Tesla is renowned for its sophisticated and seamlessly integrated car computers, allowing for a wide range of features from entertainment to autonomous driving. However, certain features come at a high cost, such as the $15,000 Full Self-Driving package or the $300 heated rear seats. What if you could obtain them for free by manipulating the hardware of your Tesla?
That’s exactly what a group of researchers from Technische Universität Berlin and an independent researcher have done. They have found a way to exploit a weakness in the AMD processor that runs the infotainment system, which controls the user interface and the software-locked features. By manipulating the supply voltage of the processor at the right moment, they were able to trick it into accepting their code and bypassing the security checks.
“We are not the evil outsider, but we’re actually the insider, we own the car. And we don’t want to pay these $300 for the rear heated seats,” said Christian Werling, one of the researchers, in an interview with TechCrunch.
The researchers claim that their hack, which they call “Tesla Jailbreak”, allows them to unlock virtually any feature that is normally paid or restricted by region, such as acceleration boost, supercharging, self-driving and navigation. They also claim that they can run arbitrary software on the infotainment system, such as a Firefox web browser or third-party apps.
“If we do it at the right moment, we can trick the CPU into doing something else. It has a hiccup, skips an instruction and accepts our manipulated code. That’s basically what we do in a nutshell,” Werling explained.
The hack also has some serious implications for security and privacy. The researchers said that they were able to extract personal information from the car, such as contacts, calendar appointments, call logs, locations, Wi-Fi passwords and email tokens. They also said that they were able to extract an encryption key that is used to authenticate and authorize the car in Tesla’s internal service network. This could potentially enable other attacks or unauthorized access to Tesla’s network.
The hack requires physical access to the car and is unpatchable by software updates. The researchers said that Tesla would have to replace the hardware in question to mitigate the attack. Tesla did not respond to a request for comment.
The researchers will present their findings at the Black Hat cybersecurity conference in Las Vegas next week. Their presentation is titled “Jailbreaking an Electric Vehicle in 2023 or What It Means to Hotwire Tesla’s x86-Based Seat Heater”.
The group of hackers claims that their “Tesla Jailbreak” is “unpatchable” and allows to run “arbitrary software on the infotainment.” They also said that despite the exploit, they believe Tesla’s security is better than other automakers.
This is not the first time that hackers have targeted Tesla’s software or hardware. In the past, hackers have demonstrated how to remotely take over a Tesla’s brakes or steering, how to steal a Tesla with a key fob hack, or how to clone a Tesla key in seconds. Tesla has also offered bug bounties and hacking contests to encourage ethical hackers to report vulnerabilities and improve its security.
Tesla owners who are tempted by the idea of getting free upgrades by hacking their cars should be aware of the risks and consequences. Besides voiding their warranty and potentially compromising their safety and privacy, they could also face legal action from Tesla or other authorities for violating their terms of service or breaking the law. Hacking a Tesla may sound like a fun challenge, but it may not be worth it in the long run.
Relevant articles:
– Researchers jailbreak a Tesla to get free in-car feature upgrades, TechCrunch, August 3, 2023
– Hackers manage to unlock Tesla software-locked features worth up to $15,000, Electrek, August 3, 2023
– How to Jailbreak a Tesla [Read This First], That Tesla Channel, August 2, 2023