Security News > 2022 > June > Hacking Tesla’s Remote Key Cards
Martin Herfurt, a security researcher in Austria, quickly noticed something odd about the new feature: Not only did it allow the car to automatically start within 130 seconds of being unlocked with the NFC card, but it also put the car in a state to accept entirely new keyswith no authentication required and zero indication given by the in-car display.
"The authorization given in the 130-second interval is too general [it's] not only for drive," Herfurt said in an online interview.
"This timer has been introduced by Tesla in order to make the use of the NFC card as a primary means of using the car more convenient. What should happen is that the car can be started and driven without the user having to use the key card a second time. The problem: within the 130-second period, not only the driving of the car is authorized, but also the [enrolling] of a new key."
News URL
https://www.schneier.com/blog/archives/2022/06/hacking-teslas-remote-key-cards.html