With newer cars being computers on wheels, some manufacturers are using software to put features behind a paywall or thwarting DIY repairs. Industrious
hackers security researchers have taken it upon themselves to set these features free by hacking a Tesla infotainment system. (via Electrek)
The researchers from TU Berlin found that by using a voltage fault injection attack against the AMD Secure Processor (ASP) at the heart of current Tesla models, they could run arbitrary code on the infotainment system. The hack opens up the double-edged sword of an attacker gaining access to encrypted PII or a shadetree mechanic “extracting a TPM-protected attestation key Tesla uses to authenticate the car. This enables migrating a car’s identity to another car computer without Tesla’s help whatsoever, easing certain repairing efforts.” We can see this being handy for certain other unsanctioned hacks as well.
The attack is purported as being “unpatchable” and giving root access that survives reboots and updates of the system. Since AMD is a vendor to multiple vehicle companies, the question arises as to how widely applicable this hack is to other vehicles suffering from AaaS (Automotive as a Service).
Longing for a modern drivetrain with the simplicity of yesteryear? Read our Minimal Motoring Manifesto.