 to MCH 2022, the four-intent battery, you probably know that battery, I mean, battery. No, we are not talking about batteries, but battery-powered cars. So here with me on stage is Martin Herfoot to talk to you about demystifying Tesla's Bluetooth passive entry system. Please give him a very warm round of applause. Thank you very much for the introduction, and thanks you for being here. I'm talking about Project Temper today, and this is, as you can see here, about Tesla cars. It's the fourth time that I'm giving this talk, but actually I was adding quite some new stuff as well. Every time I did it, I tried to make an effort and add some new things. Right. So about Tri-Fonite Org, you might have seen the logo in the lower, right? It's a group logo that is almost pretty retro already, because that was 18 years ago when we started, together with, or more than that, together with Colin Mulliner and me, and we did a lot of Bluetooth-related research. Back then, of course, mainly Bluetooth Classic, and we were participating in some test events with the Bluetooth SIG, which is the standardization body for the Bluetooth protocol, and we were helping vendors back then with their smart phones, not smart phones, but their feature phones and Symbian phones, stuff like that, in order to have, like, not the easy low-hanging Bluetooth vulnerabilities. So, and about me, I'm from Salzburg, Austria, pretty much like the Herald. He's not from Salzburg, though. He's from Vienna, and I'm a regular participant and also speaker at some instances at C3 in Germany, so which is the yearly CCC Congress since 1998, without missing even one. And I also am the author of the Tesla Radar app, which I will talk a little bit about later. And, of course, I own the Tesla myself because always renting or having to rent one in order to do tests just didn't work out for me. And a little bit of memory lane. My first camp that I participated was actually in 2005. It was what the heck? It was in Linde, also in the Netherlands, and I found a picture of me talking, like, in one of the old Flickr accounts that is still linked up in the page, and as you can tell, no difference, right? And back then I was talking not only about Bluetooth security and stuff we found. One of the projects I was talking about back then was also Car Whisperer, my first project that went into the automotive direction and what I did there, we were injecting audio messages into cars with hand presets and there was a lot of fun. That was possible back then because of standard pin everybody used. So it got a little more complicated with Teslas. They use obviously not a standard four-digit passkey in order to unlock the car. They do it for driving though, as you might know. Maybe as a show of hands, how many of you do have a Tesla or drive a Tesla? All right, so that's like 500% more than usual because usually it's just one guy, me. All right, but that's at least some more, that's cool. And this talk is about telling you why you should be really careful using the Tesla phone as a key and also like the NFC. Some of the things have been mitigated but Project Tempo was investigating the Bluetooth Low Energy Interface that Tesla has in their cars. And this interface that I'm talking about is primarily found in all Tesla Model 3 and Y but also on the new facelift variants of Model S and X. So it turned out that this phone key feature which got introduced with Tesla Model 3 turned out to be a quite popular thing and I believe it's also gonna be in the road still whenever this appears and it's like the thing that Tesla puts all their effort on and it's just an estimation that about two million cars to date do have that feature. And what it also allows is not unlocking the car or like driving it, it's also like having a continuous ID so tracking and identifying vehicles on the radio level is pretty easy. And also you can like send messages there and how you do that I'm gonna show you. So most or not most some of the things have been fixed by Tesla over the time some of them partially. So I talk about one thing that got mitigated but kind of reopened by one of the attacks I'm going to show today. And all the or most the things are findings that came from reverse engineering the official Tesla app which is an easy process as you might know the only thing is of course they use obfuscation so you have a lot of guesswork as well. So the original research started with Tesla radar in 19 but it intensified in 2021 when playing a little more with the app and looking into that communication. All right phone key, what is it? It's like the big innovation that they had you use your phone as your car key and that's a pretty good idea and as said it's gonna be part of future models. So what's like the ways to unlock a Tesla? Of course you guys that own a Tesla already know that but for the ones that don't I explained that in a short slide here. So you have like your phone which is pretty capable of using like the network based API which you require to have internet for. Then it's the NFC protocol which is in purple here which is used for directly interacting with the car and then you have Bluetooth with kind of in the middle and as said here VCSEC is the protocol which is spoken from the phone and also from the key fob via Bluetooth Low Energy to your car. All right NFC card, these are the ways you can read that later on to unlock I just summarized that here a little bit and due to timely constraints I'm also not gonna show the videos which I have like linked in the presentation and that's gonna be your homework to show afterwards but to watch afterwards. So a little poll for the five people with Teslas so how would you unlock your Tesla usually? Like with the key fob, with the phone key or with the NFC card? Show of hands like key fob, one, two, three and with the phone key, one, two, three, four, said Ray, all right and with the NFC card still one, one, all right, good. So that was the official result from the Tesla from the Twitter poll I did so like 83% back then are using phone key including myself, I do own a key fob though which costs a fortune for I think what it is and right, phone key is the thing the most people use. Usually how does that work? The smartphone finds the vehicle that has some indicators that show that this is the right vehicle to talk to and it connects because the car would act as a BLE peripheral implementing a generic attribute service that you can interact with and there's no pairing required and this has also some background maybe why this is not required and of course you can unlock your car, you can start, you can open the front do stuff like that. So whenever this car advertises a gut service there will be a name, like a standard attribute or a service and also a two-vehicle characteristic and a front vehicle characteristic and then pretty much also is very intuitive what's gonna be done with these characteristics I guess. As well it's exposing an IB constructor and I think that's mainly done in order to have iPhones natively detect the car with all that background process optimization I think they built that in because Apple makes it really hard to have a background process that does not rely on Apple technology. Yeah and the advertisement is like pretty easy to find out so there's this UUID and then they have a major and minor ID which is part of the IB and specification and these are like the attributes that an iPhone along with the device address of the car would recognize the car for it to be connected. And as well the name of the vehicle has some cryptic input or in cryptic stuff, right? So whoever scans for BLE devices next to a Tesla will find a few of like these names starting with an S and then there's an eight bytes hex sequence, hex encoded sequence ending with a C in the most case. I guess most of you found that already. So C I believe stands for the center interface then we have a driver side, passenger side and the rear side but these names are guessed because like passenger side on the right hand drive would be the driver side so I think they kind of messed up there already. So but the thing, the eight bytes in the hex seemed random to me at first and they seem to be unique to a vehicle and they are always turned on and unique to the vehicle and that kind of led to the thing with the permanent ID so anybody with a phone could tell whether my car is in the proximity of Bluetooth or not. Which is a privacy issue which I pointed out in 2019 to Tesla and that's also when I published the Tesla radar app which is a showcase for how easy it would be to spot a Tesla over a larger area given that there's enough people with the Bluetooth phone participating in the Tesla radar ecosystem. And in a way it is allowing to stalk people, right? And even though the Apple AirTag implements way more security and privacy features in their AirTag technology so they randomize their IDs they are really hard to really track and reliably track but even this caused a massive outcry in the privacy community that this is not a thing that they should do. Of course, slipping a Tesla into somebody's purse is hard but that would be the maybe the reason that Tesla permanent ID never got that of an issue. So I had a correspondence with Tesla and they said, well, we know that is the case but we don't change it because as long as there's cameras everywhere that also film your number plate we don't see a reason of changing anything there. So I think that was the reason when I made that app public and kind of show how big of a thing that could be. And first it was for showcasing privacy issues then it was a game for Tesla fans so there's some gamification in there there's a ranking actually Thomas right here in the second row is like the number one Tesla spotter for a long, long, long time. And yeah, I'll give him a... And I don't know how many 10,000s of Teslas you spotted but you're like the number one spotter even though you're not on that ranking list anymore because you're super observers currently under maintenance right? But very good work. And of course it's a big data collection for work. I think there's a statistic from May and there was about 154 unique cars in the network from about 50 in the meantime 50 different countries. So there's a lot of players and if you found this interesting I have to say at the moment I'm having technical issues with the app so just allow it communicating on wifi please if you wanna use it because it kind of retransmit a lot and causes a lot of and I have to find out about that. So but back to the thing with the eight characters that are hex encoded or eight bytes that are hex encoded and of course it's unique to the vehicle and the win would also be like the vehicle identification number is also a thing that is unique to vehicle. So it encodes a manufacturer ID, a model type and so on and that is hashed I found out hashed with a char one and then they cut out like the they butcher it up and say only the eight bytes are taken for the vehicle identification. So it's really hard to reverse that process since it's a cryptographic hash right so what I did is creating a rather small rainbow table of about 20 gigabytes and it has a pretty high hit rate so I can track back from that eight bytes hex encode I can see what the win is and can also see what the model would be of that kind of identifier. I also could find out like if it's a performance model or worth stealing if I'm behind a locked garage door so it's a pretty high hit rate at the moment I will have to add new wins to the index so the Austin Gigafactory has a different signature I would have to add that I didn't even do that now but there's a little room for improvement but it works rather well and also what I did at Christmas when I found out of that key win or like this win reversing thing I thought it would be interesting to take my new tripod and mount an antenna on top and put it in my car so the side pocket of the Model 3 is ideal for doing that so I put that with the antenna and went through whole Germany to the Gigafactory 4 and because I'm in Salzburg which is way down there and I drove along where the new battery factory is going to be and also Gigafactory 4 and there's a highway and always aiming my antenna inwards to the premises and what I found there was a lot of research prototypes and you would know from the win they do have an R which is interesting but also was interesting there was a lot of BLE like car jacking devices things that could be when you tamper with them pretty dangerous for the people working there but as everybody knows Tesla doesn't care there's a lot of people working there, right? So, and actually this is a video that got presented in May and it's been a similar video two days earlier so that's part of your homework you have to watch that several times for the YouTube algorithm please and it's about how you would pull off the relay attack I will talk about that a little later and also there being able to do a relay kind of triggered me and said that's too easy, right? I contacted the Bug Bounty team at Tesla again and told them that I believe this is an issue because what really happened I tried that the first day and I had like this two raspberry pies connected and I had one in the car trunk and one in my office and I was able to just drive around as long as in the office my phone was close to that relay I was able to drive to Salzburg like 20 kilometers away I always had my key card with me because I just as a fallback solution just to be able to drive it without the phone but the thing was that was too easy because it was a get-tack-a-set-up with two raspberry pies like really, really cheap and Tesla says yeah it's a known limitation of the protocol but in order to be safe please use pin to drive which is a four-digit numerical pin that you would have to enter before you are able to drive the car which does not really mitigate the risk of being robbed there's also a lot of stuff in the car which is unsafe in the end, right? but also I had a similar attack and also I tried to present that at Pound2Own and they said no it's out of scope because it's not too binary or it's like you have to have a key for that and we don't even have that I was interested then so what are the security features that you have enabled in your car? is it one, none? is it two, sentry mode? is it three, pin to drive? or is it four, both? so one, none who has none, do you have none of these features? all right, two sentry mode, who's using that? all right, one and who's using pin to drive? one, two, yeah, quite some and both, sentry mode and pin to drive all right, so that's a little bit of a trick question because Twitter only allows one answer so combining the lower two showed that only one third is protecting the car with pin to drive that means like in many cases attackers would be able to drive your car away just by doing a relay and for some reason sometimes this other Raspberry Pi on the picture disappears it's Liebherr office, I don't know why that is but that was the setup for the thing so to the left side you see the phone then you see the Raspberry Pi number one which is running Gattaker on the right hand side there would have been the other Raspberry Pi also with a Bluetooth dongle and talking to the car, right? Gattaker allows you to see all the messages flying by there like hacks and coded bytes stuff, right, which didn't make a lot of sense but you could intercept that and you could also inspect that and inject that and you could do some on real-time modification of the stuff you see but it started making sense when I was digging a little into that and I said there's these characteristics and can pretty much tell that this one is like in direction of the car and the other one comes from the car but what really turned out to be happening there there was a protocol and that's the VCSEC protocol and that's a protobuf based protocol and you found it's easy to have found like indications that this is used for that and it's used for phone key, key fob for the tire pressure subsystem maybe for backend communication because there's some messages in there that would imply that and also maybe for other use cases so it started in app version 335 and you have to see that the official Tesla app is for a lot of more products than just for the Model 3 so that's why it's not version 1 so they use it for the power wall they use it for S and X and older models of the car and also now for the Model 3 and Y that have that phone key feature and that why this has just been introduced in April 2018 and as said this protobuf file which is like a description of the protocol was really easy to instruct with the PBTK tool in the beginning but they made that a little bit harder with version 4 when they switched library to wire which is also the same kind of protobuf implementation but just by another vendor and different regime because protobuf is Google and it has a very similar output and I'm going to show you a little more of these messages soon so as said this is the history so I just took like one protocol file of each version and you see there's quite some growth over time at the moment I think this is not even up to date anymore so it's been two months or two and a half months since there 77 messages, 45 enums which I graphed out on this really small, small, small image the blue things are the things that are referenced in the code on the Android app because that was easy to find out so what's actually active code use and these of course were the interesting bits to look at and also like if you see and that's like the first example here you see like with the green prefix this is the length of the thing coming and it's not easy just to modify the length and do some buffer overflow so this is optional, right but there, from there on, the message is encoded and having that protocol that you were able to extract and now is also like available in the VCSEC archive on GitHub you can decode that message with the product tool and what's happening is like one of the easiest requests is to see what are the whitest keys in that vehicle and that's an information request and you do not have to be authenticated for that it tells you all the key IDs and you could also get the public keys of the enrolled keys which is not a big deal because it's a public key half but what's interesting to have seen is that there is a service key in every vehicle you can use it and it looks like from the signature as if it was an NFC key and this NFC key has a public key that did not change a lot so I think for years and years they're using the same service key which makes it a little bit of a risk that once one of these service keys surface is on eBay this is gonna be a problem but this is not what we are talking about so we have like also NFC keys the ones that you get as an owner these are looking like that they do not have a crypto counter the phone key does have a crypto counter is a rolling key thing and that has to do with being able to have the passive unlock functions enabled so like without touching your phone you would be able to enter the car like in any other keyless systems and that's what a key fob would look like on that level of course these white list entries are connected with roles that imply permissions and the service key would have all of the permissions all the nine permissions that are defined in the protocol are given to the service key makes a lot of sense and usually as a phone you just have four of those it would be the local drive local unlock lock and the remote unlock and remote drive the NFC cards also have the permissions of adding stuff to the white list because it's necessary once you have that NFC card you use it in order to white list your key and there's a message type from VCSEC which is pretty comprehensive because it contains all the kind of sub message types that are possible to be sent from the car to your phone and of course there's also like one of the most common examples you see authentication request here that's whenever you pull the handle it's from VCSEC and you message to your phone and you would have to answer it correctly for the car to unlock and also there's like a command status a vehicle status where it tells you whether it's locked or unlocked stuff like that and then the other side of the spectrum you have the two VCSEC message which embeds all kind of stuff so unsigned messages come also in a few different things and these are used for messages without a direct security context but are also used in order to encapsulate messages in a signed message that do have a security context and that's some assigned message there and as the name implies you've got to have cryptographic keys in order to do that and VCSEC uses asymmetric keys based on the elliptic curve cryptography key pairs and that's like the open SSL command in order to generate a key for that yourself and what then happens once you whitelist that key and you know the protocol you would have to tap your NFC card but then a shared secret is derived via the Tiffy-Hellman key protocol and then you can use your key with the car once it's the whitelisted and send signed messages to it so that was a lot of guesswork but I finally got that working and the crypto algorithm used for the whole process is the Galois counter mode with associated data it's best known from SSH because it's a really stable implementation it's really secure and it's a very good match for the use case it implements a rolling code so you have the crypto counter that always has to increase and then you have additional data which is used as a challenge response for the passive entry functions and it's intending to prevent replay attacks of course also the rolling code there's some differences though the shared secret is 16 octets but the invocation counter or the crypto counter for the GCM usually is eight bytes Tesla is using four bytes for that and that's also making sense because eight bytes if you see like every keystroke with SSH needs a next value and here like every signed message that you send to the car is like one counter up so it's like four bytes is already a lot for that right and there's different signature types that also become important later on so you have like ones of the GCM with and without a token or like the present key also as a signing message there's like different actions I don't go too much into detail here you can read that on the slides which are online already and also like in the VCSEC protocol archive different things signed message example you see there's a proto buff message as bytes encoded in here then you see the signature type it has there's the signature key ID things for the car to verify the phone I'm talking to possesses the secret key that I do know the public key of what can you do with that since unrestricted requests include that you can enumerate the keys you can see how many keys are enrolled for this device for this vehicle how many Apple, how many Android devices are there how many NFCs you can find out about that and the process of white listing a key just requires you to have like that NFC card and usually you log into your Tesla account so that's what the official app is doing and since you have like access to the owner API with your login you get a token you get the VIN identifiers for all the cars that you are permitted to lock and unlock and finally your app goes ahead and finds the vehicle and begins the white listing process it would send an information request and get like the public key of the car receives that and also then sends information requests to get the list of white listed keys then it tries or it asks the owner to tap the key card and then with that authorization on the B pillar or a flasker blade in the middle this car is getting in the car finally the phone asks again show me again the white list of keys and once this key is on there the process is done and there you go with the authorization timer attack so out of convenience Tesla decided in August last year that it would be really great if I was if I was like as a car owner tapping the NFC card would get in the car it would be so great for the owners using the NFC card just to be able to drive without any further action without any further key card action right so what they introduced was the authorization timer 130 seconds that do not require an extra tap for that bad news because during this time frame attackers were able to also enroll their own key in your vehicle without you really noticing it right there was no indication on the screen and actually there's also a presentation in that video it's also linked on the Trifonite page also homework please watch it several times and give it a thumb and this is about the staged thing where you can also force a user to use the NFC card because usually if you do have a phone you won't bother using your NFC card but there's some situations where you in the easiest case just use a 2.4 gigahertz jamming jamming device and would just jam the frequency and the phone would disconnect and in order to get into the car you would have to use your NFC card for tapping it and there you go the authorization timer attack would have become possible and owning a key on the device does allow you to lock and unlock the vehicle and to drive the vehicle but that's also when Tesla said yeah use pin to drive so people with the key cannot drive your car they can rob everything from interior but not driving because you have to enter that four digit key and that's when I did another video that shows how easy it is to bypass this pin entry just by sending that remote drive command to the car which was intended to be used in the summon feature where you can say like in the parking lot please car back out of that really narrow space because I want to get into that and this pin to drive dialog just disappears when you send that command so Tesla was not really happy about that information getting into public but red and then there's something else which is fun to play with Tesla has a really broken trust model so I put in here Cartman there you know that and it's like that cars, the Tesla car always would say respect our tarot car and would not even ask that are so every message that is sent from the car to the phone is trusted by default so the car never has to prove to the phone that it's really the car so this is an issue the other way around of course the phone would always have to prove by signing a message it would have to prove I'm the real device but not vice versa and of course that's like the next step was how to emulate a car so the phones will talk to me instead of the car and of course you would have to expose an IEP construction like the car also would do and then it was a little bit tricky because you would use the extended inquiry format in order to the extended inquiry response which is not easy to do with the blue Zee bus API which I was first trying to use there I ended up using Python library which is able to do that and there you go and you can look like that Tesla car and you also would have to use a BD address and set your Bluetooth address accordingly but once you did that any phone would talk to you thinking you're the car and since you never have to prove you are the car you can tell it bullshit like hey your key is not valid anymore so once the phone would connect I would say please send me an authorization and the phone would go ahead send that authorization next thing happening the car says sorry you're not on the list it's like a bouncer at the disco right and the phone would go ahead and say show me the guest list I'm sure I'm on there and the bouncer would go see it's an almost empty guest list you're not there and then the phone is convinced and says right I dropped the key and I say goodbye I don't bother you anymore and that's how the key drop attack works users locked out would have to use the NFC card in order to get back into the car which opens that window of that authorization attack where attackers could put their key in the car right again it's like a little tricky so be careful when having like issues like that but turned out that the key that was stored in the device in your phone was not really deleted so it was dropped but it was not really deleted that means next time you talk to the car it would be clear in a short time that the car knows the key and your phone still knows the key so it's kind of a soft restoration and not a full key enrollment so again this could be attacked by oh there's a small demo I will skip that this just shows how the tool works in order to drop the key of a car put it easy here with the evil bit this is not anymore in the current version so it's like a little different naming there but you see how you present that car with that almost empty guest list in a way and the phone just disconnects so but there's a new attack as well and that's new for this conference here it's the crypto counter confusion attack and the thing is that you cannot only tell the phone that you're not on the guest list sorry you could also say well that crypto counter you used is a little bit smaller than expected I could make up an analogy story for that shorter than smaller than expected I don't do that so the phone key will ask and when you tell it right so this crypto value is too little too small because it's not allowed to roll back that counter for a reason and Tesla is really strict with that and does not allow the crypto counter to be lower than last time because of replay attacks and of course there's also confusion going on so the phone app will ask the car so all right it's smaller value as you expected so what is the value that I should use in order to send you signed messages and the phone, the vehicle or the fake vehicle would say well how about 4.2 billion and that works right you can set all the 32 bit value to the maximum and that is putting also some trouble onto the owners because as you know the key is not deleted even when you say in the app all right I delete the key, re-enroll it it's still in there and the counter is still that high so usually the owner would have to reinstall the app in order to get rid of that old key and being able to enroll a new key for that same car and if you combine that with the key drop attack this is even faster so it really is a mess at the moment so the state model of the car just do not play very well with that and it's funny to have seen that the iOS app allows a maximum value of 4.29 and unsigned in 32 but the Android app is using a signed in for that verification so just half of the value is allowed as a maximum value to tell the phone to be using the next time and what's happening if it's at the highest value so the counter cannot be increased anymore so the phone is no longer able to send signed messages it's pretty much useless for that purpose but if you have, if you really reinstall the app reinstall that, have a new key enrolled with the white listing process of course you expose yourself there again but also if there's two devices with the exact same name which usually doesn't happen in Teslas when you enroll keys I observed that every time I unlocked the car with my new key which has the same name there seems to be some security mechanism to be kicking in because what the car then does is for some reason it asks me to tap my NFC card on the B-pillar in order to drive there you go, key injection again so this is opening up again that vector that every time the owner gets in the car and wants to drive has to tap the NFC card the attacker could enroll a new key again so this is not good in a way and this is another example for a message here it's when the car wants to know like about the current counter value so where the temporary tool would say it's like 4.2 billion what else does it tell you? it tells you about the token which is used for that passive entry a passive entry thing so as said earlier passive entry is relying on a challenge response scheme so it would ask for authorization at the car the car would then reply back with the correct counter number and also with the challenge which is in the token here built into the answer so that means whenever the car asks me to do the passive entry the phone would use that, encrypt the answer so there you go, challenge response and of course this relies or this process relies not only on the counter being increasing but also about the token being changed very often because once this token is not changing you can just take that and be offline and be the evil car again and ask the car for authorization responses and that's what the authorization replay attack or authorization response extraction attack does it's just that so you get that token from the vehicle and then you go to a restaurant wherever this owner sits or in the airport and you ask and you just pretend to be the car again and you keep asking the phone for authorization responses with that token that you have in the car because it turned out it doesn't change over days so it's really a long time same token pretty bad and then what you do you collect these authorization responses via the temporary tool a temporary tool and then you dispense it with the temporary tool both these tools are on GitHub by the way so that's how easy that would work and that's been it for the new attacks and of course there's some tools and resources on GitHub during the talk I was mentioning the VCSEC archive a collection of all the protocols extracted so far there's like the temporary tool where you temporarily impersonate a tester and do like stuff like the key drop attack and the crypto counter attack and you can also see like the message you receive encoded like to human readable form so it's pretty neat maybe if you need help just contact me and of course the other side the VCSEC client would be the temporary tool and you use that in order to send messages to the car that you craft yourself there's also some authorization collection mode implemented in the newest version we just dump the authorization responses to a file that you or that you read from a file and just dispense them from there and there's this VCSEC archive which also comes with a decode script that help you read the messages that you receive and there's also that tool which is basically a wrapper for the API that I made public on Rapid API where you can put these eight hacks encoded bytes to and it would spit out a win maybe also the model for sure but the win is a premium feature and last but not least there is an app which is planned I plan to program that it's like 80% ready it's called Tesla key and it doesn't talk to strangers because root of all evil if you may agree or not is that the official app talks to anybody also at moments when this is not even possible so like why should my phone open the car when I'm not even close to it question number one question number two why should it that be at three o'clock in the morning when my phone is on the charger and in the home network or why should it talk back to a legit car when it's when it's booked into the office network so like a lot of possibilities key checks which are pretty easy to implement actually and these will be part of the Tesla key app which you can follow on Twitter in order to get informed so it's still I think I put some much pressure on me saying that this is released in Q3 of 2022 but I'm not losing the hope right so conclusions relay attacks are possible NFC key cards are dangerous and the app should be improved in many many parts right and also the VCSEC does not stand for Vehicle Control Security as many and I did assume I was hoping it stands for security it stands for Vehicle Control Secondary which explains a lot by the way and again we see that here in that use case also convenience like the 132nd counter the inability to switch off the permanent ID things like that are like really bad for security again so you might ask yourself so we were talking about the NFC card and also the phone as a key what about the key far so the key far was a little bit special I found out I got one as said but it's not talking to me so I don't know what I'm doing wrong I'm always nice I'm getting I got it a new battery even and doesn't really want to talk to me but I'm on that and working on that also some credits there is very similar work by a guy called Lex in Ireland big credit to him because we got in touch and turns out he's an amazing guy also to the maker of Gattaker Sandeep who did the Noble Blino framework which Gattak is using and also to Josh Belder who helped me with knowing about that remote drive in the command that makes the pin to drive dialogue disappear so you might think well I got that implant in my hand for starting my car is it too late and the answer is no it's not too late you can chop off your hand anytime or you just know the protocol and delete it from the white list right also possible whatever convenes so thanks for your attention I think we have like three minutes left for Q&A and also here there's a lot of links that you can follow in order to see the slides to to get in touch with me to fund my research on Patreon all there thanks very much for your attention we actually got four minutes for Q&A so please queue up at the microphones in the middle if you keep your questions short and the answers as well we can fit everybody in and I think there's also a little surprise maybe for for quick and short questions there might be a surprise in it for you so please usually I have motor balls with me but it's too hot for that now there's stickers Tesla radar stickers and every questioner gets one and you also find them on the sticker table so if you don't want to ask a question all right questions please don't be afraid all right so maybe we have some time for demo no just kidding thanks for the talk a short question can you make a very easy automation that just turns off your Bluetooth when it's on the charger and it's after a certain time and turns it on again automatically in the morning that would mitigate a whole lot with a whole lot of that effort it would be possible to mitigate a lot but usually people are really used to using Bluetooth because of the smartwatch they have things like that it would be inconvenient to disable Bluetooth and for everything what I would like to see is a little switch in the app right temporarily disabled that would help a lot as well it is what I do my Bluetooth turns off at 10 o'clock at night and on again at 7 in the morning makes a lot of sense have your sticker it's a special one I sign it for you later all right any more questions there's one more please close to the microphone first of all great talk did you take a look at the implementation of BLE and especially the proximity implementation of the protocol itself yes actually they is still on there this is an interesting message I because there was too many messages in the presentation already so this is about an alert that you get or that I got when the signal strength or the proximity was wrong the readout for all the sensors was too high actually this is not the there you go so we have an alert there and it shows that the readout of all the RSS eyes was too high for this to be a real unlock event so there's something to it but I think it's not security related it's just for the upcoming roadster that does not have door handles anymore so you get there with your key and the right door opens I think that's what this is for and this was just a confusion that turned out to be generating that alert so there is something about proximity maybe we talk about later a little bit more if you like I will be around yeah sure yeah I read somewhere online that the BLE implementation was it would also be a good mitigation I'm able to fit the last one in if it's a short question and a short answer I will try my best I have two short questions don't they use measurements of time to reply to mitigate replay attack and the modern car keys use an accelerometer so if you don't have your car moving your key moving it doesn't work can they two very good questions I do my best to be really short in the answer the first question is like time of flight how long is the delay Tesla and the protocol is very generous with that so it's like about more than 100 milliseconds maybe 200 in order to also have like old phones being able to play the game right they have to be really generous there and that also played out very well with using a VPN which also introduces delay second question was ah what was that can't we disable the unlocking if we don't detect the oh the movement so it's in the protocol already so the phone may tell the car well I've been moving so I have movement good the car would then decide whether it would allow unlock but the thing is this message from the phone I'm moving is an unsigned message so you can inject that and the overall decision is taken by the car right so it's like a stupid approach again and on that bombshell I will end this talk please give a very warm applause to Martin Hefford