In a disappointing revelation for Tesla owners, researchers from Beijing-based automotive cybersecurity firm GoGoByte have found that ultra-wideband radio technology, which was expected to prevent relay attacks on cars, is ineffective in safeguarding Tesla vehicles. Relay attacks, a method used to steal cars in a matter of seconds, involve tricking a car's keyless entry system into unlocking the vehicle by relaying signals from the owner's key fob or smartphone.

Despite Tesla's implementation of ultra-wideband communications in their keyless entry systems, researchers at GoGoByte successfully carried out a relay attack on the latest Tesla Model 3. They were able to unlock the car using less than a hundred dollars worth of radio equipment, rendering the ultra-wideband upgrade ineffective. This means that a radio hacker could potentially start a Tesla Model 3 and drive it away within seconds, unless the owner has activated Tesla's optional PIN-to-drive feature, which requires a four-digit code for starting the vehicle.

Jun Li, the founder of GoGoByte, emphasizes the importance of Tesla owners turning on the PIN safeguard, debunking any belief that the ultra-wideband upgrade would protect their vehicles. Li warns the public that merely having ultra-wideband enabled does not guarantee vehicle security and that relay attacks can still be carried out, making it feel like "the good old days for the thieves."

Relay attacks work by exploiting the proximity detection feature in a car's keyless entry system, making the car believe that the owner's key fob or smartphone is in its vicinity. The hacker's device is used to relay signals from the owner's key or phone, tricking the car into unlocking. This attack can be executed by placing radio devices near both the key and the targeted car, allowing thieves to steal a vehicle parked within range.

The prevalence of relay attacks has led some car owners to resort to keeping their keys in Faraday bags or even storing them in the freezer to block radio signals. Security researchers have long recommended that car manufacturers develop keyless entry systems that more accurately measure the timing between the key fob or phone signal and the car reception, preventing relay attacks. Ultra-wideband communications appeared to be the long-awaited solution, offering precise distance measurement capabilities.

However, when the GoGoByte researchers tested the ultra-wideband feature, they found that Tesla Model 3 vehicles still remained vulnerable to relay attacks, despite using ultra-wideband communication technology. It seems that Tesla's implementation does not utilize ultra-wideband for distance checks, leaving the vehicles susceptible to theft.

Tesla has yet to respond to queries regarding these findings. Nevertheless, when GoGoByte shared their results with Tesla, the company's product security team acknowledged the vulnerability and stated that UWB ranging would be enforced once reliability improvements are complete. This implies that Tesla is aware of the issue and is working towards resolving it by leveraging their over-the-air update capabilities.

It is important to note that Tesla is not the only automaker facing this issue. The researchers discovered that two other car manufacturers, who also integrated ultra-wideband communications in their keys, are susceptible to relay attacks. One company even neglected to develop the software required to implement ultra-wideband communications, despite having the hardware support.

The vulnerability of Teslas to relay attacks raises concerns despite the cars' default GPS tracking system, which has reduced the overall theft rate. However, some organized theft rings have still targeted Teslas, using relay attacks to steal and sell the vehicles for parts.

In conclusion, Tesla owners are advised to activate the PIN-to-drive feature on their vehicles to prevent relay attacks until Tesla addresses the issue. While Tesla has the capability to fix the vulnerability, it is crucial for the public to be aware of the situation and take necessary precautions to protect their vehicles from theft.