- cross-posted to:
- tesla
- news
- [email protected]
- [email protected]
- cross-posted to:
- tesla
- news
- [email protected]
- [email protected]
A group of hackers have exposed an exploit that can unlock Tesla’s software-locked features worth up to $15,000.
Free heated seats and Full Self-Driving package, anyone?
Software-locked features that need to be activated by the owner paying or subscribing to a service are becoming increasingly popular in the auto industry.
Tesla has been on board that trend very early since it produced virtually all its vehicles with the same hardware and owners can unlock features later through software updates.
This includes features like heated seats, acceleration boost, and even Tesla’s Full Self-Driving package, which costs $15,000.
It creates a market for people trying to get around the software lock.
A group of security researchers (aka hackers) at TU Berlin announced that they managed to exploit a weakness in the onboard computer to unlock these features:
Tesla has been known for their advanced and well-integrated car computers, from serving mundane entertainment purposes to fully autonomous driving capabilities. More recently, Tesla has started using this well-established platform to enable in-car purchases, not only for additional connectivity features but even for analog features like faster acceleration or rear heated seats. As a result, hacking the embedded car computer could allow users to unlock these features without paying.
They plan to unveil the result of their exploit in a presentation called “Jailbreaking an Electric Vehicle in 2023 or What It Means to Hotwire Tesla’s x86-Based Seat Heater” next week.
The hack requires physical access to the car, and it involves a “voltage fault injection attack” on the AMD-based infotainment system:
For this, we are using a known voltage fault injection attack against the AMD Secure Processor (ASP), serving as the root of trust for the system. First, we present how we used low-cost, off-the-self hardware to mount the glitching attack to subvert the ASP’s early boot code. We then show how we reverse-engineered the boot flow to gain a root shell on their recovery and production Linux distribution.
The group of hackers claims that their “Tesla Jailbreak” is “unpatchable” and allows to run “arbitrary software on the infotainment.”
I feel like locked features like this in a vehicle should be illegal. It’s one thing if some app/software on your PC or phone has features locked behind a paywall, it’s annoying, but not on the same level, as you can usually search for other software or methods around that. For a car’s software/features though, you’ve bought and paid for that car, you shouldn’t have to pay additional money or pay a subscription for features that your car is physically capable of doing otherwise. Features should be locked in at the time of manufacture, not sold as DLC after the car is purchased.