electric-car-513627_640
Tesla Model S Pixabay

Tesla was concerned about the safety of their vehicles and initiated an ongoing program by inviting researchers to pinpoint security flaws in their models.

Its “Bug Bounty” program offers awards to security researchers that uncover vulnerabilities in the production systems of the company.

In 2018, researchers revealed a significant flaw in the security of the Tesla Model S. Using standard radio equipment, they were able to defeat the encryption on the keyless entry system of a Model S and clone the key fob of the sedan within a matter of seconds.

Thieves could unlock and steal a car within a matter of seconds without even touching the driver’s key. Tesla responded by creating a new version of the key fob which patched the flaw.

It was a multi-part fix known as PIN to Drive, software update and a new fob. The team of researchers, who found the first flaw led by Lennert Wouters from Katholieke Universiteit in Belgium, found a similar defect in the new fob.

The second time, the flaw only required fixing via an OTA update that patched the vehicle software and the configuration of the fob via radio waves.

The flaw was based according to cracking encryption approaches which initially used a 40-bit configuration. Upon fixing this flaw, the encryption was changed to an 80-bit configuration, though this only functioned to separate the hacking problem into two.

Wouters gave a presentation showing the new fob was better than the first one, but with twice the amount of resources, it was still possible to come up with a copy. The latest intrusion approach would also mean close proximity to the fob, albeit double the time to get to the encryption. Wouters and other researchers collaboration with Tesla has been part of the continuing bug bounty program to make sure their cars are the safest out there.

It is also interesting to note that only Model S is affected by the key fob, maybe because it is the only Tesla vehicle key that utilizes unique Pektron manufactured technology. Tesla's other vehicle keys like Model 3 and Model X seem to be working just fine.

Tesla is currently rolling out its OTA patch for the potential risk.

The automotive company said it has started to release an over-the-air update which is going to allow certain owners to update their fobs from inside their vehicles within two minutes.