As our cars get more and more tech of all sorts on-board, the matter of online security is becoming increasingly important. Most new cars are connected to the internet in one way or another and, that does raise some concerns. One key target could be Tesla, the American manufacturer relying heavily on software as a vital differentiator compared to other car makers. As it turns out, it was actually targeted by a 19-year old security specialist and hacker, who did it just to raise a red flag.
Using Twitter, David Colombo, from Germany, announced that he found a vulnerability that allowed him to take over control. And he’s not talking about changing the radio here, he’s saying he gained full control some of the functions of the cars he targeted. However, apparently, this wasn’t exactly Tesla’s fault, as he gained access through some mistakes made by the owners/drivers.
According to David, he can disable Sentry Mode, open the doors/windows and starting Keyless Driving, all from his home in Germany. Furthermore, his hack allows him to see the car’s exact location, check if there’s a driver behind the wheel and many other. One specific mention he made was that he could forcefully play any song on the car’s infotainment screen using Youtube, including Rick Astley’s famous song.
Therefore, his claim that he has full control over the cars is a bit of a stretch. Had he gained access to essentials like the steering or acceleration, things would’ve been completely different. Nevertheless, making bold claims over Twitter will surely gain a lot of publicity, as the CEO of Tesla is well aware.
As for how he actually gained access to the car’s on-board computers, Colombo says that he did it using API keys and a third party software, those being the only details he disclosed so far. The 19-year old said he connected to about 25 Tesla models across 13 different countries and that the company got in touch to try and figure out how to close the vulnerabilities he discovered.