Cyber security researchers have found six significant flaws in Tesla’s Model S cars that could allow hackers to take control of the vehicles and have safety implications for drivers.
Kevin Mahaffey, chief technology officer of Lookout, and Marc Rogers, principal security researcher at Cloudflare, said that they decided to try to hack a Tesla because the company has a better reputation for understanding software than most carmakers.
Lookout首席技术官凯文?迈哈菲(Kevin Mahaffey)和Cloudflare的首席安全研究员马克?罗杰斯(Marc Rogers)表示，他们之所以决定尝试侵入特斯拉汽车是因为该公司在软件认知方面的声誉胜过大多数汽车制造商。
But the so-called “white hat” hackers, who probe internet-connected devices to try to push companies to improve security, still found vulnerabilities.
The hack on the Tesla car, to be detailed on at the cyber security conference Def Con in Las Vegas today, is the latest in a series of vulnerabilities discovered in connected cars. One high-profile case led Fiat Chrysler to recall 1.4m Jeep Cherokees last month.
此次入侵过程的细节将于今日在拉斯维加斯的Def Con网络安全大会上公布，联网汽车已经被发现了一系列漏洞，特斯拉是最新的一例。上月菲亚特-克莱斯勒(Fiat Chrysler)就召回了140万辆切诺基吉普车。
The hackers had to access physically the Tesla first, which made it more difficult than many other hacks. Once they were connected through an ethernet cable, they were later able to access the systems remotely. This allowed them to take control of the screens. They were able to manipulate the speedometer to show the wrong speed, lower and raise the windows, lock and unlock the car and turn the car on or off.
“We shut the car down when it was driving initially at a low speed of 5mph. All the screens go black, the music turns off and the handbrake comes on, lurching it to a stop,” said Mr Rogers.
But when the researchers experimented with hacking the car at a higher speed, Tesla safety measures ensured they could not put the handbrake on. Instead, all the screens went blank, the car dropped to neutral and the driver maintained full control of the steering.
Tesla has issued a patch to fix the flaws. The company said that drivers would be able to download the updates via WiFi or a cellular connection.
This was another key safety feature that earned Tesla praise from the security researchers as many carmakers did not have the ability to update software automatically without drivers taking the car to a dealership or mechanic.