Less than a month after hackers demonstrated that they could remotely take control of a Jeep Cherokee as it was being driven, a pair of researchers has achieved a similar—though slightly less scary—feat with a Tesla Model S.
Security researchers Kevin Mahaffey and Marc Rogers, who plan to explain the hack on stage tomorrow at the Def Con hacker conference, needed to physically access the car in order to gain access to its systems. Mahaffey, in an interview with the Wall Street Journal, said this is not too reassuring: “We assume that bad guys are going to be able to figure out remote access.”
By attaching a laptop to the Tesla’s onboard computer, they were able to issue a software command and turn it on. They also installed software that enabled them to remotely force the car to suddenly power down while it was being driven, though Tesla has some safety features that would cause the car to slow to a stop if that were to happen.
“This is a directly contrasting story to the Jeep story,” Rogers told Wired. ”Tesla had actually thought about the ramifications about what might happen and had designed the car to handle it gracefully and be safe… in such a way that catastrophic [failure] would not happen.”
The electric carmaker, which has been working with Mahaffey and Rogers, has already issued an over-the-air security patch to fix the flaw in the Model S cars’ entertainment system that enabled the illicit access.
Fiat Chrysler had to recall 1.4 million vehicles in July after the Jeep hacking demonstration.