Unpatchable AMD Chip Flaw Unlocks Paid Tesla Feature Upgrades

For example, 2021 Model 3 SR+ vehicles can enable the Cold Weather Feature (heated steering wheel, heated rear seats) for an extra $300. This feature unlock is confirmed to work with the exploit.

So like cucks people were paying for something that their car already had offline, both hardware- and software-wise.

If all electric cars are just going to be subscription bullshit, I'm sorry, I won't be driving electric.

Common AMD W

Cool! Now work on exploits for those paywalled features of BMW cars and Ford cars.

If you pay for something it's yours by right. You should be able to use the entire thing, because you physically have it now.

Unpatchable

Good to hear

Good. Fuck Elon.

Good. There should be no such thing as unserviced features that are physically present in a product and locked out against its owner. Not in cars or anything.

Next we will see tesla bricking cars were users have done this

More E-waste!

A subscription for hardware is such bullshit, I hope this trend dies.

This is the best summary I could come up with:

Utilizing multiple connections to the power supply, BIOS SPI chip, and SVI2 bus, the researchers performed a voltage fault injection attack on the MCU-Z's Platform Security Processor.

"They allow an attacker to decrypt the encrypted NVMe storage and access private user data such as the phonebook, calendar entries, etc."

"Hacking the embedded car computer could allow users to unlock these features without paying," the TU Berlin researchers add.

In an email to Tom's Hardware, one of the researchers clarified that not all Tesla software upgrades are accessible, so it remains to be seen if those premium options will also be ripe for picking.

Another consequence is that the exploit can "extract an otherwise vehicle-unique hardware-bound RSA key used to authenticate and authorize a car in Tesla's internal service network."

The TU Berlin team (consisting of PhD students Christian Werling, Niclas Kühnapfel, and Hans Niklas Jacob, along with security researcher Oleg Drokin) will present their findings next week (August 9) at the Blackhat conference in Las Vegas, where we hope to hear more about all the feature upgrades that are accessible.

I'm a bot and I'm open source!

Nice anti-AMD framing so shortly after that latest Zen2 vulnerability.

Id like to imagine that the coder did this on person as a fuck u.

Literally stealing the food from the plates of those hard-working millionaires/billionaires (if you ask them). How will they ever continue to float to the top of the net worth leaderboard now?

https://www.youtube.com/watch?v=PWQL_XORalY

The title seems much more interesting than it is. I doubt most people have the ability to perform this type of exploit. It would be more interesting if a group would charge X to unlock it for you.

Oh no! Anyways...

They should publish that private key 🤣

I see MusX stopping people's car in the middle of the highway when they found out.

@autotldr@lemmings.world

Not a flaw, it's a feature developed just for tesla.