You are here

Smart Glasses + Tesla = Car Thief’s Dream?

The paper "From Virtual Touch to Tesla Command: Unlocking Unauthenticated Control Chains From Smart Glasses for Vehicle Takeover" by PhD student Xingli Zhang and professor Xiali (Sharon) Hei, both of our School of Computing and Informatics, and their colleagues Yazhou Tu, Yan Long, Liqun Shan, Mohamed A Elsaadani, Kevin Fu, and Zhiqiang Lin received a Distinguished Paper Award at the recent 45th IEEE Symposium on Security and Privacy. They uncovered a troubling vulnerability involving wearable devices and automation apps. It turns out that smart glasses paired with smartphones could potentially offer unauthorized access to Tesla vehicles.

Xingli Zhang and Xiali (Sharon) Hei with the award.

What’s Going On

The study revealed that adversaries could compromise security-critical Internet of Things (IoT) systems by exploiting smart glasses. For instance, to unlock a Tesla vehicle, an adversary can trigger the voice assistant on a victim's screen-locked phone via electromagnetic interference on the capacitive touch sensor of smart glasses, and subsequently play synthesized voice commands. These compromised functionalities are managed by automation tools like Apple Shortcuts and IFTTT. Many of these functions are critical to security and safety, such as unlocking doors, disabling sentry mode, and remote starting the vehicle for keyless driving. The researchers noted that the adversary needs to be aware of the specific phrases used for Shortcuts or IFTTT actions. Additionally, the attacker must be near the victim's device, while the smart glasses are within Bluetooth range (which can reach more than 70 meters) of the user's paired smartphone. However, the phrases are usually available online. For instance, Tesla Shortcuts can be found online once the user downloads the Tesla app.

Why It Matters

Trending automation tools such as IFTTT and Apple Shortcuts are increasingly used in smart homes and connected vehicles. Tesla recently adopted official support for Apple Shortcuts in August 2023 and subsequently released official APIs in October 2023, indicating a trend towards automation tools and more interconnected systems. The research demonstrated that it is possible to manipulate Shortcuts and IFTTT-based automated control chains via exploiting the wearable gateway -- smart glasses -- while the paired smartphones remain screen-locked, without requiring authorization, user interaction, or compromising user-specific information like fingerprints or voice. The study also revealed a critical oversight: once modules in automated control chains are installed and configured, they tend to trust previously established modules implicitly, even when these control chains are triggered by adversaries using physical signals independent of the victim user. As wearable technology diversifies and the integration of automation tools, connected cars, and IoT progresses, there is a growing need for user-centered security mechanisms to improve trust in wearable technology and automated control chains while maintaining usability and accessibility.

More Information

Follow these links for more information: The paper (PDF); First video demonstration (YOUTUBE); Second video demonstration (YOUTUBE).