which is played by the phone), the potential malicious entity will have prolonged access to the
functionality even after returning the phone.
Yet again, the risk posed to owners is due to the reliance on traditional username and
password credentials, which are likely to rely upon validated session tokens such as these so
that users don’t have to enter their passwords every time they launch the iPhone app.
One simple and elegant way to improve this situation would be for Tesla and other car
manufacturers to leverage built-in authentication and authorization functionality in operating
systems such as Apple’s iOS. The Touch ID fingerprint sensor in the most recent iPhone
models securely saves partial fingerprint data that can be easily and quickly verified, and
Apple has opened up the use of the Touch ID API to third-party developers. Tesla can and
should use this framework to further protect the security of its owners by requiring the use of
Touch ID for critical use cases such as unlocking and starting the car.
Additional Information and Potential Low-Hanging Fruit
We know that the Model S maintains a 3G connection to the Tesla infrastructure. The car can
also hop onto a local WiFi network, which makes it easier for attackers to intercept the net-
work traffic that is traveling outbound from the car to Tesla. As shown in Figure 6-12, the
OpenVPN protocol is used to encrypt network traffic between the car and the Tesla servers.
FIGURE 6-12. Network capture of outbound connection from Tesla Model S on WiFi
CHAPTER 6: CONNECTED CAR SECURITY ANALYSIS—FROM GAS TO FULLY(^182) ELECTRIC