The rolling computers that become electric cars can make some people fear the worst: what if someone took control of my car remotely? This vision of horror, put forward in the Netflix film “The World After Us” is for the moment far from being reality, which does not prevent us from seeing certain possibilities. Let’s see what can or cannot be done with an electric car that drives itself.
Whether in a movie or just in your imagination, the vision of horror caused by crazy cars is probably not foreign to you. Brought back to the forefront in particular with the film “The World After Us” on Netflix, the possibility that the driving aids of certain vehicles are hacked is not a recent fear.
Among the brands we hear the most about in this area, we of course find Tesla and its Autopilot. As a major organ of a hyperconnected system, we may be right to wonder if it is possible to give orders to the Autopilot remotely, whether or not we have bad intentions.
We are therefore going to examine the fact from the false, and see if, in reality, someone can today hack the autonomous driving systems of the cars that ply the roads.
A connected car yes, but not completely remote-controlled
We cannot deny that a Tesla is a connected car: 4G, Wi-Fi, an application to track it and an API allowing a lot of information to be collected in real time are all means of communicating from the other end of the car. the planet with its electric car.
Certain third-party applications also take advantage of these possibilities, for example, to be able to control the charge level of your car from a computer, or even to turn on the heating in advance so as not to be cold when arriving in the passenger compartment. . Like any software component requesting access to your Tesla account, these solutions are not exempt from falling into the hands of third parties who could use this data against you.
In this case, in January 2022, a hacker contacted Tesla on this subject, since he was able to verify that he had access to no less than 25 Teslas precisely because the owners had used third-party applications to control or track their vehicles.
If the commands that can be placed remotely are quite harmless at first glance, that does not mean that they are harmless. For example, it is not possible to move the car at high speed simply remotely, but you can easily open the doors, the trunks, start the air conditioning, or even the sentinel mode, allowing access to the video stream. cameras.
In the case of car theft in particular, it would be easy to unlock it remotely via a third-party application, and then get inside. But without any physical presence near a Tesla, what can you really do?
My Tesla moves on its own: dream or reality?
First of all, it may be useful to recall the basic security principles regarding Tesla, and particularly access to the account associated with a car. Indeed, it is this account which can allow the owner to control his car via the mobile application, which is why a strong password is necessarily preferred.
Additionally, multi-factor authentication is possible, and we can only encourage you to configure it, since it makes it much more difficult for your data to be compromised. As mentioned above, anyone with access to your Tesla account could potentially open your car, so you don’t want that to be possible.
Anyway, if unfortunately an attacker takes over your Tesla account, to be able to move your vehicle without your knowledge, it would not be so simple. In fact, the only functionality available at the moment would be the auto exit (or enhanced auto exit), which basically allows you to move the car forward or backward just a few meters.
Furthermore, in Europe, these two possibilities are extremely limited since they require that the smartphone giving the order to the Tesla to move forward be within Bluetooth range, that is to say a few tens of meters from the car. , at most. Finally, the smartphone must also have previously been registered as a key, which implies having had physical access to the vehicle. Suffice to say that it is very unlikely that all these conditions are met.
In the United States, the limit for using auto output is not the same, and you do not need to be within Bluetooth range to use it. Despite everything, we are not aware of any cases where a hacker has taken remote control in this way.
No, you cannot drive a Tesla at 130 km/h without a driver
As you will have understood, it is not possible by having all access to an owner’s Tesla account to command the car so that it cuts the road at high speed without anyone inside. In this case, even with a person at the wheel, the autopilot ends up deactivating and the car stops if the driver does not show signs of life. Some people have even gone out of their way to force a Tesla to drive in Autopilot without a human inside, and as you can see in the video below, there is a lot of work to make it work.
In this case, in addition to the fact that this video shows an autonomy record, we note that to be able to allow the Tesla Model 3 to drive in Autopilot without anyone at the wheel, it must first be made to believe that there is has someone in the driver’s seat, with the seat belt on, and with resistance applied to the steering wheel. Today, with the interior camera checking the driver’s attention and potentially other additional checks, there is nothing to say that the test would still work under the same conditions.
We can also remember this American who made headlines by voluntarily getting into the back of his Tesla Model 3 while it was driving with FSD beta, but again, these are cases where the car drives alone, but with a person inside giving orders. To date, there has been no reported case where a hacker took remote control of a Tesla and ordered it to drive somewhere.
The World After Us on Netflix
Recently, following the release of the Netflix film “The World After Us”, people tried to decipher fact from fiction, particularly regarding Teslas driving autonomously. Unfortunately, they seem to have missed the fact that Tesla’s Autopilot and FSD do not rely on GPS to work.
Indeed, in the absence of GPS, navigation would no longer be operational, but nevertheless, it is possible to continue to use all the driving assistance features: adaptive cruise control, lane keeping, and therefore Autopilot or FSD as we know them today. However, in the absence of satellite links and mobile networks, it would be impossible to communicate remotely with vehicles.
The world of robotaxis is not yet real, however some services exist in a restricted area in the USA such as Cruise, Uber (before a tragedy occurs) or Waymo. To date, there has been no report of a hack that allowed an attacker to take control. Which does not necessarily mean that it will never happen, however, we can assume that this is one of the first cases considered by companies so that potential customers have confidence.