The Tesla Model S, like all modern automobiles, is essentially one big electronics package (read: computer) and, like many hardware / software systems, can be vulnerable (read: hacking).
While we’ve discussed being able to “hack” or modify for malicious intent another vehicle, such as the Toyota Prius, which is also highly computerized. Of course, in the case of the Prius, hackers would have to have direct access to the vehicle in order to install any kind of hardware taps. The Tesla Model S, and future Tesla vehicles, I’m guessing, have an extra vulnerability that could be an open door to hackers, it’s OTA (over the air) software update system.
The Toyota Prius, if it needs to be reflashed (read: software update), must be physically taken to a Toyota Service Center, where a technician will physically connect a laptop to the car for updating and any other diagnostic processes. Tesla Motor’s OTA software update system doesn’t require the car to even be near a Tesla Service Center to be updated. When Tesla was addressing the vampire problem or adjusting ride height, all that was needed was for the Tesla Model S to be in range of a mobile network, and the car’s software could be updated, even while the owner sleeps.
Tesla’s OTA software update capability could also possibly be an avenue for “malicious updates,” that is, a vulnerability for hackers to exploit. If hackers could gain access to the car’s brakes or powertrain, could that possibly be a new assassination tool? Fortunately, no one has been able to access those critical functions, but it isn’t beyond the realm of imagination that it’s possible, and Tesla doesn’t want that to happen. Tesla’s website already lays out how “good faith” hackers can submit found vulnerabilities, and will even give them a tour of the factory if they show up in Fremont, California.
Still, Tesla is now actively scouting for the most imaginative hackers to figure out those possible vulnerabilities, sending its own “hacker princess” Kristin Paget, to Def Con 2014 security conference. Paget already has much experience as a white hat hacker, having worked for Microsoft and Apple to help secure their software operating systems. Paget says that Tesla is looking for up to thirty software security researchers from Def Con alone, possibly others from other pools of hackers, in an effort to solidify the walls protecting Tesla’s vehicle operating system and OTA access.
Photo credit: The Preiser Project
