Researchers say they have found a hardware exploit with Tesla’s infotainment system that could unlock paid upgrades for free, including Full Self-Driving (FSD) and heated rear seats. They used a technique called voltage glitching, which involves tinkering with the supply voltage of the infotainment system’s processor.
“If we do it at the right moment, we can trick the CPU into doing something else,” Christian Werling told TechCrunch. “It has a hiccup, skips an instruction and accepts our manipulated code. That’s basically what we do in a nutshell.”
Werling is one of three doctoral students at the Technical University of Berlin who found the exploit with the help of an independent researcher. The team will present its work at the Black Hat cybersecurity conference next week.
Since it’s a hardware exploit, the process requires physical access to a Tesla vehicle. The jailbreak could enable FSD and certain other features, including in regions where Tesla has not yet made them available, the researchers claim. However, they noted that more work would be needed to test those possibilities.
Still, the researchers claim to have obtained the encryption key that authenticates the car over Tesla’s network, which could lead to them being able to unlock more features. They noted that they were able to obtain personal information from the test car too, including its recent GPS locations, contacts, call logs and calendar appointments.
For several years, hackers have been attempting to unlock paywalled Tesla features, and some efforts have been successful. More recently, one discovered a so-called “Elon Mode” for hands-free FSD operations. Tesla has been playing a game of cat and mouse with these hackers for years.
However, it would be much more difficult for Tesla to revoke this exploit, according to the researchers, given that it’s a hardware-based approach. They claim the company would need physical access to the car. Tesla does not have a communications department that can be reached for comment.
Source: www.engadget.com