EXCLUSIVE: Ultra-wideband radio has been heralded as the solution for “relay attacks” that are used to steal cars in seconds. But researchers found Teslas equipped with it are as vulnerable as ever.
Couldn’t a Model 3/Y owner also just disable the phonekey and use the NFC cards? NFC only broadcasts a few inches right? I would think that would be VERY hard for a malicious actor to capture with relay/replay attack.
Following that, is it possible to use the Phonekey only in NFC mode or is it always broadcasting on Bluetooth LE and NFC?
Removing permission for “nearby devices” - this unfortunately appears to block both Bluetooth and NFC permission
Turning off the phone’s Bluetooth - NFC still works while the Bluetooth radio is off, but you’d basically never be able to safely use Bluetooth anytime you aren’t watching your car. Setting a PIN is still unfortunately the only way to go, and hope that a dedicated attacker doesn’t also find a way to capture your PIN (e.g. camera zoomed in on your screen).
So we’d need Tesla to push a software change in the app with an option to turn off the Bluetooth LE signal, but leave the NFC on to continue to use Phonekey safely.
I guess the only safe alternative is using the NFC cards.
Couldn’t a Model 3/Y owner also just disable the phonekey and use the NFC cards? NFC only broadcasts a few inches right? I would think that would be VERY hard for a malicious actor to capture with relay/replay attack.
Following that, is it possible to use the Phonekey only in NFC mode or is it always broadcasting on Bluetooth LE and NFC?
I just tried this a couple different ways:
So we’d need Tesla to push a software change in the app with an option to turn off the Bluetooth LE signal, but leave the NFC on to continue to use Phonekey safely.
I guess the only safe alternative is using the NFC cards.