Tesla founder Elon Musk — who is involved in a lawsuit tangentially related to Grimes, Azealia Banks, and 420 jokes — just released a rap song about dead gorilla Harambe on Soundcloud, probably as an April Fools’ Day prank, and yes, this is the weirdest sentence I’ve typed lately. But rap songs about ancient dank memes coming from the founder of Tesla isn’t the news Tesla executives should be worrying about right now. Researchers have just uncovered three security flaws — two of them potentially deadly — in Tesla automobiles.
Tencent Keen Security Lab successfully executed two serious attacks on Tesla firmware, one of which allowed them to take control of the steering wheel and another which could make the autopilot veer the car into oncoming traffic. The former attack allowed them to control the steering wheel when the car was either in park or traveling at a high speed with the cruise control on. If the car wasn’t parked or on cruise control at a high speed, they were only able to override the steering function if the car had recently shifted from reverse to drive and was traveling at a speed up to 8km/h (5 mph).
The second attack, which tricks the autopilot into crossing the center line, utilizes a flaw of recurrent neural networks we’ve discussed before. The researchers used adversarial examples (such as a sticker with high salience that monopolizes the neural network’s attention) to attack the car’s lane-detection systems. Small stickers they placed in the road fooled the autopilot regarding the location of the lane, moving the car into the oncoming lane.
The researchers informed Tesla of both attacks before publishing their report, and it should be noted Tesla claims they’ve already fixed both flaws with recent security patches.
In other news, researcher GreenTheOnly has uncovered that “Crashed Tesla vehicles, sold at junk yards and auctions, contain deeply personal and unencrypted data including info from drivers’ paired mobile devices, and video showing what happened just before the accident,” reports CNBC. Tesla Model S, Model X, and Model 3 vehicles were found to be potentially exposing private data. Perhaps ironically, if a Tesla owner wants to access their own event data recorder for legal or insurance reasons, they have to buy proprietary cables that cost nearly $1,000.
To be fair to Tesla, any make or model of car incorporating neural networks could potentially be tricked in the same way, and any cars that pair with smartphones — especially rental cars — could pose a privacy risk. This is all so depressing; can’t we just go back to the days (yesterday) of making fun of Elon Musk’s Harambe rap?