Business

Tesla electric cars can be hacked, researcher showcases vulnerability

May 21, 2022
Bharat Times English News

Millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology, a cybersecurity firm said on Tuesday. In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner’s phone.

“This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world,” the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol – technology used in millions of cars and smart locks which automatically open when in close proximity to an authorized device.

Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.

Also read – Amidst Twitter deal, Elon Musk tweets a meme saying ‘Tesla on my mind 24/7’

Tesla did not immediately respond to a request seeking comment. NCC Group said such a vulnerability was not like a traditional bug which could be fixed with a software patch and added BLE-based authentication was not originally designed for use in locking mechanisms.

“In effect, systems that people rely on to guard their cars, homes and private data are using Bluetooth proximity authentication mechanisms that can be easily broken with cheap off-the-shelf hardware,” the firm said.

“This research illustrates the danger of using technologies for reasons other than their intended purpose, especially when security issues are involved”.

Read Full Article
'; $('div.listing').append(string); } }); }, error:function(xhr){ //console.log("Error"); //console.log("An error occured: " + xhr.status + " " + xhr.statusText); nextload=false; }, complete: function(){ $('div.listing').find(".loading-block").remove();; pg +=1; //console.log("mod" + ice%2); nextpath="&page=" + pg; //console.log("request complete" + nextpath); cat = "?cat=1176367"; //console.log(nextpath); nextload=(ice%2==0)?true:false; } }); } //lastoff = last.offset(); //console.log("**" + lastoff + "**"); });*/ var maindiv = false; var dis = 0; var fbcontainer=""; var fbid = ''; var fb_script=document.createElement('script'); fb_script.text= "(function(d, s, id) {var js, fjs = d.getElementsByTagName(s)[0];if (d.getElementById(id)) return;js = d.createElement(s); js.id = id;js.src="https://connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.9";fjs.parentNode.insertBefore(js, fjs);}(document, 'script', 'facebook-jssdk'));"; var fmain = $(".sr2465867"); //alert(x+ "-" + url); var fdiv = '
'; //console.log(fdiv); //$(fb_script).appendTo(fmain); $(fdiv).appendTo(fmain); function fillElementWithAd($el, slotCode, size, targeting){ if (typeof targeting === 'undefined') { targeting = {}; } else if ( Object.prototype.toString.call( targeting ) !== '[object Object]' ) { targeting = {}; } var elId = $el.attr('id'); //console.log("elId:" + elId); googletag.cmd.push(function(){ var slot = googletag.defineSlot(slotCode, size, elId); for (var t in targeting){ slot.setTargeting(t, targeting } slot.addService(googletag.pubads()); googletag.display(elId); //googletag.pubads().refresh([slot]); }); } $(document).delegate("button[id^='mf']", "click", function(){ fbcontainer=""; fbid = '#' + $(this).attr('id'); var sr = fbid.replace("#mf", ".sr"); $(fbid).parent().children(sr).toggle(); fbcontainer = $(fbid).parent().children(sr).children(".fb-comments").attr("id"); }); function onPlayerStateChange(event){ var ing, fid; //console.log(event + "---player"); $('iframe[id*="video-"]').each(function(){ _v = $(this).attr('id'); //console.log("_v: " + _v); if(_v != event){ //console.log("condition match"); ing = new YT.get(_v); if(ing.getPlayerState()=='1'){ ing.pauseVideo(); } } }); $('div[id*="video-"]').each(function(){ _v = $(this).attr('id'); //console.log("_v: " + _v + " event: " + event); if(_v != event){ //jwplayer(_v).play(false); } }); } function onYouTubePlay(vid, code, playDiv,vx, pvid){ if (typeof(YT) == 'undefined' || typeof(YT.Player) == 'undefined') { var tag = document.createElement('script'); tag.src = "https://www.youtube.com/iframe_api"; var firstScriptTag = document.getElementsByTagName('script')[0]; firstScriptTag.parentNode.insertBefore(tag, firstScriptTag); window.onYouTubePlayerAPIReady = function() { onYouTubePlayer(vid, code, playDiv,vx, pvid); }; }else{onYouTubePlayer(vid, code, playDiv,vx, pvid);} } function onYouTubePlayer(vid, code, playDiv,vx, pvid){ //console.log(playDiv + "Get Youtue " + vid); //$("#"+vid).find(".playvideo-"+ vx).hide(); var player = new YT.Player(playDiv , { height: '450', width: '100%', videoId:code, playerVars: { 'autoplay': 1, 'showinfo': 1, 'controls': 1 }, events: { 'onStateChange': function(event){ onPlayerStateChange(event.target.a.id); } } }); $("#video-"+vid).show(); } function kalturaPlayerAPIReady(code, playDiv,pvid){ var dt=new Date; var nt=dt.getTime(); var vtitle = ""; var video_id_arr = code.split("https://zeenews.india.com/"); var youbora_video_id = video_id_arr[5].split("."); var youbora_video_id = '"' + youbora_video_id[0] + '"'; pre_roll = "https://pubads.g.doubleclick.net/gampad/ads?sz=640x480&iu=/11440465/Zeenews_English_Video/Zeenews_English_Preroll&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&description_url="+vtitle+"&correlator="+nt; var sources ={}; var config = { targetId: playDiv, provider: { partnerId: 2504201 }, playback: { pictureInPicture : true, autoplay: true }, advertising: { adBreaks: [{ position: 0, ads: [{ url: [pre_roll] }] }] }, plugins: { youbora: { options: { "content.title": "Tesla electric cars can be hacked, researcher showcases digital lock's vulnerability", "content.customDimension.1":"Zee News", "content.customDimension.2":"https://zeenews.india.com/", "content.customDimension.3":"2022-May-21 18:24:50", "content.customDimension.4":"Mohit Bhardwaj", "content.customDimension.5":"2465867", "content.customDimension.6":"Electric Vehicles,Tesla,Tesla Model Y,Bluetooth Locks,Electric Cars", "content.id":youbora_video_id, "content.language":"English" } }, ima: { adsResponse: "" } } } var kalturaPlayer = KalturaPlayer.setup(config); if(kalturaPlayer){ kalturaPlayer.reset(); } var videoUrl = code; var mediaid = '"zn' + pvid + '"'; sources = { hls: [{ id: mediaid, url: videoUrl, mimetype: "application/x-mpegURL" }] } kalturaplayerSetup(kalturaPlayer, sources); if (typeof kalturaPlayer !== 'undefined') { doRegisterEvents(kalturaPlayer); } } function kalturaplayerSetup(kalturaPlayer, playbackType){ kalturaPlayer.setMedia({ plugins: {}, sources: playbackType }); } function doRegisterEvents(kalturaPlayer) { /* player event*/ kalturaPlayer.addEventListener(kalturaPlayer.Event.Core.PLAY, playEvent); kalturaPlayer.addEventListener(kalturaPlayer.Event.Core.PAUSE, pauseEvent); kalturaPlayer.addEventListener(kalturaPlayer.Event.Core.PLAYBACK_ENDED, playbackEndedEvent); /* ad event */ kalturaPlayer.addEventListener(kalturaPlayer.Event.AD_STARTED, adStartedEvent); kalturaPlayer.addEventListener(kalturaPlayer.Event.AD_COMPLETED, adCompletedEvent); kalturaPlayer.addEventListener(kalturaPlayer.Event.AD_SKIPPED, adSkippedEvent); kalturaPlayer.addEventListener(kalturaPlayer.Event.AD_CLICKED,adClicked); } var vlabel = "https://zeenews.india.com"+$(this).attr("video-path"); var isVideoPlayed = false; var isAdSkippedCompleted = false; function adStartedEvent(event) { var videotype = "zee english video"; gtag('event', 'Adstarted', { 'event_category': videotype, 'event_label': vlabel}); gtag('event', 'Play', { 'event_category': videotype, 'event_label': vlabel}); isVideoPlayed = true; isAdSkippedCompleted = true; } function adCompletedEvent(event) { var videotype = "zee english video"; gtag('event', 'Adcompleted', { 'event_category': videotype, 'event_label': vlabel}); isAdSkippedCompleted = true; } function adSkippedEvent(event) { var videotype = "zee english video"; gtag('event', 'Adskipped', { 'event_category': videotype, 'event_label': vlabel}); isAdSkippedCompleted = true; } function adClicked(event) { var videotype = "zee english video"; gtag('event', 'Adclicked', { 'event_category': videotype, 'event_label': vlabel}); } function playbackEndedEvent(event){ var videotype = "zee english video"; gtag('event', 'Complete', { 'event_category': videotype, 'event_label': vlabel}); } function playEvent(event) { var videotype = "zee english video"; if((isVideoPlayed) && (isAdSkippedCompleted)){ isAdSkippedCompleted = false; }else if((isVideoPlayed)){ gtag('event', 'resume', { 'event_category': videotype, 'event_label': vlabel}); }else{ gtag('event', 'Play', { 'event_category': videotype, 'event_label': vlabel}); isVideoPlayed = true; } } function pauseEvent(event) { var videotype = "zee english video"; gtag('event', 'Pause', { 'event_category': videotype, 'event_label': vlabel}); } function AdloadEvent(event) { var videotype = "zee english video"; gtag("event", "kaltura_adloaded", { "event_category": videotype, "event_label": vlabel}); } function AdProgressEvent(event) { var videotype = "zee english video"; gtag("event", "kaltura_adprogress", { "event_category": videotype, "event_label": vlabel}); } function adPausedEvent(event) { var videotype = "zee english video"; gtag("event", "kaltura_adpaused", { "event_category": videotype, "event_label": vlabel}); } /* End of Kaltura player function code */ $(document).delegate("div[id^='play']", "click", function(){ //console.log($(this).attr("id")); //console.log($(this).attr("video-source")); //console.log($(this).attr("video-code")); var isyoutube = $(this).attr("video-source"); var vurl = $(this).attr("video-path"); var vid = $(this).attr("id"); $(this).hide(); var pvid = $(this).attr("newsid"); var vx = $(this).attr("id").replace('play-',''); var vC = $(this).attr("video-code"); var playDiv = "video-" + vid + "-" + pvid; if(isyoutube =='No'){ kalturaPlayerAPIReady(vC, playDiv,pvid); }else{ onYouTubePlay(vid, vC, playDiv,vx, pvid); } }); $(document).delegate("div[id^='ptop']", "click", function(){ var vid = $(this).attr("id").replace('ptop',''); $(this).hide(); var pvid = $(this).attr("newsid"); var vurl = $(this).attr("video-path"); //console.log($(this).attr("id") + "--" + vid); //console.log($(this).parent().children().find('#play-'+vid).attr("video-source")); //console.log($(this).parent().children().find('#play-'+vid).attr("video-code")); var isyoutube = $(this).parent().children().find('#play-'+vid).attr("video-source"); var vC = $(this).parent().children().find('#play-'+vid).attr("video-code"); var playDiv = "mvideo-play-" + vid + "-" + pvid; if(isyoutube =='No'){ //console.log(jwplayer($(this).attr("id")).getState()); kalturaPlayerAPIReady(vC, playDiv,pvid); }else{ onYouTubePlay($(this).attr("id"), vC, playDiv, vid, pvid); } }); var nxti = 3; var ci = 1; var nxti_1 = 6; var nxti_2 = 9; var nxti_3 = 12; if($.autopager==false){ var use_ajax = false; /*var disqus_shortname="zeehindi"; var disqus_identifier; //made of post id and guid var disqus_url; //post permalink function loadDisqus(source, identifier, url, nid) { if (window.DISQUS) { //alert("if"); jQuery('
').insertAfter(source); jQuery('#disqus_thread').insertAfter(source); //append the HTML after the link //if Disqus exists, call it's reset method with new parameters DISQUS.reset({ reload: true, config: function () { this.page.identifier = identifier; this.page.url = url; } }); }else{ jQuery('
').insertAfter(source); disqus_identifier = identifier; //set the identifier argument disqus_url = url; //set the permalink argument //append the Disqus embed script to HTML var dsq = document.createElement('script'); dsq.type="text/javascript"; dsq.async = true; dsq.src="http://" + disqus_shortname + '.disqus.com/embed.js'; jQuery('head').append(dsq); } };*/ /*$('.disqusOn').live( "click", notify ); function notify() { identifier = $(this).attr('id'); dUrl = $(this).attr('disqus-url'); source = $(this).parent(); loadDisqus(jQuery(this), identifier, dUrl); }*/ function loadshare(curl){ history.replaceState('' ,'', curl); if(window.OBR){ window.OBR.extern.researchWidget(); } //console.log("loadshare Call->" + curl); //$('html head').find('title').text("main" + nxtTitle); if(_up == false){ var cu_url = curl; gtag('config', 'UA-2069755-1', {'page_path': cu_url }); if(window.COMSCORE){ window.COMSCORE.beacon({c1: "2", c2: "9254297"}); var e = Date.now(); $.ajax({ url: "/marathi/news/zscorecard.json?" + e, success: function(e) {} }) } //console.log('ga:'+r); /*(function () { var ga = document.createElement('script'); ga.type="text/javascript"; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + 'stats.g.doubleclick.net/dc.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();*/ //console.log("loadshare Call"); } } if(use_ajax==false) { //console.log('getting'); var view_selector="div.center-section"; // + settings.view_name; + '.view-display-id-' + settings.display; var content_selector = view_selector; // + settings.content_selector; var items_selector = content_selector + ' > div.rep-block'; // + settings.items_selector; var pager_selector="div.next-story-block > div.view-zn-article-mc-all-2017 > div.view-content > div.clearfix"; // + settings.pager_selector; var next_selector="div.next-story-block > div.view-zn-article-mc-all-2017 > div.view-content > div.clearfix > a:last"; // + settings.next_selector; var auto_selector="div.tag-block"; var img_location = view_selector + ' > div.rep-block:last'; var img_path="
Loading
"; //settings.img_path; //var img = '
' + img_path + '
'; var img = img_path; //$(pager_selector).hide(); //alert($(next_selector).attr('href')); var x = 0; var url=""; var prevLoc = window.location.pathname; var circle = ""; var myTimer = ""; var interval = 30; var angle = 0; var Inverval = ""; var angle_increment = 6; var handle = $.autopager({ appendTo: content_selector, content: items_selector, runscroll: maindiv, link: next_selector, autoLoad: false, page: 0, start: function(){ $(img_location).after(img); circle = $('.center-section').find('#green-halo'); myTimer = $('.center-section').find('#myTimer'); angle = 0; Inverval = setInterval(function (){ $(circle).attr("stroke-dasharray", angle + ", 20000"); //myTimer.innerHTML = parseInt(angle/360*100) + '%'; if (angle >= 360) { angle = 1; } angle += angle_increment; }.bind(this),interval); }, load: function(){ $('div.loading-block').remove(); clearInterval(Inverval); //$('.repeat-block > .row > div.main-rhs2465867').find('div.rhs2465867:first').clone().appendTo('.repeat-block >.row > div.main-rhs' + x); $('div.rep-block > div.main-rhs2465867 > div:first').clone().appendTo('div.rep-block > div.main-rhs' + x); $('.center-section >.row:last').before('

Next Story

'); //$(".main-rhs" + x).theiaStickySidebar(); var fb_script=document.createElement('script'); fb_script.text= "(function(d, s, id) {var js, fjs = d.getElementsByTagName(s)[0];if (d.getElementById(id)) return;js = d.createElement(s); js.id = id;js.src="https://connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v2.9";fjs.parentNode.insertBefore(js, fjs);}(document, 'script', 'facebook-jssdk'));"; var fmain = $(".sr"+ x); //alert(x+ "-" + url); var fdiv = '
'; //$(fb_script).appendTo(fmain); $(fdiv).appendTo(fmain); FB.XFBML.parse(); var $dfpAd = $('.center-section').children().find("#ad-"+ x); xp = "#star"+x; //var $dfpAdrhs = $('.main-rhs' + x).children().find('.adATF').empty().attr("id", "ad-300-" + x); //$('.content-area > .main-article > .row > .main-rhs'+x).find('#ad-300-' + x); //var $dfpAdrhs2 = $('.main-rhs' + x).children().find('.adBTF').empty().attr("id", "ad-300-2-" + x);//$('.content-area > .main-article > .row > .main-rhs'+x).find('#ad-300-2-' + x); //var $dfpMiddleAd = $('.content-area > .main-article > .row').find('#ar'+x).find('#ad-middle-' + x).empty(); //fillElementWithAd($dfpAdrhs, '/11440465/Zeenews_English_Web/Zeenews_English_AS_ATF_300x250', [[300, 250], [300, 600]], {}); //fillElementWithAd($dfpAdrhs2, '/11440465/Zeenews_English_Web/Zeenews_English_AS_BTF_1_300x250', [300, 250], {}); //fillElementWithAd($dfpMiddleAd, '/11440465/Zeenews_Hindi_Article_Middle_300x250_BTF', [300, 250], {}); var instagram_script=document.createElement('script'); instagram_script.defer="defer"; instagram_script.async="async"; instagram_script.src="https://platform.instagram.com/en_US/embeds.js"; /*var outbrain_script=document.createElement('script'); outbrain_script.type="text/javascript"; outbrain_script.async="async"; outbrain_script.src="https://widgets.outbrain.com/outbrain.js"; var Omain = $("#outbrain-"+ x); //alert(Omain + "--" + $(Omain).length); $(Omain).after(outbrain_script); var rhs = $('.main-article > .row > div.article-right-part > div.rhs2465867:first').clone(); $(rhs).find('.ad-one').attr("id", "ad-300-" + x).empty(); $(rhs).find('.ad-two').attr("id", "ad-300-2-" + x).empty(); //$('.main-article > .row > div.article-right-part > div.rhs2465867:first').clone().appendTo('.main-article > .row > div.main-rhs' + x); $(rhs).appendTo('.main-article > .row > div.main-rhs' + x); */ setTimeout(function(){ var twit = $("div.field-name-body").find('blockquote[class^="twitter"]').length; var insta = $("div.field-name-body").find('blockquote[class^="instagram"]').length; if(twit==0){twit = ($("div.field-name-body").find('twitterwidget[class^="twitter"]').length);} if(twit>0){ if (typeof (twttr) != 'undefined') { twttr.widgets.load(); } else { $.getScript('https://platform.twitter.com/widgets.js'); } //$(twit).addClass('tfmargin'); } if(insta>0){ $('.content > .left-block:last').after(instagram_script); //$(insta).addClass('tfmargin'); window.instgrm.Embeds.process(); } }, 1500); } }); /*$("#loadmore").click(function(){ x=$(next_selector).attr('id'); var url = $(next_selector).attr('href'); disqus_identifier="ZNH" + x; disqus_url = url; handle.autopager('load'); history.pushState('' ,'', url); setTimeout(function(){ //twttr.widgets.load(); //loadDisqus(jQuery(this), disqus_identifier, disqus_url); }, 6000); });*/ /*$("button[id^='mf']").live("click", disqusToggle); function disqusToggle() { console.log("Main id: " + $(this).attr('id')); }*/ $(document).delegate("button[id^='mf']", "click", function(){ fbcontainer=""; fbid = '#' + $(this).attr('id'); var sr = fbid.replace("#mf", ".sr"); //console.log("Main id: " + $(this).attr('id') + "Goodbye!jQuery 1.4.3+" + sr); $(fbid).parent().children(sr).toggle(); fbcontainer = $(fbid).parent().children(sr).children(".fb-comments").attr("id"); //console.log(fbcontainer); //var commentsContainer = document.getElementById(fbcontainer); //commentsContainer.innerHTML = ''; }); /************Player Code ***********/ var title, imageUrl, description, author, shortName, identifier, timestamp, summary, newsID, nextnews; var previousScroll = 0; //console.log("prevLoc" + prevLoc); $(window).scroll(function(){ var last = $(auto_selector).filter(':last'); var lastHeight = last.offset().top ; //st = $(layout).scrollTop(); //console.log("st:" + st); var currentScroll = $(this).scrollTop(); if (currentScroll > previousScroll){ _up = false; } else { _up = true; } previousScroll = currentScroll; //console.log("_up" + _up); var cutoff = $(window).scrollTop() + 64; //console.log(cutoff + "**"); $('div[id^="row"]').each(function(){ //console.log("article" + $(this).children().find('.left-block').attr("id") + $(this).children().find('.left-block').attr('data-url')); if($(this).offset().top + $(this).height() > cutoff){ //console.log("$$" + $(this).children().find('.left-block').attr('data-url')); if(prevLoc != $(this).children().find('.left-block').attr('data-url')){ prevLoc = $(this).children().find('.left-block').attr('data-url'); $('html head').find('title').text($(this).children().find('.left-block').attr('data-title')); $('meta[name=description]').attr("content",$(this).children().find('.left-block').attr('data-summary')); $('meta[name=keywords]').attr("content",$(this).children().find('.left-block').attr('data-keyword')); $('meta[name=news_keywords]').attr("content",$(this).children().find('.left-block').attr('data-keyword')); pSUPERFLY.virtualPage(prevLoc,$(this).children().find('.left-block').attr('data-title')); //console.log("Summary: " + $(this).children().find('.left-block').attr('data-summary')); //console.log("Keyword: " + $(this).children().find('.left-block').attr('data-keyword')); //history.pushState('' ,'', prevLoc); loadshare(prevLoc); } return false; // stops the iteration after the first one on screen } }); if(lastHeight + last.height() < $(document).scrollTop() + $(window).height()){ //console.log("**get"); url = $(next_selector).attr('href'); x=$(next_selector).attr('id'); //console.log("x:" + x); //handle.autopager('load'); /*setTimeout(function(){ //twttr.widgets.load(); //loadDisqus(jQuery(this), disqus_identifier, disqus_url); }, 6000);*/ } //lastoff = last.offset(); //console.log("**" + lastoff + "**"); }); //$( ".content-area" ).click(function(event) { // console.log(event.target.nodeName); //}); /*$( ".comment-button" ).live("click", disqusToggle); function disqusToggle() { var id = $(this).attr("id"); $("#disqus_thread1" + id).toggle(); };*/ //$(".main-rhs2465867").theiaStickySidebar(); var prev_content_height = $(content_selector).height(); //$(function() { var layout = $(content_selector); var st = 0; ///}); } } }); /*} };*/ })(jQuery); ,