Researchers Discover Method to Access Tesla’s Premium Features Without Cost

• August 9th, 2023
Data Privacy, Data Protection

Researchers from the Technical University of Berlin have shaken the automotive industry by uncovering vulnerabilities within Tesla’s advanced infotainment systems. This groundbreaking discovery demonstrates the lengths to which modern vehicles can be exploited, particularly as car manufacturers increasingly intertwine their designs with sophisticated technology.

Tesla, the pioneer of electric cars, allows its customers to avail additional features through in-car purchases. With software updates, Tesla enables enhancements like “Acceleration Boost,” a Premium Connectivity subscription, the Full Self-Driving package, and rear heated seats – all for an added fee. But the catch? A group of doctoral students from the Technical University of Berlin found a way to access these paid upgrades without the associated costs.

The Berlin-based researchers managed to “jailbreak” Tesla’s embedded car computer, granting them the capability to run any software on the infotainment system and activate features without payment. This feat was achieved by exploiting a vulnerability within the electronic control unit, bypassing Tesla’s MCU-Z processor, which typically facilitates the activation of purchased features.

The process allowed for significant control over the operating system. And, with just a soldering iron, some electronic engineering know-how, and additional hardware worth around $100, this hack becomes accessible. Furthermore, the researchers broke geolocation restrictions, enabling features like FSD Beta in unapproved regions. The hack also introduced the potential for transferring a car’s identity to another computer without Tesla’s involvement.

Tesla has always been viewed as a front-runner in vehicle cybersecurity. The brand’s security system is renowned for its advanced protective measures, especially when compared to other automakers. However, the recent findings echo the ways consumers once “jailbroke” iPhones.

Beyond just enabling previously locked features, the researchers also managed to extract sensitive information stored in the car’s system, from personal data and Spotify session cookies to WiFi passwords. A significant implication of this breach includes the extraction of the TPM-protected attestation key, which Tesla uses for vehicle authentication. This could lead to car ID impersonation on Tesla’s network and unauthorized modifications.

Tesla’s response emphasized that some of the attacks, such as enabling the rear seat heaters, were based on outdated firmware. In newer versions, modifications would require a valid signature by Tesla and verification by the Gateway.

Vehicle hacking isn’t a new phenomenon. As cars become more integrated with technology, their susceptibility to breaches increases. There have been prior incidents where hackers exposed vulnerabilities in various car systems, leading to unauthorized control of vehicle functionalities. These incidents serve as a reminder of the importance of continuous research and development in vehicular cybersecurity.