Tesla Key Fob Hack – Are We Too Clever?
The recently revealed vulnerability enabling hackers to trivially duplicate Tesla Model S key fobs, in my mind prompts an interesting technology question.
The Hack in a Nutshell
This does not apply to all Model S vehicles, but in simple terms, using a few hundred dollars of off-the-shelf radio and computer hardware, malicious actors can intercept transmissions from your key fob when nearby.
Using the intercepted data and about two seconds of computational power, they are able to duplicate your key fob.
This allows them to open your Tesla Model S, start your Tesla Model S, and drive your Tesla Model S away.
Noting that the cryptographic keys in use are only 40-bit keys, quoting from the Wired article:
The researchers found that once they gained two codes from any given key fob, they could simply try every possible cryptographic key until they found the one that unlocked the car. They then computed all the possible keys for any combination of code pairs to create a massive, 6-terabyte table of pre-computed keys. With that table and those two codes, the hackers say they can look up the correct cryptographic key to spoof any key fob in just 1.6 seconds.
The High-Tech Solution
To solve this vulnerability, Tesla are recommending a firmware update to the security systems in the Model S.
After unlocking the car and disabling the immobiliser system with the key fob, drivers would now need to enter a PIN on the console of the car before they can start it.
This provides rudimentary two-factor authentication, and is probably a reasonable solution to the problem, albeit lowering convenience for the owner.
Until the hackers figure out how to bypass the PIN code – and if the carrot is dangled, they will try.
Hackers are typically highly intelligent people who crave the challenge.
So, what else could we do?
The Lower-Tech Solution
As humans, how did we cope with unlocking our cars and starting them up before remote key fobs?
We coped, and we coped very well.
People walked up to their cars, and put the key in the door. They got inside and put the key in the ignition, and were on their way.
Why aren’t we still doing this?
Key systems without radio transmitters can still contain security codes, which could be read by the car when the key comes into physical contact with it.
All without broadcasting the security codes for hackers to scan and potentially use against you.
It would be harder to steal your car – and would our lives be that much more difficult if we stepped back to something like this?
Sometimes simple proven ideas are far better for us than fancy new ideas that haven’t been completely thought through.
Quickshot: West Footscray Fire
View of this morning’s West Footscray factory fire, while sitting in the traffic jam it caused. The plume of smoke was visible from where I entered the M1 at North Geelong, about 80 kilometres away.
Thank Heavens for the Halo
Say what you like about the mandatory inclusion of the halo device in Formula 1 in 2018, but in last night’s Belgian Grand Prix, it probably saved the life of Charles LeClerc.
The black marks all over the halo are where Fernando Alonso’s McLaren landed on LeClerc’s Sauber after a massive first corner incident.
Let there be no more complaints about the halo – okay?
Sunday Nerding: The Big Little F1 Engine
On the Belgian Grand Prix weekend, in the midst of the second turbo-era of Formula One, I thought it might be interesting to look back at the “big little” BMW turbo engine of the early 1980’s.
And it has a birthright you just might not expect!
Quickshot: Western Ring Car Park
The labels aren’t showing due to the flickering of the screen versus the speed of the camera lens in my phone, but these were the travel times on the Western Ring Road this morning.
Travel times were Ballarat Road to, respectively, Keilor Park Drive, the Tullamarine Freeway, and the Hume Freeway.
Such fun!
Headspace: No Regrets
I have never been the kind of person who believes in “regrets”. I believe the whole concept of “regret” is a wasted emotion.
Undoubtedly, we all have incidents in our past where we might wish we had done things just a little differently. We might have zigged when we could have zagged, failed to tell someone we loved them when we really did.
Even if we tried to.
Such events could easily feel like “regrets”, but for a long time I have chosen not to live that way.
Holding or keeping a regret is just looking to the past, and there is no future in that. There is simply no possible way we can go back and fix those things, so why should we worry about them?
We can make amends, or do things better the next time around, but we can never go back and fix things “the first time around”.
There have been many things in my life that most people would not hesitate to categorise as a “regret”.
I choose to see them as learning experiences, as chances to grow, and as opportunities to learn about myself and how I react in certain situations. Perhaps so I get to learn how to do them better the next time around.
These situations have in many cases caused me deep emotional pain, even over extended periods of time – but I still refuse to view them as bad experiences.
They are responsible for who I am, and without the pain, and without the anguish, I would not have learnt from those experiences. I would not have learnt who I am.
I am the proudest father of the most amazing daughter in the world. I would not have come to be her father without having made some quite poor decisions.
Not that I am saying that getting into a relationship with her mother – (which has since ceased) – was a stupid thing – far from it. I would never have met her mother if I hadn’t gone through a crazy set of decisions that set me back significantly.
If I hadn’t have left my first IT job at the end of 1998 to take up what at the time seemed like an amazing opportunity – (but wasn’t) – with IBM.
If hadn’t then subsequently left that job in the wake of the breakup of the other serious relationship in my life, then I would never have found myself working with the future mother of my daughter.
If I had my time over, I would have stayed with that first IT job for a lot longer. As a result, it is quite possible – (and probably likely) – that I would never have met her, and my daughter as she is now, would never have come to be.
I have no doubt I would have met someone else, and probably had a family with that someone else – but that first child would have been a completely different person.
They all might have been poor choices, but at the end of it all, I’m in a wonderful place.
That’s why regrets are stupid – even the worst choices we ever made can lead us to where we are meant to be.
Some call it destiny. I call it “life”.
Headspace: My Journey to Repair
Over the last few years of my life, a lot of things have changed. Many of those things have adversely and/or positively affected my headspace.
My mental health – (while generally pretty good) – has had its difficult times.
I’ve found over the last few years that writing about how I feel when I’m having trouble has helped a great deal – but I’ve generally kept that writing under lock and key. Much of it is deeply personal, and won’t ever see the public light of day.
Lately I’ve found that after writing about most of the really complicated stuff in my head, I’ve found myself wanting and needing to write more, but not having anything specific to write about.
So I’ve decided that every now and then, I’m going to write a short piece about how I have managed to put myself back together after a difficult few years following my separation from the mother of my wonderful daughter.
There won’t be specific pieces of “juicy stuff” – just short essays on how I view my life and the world now. I don’t even know how long I will do this for.
I just want to give it a bash – and if I can help others struggling with mental health issues, well then that would be perfect.
If you’re not struggling with your own issues – remember to look out for the other people in your life. Most people bottle things up when they hit tough times, and that’s a lot of the problem.
Check on them – sometimes they just need someone to ask if they are okay.
Sunday Nerding: The Joy Of Data
With the return of my website, I’m also bringing back my “Sunday Nerding” series. I try to sit down every Sunday and watch something truly interesting, and typically nerdy. I don’t and won’t manage it every Sunday, but it’s a ritual I enjoy during my weekend downtime.
First up, a fascinating BBC documentary from 2016 about data, data collection, and how it can, how it does, and how it will continue change the world we live in.
References
Quickshot: Flamin’ Galahs!
The local galahs certainly seem to enjoy the lawn in front of the office, and regularly visit to brighten up the very chilly mornings around here of late!