Tesla has been forced to roll out a hardware fix for the Model S after two researchers managed to hack into the electric sedan and stop one example remotely.
After researching the architecture of the Model S for two years, security analysts Kevin Mahaffey and Marc Rogers managed to find a security vulnerability in the car. To do so, they plugged in a laptop to the Model S’s network access port. Following the installation of a remote access Trojan, the car could be stopped remotely even if another person was sitting behind the wheel.
If the engine were to be remotely stopped, the Model S would respond in one of two ways. For speeds about 8 km/h, it will automatically shift into neutral when engine power is cut while the steering and brakes remain operational. At speeds of less than 8 km/h, the handbrake is automatically engaged.
The pair have helped Tesla roll out a security fix for the vulnerability which is currently being rolled out across the vehicle’s over-the-air software system.
Discussing the issue, a Tesla spokeswoman said “Tesla has taken a number of different measures to address the effects of all six vulnerabilities reported by [Mahaffey and Rogers]. In particular, the path that the team used to achieve root (superuser) privileges on the infotainment system has been closed off at several different points. In particular, the browser has been further isolated from the rest of the infotainment system using several different layered methods.”
