Berlin researchers hacked Tesla autopilot to unlock “Elon mode”


Three IT security researchers from Technische Universität Berlin (TU Berlin) glitched Tesla’s driving assistant into activating a powerful “Elon mode” and were able to access the company’s secrets, Spiegel reported. Allegedly, all Tesla models are vulnerable to this attack.

With tools that cost around 600 euros, TU Berlin students Christian Werling, Niclas Kühnapfel, and Hans-Niklas Jacob induced a short two-second voltage drop by 560 millivolts and rooted the ARM64-based circuit board of Tesla's autopilot.

The voltage glitch enabled researchers to extract arbitrary code and user data from the system, including cryptographic keys and important system parts, allowing them to reconstruct how it works. Researchers even gained access to a video with GPS coordinates that had been deleted by the previous owner of the vehicle, as it was not overwritten.

tesla-hack

German researchers have been able to understand which data Tesla collects to train its AI and which is disregarded. They even managed to activate the more powerful “Elon mode,” Spiegel writes.

The “Elon mode” is a secret hands-free full self-driving feature that previously hackers managed to discover. This executive mode allows Tesla vehicles to self-drive without any driver input or monitoring. This mode was discovered by @greentheonly in June 2023, who tested the mode and posted some clips on social media.

The hack could also enable premium features for free. Previously the same researchers at Blackhat demonstrated an infotainment AMD processor hack to enable free seat heaters.

Tesla’s “full self-driving” (FSD) capability is provided as an additional purchase of $12,000. However, it requires active driver supervision and does not make the vehicle autonomous. The FSD has been repeatedly criticized due to phantom braking or other incorrect decisions.

With their work, researchers wanted to explain Tesla’s safety architecture and gaps in its Autopilot system, raising concerns about how safe the cars really are.

tesla-hack

“Despite using multiple cameras and Autopilot's machine learning (ML) models, accidents persist and shape FSD reporting,” researchers said in their presentation.

They assume all Tesla vehicles are vulnerable to such an attack as they probably all use the same circuit board, even if the owner did not buy the driving assistance system. Researchers themselves were surprised that it was easy to get into Tesla’s secrets.

What we showed today is that with the voltage fault injection attack, Tesla's intellectual property could be threatened.

However, the hack requires physical access to the circuit board, removing and reinstalling it without damage, and soldering skills. Therefore, such an attack would not be very practical outside the laboratory.


More from Cybernews:

Cybernews podcast unpacks 2023's AI odyssey

Streaming in 2024: more content, licenses, bundles, and ads

Hackers steal EasyPark client data

The New York Times sues OpenAI and Microsoft for infringing copyrighted work

YouTube has helped adblockers woo new users – AdGuard

Subscribe to our newsletter



Comments

Singh
prefix 4 months ago
Digital technology have given stress almost to everyone. At least banks should avoid all kind of digital apps so that to live a free life.
Richard Kuro
prefix 4 months ago
Well hopefully Elon will not get to set back by this Incident. He is a visionary and needs to be a visionary, unhindered. He puts a lot of money into his accomplishments. He will probably higher those individuals.
John Duncan Yoyo
prefix 4 months ago
There is probably enough information here for a Hacker to recreate the breach and get the code from a junked Tesla's control board. Given time they will find a way in through the software.

Black hat will have something on this in the next few years. Tesla Pown to own is probably coming.
Troy
prefix 4 months ago
Should have worked for Elon and take your knowledge to new hights.
Dan Overgaauw
prefix 4 months ago
Musk is working for the global good so open source should be the goal
He’s got quite a lead in tech and as long as he keeps innovating faster than hackers, he should be fine and we all benefit
I’m not worried about his tech insight
I’m worried his ego gets the best of him
Giin
prefix 4 months ago
Still an amazing scam, requiring someone to pay large sums of money to unlock a built-in feature of something they own. You would think people would have learned from decades of PC scammers tricking Boomers, but nope.
Nick Gallagher
prefix 4 months ago
"...such an attack would not be very practical outside the laboratory." Actually, it is very practical for ANYONE who owns one of the vulnerable cars. They have physical access to the circuit board and 30 minutes on YouTube will teach one to desolder and solder. I think achieving the reported voltage drop would be a much more challenging task than removing MY circuit board from MY car in MY garage. In

Scott Eric
prefix 4 months ago
The fact an Elon mode exists on Tesla autos is scary as hell but then again when one thinks they are God they do what they want... Foolish fan boi who thinks this is only done in a lab are stupid. Did you read the part where $600 in tools was all out took?

You idiots live in the clouds if you think Elon gives a damn about any of your simply because you worship him lol.

He uses and abuses everything and everyone from the mother's of his children to every consumer... Your worthless to the guy.
NopetyNope
prefix 4 months ago
It certainly isn’t a “non-issue” if you’re in the cyber security assurance or intellectual property protection groups inside Tesla. Gonna be some heads rolling.
Betty
prefix 4 months ago
I think the Techs just wanted to let Tesla know of a possible lack of security in the system. Like they said only under certain circumstances could anyone hack into the system. But I'm sure Elon appreciates the Intel and will address the issue. If they weren't on the up and up about it, then someone else with bad intentions could have done real damage.
Jacob
prefix 4 months ago
Umm.. imagine hacking a system that is avaliable open source. All of Tesla is open source avaliable to anyone. Elon wants people to use his tech to keep advancing. This is nothing.
Brandon Cairns
prefix 4 months ago
I'm sure they will figure out a way to make it so it isn't as easy to do something like this.
SomeGuy
prefix 4 months ago
Dropping voltage and soldering, surface mount or not isn't rocket surgery. If you need the second an adapter could probably be made, I would think any decent engineer that works in embedded control could do this, especially if the details are provided, so yeah, it's kind of a big deal. They should have protection against this. You can't sue someone because you built a system with an inherent issue and they found it. Being cheap and making impossible deadlines leads to this kind of thing.. kinda like body panel gaps. If the key used to communicate with the servers is the same for all then this will suck pretty dramatically.
Abu baker
prefix 4 months ago
The Chinese probably already hacked it.
Cindy
prefix 4 months ago
I think it’s the right instincts , trying to be sure of your imagination or infatuations , you could be right or wrong but why don’t you try to find out with facts . You should be cautious of the fact that facts and proofs are liable to achieving great decision making . You can do yourself a favor by reaching out to Hacker4wise via hack4wise @gmail com for fast findings of your answers , it’s been a privilege working with the genius
Kris Kringle
prefix 4 months ago
when will tesla get a real ceo
Cory
prefix 4 months ago
It is pretty disgusting to know all these cars have an "Elon Mode" in their firmware instead of having a special firmware for the brats cars. Elon should resign from Tesla. The more he does at this point, the more fuel I have for my disdain towards him. He couldn't engineer his way out of a cave.
Okkie
prefix 4 months ago
You're not a musketeers for wondering if this kind of stuff is ethical. It's definitely not the way white hat hackers normally operate
A human
prefix 4 months ago
Elon Musk should hire these skilled IT technicians and pay them well to secure and safeguard these glitches.
a REAL human
prefix 4 months ago
Or, they should tell everyone how to do this so we can get features free that other idiots overpaid for, like heated seats and self driving. Someone will figure out how to do this with a plug in device eventually.

I equate this to going to a junk yard and pulling the premium features for $20 and installing them into the base model of whatever vehicle you have. Same basic vehicle, without the dealer ripoff.
Toedeledokie
prefix 4 months ago
Exactly what they do, participating in Pwn2Own
Spencer
prefix 4 months ago
So - it's nearly impossible without a laboratory environment....

This is a non- issue.
A guy
prefix 4 months ago
A laptop, soldering kit, and a voltage regulator isn't what I would call a 'laboratory'.

It probably took the lab to *discover* the backdoor, but takes significantly less to reproduce it.

And of course, once the box is opened and the code examined, other easier vulnerabilities can be found.
Marvin
prefix 4 months ago
Mostly anyone who has worked in IT and Electrical Manufacturing could do this outside the lab. Or anyone thats taken basic electrical courses in school could do it. That adds up. In no time you could find a friend that can do it for $1k.

I wouldn't necessarily call this a non-issue.
Stove
prefix 4 months ago
€600 of equipment specifically.
Tom
prefix 4 months ago
Thank you! Why are there so many hit pieces about Tesla? It’s almost as if the petroleum and conventional auto industries are waging a war of slander.
Johnson
prefix 4 months ago
Anyone can do this with £600 worth of equipment. No "laboratory environment" necessary. It is a major issue for Tesla.
The article assumed a lab would be necessary for simplying doing some soldering i
on a circuit board and reinstalling it, which is silly.
Sam
prefix 4 months ago
Yeah, because I’m sure there’s no one in China with €600.00 who would want this info. lol
David
prefix 4 months ago
No. Judging by the image of the board anyone with a reasonably equipped home electronics lab and a steady pair of hands could do this in an evening.
Oscar G
prefix 4 months ago
I have a "Laboratory environment" at home worth about 10 grand. I built it in sections, over time.

Its not hard.
Curtis Griffin Jr
prefix 4 months ago
Where did it say that was nearly impossible without a laboratory environment???
Claudio
prefix 4 months ago
Its not impossible, its actually simple just not for the average person.
Tim
prefix 4 months ago
Elon should sue the crap out of them in civil and criminal court.
Martin
prefix 4 months ago
Would be funny watching him get embarrassed in court.
Should be paying them like every other tech company does when you find faults and ways to hack into their tech.
FuckTheUSA
prefix 4 months ago
A sue happy americunt thinking his frivolous legal lawsuits hold any water.
Eli
prefix 4 months ago
The beauty of simple minds.
Pim
prefix 4 months ago
Well said Tim, because if these researchers never published this no other (state) hacker would have found this and abused this information to produce cheap electric cars leading to less demand for actual Teslas.

Come on don't be so naïeve, this has already happened or will happen (Looking at all those state sponsored cheap vehicles out of China).
This way Tesla is aware and can take protective measures.

Burying information never works. Security through obscurity is not a safety measure.
Bob
prefix 4 months ago
They didn't do anything illegal, Musketeer.
Backcountry164
prefix 4 months ago
Tell that to Apple. Or John Deere. Or any number of other mega-corps that control your government.
Sean calla
prefix 4 months ago
But only a bitch would do that. Wait. He'll do it then.
Mind2Cents
prefix 4 months ago
It happened at a university, for “research purposes only!” But Elon deserves someone publishes this method on a zero-day dark web for other users to exploit it properly. Hiring them won’t mitigate all vulnerabilities, as other researchers will find those. Think of iPhone jailbreaks, it took Apple 14 years or so to slow down the process and yet nothing is perfect.
john marshall
prefix 4 months ago
Call your law school and demand a refund....
Melon
prefix 4 months ago
I think he should hire them!
Sandor
prefix 4 months ago
I think it is criminal! A lock is applied to keep away an introuder!
You can force all kind of lock!
And when it's done You became a Burgler!
That simple is it!
(thinking about the Windows of Your house... IF I cross them with a rock... Are You going to hire me for Your protection??)
FilboBaggins
prefix 4 months ago
Tell me you know absolutely nothing about civil or criminal law without telling me you know absolutely nothing about civil or criminal law.

Exactly what law did they break by messing with property they own. They didn't hack his computers they didn't sneak into the factory. By your logic I should be in prison for replacing my cpu and overclocking it. You're a disgrace to intelligent thought and your parents should be ashamed to have raised someone who lacks all forms of critical thinking.
Leave a Reply

Your email address will not be published. Required fields are markedmarked