[HN Gopher] Tesla Model 3 Vulnerability - Disable Autopilot Noti... ___________________________________________________________________ Tesla Model 3 Vulnerability - Disable Autopilot Notifications, Speedometer, etc. Author : notRobot Score : 50 points Date : 2020-03-20 20:14 UTC (2 hours ago) (HTM) web link (safekeepsecurity.com) (TXT) w3m dump (safekeepsecurity.com) | joeblau wrote: | The MCU on my Model X has frozen a few times without visiting a | website. I've had to forcefully restart my MCU at a stop sign | twice since having it. | tyfon wrote: | I've had the FSD computer (HW3) freeze in my X once. The | autopilot/TACC, gps location and even the wipersn which are | controlled by this even if you're not using auto-wipers (deep | rain), stopped working. I had to stop and power off the car for | a few minutes to make it work again. | | Everything else was fine though so I think they have isolated | the driving itself quite well. | | I've also had the MCU crash 2-3 times but the two finger salute | always fixes it. | | My car is 8 months old so these events are quite rare. | FriedPickles wrote: | I don't believe that autopilot stopped functioning. In my | experience autopilot functions fine even if the MCU crashes or | reboots. And there's clearly an autopilot disengagement chime | after the MCU freezes, probably caused by him manually | disengaging autopilot. | aloknnikhil wrote: | I think he corrects himself in the disclosure. | | > Important Note: I stated in the video that this disables the | autopilot functionality, but that is incorrect. This will only | disable the notification to place pressure on the wheel. If you | keep pressure on the wheel, AP will continue to function. | FriedPickles wrote: | Thanks, makes sense. Almost all autopilot functionality is | preserved during MCU problems. The attention warning | indicator (pressure on steering wheel needed) being one | notable exception, but that's pretty benign. | Klathmon wrote: | Not only is autopilot functionality preserved, but there is | a seperate speaker for alerts (like the "take over | immediately" sound) as well for if the display MCU crashes. | aloknnikhil wrote: | So how does the rollout for Tesla updates work? Are there | specific updates that are marked mandatory before you can drive | the car? Wondering how these disclosures are avoided from being | exploited when not all of the cars have the patch. | jmtame wrote: | They're not mandatory to drive. Tesla does silent over the air | updates with important fixes since the car has data | capabilities. Larger updates happen over WiFi. | dbt00 wrote: | There's no mandatory updates that I've seen. You get an alert | that there's an update, and it shows up every time you put the | car in Park. It prompts you to update now or schedule a time. | | You usually have to be in range of wifi to download updates, | afaik. | nuzzl wrote: | Hey, it's the guy from the video. I worked with Tesla on this | and we waited until a sufficient amount of vehicles had the | patch before releasing it out. But if someone that acts | maliciously, just releases it out without co-ordination with | Tesla, that's a different ballgame. I would imagine they would | roll it out ASAP. | segfaultbuserr wrote: | The car's low-level control is still functional as normal, it's | just the user interface that crashes, disabling the main display, | all readouts, and all notifications. Rebooting the UI can fix the | problem (it will reset itself automatically after two minutes as | well). So it's a security issue, but not that serious as the | title may suggest otherwise. | | Still, apparently, a bad webpage with a loop of JavaScript that | hangs the web browser can lead to a complete failure of the | entire user interface, even disabling the speedometer, turn | signal (only the notification, visual and sound, not the actual | signal), and AutoPilot status. Still a red flag and not a sign of | good engineering. | TrumpMyGuns wrote: | Body panels with insane gaps and light housings that allow | moisture in were already signs of bad engineering. Tesla is a | joke propped up by social media fanboys. | [deleted] | tyingq wrote: | I'm surprised browsing the web isn't a separate, isolated process | from the car's general ui. | Someone1234 wrote: | Some vehicle systems use a VNC compatible client for this. | Essentially put the "web parts" into their own system entirely, | even physically, and then project the results into a window on | the "safe part" UI. If something bad happens the VNC server | might crash and client lose connection, but that's the limit of | the danger. | | I know around the time Carplay became popular several auto | manufacturers were pushing this idea as a Carplay/Android Auto | alternative implementation: glorified VNC. But I guess the data | wasn't "rich" enough for some parties. | nickodell wrote: | Here's the vulnerability: <html> | <script> var total = ""; for (var i = 0; | i < 100000; i++) { total = total + i.toString(); | history.pushState(0, 0, total); } </script> | </html> | root_axis wrote: | Pretty funny. There's a joke in there about running javascript | in your car. ___________________________________________________________________ (page generated 2020-03-20 23:00 UTC)