What Tesla’s app failure says about security in our cars and homes
Tesla’s server failure on its vehicle app led to the inability for around 500 Tesla drivers to access their own cars. While the damage was minimal, the event does raise questions about the limitations of smartphone-based approaches to security in both our vehicles and our homes.
On Saturday the 20th of November 2021, around 500 Tesla drivers were unable to unlock their vehicles due to the Tesla car app experiencing the general internal server error known as ‘Error 500’, which is usually linked to a company’s server failing to fulfil a valid request.
While the problem was soon resolved, and Tesla’s CEO Elon Musk apologised on Twitter (having pointed out that Tesla “may have accidentally increased [the] verbosity of network traffic”), the incident does reflect that relying solely on modern communications, such as vehicle apps, is still not advisable.
It’s only common sense, therefore, that the Tesla car app is not the only way for drivers to unlock their vehicles: Teslas also have a key fob so that users don’t just rely on their smartphones. And this would explain why there were only around 500 Tesla drivers (there are tens of thousands of Teslas on US roads alone) who were affected by the server error. After all, they were the tiny minority who only had access to their smartphones: even modern vehicle owners still keep their car’s key fob to hand, meaning that that they have two, not just one, mode of entry to their vehicles.
Nevertheless, the problem that the roughly 500 Tesla app users encountered does raise an important question: why can’t users rely on just their smartphones? And this question isn’t just for vehicle security, either: think of smart locks, which are also a smartphone-based approach to unlocking doors – but rather than just vehicle doors, smart locks apply to users’ very homes.
On paper, smart locks sound like a great idea: they are a staple part of smart homes, owing to their Wi-Fi and/or Bluetooth-based approach to security. Such technology means that homeowners shouldn’t even need to bring their keys with them when they leave their house. In fact, simply by the homeowner having their smartphone in their pocket and approaching the front door, the Bluetooth connection communicate with the smart lock and open the entrance.
However, as with all smartphone-based approaches to essential parts of everyday life, the solution can only last as long as the device’s battery life and signal integrity. That’s why smart lock manufacturers also offer the ‘good old fashioned’ lock and key. So once again, electronics prove useful, maybe even ideal – but far from foolproof.
In fact, vehicle apps and smart locks aren’t even hackproof. Digital identity and anti-fraud company OneSpan reports that the Tesla Car App could be hacked – leading to Teslas not only being tracked and located, but outright stolen. Plus, smart locks can not only be hacked by spoofing attacks and user identity fraud, but even simply hacked into in the traditional sense of the word: an intruder can use a simple screwdriver to unscrew the very smart lock itself!
Of course, such problems as the Tesla app server failure and the vulnerabilities of smart locks are exceptions: most smart security technologies, used in tandem with traditional methods, are far more useful than the sole use of a standard lock and key. But if there’s one thing that Tesla’s technical difficulties this November tell us, it’s that even the most respected manufacturers can’t guarantee your full safety and convenience.
The main takeaway? Put your trust in smart security devices – but never rely on them as your sole solution to locking and accessing your cars and homes!