The Synacktiv team wins $100,000 and a Model 3 at Pwn2Own
@thezdi (Edited by NATA)
Tesla returned as a sponsor at the Pwn2Own 2023 event, offering cash prizes and cars to white-hat hackers who could uncover security vulnerabilities in their vehicles. The Synacktiv team, a security company based in France, took up the challenge, which successfully hacked a Tesla Model 3, earning them $100,000 and the vehicle as a prize.
Tesla Takes Cybersecurity Seriously at Pwn2Own Event
The annual Pwn2Own hacker contest is known for its high stakes, and Tesla's involvement in the event demonstrates the company's commitment to cybersecurity. This year, the electric vehicle (EV) manufacturer brought a Model 3 and a Model S as targets for hackers. Tesla offered a top prize of $600,000 plus the car to any individual or team who could display a complex exploit chain leading to a complete vehicle compromise.
Synacktiv Demonstrates Complex Exploit, Earning Top Prize
The Synacktiv team rose to the challenge, executing a Time of Check to Time of Use (TOCTOU) attack against the Tesla Energy Gateway. This type of cybersecurity vulnerability occurs when an attacker exploits the small-time window between a resource's check and use, allowing unauthorized access or modification of the resource during that brief period.
This is the second year in a row that Synacktiv has successfully demonstrated an exploit in a Tesla Model 3 at the Pwn2Own event. Last year, they managed to exploit the vehicle's infotainment system, but the complexity of the hack was not enough to win the car. This year, however, their successful TOCTOU attack earned them $100,000 and the Model 3 and 10 Master of Pwn points.
Event Highlights Vehicle Security in a Connected World
Tesla's participation in Pwn2Own highlights the importance of vehicle security as EVs become more connected and sophisticated. As technology advances, so does the need for robust security measures to protect drivers, passengers, and cars from potential cyberattacks.
Tesla recently released how the company collects and uses information about its owners and drivers. It also instructed owners on how to get information the company has and how to delete it.
By inviting white-hat hackers to test their vehicles' security systems, Tesla can gather valuable information about potential vulnerabilities and develop stronger defenses for their cars. This proactive approach to cybersecurity sets a positive example for the automotive industry and demonstrates Tesla's commitment to maintaining the highest level of safety for its customers.
Subscribe
Subscribe to our newsletter to stay up to date on the latest Tesla news, upcoming features and software updates.
In Tesla’s upcoming update, 2024.32.3, Tesla has added hands-free support for opening the vehicle’s frunk. This follows the Spring Update (2024.14), which added Hands-Free Trunk support for certain vehicles.
When hands-free trunk support was added earlier this year, it was supported on vehicles that include an ultra wideband chip, which includes the refresh Model S, new Model X, and the 2024 Model 3. Due to the hardware requirement, these will be the same vehicles that support the new Hands-Free Frunk feature. Legacy vehicles without UWB will unfortunately not support either feature due to the hardware requirement. UWB enables far more accurate tracking of the phone key, allowing Tesla to pinpoint its exact location relative to the vehicle.
The Cybertruck interestingly also includes an ultra wideband chip, however, it didn’t include the automatic opening of the gate earlier this year. However, we expect the Cybertruck to also receive the hands-free frunk opening in this 2024.32.3 update or relatively soon afterward.
Update: The Cybertruck is receiving hands-free frunk support in the 2024.32 update as well.
Hands-Free Frunk
The Hands-Free Frunk works similarly to the trunk feature – with an iPhone 11+ and a recent version of the app, you’ll be able to stand in front of your vehicle, and the Frunk will unlatch after sounding a chime. On some vehicles, the frunk will immediately open after being unlatched, however, you’ll need to manually close it.
This new feature isn’t enabled by default – you’ll need to go to Settings > Locks > Hands-Free Frunk to enable it.
At this time, Tesla doesn’t support UWB on Android devices, though both the Hands-Free Trunk and Hands-Free Frunk support will come to Android users in a future app update, according to Tesla.
Exclude Home
With the addition of the hands-free frunk opening, Tesla has also added a new option. You can now choose to disable the automatic opening when your vehicle is located at home to prevent you from accidentally opening. This will apply to the automatic frunk and trunk. In addition, in the Model X, you’ll also be able to disable the self-presenting doors at home. This is a great addition as many people have kept the hands-free feature disabled due to it awkwardly opening in the garage.
In the 2024.32.3 update, Tesla also mentions that they’ve improved the detection of the phone key, which should make the feature more reliable and faster when approaching the vehicle from the front or rear.
Following its recent launch in the United States and Canada, Tesla has launched their referral program in several European countries as well.
The program is available in Germany, Norway, France, the Netherlands, the United Kingdom and possibly others. The program is almost the same as the one available today in North America, with rewards for each referral and a discount for those referred. The cap in Europe is also ten per year.
This program comes right on the heels of a 0% financing offer for the Model Y in Sweden and France. While referrals aren't currently available in Sweden, the 0% financing still is.
European Referrals
The European Referral program accounts for country and local currency, where applicable.
Country
Referral Discount
Referral Award
UK
£1,000
£500
Germany, France, Netherlands
€1,000
€500
Norway
kr11,500
kr5,750
The referral reward program is comparable to the one available in North America. After exchange rates, there is only an approximately 10% difference between the available rewards in the US and EU.
Other Countries
We expect this program to start rolling out to other European countries over the next few days or weeks, as Tesla continues to expand its referral program.
TeslaFi logs your drives and charging sessions, letting you keep a log of your vehice's activity. We highly recommend checking them out if you use your car for business trips and would like to keep track of reimbursements, if you like to see how much you spend on charging or if you just love statistics. Visit their site and see everything they have to offer!
Tesla Android Project enables you to run Android apps in your Tesla. The platform is Open Source and you can deploy it on your own Raspberry Pi 4. Consider supporting the initiative by donating or purchasing the Compute Module 4 Bundle that delivers the best experience. Get $20 off by using the code: NotATeslaApp
The official Tesla app only notifies you if your car is broken into. By installing Sentry Pro on your phone, you will be notified for all Sentry Mode events. Stay connected and avoid potential surprises by receiving notifications. Stop constantly checking the cameras to ensure safety. Check only when necessary, save battery and get peace of mind. Get a 7 day free trial here!
Stay organized, connected, and stylish with Cyberbackpack — the #1 backpack, luggage & travel accessories for Tesla owners. We highly recommend checking them out if you commute or travel and would like a backpack or luggage that is sleek, secure and durable. View their products page and see everything they have to offer!
Enhance Auto’s innovative products elevate your Tesla experience. The customizable S3XY Buttons and Knob offer seamless control over vehicle features with a simple press or turn. Visit enhauto.com to explore their full range of products and transform your driving experience today!
Find out how to become a sponsor and have your site listed here.
Although we share official Tesla release notes, we are not affiliated with Tesla Motors. We are Tesla fans and supporters.
![Andrej Karpathy considers returning to Tesla to work on Optimus [video]](https://www.notateslaapp.com/images/news/2022/karpathy-podcast_300w.jpg)
_300w.png)
![Tesla Releases 'Actually Smart Summon': Features & Videos [Now Includes HW3]](https://www.notateslaapp.com/img/containers/article_images/tesla-app/summon-cameras-2.jpg/a85cd5483d822a2c8b2faa672ef34a55/summon-cameras-2.jpg)
![Elon talks about Twitter and job cuts at Bloomberg forum [video]](https://www.notateslaapp.com/images/news/2022/elon-musk-qatar-forum_300w.jpg)
