A team of researchers at the University of Leuven, Belgium, has discovered a major security flaw in a keyless entry and start system that’s currently used by big names like Tesla and McLaren, Autocar reports.
The folks, specifically those from the Computer Security and Industrial Cryptography research group (COSIC) were able to clone the key fob of two Tesla Model S vehicles in ‘a matter of seconds’, allowing a ‘hacker’ to unlock and start the vehicle without a hiccup.
Apparently, the keyless entry system was developed by a software company called Pektron, and is said to be fitted to a number of high-end cars. The research team said this particular system is easier to attack than other rivalling types, because the hackers don’t have to be close to the car and key fob at the same time. The two-minute-long video below demonstrates exactly how the hacking can be done.
Meanwhile, McLaren has confirmed that this research illustrates a “theoretical vulnerability in our vehicle security systems,” but it has “not been proven to affect our vehicles, and we know of no McLaren that has been compromised in such a way.” However, the luxury British supercar maker is in touch with its customers and is sending them a signal-blocking pouch for the key fob.
Tesla, on the other hand, had previously released a software update with better key fob encryption, as well as an optional ‘pin to drive’ security feature as a response to the findings. Both measures were recommended by the researchers, who also suggest disabling the passive entry system.
This keyless entry hacking phenomenon isn’t new, though. In May 2017, a team of security researchers in Beijing, China also demonstrated a cheap and easy way to perform the hacking, but the method requires two individuals and a set of receiver and transmitter to work.
What do you think of this? Are you a big fan of the convenience that keyless entry provides, or are you already looking forward to the next-generation digital car key technology? Let us know, below.
Looking to sell your car? Sell it with Carro.
Abesla Tesla & McLaren! Now owners cannot trust valets & jockeys anymore.
Take note if any Tesla or McLaren advertized here. Zilch today.
Dude, this is old news, Tesla already updated their software to overcome this problem.
habislah.. many car thief in malaysia will be inspired.
anyone recalled how the invention of metal detector converted to electronic gadget detector not long time ago?
Tesla has recently been gradually releasing new security features to make it more difficult for thieves to steal their vehicles.
Today, Tesla started rolling out a new update with a new optional ‘PIN to Drive’ feature and “improved cryptography” for its key fobs
The new feature is optional and adds a new layer of security for owners who don’t mind adding an extra step to be able to drive their Tesla.
According to the release notes for Model S and Model X, the new feature prompts a PIN to be entered on the center screen before enabling the capacity to drive the vehicle.
Tesla security is like Microsoft Windows & Swiss Cheese. Full of holes.
Says the mouse to the cheese
For such high tech car that could drive itself, why don’t they put a technology which tells the car owners/drivers that their car had been started or driven away from them via their phone?
Then the driver would know if the car was driven away by authorised or unauthorised parties. I think i saw a tech company on youtube with a land rover defender demonstrated the system as we know defender was easy enough to stole as they fitted with last century immobiliser.
That’s because if a thief is able to start the car, then the thief had managed to tell the car that he/she is an approved driver/owner. Either by cloning the keyfob, or hacking into the owner’s Tesla app and obtain control remotely. So a theft notification would be useless.