Tesla: A big mistake allows you to take control of your vehicle

news hardware Tesla: A big mistake allows you to take control of your vehicle

A group of security researchers from Manchester had fun hacking a 2021 Tesla Model Y through a simple flaw in the Bluetooth Low Energy protocol. In just a few moments, they could unlock, start and even drive the car!

Bluetooth Low Energy (BLE) at the heart of the turmoil

Did you think you would finally be at peace with smart wireless unlocking, free from the risks associated with losing your car keys in the sand in La Grande Motte in the summer? This was done without counting on the risks inherent in the technology and the misguided ideas of certain petty scammers.

The find of the day comes this time from England and more specifically from Manchester, where experts from the firm NCC Group, which specializes in cybersecurity, were able to access a 2021 Telsa Model Y via a simple redirection of communications between a phone and a car.

As a reminder, Tesla and thousands of other electronic devices around the world, such as scooters, front doors and more than 200 different car models, use the Bluetooth Low Energy (BLE) data transmission protocol to unlock short-range wireless locks. And if the concept couldn’t be more practical, we realize that unfortunately it’s far from perfect.

Thousands of devices affected

Basically, devices equipped with the BLE protocol require the presence of your smartphone or ID at a very short distance (often less than a meter) for you to be able to unlock your device. Whether car lock, house lock, scooter, electric shutters or even an iron curtain on the shop window. In short, you got the concept.

However, as you can see in the short video from the company NCC Group, with a simple device capable of relaying communications and an accomplice, it is possible to easily bypass all BLE protection types for less than … 100 euros.

The idea is to have one “source” person in possession of or next to the “master” device (smartphone, badge, keychain, etc.) and another near the device to be unlocked, here a Tesla Model Y 2021. Then , With a simple information relay via an internet connection, the BLE signal is transmitted to the so-called “relay” person, who only has to open it and help himself.

Our colleagues from
Reuters
have tried to contact Tesla on this point, but at the moment the brand has not asked. The best way to protect yourself from any risk is to activate multi-factor authentication with, for example, the presence of an additional PIN code or even biometric authentication when available.

Leave a Comment