• Aurenkin@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    34
    ·
    5 months ago

    If you have a Tesla and you’re worried about this it’s probably worth enabling pin to drive. Not sure about all the other brands that are impacted but hopefully they have a similar feature.

    • partial_accumen@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      5 months ago

      Couldn’t a Model 3/Y owner also just disable the phonekey and use the NFC cards? NFC only broadcasts a few inches right? I would think that would be VERY hard for a malicious actor to capture with relay/replay attack.

      Following that, is it possible to use the Phonekey only in NFC mode or is it always broadcasting on Bluetooth LE and NFC?

      • digdug@kbin.social
        link
        fedilink
        arrow-up
        11
        ·
        edit-2
        5 months ago

        I just tried this a couple different ways:

        1. Removing permission for “nearby devices” - this unfortunately appears to block both Bluetooth and NFC permission
        2. Turning off the phone’s Bluetooth - NFC still works while the Bluetooth radio is off, but you’d basically never be able to safely use Bluetooth anytime you aren’t watching your car. Setting a PIN is still unfortunately the only way to go, and hope that a dedicated attacker doesn’t also find a way to capture your PIN (e.g. camera zoomed in on your screen).
        • partial_accumen@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          5 months ago

          So we’d need Tesla to push a software change in the app with an option to turn off the Bluetooth LE signal, but leave the NFC on to continue to use Phonekey safely.

          I guess the only safe alternative is using the NFC cards.