EXECUTIVE SUMMARY:

Security researchers have discovered that Tesla’s Model S key fob is hackable with cloning techniques. Vulnerabilities in the Passive Keyless Entry and Start system could be exploited to both unlock and start the car.

As Wired notes, Tesla has been actively innovating to protect its cars from being overtaken by cyberattackers. “It’s hired top-notch security engineers, pushed over-the-internet software updates, and added code integrity checks,” writes Wired. Nevertheless, where there’s a will, there’s a way. A Belgian research team discovered that with just $600 in radio and computing gear, hackers can wirelessly tap signals from a Tesla key fob. With that, they can do some quick computations and uncover the cryptography of the fob—all that’s needed to unlock the car and enjoy the ride.

The fobs, which are not designed by Tesla, are from an outside company called Pektron. According to the researchers, this means that other automotive manufacturers, such as McLaren, Karma, and Triumph likely have the same issue of weak encryption.

Tesla has addressed the issue with a software update that gives drivers the option to add a pin number that must be entered with the key fob in order to start the car. In addition, Tesla has started issuing new key fobs with stronger encryption on new cars. A replacement key fob for cars purchased before June is available for $150.

Other precautions can also be taken to keep fobs safe. The researchers noted that there are small signal blocking pouches (Faraday bags) that block radio interference that the fobs can be kept in.

Tesla’s systems carry out over-the-air updates, which makes it very easy for owners to upgrade their fobs. But it remains unclear how other manufacturers would resolve the fob issue.

Get the full story at Wired.