes the CPU to ‘hiccup’, skipping an instruction, thereby accepting manipulated code.

In addition to unlocking features, the researchers were able to extract the encryption key authenticating the car to Tesla’s network. This extraction facilitated access to sensitive personal data including contact details, call logs, calendar appointments, location history, Wi-Fi passwords, and email session tokens. While this vulnerability could be exploited, the team maintains that their research is exploratory, not malicious.

The researchers have cautioned that Tesla’s only defense against this hardware-based attack is a complete hardware replacement. As they prepare to present their research at the upcoming Black Hat cybersecurity conference in Las Vegas, their groundbreaking discovery might pose significant implications for vehicle cybersecurity and the ‘right-to-repair’ debate.

RELATED:

(Via)

RELATED ARTICLESMORE FROM AUTHOR