In a video shared with WIRED, researchers at the Beijing-based automotive cybersecurity firm GoGoByte demonstrated that they could carry out a relay attack against the latest Tesla Model 3 despite its upgrade to an ultra-wideband keyless entry system, instantly unlocking it with less than a hundred dollars worth of radio equipment. Since the Tesla 3’s keyless entry system also controls the car’s immobilizer feature designed to prevent its theft, that means a radio hacker could start the car and drive it away in seconds—unless the driver has enabled Tesla’s optional, off-by-default PIN-to-drive feature that requires the owner to enter a four-digit code before starting the car.

  • @pelespiritOP
    link
    724 days ago

    Does anyone want to steal one?

    • @[email protected]
      link
      fedilink
      1024 days ago

      A lot of car thefts are just kids taking them for a thrill ride, trashing and leaving it.

      Nobody wants to steal a tractor, but yet they do get stolen just as often as any other vehicle, because they’re easy to unlock and start.

      The GTA games got that part right.

      • mynachmadarch
        link
        fedilink
        124 days ago

        I dunno. Have you seen the resale prices on some of those tractors, even when used? I sure want to steal one and hawk it. (I would never actually, just, I get the temptation)

        • @[email protected]
          link
          fedilink
          224 days ago

          Even tractors are tracked by the manufacturer these days.

          The high prices for used tractors are only for the old ones in specific nostalgic colours, like Grey Ferguson. Nobody wants a blue Ferguson?

      • @[email protected]
        link
        fedilink
        124 days ago

        Parts alone, there is no aftermarket for them, but there are people that want to fix their own stuff.

    • @[email protected]
      link
      fedilink
      324 days ago

      Car thieves: “You know, I just don’t feel right supporting a company like Tesla by stealing from people who purchased their products.”

      • @pelespiritOP
        link
        324 days ago

        Lol. My point is more that Tesla is going into the Prius side of the market.

        • @[email protected]
          link
          fedilink
          224 days ago

          the prius side of the market is doing really well….

          According to Toyota’s sales figures for the first quarter of 2024, the Prius posted a year-over-year sales increase of 138.6%. That works out to an increase from 5,586 units in the first quarter of 2023 to 13,327 units for the first quarter of 2024.

          Toyota offers more than two dozen hybrid or plug-in hybrid models, and they make up almost 30 percent of its sales, much higher than at most other automakers. Last year in the U.S. market, Toyota sold 2.2 million vehicles — more than every automaker except G.M.

          • @pelespiritOP
            link
            124 days ago

            It’s not about the sales, it’s about the image. No one is bragging about owning a Prius. It’s a smart choice, not a cool choice.

  • @[email protected]
    link
    fedilink
    224 days ago

    Was just pondering over this.

    Would it suffice to implement a handshake between fob and car, but also prevent the handshake from establishing if the car or fob receives its own signal, indicating its signal being replicated? Since it’s a radio signal this would at least make it somewhat harder, but still not impossible, to relay a signal.

  • AutoTL;DRB
    link
    fedilink
    English
    124 days ago

    This is the best summary I could come up with:


    For at least a decade, a car theft trick known as a “relay attack” has been the modern equivalent of hot-wiring: a cheap and relatively easy technique to steal hundreds of models of vehicles.

    But when one group of Chinese researchers actually checked whether it’s still possible to perform relay attacks against the latest Tesla and a collection of other cars that support that next-gen radio protocol, they found that they’re as stealable as ever.

    In a video shared with WIRED, researchers at the Beijing-based automotive cybersecurity firm GoGoByte demonstrated that they could carry out a relay attack against the latest Tesla Model 3 despite its upgrade to an ultra-wideband keyless entry system, instantly unlocking it with less than a hundred dollars worth of radio equipment.

    Instead, a hacker’s device near the car has, in fact, relayed the signal from the owner’s real key, which might be dozens or hundreds of feet away.

    Or, as GoGoByte researcher Yuqiao Yang describes, the trick could even be carried out by the person behind you in line at a café where your car is parked outside.

    “That’s how fast it can happen, maybe just a couple seconds.” The attacks have become common enough that some car owners have taken to keeping their keys in Faraday bags that block radio signals—or in the freezer.


    The original article contains 437 words, the summary contains 220 words. Saved 50%. I’m a bot and I’m open source!