Martin Herfurt
Martin Herfurt is an Austrian IT‑security researcher, Bluetooth‑security expert, and founder of the Salzburg-based security company IT‑Wachdienst. He is best known internationally for uncovering vulnerabilities in Tesla’s Bluetooth PhoneKey system and for his long-standing work in wireless security.
Sessions
Four years ago, Project TEMPA exposed the fundamental vulnerabilities within Tesla’s Bluetooth Low Energy (BLE) Passive Entry system and the Vehicle Controller Secondary (VCSEC) protocol. The research demonstrated how trivial it was to execute Man-in-the-Middle (MitM) relay attacks to unlock and drive away modern vehicles. In response, Tesla embarked on a multi-year effort to overhaul its access systems. But did they actually fix the underlying problems, or just change the locks?
In this presentation, we are getting "phonkey" again. We will dive into a comprehensive 4-year retrospective of Tesla’s Phonekey security evolution, dissecting the ongoing tug-of-war between seamless user experience and robust vehicle security.