Last week at the CeBIT conference held in Hanover, the Lookout’s Co-Founder and CTO Kevin Mahaffey talked about hacking Tesla Model S providing indications on possible countermeasures. Unfortunately, many security professionals provided highlighted that Mahaffey has forgotten to mention half of his team, looking like he was taking the credit to himself.
These type of work made by researchers should be seen as “doing the world a service” since researchers are making cars more secure, of course, they are hacking them, but they are also finding solutions to the problems.
Tesla, besides having great cars, have also great policies that ensure that the car security is a company high priority, for this reason, they are encouraging the hacker community to hack their vehicles and disclose vulnerabilities they would find.
The reason why Kevin Mahaffey and Marc Rogers focused in hacking Tesla models, is that the company is making new model, build from scratch, and these type of cars will be common everywhere in the near future.
Even if everything made by Kevin and his team looks easy, it took them many years of research to get to the point in the presentation that they can “control” the Model S.
In the las year Kevin and Marc gave made a presentation at the DEFCON conference, the findings of their research helped Tesla to discover problems in his cars and contributed to improve the image of the company that is perceived by the experts as a research-friendly company.
Coming back to the presentation in CeBIT on hacking Tesla, many people took the title “Why I Hacked the Tesla Model S” and focused in the “I” part, looking like Kevin Mahaffey was pushing all the credit to himself.
CSO tried to reach Marc Rogers to talk about this problem, but Rogers declined to comment. No one at Lookout was aware of any problem related to the presentation or presentation title, and when the issue came to their attention, they blamed CeBIT.
In an e-mail a spokesperson of Lookout said:
“disappointing that CeBIT positioned Kevin and Marc’s research in such a way that excluded recognition of Marc’s extremely hard work.”
“It was absolutely a collaboration between the two of them and Kevin does make that clear in his CeBIT presentation,”
And if you see that presentation you know it’s true, at a certain point kevin says:
“Why did I undertake this research? It was myself Kevin Mahaffey and my research partner Marc Rogers, we’ve been working on this project for several years…”
In addition, Kevin showed a photo of Marc during the process of stopping the Model S.
In another e-mail exchange with CSO, Kevin says he offered an apology and stated that he feels terrible that Rogers would feel slighted by the incident.
Lookout says they were “caught the misleading title, and apologize failing to do so. “ and already asked CeBIT to correct the article/presentation.
Let me suggest see the interesting presentation made at the Cebit conference.
About the Author Elsio Pinto
Edited by Pierluigi Paganini
(Security Affairs – Tesla hacking, automotive)