BSidesVienna 0x7E7

Project TEMPA - Hacking Teslas for Fun and NO Profit
11-18, 10:05–11:00 (Europe/Vienna), Badeschiff

If you own a Tesla, you might be familiar with the PhoneKey feature that lets you unlock and start your car with your smartphone. But did you know that this feature has some serious security flaws? In this talk, we will show you some of the ways hackers can exploit these vulnerabilities to steal or TEMPA with your Tesla. We will also discuss how Tesla has responded to these issues and whether they have fixed them or not.


Tesla's PhoneKey-Feature is a convenient way to unlock and start your car using your smartphone. However, it also introduces some security risks that could compromise your vehicle or your personal data. In this talk, we will present some of the most significant vulnerabilities that have been discovered and exploited by researchers and hackers over the last two years. We will also discuss how Tesla has responded to these issues and what steps they have taken to improve the security of their PhoneKey-Feature.
Also, a few tools are going to be presented, that help fellow security researchers to learn more about Tesla's PhoneKey system.

Martin Herfurt is the founder and managing director of IT-Wachdienst, a small company from Salzburg that specializes in IT security solutions for SMEs. Martin Herfurt has many years of experience in the field of IT security and is a recognized expert in Bluetooth technology. He has made a significant contribution to the development of security standards for Bluetooth and has presented his research results at renowned conferences such as BlackHat and DEF CON.

As an IT security consultant and penetration tester, Martin Herfurt supports his customers in protecting their IT systems from attacks and optimizing their security processes. Among other things, he analyzed the security of the Tesla PhoneKey feature and made suggestions for improvements. Martin Herfurt is an innovative and committed entrepreneur who is constantly training and looking for new challenges.