Tesla hackers turn to voltage glitching to unlock paywalled features
Oh, this old thing? Yeah, it's got an AMD processor. Why?
Black Hat There is a way to unlock those paywalled features in your car, as a group of German PhD students demonstrated at Black Hat, but it probably won't keep the automakers up at night.
In a talk this week, a trio of Technische Universität Berlin boffins demonstrated how they were able to bypass the $300 purchase requirement to activate heated rear seats in a Tesla Model 3 – or at least in the computer from a Tesla Model 3.
Instead of approaching the problem like Tesla hackers of the past, who've tried to gain control of vehicles or break into them as an outsider, Christian Werling and his fellow researchers wanted to approach the problem like someone who already had physical access to a vehicle and was trying to make their own modifications – like breaking through soft locks on optional, but installed, features.
The researchers' first attempt was simply to try to modify the firmware in the Tesla's computer, but they were rebuffed by the secure boot process – something that Werling told us was a relatively new development in Tesla's computers.
Previous versions of Tesla computers were vulnerable to an off-chip boot loader buffer overflow that was fixed via firmware updates. Another buffer overflow issue affecting the ROM on Tesla computers remained, but was fixed when Tesla later upgraded from AMD Zen 1 APUs to Zen 2s.
The problems were even worse before, Werling pointed out – Tesla computers used to have open X servers, hard-coded passwords, and their code wasn't even signed. Now, in 2023, Tesla computers have a boot chain of trust, firmware and OS signing and a root of trust in their AMD SoCs that left the researchers faced with a hard reality: They couldn't get in.
Have you considered shock therapy?
Cast your mind back to 2021 and you may recall a story about a group of researchers who managed to subvert AMD's Secure Encrypted Virtualization by causing a voltage glitch. One of the authors of the paper which uncovered the AMD voltage glitch, Hans Niklas Jacob, was also part of the group of Tesla hackers talking at Black Hat.
Now recall that Tesla uses AMD processors in its vehicles and you may have an idea where this is going.
By soldering a couple of wires to the infotainment and connectivity ECU, which contains the gateway chip that stores settings for things like software-locked features, the team were able to get the voltage to drop at just the right time to fool the system into thinking that it was being booted securely when that wasn't necessarily the case, allowing them to gain root access to the device and unlock the heated seats.
As an added bonus, they were able to use their newfound access to exfiltrate information about the car and user data stored in the Tesla computer, like location history, Wi-Fi passwords and session cookies for services like Spotify and Gmail.
Call us back when you achieve persistence
"When we called Tesla to share the exploit with them, the first question they had was whether it was persistent," Werling told The Register. "We told them it wasn't, and they haven't responded to us since."
The only way to achieve persistence would be to solder a mod chip to the board itself, Werling said, something Black Hat attendees will likely be all too eager to try on their own – if they don't mind digging into their Tesla's computer to solder on some wires and void their warranty.
Werling also told us that the team hasn't had a chance to try it in an actual Tesla yet, but said that independent security researcher Oleg Drokin, who worked on the project with them, has tried it in an actual Tesla. "I'm pretty sure it worked," Werling told us.
As to whether the problem could be duplicated in other vehicles with software-locked features, like BMWs, Werling said the team hasn't tried yet, largely because they haven't been able to find a computer from other vehicles with software-locked features.
- Tesla steering problems attract regulator eyes for second time this year
- The semiconductor biz is sick, but demand for SiC chips that improve EVs is accelerating
- Tesla's Dojo supercomputer is a billion-dollar bet to make AI better at driving than humans
- First of Tesla's 'bulletproof' Cybertrucks clunks off production line
"I would be astonished if other manufacturers have the same level of protection for their systems," Werling said. He noted that Tesla has become good at defending against attacks to its software after investing time and money in attracting hackers in the past, something he said it's not clear if other automakers have considered.
Still, Tesla clearly wasn't considering a voltage glitch as a way around its protection – something that looks a lot like a failure of supply chain security given voltage-vulnerable AMD chips are at the heart of its computers.
The team who wrote the 2021 AMD voltage glitching paper noted that, where hardware redesigns aren't practical, software could be modified to detect voltage modulation to prevent faults that could trigger an insecure boot. Perhaps Tesla will release a patch at some point.
We'd love to know, but the Musk-owned automaker hasn't answered our questions. ®