383
submitted 6 months ago by jeffw@lemmy.world to c/technology@lemmy.world
top 33 comments
sorted by: hot top controversial new old
[-] Granite@kbin.social 42 points 5 months ago

The insurance industry will love this.

[-] pivot_root@lemmy.world 25 points 5 months ago* (last edited 5 months ago)

Oh no, a more expensive subscription (for insurance) for a car that makes you already subscribe to be a beta tester of a technology that runs you into the side of a train!

[-] CaptainPedantic@lemmy.world 2 points 5 months ago

Why would they love this? More claims means they have to pay out more. Even if they're assholes and don't pay out, they still have to process and fight claims which costs money.

[-] ramble81@lemm.ee 1 points 5 months ago

They’ll raise rates on Teslas higher to offset that and make more money in the process.

[-] Aurenkin@sh.itjust.works 34 points 5 months ago

If you have a Tesla and you're worried about this it's probably worth enabling pin to drive. Not sure about all the other brands that are impacted but hopefully they have a similar feature.

[-] partial_accumen@lemmy.world 15 points 5 months ago

Couldn't a Model 3/Y owner also just disable the phonekey and use the NFC cards? NFC only broadcasts a few inches right? I would think that would be VERY hard for a malicious actor to capture with relay/replay attack.

Following that, is it possible to use the Phonekey only in NFC mode or is it always broadcasting on Bluetooth LE and NFC?

[-] digdug@kbin.social 11 points 5 months ago* (last edited 5 months ago)

I just tried this a couple different ways:

  1. Removing permission for "nearby devices" - this unfortunately appears to block both Bluetooth and NFC permission
  2. Turning off the phone's Bluetooth - NFC still works while the Bluetooth radio is off, but you'd basically never be able to safely use Bluetooth anytime you aren't watching your car. Setting a PIN is still unfortunately the only way to go, and hope that a dedicated attacker doesn't also find a way to capture your PIN (e.g. camera zoomed in on your screen).
[-] partial_accumen@lemmy.world 3 points 5 months ago

So we'd need Tesla to push a software change in the app with an option to turn off the Bluetooth LE signal, but leave the NFC on to continue to use Phonekey safely.

I guess the only safe alternative is using the NFC cards.

[-] Nexz@feddit.nl 21 points 5 months ago

As a Tesla owner I’m probably biased, but I do not fear these attacks at all. Thing is, because a Tesla is so connected to the mothership (and I definitely realise that’s both a good and a bad thing), chances of a thief actually being able to use or sell the vehicle are very slim. Tesla always knows where their cars are, and urning off GPS and LTE ruins 90% of the features in the car. I think thieves know this because I haven’t heard of any Tesla getting stolen and not being retrieved (but n=1).

[-] redcalcium@lemmy.institute 31 points 5 months ago

Used Tesla battery is actually in demand though. Is the exploit is accessible enough, eventually thieves would target it to sell the battery in the used market for electric car conversion kits, solar power storage kits, etc.

[-] PlantObserver@lemmy.world 4 points 5 months ago

Put me on the waiting list, I'd buy a battery that's been strategically re-located from some rich fucks car to my solar setup.

STEAL - Strategic Transfer of Equipment to Alternate Locations

[-] RobotToaster@mander.xyz 27 points 5 months ago

It's not uncommon for cars to be stolen and stripped for parts, it gets rid of the risk of trackers.

[-] napoleonsdumbcousin@feddit.de 16 points 5 months ago

urning off GPS and LTE ruins 90% of the features in the car.

The main purpose of a car is "driving", which you can do. Unless you cannot start a Tesla without LTE, which would be very stupid.

You can also always strip a car for parts. Teslas are not magically safe from that.

[-] AbidanYre@lemmy.world 1 points 5 months ago

The kind of person who is going to disable that LTE connection wouldn't have bought a Tesla in the first place.

[-] Copythis@lemmy.world 18 points 5 months ago

One of my coworkers carries a flipper zero around and opens up every single Tesla gas door we see. He hasn't tried it on the cybertruck yet, the ones I see are usually on the move.

[-] whotookkarl@lemmy.world 8 points 5 months ago

My favorite so far has been spoofing amiibos on the switch for Zelda goodies

[-] MoonRaven@feddit.nl 8 points 5 months ago

Ah, good, then someone can charge the car for the owner...

[-] simplejack@lemmy.world 17 points 5 months ago
[-] can@sh.itjust.works 29 points 5 months ago
[-] akwd169@sh.itjust.works 3 points 5 months ago

You can also just put the link into 12ft.io

[-] can@sh.itjust.works 1 points 5 months ago

I thought that didn't work anymore but maybe that's just the paywall removal.

[-] akwd169@sh.itjust.works 1 points 5 months ago

Worked for me, I always use it on wired.com due to their paywall

[-] nxdefiant@startrek.website 15 points 5 months ago

Enabling the PIN mitigates this issue entirely. Can't drive it away if you don't know the PIN, even if you have the physical key, fob, or phone.

[-] polygon6121@lemmy.world 6 points 5 months ago

Where I am from It is very common that people break in and only steal the loose valuables inside the car. Not the car itself. If you don't even have to crack a window i would imagine it is very enticing to do so and specialize in Teslas.. with that said, I can't magine Teslas are more prone to this and other brands. What makes Teslas a bigger target is that their fleet is large and use very similar components and tech. If you hack one, you can hack into alot of them.

[-] AA5B@lemmy.world 4 points 5 months ago

Right, a rock can get in any car and your pin doesn’t help, so one of your best safeguards is to not leave anything visible in the car

[-] ramble81@lemm.ee 3 points 5 months ago

Which is one of the perks of being a convertible owner. You keep the car clean of loose items, or the wind does it for you.

[-] Scolding7300@lemmy.world 4 points 5 months ago

Still sucks ifyou can get in

[-] nxdefiant@startrek.website 8 points 5 months ago

The "Brick through a widow" bug has been an active exploit since the Model T.

What kind of tech do you need for this?

[-] circuscritic@lemmy.ca 13 points 5 months ago

An appropriate SDR, or a prefab kit you can buy online.

Relay attacks on keyless systems are nothing new, plenty of documentation and articles you can use to read up on the specifics.

[-] redcalcium@lemmy.institute 5 points 5 months ago* (last edited 5 months ago)

People usually use flipper zero (banned in Canada) to play with these kind of stuff. Not sure if this exploit can be implemented in flipper zero though.

It cannot. I know the FlipperZero and it can't do any relay stuff.

[-] Bishma@discuss.tchncs.de 1 points 5 months ago* (last edited 5 months ago)

Can the Twitter LLM explain the process?

this post was submitted on 23 May 2024
383 points (100.0% liked)

Technology

59430 readers
2951 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS