Tesla Model S is a modern car, using cloud computing to control the smartphone functionality through APIs in particular, but this is also a "fatal flaw" that makes it vulnerable to hackers.
According to an article in the Journal Community O'Reilly, written by George Reese, CEO of cloud management at Dell, Tesla developed and authentication protocols using its own API, which allows hackers to access some features of Model S too easy. Reese said that he himself owns a Model S.
This is a modern car with the ability to connect, control via smartphone.
When you park in a parking Tesla, though the sunroof is open or closed, no one is sitting inside or close to it, you still have the risk of being hacked. Tesla Model S meets the strengths of a car, however, a recent report shows, it remains a weak point: the safety of the API (application programming interface).
Tesla REST API is accessed through a web-based portal, typically Model S owners use iPhone or smartphone running the Android operating system to perform a variety of routine tasks and check the status of the vehicle.
Tesla using email and password registered owner of the vehicle to access the API via a web portal, creating a "token" (authentication code) lasts for three months. During that time, owners accessed via REST API Tesla authentication codes using their login information.
This car can be hacked.
Unfortunately, the authentication code of every car stored on the database site, this is the main point of "death", too easy for hackers.Reese explained, if a hacker to access, it can paralyze all the cars on that site for 3 months. The owners can not do anything to impact the application on his car.
These days, there is no way to restore access to a compromised application. Reese said this could lead to an accident if the hackers used malware to access.
API can test your car battery, active climate control, sunroof operation, locate the car, honk, open the garage door and perform other similar activities.
However, he warned, "the most frightening thing is API can be used to track the location of your move." At least it was not an attack on a large scale, but it's also really scary.
See more pictures of chiecTesla Model S, a sedan in the luxury motor world first winning "Car of the Year" from the magazine Automobile :
According to an article in the Journal Community O'Reilly, written by George Reese, CEO of cloud management at Dell, Tesla developed and authentication protocols using its own API, which allows hackers to access some features of Model S too easy. Reese said that he himself owns a Model S.
This is a modern car with the ability to connect, control via smartphone.
When you park in a parking Tesla, though the sunroof is open or closed, no one is sitting inside or close to it, you still have the risk of being hacked. Tesla Model S meets the strengths of a car, however, a recent report shows, it remains a weak point: the safety of the API (application programming interface).
Tesla REST API is accessed through a web-based portal, typically Model S owners use iPhone or smartphone running the Android operating system to perform a variety of routine tasks and check the status of the vehicle.
Tesla using email and password registered owner of the vehicle to access the API via a web portal, creating a "token" (authentication code) lasts for three months. During that time, owners accessed via REST API Tesla authentication codes using their login information.
This car can be hacked.
Unfortunately, the authentication code of every car stored on the database site, this is the main point of "death", too easy for hackers.Reese explained, if a hacker to access, it can paralyze all the cars on that site for 3 months. The owners can not do anything to impact the application on his car.
These days, there is no way to restore access to a compromised application. Reese said this could lead to an accident if the hackers used malware to access.
API can test your car battery, active climate control, sunroof operation, locate the car, honk, open the garage door and perform other similar activities.
However, he warned, "the most frightening thing is API can be used to track the location of your move." At least it was not an attack on a large scale, but it's also really scary.
See more pictures of chiecTesla Model S, a sedan in the luxury motor world first winning "Car of the Year" from the magazine Automobile :
0 comments:
Post a Comment