Featured Tesla cellular App creates a "man in the middle" security flaw.

The car locks, even if you are standing 1 foot away after ~10-20 secs. If you walk away it seems to lock a bit sooner.
You can enable or disable this feature. Also, you can enable or disable the audible horn chirp that happens. You can also enable or disable the mirrors to fold in when the car locks.

To get the car to unlock you have to be within 2 or 3 ft I think. But the car starts recognizing the Bluetooth signal from 10 meters or more because at this distance you can use the app to honk the horn, etc. You can also honk the horn via internet/cellular data which has a lag of a second or two. When you are in BT range it is immediate.

Yes, Because if I unpair my phone as a key it stops working. But pairing your phone as a phone or audio player is a different step than pairing as a key

Yes, anyone could download the app. But you have to sign in to your Tesla account with a username and password you have created on their web site. And, assuming no bugs, you have to go into the security key page in the car and add your phone's BT as an authorized key in the list. You can have phone's, key cards, fobs and give each a name and IIRC require a PIN for each or not.

Mike

 

I just did an interesting test.
With the Model 3 unlocked I put my phone about 2 feet away from the side of the driver's door and I got in the car and it allowed me to drive away. I then retried the test with the phone about 8 or 10 ft away and the car would not start

Mike

 

@bwilson4web, have people been accidentally driving your Model 3 recently?

 

Unlike a keyless fob, the car can't see if a phone as key is inside or outside.

 

Fun fact: Models 3 and Y have their bluetooth antennaes located in both side mirrors of the car.

Back to the thread: I have also noticed that when my Y is 1) unlocked, and 2) my phone is very nearby and has the Tesla App running, and 3) bluetooth in the phone is on, that I can just easily and freely drive away once 4) I use my PIN-to-drive code! Maybe we should go to the press with the story describing this breach? It really shouldn't be this easy to steal one's own car! Time for a firmware update. I hope Tesla is reading this.

 

Check some of the sub menus on your screen. It used to be you could report stuff quickly right from the MFD - right while you're sitting there in the car. If they still do that - then you know they got the message.
.

 

But.. they can see me sitting in my car from the driver-facing camera, no? Can't I just tell them with words, and the Tesla Bot AI can do the reporting for me?

 

You have to give them permission to look at the data. Unfortunately if you are using FSD beta you agreed to that, but they aren't going to use your camera to identify and fix problems. Hell the tesla bot AI just told me to get tacos for breakfast, it says it is helping me, but I know when it becomes self aware skynet will not be far away. I saw that fast and furious documentary from the future where they took control of the cars.

The easiest way to get a quick response is to hit elon up on twitter. He is spending most of his time there.