160 comments

[ 3.4 ms ] story [ 203 ms ] thread
At what point will we finally come to the understanding that "Disable all antennas/basebands" feature is sorely needed?
While I fully share your concern, it is worth noting that no Tesla so far has been stolen using techniques like this one. But many cars have been stolen just by tampering with the lock.

As a nascent technology for cars as is this one, it is expected to have some flaws. I imagine that when locks were designed they were not the securest thing in world to protect your stuff.

Of course we can do better in terms of security, there is always room to improve. It looks like there is a great flaw here that could get a fix, but I would not dismiss this technology just because of this.

Where there is a lock there will always be a key.

Losing a car isn't exactly my concern. You can do many other things with the ability to inject code into car computers.
What would happen if someone tampers with your brakes one night that you park in the street? Or with your assisting driving system?

I think we have to ultimately put our faith into the fact that other people do not want to get us killed.

> I think we have to ultimately put our faith into the fact that other people do not want to get us killed.

That’s how the roads operate in general. Someone could easily swerve into your lane and cause a head on collision at any time. Or in the case that they only have a desire to harm others there are nearly limitless possibilities to what someone could do to the shared roads. Most of the time I’m shocked that driving is as safe as it is really.

One would hope that brakes, driving system, and other critical functions are firewalled off from the keyless entry system. Perhaps you were speaking about a more general, purely hypothetical attack vector?
Is there any car on the road today that doesn't use hydraulic brakes? Sure the braking force is boosted by a pump, but even in the event of total electrical failure, pressing the brake pedal will push fluid through hydraulic lines and engage the calipers.
Nobody does that crap though. Vengeful exes don't have the means. People with the means leverage it to make money.
Failing to check the signature on the firmware is not some tricky logic bug. It is a simple oversight that should have been caught by routine automated testing. This shows they do not have even minimal QA controls in place.

Also, as GP mentioned, a physical switch that disables Bluetooth on the key fob when the owner isn't actively using it would make this attack much harder.

As cars become more like IoT devices on wheels, these nascent technologies would lead to more security issues than a simple key lock mechanism. Just imagine getting locked into a car with glass you can't break (like in cybertruck) and getting asked to pay a ransom to get it unlocked.
> Just imagine getting locked into a car with glass you can't break (like in cybertruck) and getting asked to pay a ransom to get it unlocked.

If there is no threat of force, just wait the attacker out.

If there is a threat of force (for example, the attacker has a gun), then you would have been just as bad off without some crazy movie-plot attack involving your door locks.

> no Tesla so far has been stolen using techniques like this

Maybe they were, we don't actually know.

That's true, since the attack lets someone sync their own key fob to any Tesla, they could have been taken for joyrides without the owner necessarily noticing.
Wrong on multiple levels.

1. If someone synced a new keyfob or phone to their Tesla, it would show up on the owner's phone as a new car key added + it would also show up in the car menu.

2. They could've taken it for joyrides, but there is no way the owner wouldn't notice. The current car position is always updated in the app, the range it was driven is updated in the car, and the charge consumption is easy to display. It would be weird to see that the car is driving miles and miles without me operating it. And that's not even mentioning all the other "normal" things that would be noticeable, like charge levels being off, car positioning, etc.

Cars need flight mode .. but it should be called something else. Perhaps tunnel mode? :)
Quite some time ago, Tesla introduced the "pin to drive" feature, where you can set up a pin required to drive the car. So thieves might get into the car but without the pin, they can't drive even in the presence of the correct keys.
,,Tesla has released an over-the-air software update to mitigate these issues.''

What matters to me is that Tesla is responsive, unlike many other companies that we know of.

What matters to me is that this shouldn't be physically possible. I don't want a car that can be stolen using Bluetooth.
Then prepare for disappointment as most other car manufacturers move to this "phone key" interface. As a Tesla owner, it's incredibly convenient and I still think it's more secure than the old-school key model. Hell, wireless fobs have a history riddled with security holes and easy hacks.
If your car gets stolen can you call Tesla and have them shut it down?
Yes. Or, even better, I can do it myself via the app or website.
What happens if the person is driving at high speed when the signal comes to shut the car down? Does it only take effect when they park? Do they get a warning before parking that the car will shut down when they do?
I don't know the answer but with Autopilot or FSD it's possible that the car could safely slow down and park itself.
No, it can not safely do that.
(comment deleted)
The same thing that happens to an gas car your car would lose power and you would roll to a stop. This actually happened to me on my motorcycle I was going high speed on a windy road and just had passed 2 cars and moved in front of them and my engine died. It’s not fun but shutting the car off at any moment should be no different then any car breaking down.
It happens, I mean I've stupidly run out of fuel on the highway before. I think this is something that should be practiced at least once while taking driving lessons (like how you practice emergency braking and evasion on a motorbike)
Tesla (at least M3s) cannot be remotely disabled when driving. But the owner can make life seriously problematic for the thieves; the car' location is tracked down to the meter, the horn and windows and sometimes music can be remotely controlled, along with the climate controls. So the thieves will have a very unpleasant ride culminating in a police event if they choose to continue. Disabling the remote access from inside the car requires authentication.
I'm sure professional thieves would know how to disable the GPS tracker quick enough.

I had a colleague of mine whose BMW was broken into at night. He woke up to police in front of his house (called by BMW's own alert system), there's an atmospheric pressure sensor inside the car and everything.

No sign of the thieves, so he booked an appointment to have the window fixed and didn't think much of it. But then he realized the side panel (in the door column? the column between the front and rear doors) was tweaked over a bit.

The thieves had gone in and cut the cable tree going to the roof of the car, which contains amongst other things the antenna and connection to BMW's alert service. Their plan was to come in the one night, disappear, hope the victim didn't notice that (and the garage doesn't check for it), and come in to steal it for real the next day, or maybe even the same night after the police has gone again.

That's a remarkable amount of work to steal the car. Probably they tried to steal it right then and there, thieves don't like to return to a crime scene.

For Tesla, if they really want they could pry open the frunk and remove the 12V power from the low-voltage battery, then winch the car onto a flatbed. That would disable the GPS tracking and allow access to make money parting out the car. Although not the motors, which are locked to the VCSEC and the owner's configured keys, and bypassing that is still an open problem AFAIK.

A week ago I learned how hard it is to sell a used iPhone. A factory reset isn’t enough. I got $500 cash from some kid, he contacted me saying he couldn’t log in, and I then spent hours googling “how to sell used iPhone” and communicating via google translate what he was seeing. That was fun. It turned out I needed to wipe the data using iCloud and then remove the device from my account. I wonder how involved selling a used Tesla will become.
The only thing you need to do before selling an iPhone (or iPad) is go into Settings->General->Reset->Erase All Contents and Settings. This will prompt you for your iCloud password and remove the iCloud lock and wipe the device. Source: sold at least a dozen iPhones and iPads since iCloud lock has been a thing.
(comment deleted)
Probably best you don't look into the security of other manufacturer's keyless entry systems...

Many people refer to it as "relay theft" since historically it's often just a matter of relaying/repeating a signal - there may be no real authentication involved.

Around physical security, I'm often reminded that "locks are for honest thieves".

My car unlocks keyless, but needs a key and immobilizer chip to be present to drive.

Anyone can break a window to steal your stuff, getting a duplicate immobilizer chip is hard and usually requires an inside man in a dealer network.

My car allows remote lock but has no feature to unlock via the app at all. And in addition the key has to be present inside the car to drive.
If they can boost the signal of the key, then it would appear that the key is in the car. The car is unlikely to stop if the key signal is lost due to safety concerns.
Would triangulation solve at least the signal boost part of the equation? A car thief would have a heck of a time trying to violate the laws of physics to trick that, no?
No need to triangulate, just measure round-trip time.
Ooh, interesting. Wouldn't that be an extremely short time to measure? It would need to compare <1m response time vs <10m? I would imagine that having an accurate time chip for that short duration would be quite expensive? I have no idea though. I'd be interested to know more
(as in 1meter rather than 1min!)
You won't be driving a stolen car very far if you have to stay within 10 meters of the owner & their keyfob/phone. Accuracy of <200 meters would already eliminate the idea of being able to drive away with a stolen car by just boosting the keyfob signal.

And modern cars absolutely know how to switch safely to a "limp mode" that lets you pull over safely.

> getting a duplicate immobilizer chip is hard and usually requires an inside man in a dealer network

Unless you talk to the car's ECUs over the diagnostic port and read out the secret values for creating a duplicate or outright patch out the immobilizer check in the firmware. There's usually no auth on this and it's just obscurity, which I expect to already be broken and exploited by tools available on the black market.

If you have access to the car's diagnostic port you already have the physical access required to steal the car...
Which is the point. Getting inside the car does not require the immobilizer chip, so being able to get inside is really all that's required... assuming you can use the diag port to bypass the immobilizer. The immobilizer doesn't actually do much to a savvy criminal.
Immobilizer chip is probably only required to start driving.

I can't imagine any car would stop if it lost signal with immobilizer chip- that would be a safety problem. That is how relay attacks work- signal is required only for a brief period.

Luckily my Toyota has an option to disable this remote proximity bullshit all together. I need to press button on the keys to unlock the car, and I need to put the keys on the start button to get it to start the engine.
> the keys on the start button to get it to start the engine

So it's wireless... So someone can still use a relay attack to send the signal from the start button to the keys hanging up by your front door...

It works only short-while after pressing the button. If I take too much time setting my stuff in the car I need to press the unlock button again to "wake up" the keys in order for it to work. So I believe it should be good enough against relay attack.
Anyone remember the days when you used to put the key in the ignition?
I remember my father having a car like that :D
Yeah, this is exactly why I'll be buying used pretty much forever. Don't trust self-driving anything, don't trust wireless/remote start, don't trust half-baked services like OnStar... if it gets to the point where ICEs are outright illegal, then I'd sooner convert an old beat-up Tacoma or 4Runner to an electric drivetrain than buy new.

The only exception is if I have full control over it, including the ability to lock it down. No OTA updates; if I want to install security patches, it'll be through Ethernet or USB or some other wired connection. But preferably, there wouldn't be a whole lot of software to update in the first place.

Yep, and I also remember someone still managed to steal our car. Different times, different methods.
I had a 1997 Micra about a decade ago, lost the key. Had someone come out, they could get in easily enough, but couldn't get it started without the original key. Had to go to dealer to get one programmed.

That seems to me to be far more secure than a modern tesla.

There's far less chance of leaving your key in the car if you have to press the lock button on the fob after you get out -- done that on hire cars before. The key is always in the same place.

Conversely you can leave the key in the ignition if you're popping into the store to pay for the gas and leaving your passengers in the car. I had a keyless fob on another hire car in my pocket, alarm went off when I went into the store.

I don't get the appeal of keyless.

Note that this is _not_ a relay attack. This actually updates the firmware on the Key Fob, which allows you to bypass (for example) the old workaround of disabling the "walk up unlocking" to defeat relay attacks.

Many manufacturers have actually worked to improve wireless key security. Including Tesla. But this is a new class of attack on the key fob.

The proprietary RF systems other manufacturers use aren't likely to be any more secure. They're just less analyzed.

Keyless ignition is popular enough with consumers it's likely here to stay.

SDR is cheap too, less so for transmission, but still not expensive compared to the cars themselves.
I don't believe they're less analyzed; they're just less published about. Car theft is a big industry.

The last one I heard about was keyless entry systems being abused; thieves carry a briefcase-sized antenna around, amplifying and directing the signal from the car asking the key fob to unlock.

Of course, ideally they want to break into your house and grab the key.

I dunno. I have a 30 year old 4Runner. Any key from any Japanese car will start it. Or a screw driver.
Yeah people really overestimate the security of regular keys. The key of my 1985 Mazda would open about 10% of all 1985 Mazda cars. The lock of a standard US house door can be picked by a 9-year-old child in seconds (source: my 9-year-old child). They are superficial security measures.
US doors always allow unlocking from the inside (fire regulations?)...
I'm talking about from the outside. Anyone can learn to pick a mainstream US residential door lock, even Hollywood film style, with a paperclip, in seconds.
With or without a tension wrench?
Here's a (crop from a) photo of a small child who has just picked a front door lock with a bent paper clip and a small screwdriver for the tension. This was not an exercise; we were really locked out!

https://imgur.com/a/1leW6Ij

I’ve been in a similar situation and got in within seconds using an old credit card. The lock in the handle (as opposed to the deadbolt) of most home doors is basically worthless.
I've opened up the front door of our old house before (when I was like twelve? ish?) with a bit of wire I found in the shed; my parents didn't lock the door and the latch on the inside was hook-shaped, so getting in with a wire through the mail slot was pretty easy. I learned it on TV, a segment criticizing that exact type of lock, lol.
Yes, I have entered someone elses old Honda Civic with my key. Some of them look pretty much alike at first glance.
Why is that worse than being hot wired? Probably more people can hot wire a car than can steal it with Bluetooth.
Modern ignition systems are digital. From what I've been told its hard to hotwire modern cars.
No car since 1980 or before. You might be able to hot wire it to get it to run, but the steering wheel lock will stop you from driving it. In anything since around 2000 the key has a unique id running public key encryption to ensure that only paired keys work.

I believe most stolen cars are sent to a "chop shop". There are plenty of useful parts that can be sold. You don't need to start it or worry about someone tracing the vin if you just take untraceable parts off the car.

I think the implication is that software is easier than hot wiring or breaking a window.

This is the stance I take when I’m looking at replacing my door locks. I read reviews that talk about the super secure Schlege lock being picked easily and feel like there’s no recourse, until I remember a criminal is more likely to simply put a brick through a window to get in than pick the lock.

> Why is that worse than being hot wired?

When did I say that?

The implication was that the other ways to steal a car weren't deal breakers, but being able to steal the car via bluetooth was simply unacceptable. My question was why you didn't say "I won't buy a car that can be stolen", why does it matter what the method is?
(comment deleted)
A million products have features you don't like. You simply don't buy them. It's not like Tesla has a monopoly on the car market, or even the EV market.
When did the update happen? If this is what I think it is (the recent Linux bluetooth CVE) both my desktop and phone where patched against it over a month ago I think.
Partly true, although you would never have hacked my car with bluetooth...
Yes, because non-keyless cars are absolutely immune to theft?

I don't get this sort of argument because its just a new vector for a new form of convenience. Ideally there are multiple failsafes to prevent theft even in a keyless vehicle.

But even if a Tesla is stolen, I assume it is useless(x) to the thieve as it can be remotely disabled, or?

(x) useless as a car. It can be only used for spare parts and whatever is left unattended inside the car.

Maybe the thief can just tear out Tesla's backdoor cellular modem out of the car?

Or do we already live in a world where cars don't work without internet access?

The second obviously.

On serious side, Tesla definitely could implement a security check if it's rebooted and there is no network connection on startup. Obviously not when already driving.

Then you have an issue when you're in an area without good network coverage.
Elon says he is working on that
Maybe satellite internet...
I doubt Elon can do much to address a not-so-uncommon scenario when you park your car in an underground garage or elsewhere where layers of concrete just simply block any signal.
Or during any sort of natural disaster.
Teslas drive fine without Internet access, but many features of the car need data: Maps, Spotify, YouTube, Netflix, smart summon, locking/unlocking from outside of Bluetooth range, etc.

I don't think there's any Tesla feature that is deliberately gimped due to lack of Internet access.

I would hope not. There are plenty of places left where one can drive a car but not have Internet access.
Unless Tesla is pulling an Apple and individually assigning serial numbered parts to a specific vehicle for "maintenance tracking" (read: DRM and anti right-to-repair tactics)
All manufactures do this with their computers. Cars are stolen for parts, this way it is harder to sell parts.
There's still a ton of dumb hardware in a Tesla that is valuable (fenders, seats, glass, wheels, etc)
Then again, I'm not sure you can take the fenders off of a Tesla without destroying them. Aren't they glued on? I guess window glass would be something but that can have serial numbers on it.

Maybe the seats would be worth something or the wheels, but it doesn't seem to be worth it really. Besides, Tesla's are still pretty high end and most purchasers are not really looking for a $50 set of wheels.

The point is that if you tear down a Tesla there's plenty of parts that have a black market value. "But DRM!" is a silly refutation to the possibility of theft.
That would be a great deterrent for car-jacking.

"Ahh we can't service your car/accept it as a trade-in since it contains parts that were reported stolen".

Thanks to Tesla's comically terrible service parts availability a bricked and reported stolen Tesla is worth a lot more than a bricked and reported stolen car of any other brand.
Tesla was 2nd to last (Lincoln) service quality in the months Consumer Report study.
Is there a brand/model of car that can't be stolen in minutes if we expand the attack vector wide enough?
Any hardened ceo/president-targeted model from, say, Mercedes should keep you busy for more than a couple of minutes
No. The easiest way to steal a car is a flatbed truck with "Joe's bank repossessions" stickers on the door. Nobody will question you as you pull it onto the back, just laugh at the over leveraged owner....
I feel like the better question is, how do you sell a stolen Tesla with features that require a near constant connection with Tesla? Maybe you sell it for parts, but even then most Tesla owners aren't the type of people to buy an entire battery pack or wheels from some online character.
Seriously - this article is clickbaity. Security flaw + Tesla -> generate ad dollars and make people more skeptical of technology in the process. Not saying it isn't relevant but the likelihood of this happening in the wild?
This is Tesla/Elon fanboism at its finest here. How is the title clickbaity? The title says exactly what happened. Tesla took shortcuts, clear and simple. They didn't implement things like code signing and there's the implementation detail where they were using certificates, but oops, we don't actually check them. If this was Ford or Toyota having this type of security lapse, then people would be all over it. The likelihood of this happening in the wild is zip because Tesla is fixing it using the OTA capabilities which is great, and I give them credit for that. But don't underestimate the seriousness of this.
Requiring a thief both get within 15 feet of the key and know the VIN is way down on the list of known issues. Not to defend a Tesla but most car companies keyless entry features are as bad if not much worse. The only notable thing about this one is it’s over Bluetooth.

Anyone wanting to steal a car can just roll up with a tow truck, so car companies don’t put a lot of effort into this stuff. Hell, I have done the got into someone else’s car sit down and realize it’s not my car. As in I unintentionally unliked the wrong car. I know of 2 other people who had similar experiences with different brands.

Damn! Were you/they able to start the car?? Yes, I get that other automakers are bad, but my complaint to the parent commenter was more about the so-called click-baitiness of the title. And if you weren't able to start the car that you accidentally unlocked, then this Tesla vuln is technically more serious.
I didn’t try and start the car, the seat was in a very different position so I quickly noticed something was wrong. However, one of my friends did.
Damn! Were you/they able to start the car??

When I was an auto mechanic back in the 90s, more than once I've pulled a car into a bay that wasn't the car I was supposed to work on. The keys matched, make and model matched, must be the one that needs an oil change. And, yes, I've changed the oil on a car that wasn't there for an oil change.

It didn't happen but a handful of times over a few years, but it did occasionally happen. Does it happen with modern keyless entry? Dunno, I've been a software dev for the last 25 years.

Are you saying it makes it easier or harder? The VIN is right there on the windshield and a lot of people leave their keys within 15 feet of the outside/sidewalk/common areas.
It’s less secure than being able to start the car without access to the drivers key.
> 15 feet of the key

My car keys are right inside the front door, so stand on my porch and you're well within range.

> and know the VIN

Good thing the VIN is required by law to be visible through the front windshield of your car, which is very likely parked in your driveway, on your way to the front door.

15 feet is the range in optimal conditions. Anyway, it was clearly a vulnerability, but my comparison was to systems that would unlock and start the car without access to the key or the need to enter numbers next to a car.
I don't care for Tesla or Elon much but I do pay attention to how media makes money. Tesla articles drive clicks which drive ad dollars. That model is frustrating and you get stories that are overblown which leads to more people disregarding stories and getting disenfranchised with publications.
Fair enough, I get that sentiment regarding the media. Although I don't think this article warranted the click-bait accusation.
People would give Toyota a pass. They'd praise Toyota's conservativeness in engineering and use that as an excuse for not being up to speed with modern security practices. It's the only other brand that gets as much fanboyism as Telsa. Ford, GM, Nissan, FCA for sure, would be raked over the coals in the comments though.
Yup. Jeep had a potential OTA exploit and Tesla fans were here crowing about how "stupid" they were, and how only Tesla had done OTA "right".
Why do you need to sell it? If you're the type of person to steal a car vis bluetooth, you can buy a cell jammer for cheap and have a new to you tesla, or drive it to your chop shop.

Not every thief has the same motivations. This guy in PA kept his stolen Ferraris in his garage for years with the very rare weekend drive.

https://www.youtube.com/watch?v=GFkvbdMYgHs

Probably best not to underestimate the ingenuity of criminals.
I have a feeling this would be more popular with the joyriders than the fencers.
Parts is the typical reason to steal a car. Most modern cars cannot be hot wired easily, plus it is hard to get a clean title so the next owner can license the car. The parts of the car are valuable though.

I suspect you are right about the value of Tesla parts though.

The challenge is that the most valuable parts of a Tesla, the battery pack and motors, have their own traceable electronic IDs. In the case of the Tesla Model 3/Y, the motors won't work without the VCSEC, the security controller from the car, which also needs an unlock sequence to activate. AFAIK separating the VCSEC from the motors is still an open research problem, as is unlocking the VCSEC without a key card.

As for the battery, that also is traceable and necessarily so if the new operator wishes to use a Supercharger. A Tesla that can't supercharge is much less valuable than a Tesla that can, so that would be pretty hard to hide from the end user. A stolen battery ends up being a con job on the end buyer.

Those aren't the valuable parts though.

With Teslas, the exterior parts (like the panels) are the most valuable, because those are the parts in shortest supply for the kind of work that third-party repair shops can handle. If you have an issue with the battery, that's not something a third-party shop can handle.

I think parts could be pretty good reason.

There’s a lot of people trying to repair/rebuild their cars. And Tesla makes it hard/impossible to get parts from them, which most likely increases demand for used parts.

You can check stories from Rich Rebuilds about how hard Tesla makes it for people to work on those cars.

> First, the Model X key fobs lack what's known as "code signing" for their firmware updates.

And the lack of a cert sent to the fob verifying the key is from Tesla.... this is all so inexcusable.

Have you ever worked in a company that had release deadlines? This is what happened here. And there wasn't time to 'fix' it later -- the very definition of 'Technical Debt'.
I am responsible for an IoT device and I would fire anyone in 1/2 a second that insisted we ship a device without signed firmware at any point past dev stage. Time crunch or not; it’s just not acceptable for a toaster let alone a key(less) to your car.
In Germany some cars with smart keys (which would unlock the car automatically when you approach it with the key in your pocket) were stolen by criminals that simply boosted the signal from the key (that was e.g. safely tucked away in a house) using a repeater, which made the car think that the key was nearby. Not sure if the manufacturers already mitigated this.
The big lesson of the day here is certificate signing your code if you're doing any sort of over-the-air updates.

It's really not that complicated (they mention it already had a cert but it just wasn't being used) and adds so much security value.

It is also a car that:

- Has cameras to record and store everything going on outside and inside it (Sentry Mode)

- Location tracking, where in the app you can literally see where your car is on a map

- Remote control from the app over certain car features

If someone does try to steal one, they’re taking a bigger risk of being caught compared to other cars.

Is there a reason that a malicious actor could not use all those features against the owner of the car, from what you are saying it could be used to track and spy on people, if someone found a explot.
One point; you can't access Sentry Mode remotely. In order to see the video you have to watch it in the car or take the USB thumb drive out and download them to your computer.
So Tesla aren't using certs to sign the updates to their keys. That's fucking ridiculous.
I've said it once, I'll say it again: I'm NOT into cars that are connected to the internet, and apparently bluetooth is about as bad. I don't want some 0-day meaning some hacker can disable my brake line when I'm barrelling down the highway at full speed, and I don't want someone hacking into my car in the parking lot. I don't like smart garage door openers for the same reason: Hackers can just walk in with the right exploit, with no trace when they leave.
> don't want someone hacking into my car in the parking lot

Is this worse than the guy in the parking lot with a crowbar breaking windows instead?

Yes, because someone walking up to a car phone in hand, and getting in is something no one notices. Criminals value stealth.
> I'm NOT into cars that are connected to the internet

Except this break in had nothing to do with the internet. So why are you complaining in this thread?

>and apparently bluetooth is about as bad.

I thought they made it pretty clear.

In brooklyn in the 80s, we'd often remove distributor cables, steering wheels, have random engine kill switches in hidden spots, and use metal gadgets that connected the brake pedal to the steering wheel.

Can't do most of those with an electric car.

Just take the battery with you.
I don't see why you couldn't do the same kind of measures. You can for example unplug the 400v battery, or the 12v battery. Or disconnect some cables, or remove some fuses.
Switch in front of the relays for the main pack. All the body control electronics, bluetooth, door locks, etc are all 12v on a Tesla AFAIK.
Does this bypass "pin to drive", if not they can get into the car but not steal it... I have it enabled on my Tesla
Interesting, but if you steal a Tesla, you've basically stolen an illiquid tracking device on wheels with a shallow secondary parts market. It's more economical to steal a police car. What am I missing?
You've got a good point. It's almost like what happened with the Twitter hack. But what I'm wondering is that isn't there any way to make the car completely offline that it never communicates with the servers?
Build a makeshift Faraday Cage around the car and drive around like that.
Wouldn't replacing the cellular antenna with a resistor achieve the same effect?
There are plenty of reasons to steal a car for "temporary" reasons. Drug couriering, to commit other crimes, etc.
Yea, but Tesla cars update their lat-lon continuously so you would be able to watch the car drive around on a map. If anything, I think this would make it even less desirable to use to commit a crime.

"The bank robbers are on 4th street. Now, they are turning westbound onto Main st. etc."

If thought about this quite a bit since I got my Model Y. Disabling the API would probably be quite a bit of work, certainly more than 10 minutes on the side of the road. My guess is that all of that stuff is buried in the on-board computer and not a separate device like in some other cars. It would probably even be difficult to snip the antenna as it doesn't really have an external "fin" like most cars these days.

I guess the best you could do would be to use a GPS scrambler of some sort and force the car to report its location in the middle of the Atlantic or something.