Story Time: In an older, much less technical world, the VW Golf 1 and Golf 2 had only N different keys for all models. So instead of having a unique key for each Golf, VW had (I forgot the number) 1000 or 10000 different keys that were assigned randomly. I thought this was a myth until back in 99, my friends white, old Golf 2 was parked next to another white, old Golf 2. When we wanted to enter, there was sleeping guy in there. His Golf was parked next to ours. It was evening, he was tired, instead of driving home (the Golfs were parked outside a club) he had opened the Golf gotten in and fallen asleep. Just that he had entered the wrong Golf, because (even though very unlikely) there were to similar-looking golfs with the same keys next to each other (and it was dark).
Funny story: house locks work the same way (I think usually ~1024 possible key configurations, depending on the lock). When my wife and I were dating we discovered that our apartment keys worked in each other's locks!
I had an 86 Honda Civic and have a similar story. I was just getting out of class and heading to work, walked out to my car, started it, looked behind me to back out and realized the stuff in the back seat wasn't mine. Turns out someone had a very similar civic that was even missing the same black plastic strip on the side panel mine was. And my keys worked in their cars.
Now if you still had an 86 Civic, it's highly likely that just about key from any Honda from that same era will open it now. The keys all wear down and so do the tumblers in the locks.
I seem to recall that there's a Defcon talk to this extent—one of the many that talk about locks and keys—that shares that (some) police cruisers across the US use the exact same keys, proven by showing the showing a monroney label on a still new police car which listed a barrel type had an already publicly-known key pattern.
So much stuff need to happen for two devices to interact securely that there's seems to be no chain of events that could make this possible.
Either the app goes through their servers and back to the car, which would make it impossible to unlock the wrong car, or through BLE, which would make it easy to verify through digital signatures that the other device is who they say.
> which would make it easy to verify through digital signatures that the other device is who they say.
The entire tech industry has a long history of security issues, bad practices, mismanagement of security critical resources (openssl,...), horrible hacks with security issues that where widely discussed beforehand (http tunneling), etc. . The only fake story I could see from a mile away would be "Company publishes flawless auth system, hackers forced to retire".
I agree it doesn't feel right. I have a Tesla, and often come out and find other Teslas parked right to mine. Sometimes 4 or 5. At some point, someone would've been able to unlock mine and done something to my car. Or similar settings anywhere else.
I think we'd have heard this story more than once if it was possible.
EDIT: I grant the possibilities outlined by the responders to my post... still, I'll put a little $$ on this getting clarified otherwise in the coming weeks -- but not any more than that, as I've lost a $ in this week's banking crisis.
There's always the first time you hear a particular story. There's a continuously increasing mapping from how likely such an event is to when you should expect to hear about it for the first time.
That seems like a nonsequitor to me. I don't think that being well-off correlates to whether or not someone is willing to violate the law. And I don't think that, in this situation, rummaging through the car to find contact info is actually illegal.
It could be a rare hash collision. It wouldn't happen to you but with millions of Teslas out there it would happen to somebody. I wouldn't be surprised if this were real.
Some race condition that causes a duplicate signature to be generated, or causes the same signature to be sent to two different cars doesn't seem too outlandish to me. I have seen similar bugs before. The only thing that is coincidental is that the duplicates ended up in two vehicles near enough to each other for the mistake to matter.
Both cars unlocked and presumably started at different times for different people, so it would have had to have been simultaneous of two identical race conditions on two different sets of devices at different times. This feels like total bs.
No, I am suggesting one race at the factory that gave the two vehicles the same private key. Therefore Person A can always access Person B's car and vice versa because they use identical keys.
Yeah, now that I "said it out loud" it seems like if that were the case, there would be instances of them using the app while you are driving or near your car. You would know "something" is wrong with your car even if you don't know what exactly.
Yeah when I worked at Amazon we found two computers with NICs with identical MAC addresses (and it was a long time ago when Amazon had an awful lot less servers). Some database process at the manufacturer had a race condition.
Also somehow the other person just happened to have his phone number according to the article? Feels fake as hell, and it is jalopnik...
> “After five, 10 minutes I got a text on my phone that said ‘Rajesh are you driving [a] Tesla,’” he explained to the outlet. Randev went on to say the person who messaged him told him he was driving the wrong car.
The article also explains the person didn't just happen to have his phone number if you continue on:
> When the two Tesla owners met up, the rightful owner of the car Randev was driving told him he’d found Randev’s phone number on a document inside Randev’s car.
Overall the original article linked by jalopnik is better written though.
Hang on, does that imply the other person had got into Randev's Tesla somehow? Because it seems like the obvious explanation is that they both unlocked their own Teslas at around the same time, but one of them thought the other person's Tesla was theirs because it was in about the right place and unlocked and drove it away...
The story also discusses both of these points. The other guy did get into his Tesla:
> That means, if you’re following along, the other guy was able to gain access to Randev’s Tesla as well.
But it wouldn't make sense both Tesla's were just unlocked and started at the same time since he was later able to unlock and start the Tesla a 2nd time:
> The two Tesla owners made a plan to switch the cars back — after Randev picked his kids from school. That’s right: Randev was able to get into the Model 3 that wasn’t his, and drive away, for a second time.
(as a side note both of these are worded much better in the original article). It also says he has video evidence of the issue he was trying to deliver to Tesla but neither article includes that video so I'm not sure I buy a simple solution without evidence the entire thing was just fabricated.
Last year, I found true my Tesla VIN was used to register a car in a different state. I never received the CA renewal notice, then eventually got a “driving with no registration” citation, and had to pay something like a $1k penalty to get it resolved. I never figured out how the same VIN was used?
Point being - perhaps ids can accidentally be reused or mis-entered into some system?
Back in the 80s, GM only had like 10,000 key barrels that they used for all GM cars. That meant that you had a 1/10,000 chance of unlocking another GM car with your GM key. Didn't even have to be the same model or maker, as long as it was GM.
They solved this by adding the little chip to the key, so that even if you could open the door, you couldn't start the car with the wrong key, because it would read the chip in the ignition barrel. My uncle was involved in the testing and got to drive a Corvette for a while because that was the first model they tried it on.
2 decades ago I was in Thialand, and my friend hired a Honda C90 moped to get around the island we were on.
After 2 weeks he took it back to the rental place and the owner wouldn't accept it as it wasn't his moped - looked just the same to us, but he checked the engine number (there were no number plates on the island).
He didn't know what to do, but after a while of trying to figure out what to do, on a hunch drove back to the very first cafe we'd visited after hiring the bike, on the other side of the island.
There outside the cafe was 'his' moped - a little dusty, but unmoved - he parked the bike and told the owners of the cafe, and rode back on the 'correct' moped. I hate to think what happened to the person who's moped we'd taken, I don't think there was an option of insurance when he hired the bikes.
Fun relevant story - back in high school we figured out that my friend’s Chevy Suburban key would unlock and start my other friend’s Saturn S-Series (but not vice versa).
Had a lot of fun with that one. Not sure the owner of the Saturn would agree.
My old Toyotas (early 2000s models) had the chip in the key. A third spare didn’t have it so I taped it under my bumper.
One of my keys because so dull it wouldn’t unlock the door anymore. We got a key off eBay and programmed it. The sequence to start the programming was pretty cool. It was something like turn the ignition key to specific places, press the brake a set number of times, and some other combos.
I call these "car cheat codes". Even modern vehicles often have some of these, hiding options (like turning off the "BUCKLE YOUR SEATBELT!!!" alarm) that the manufacturer may not want readily available. They can be kind of fun to enter correctly.
Apparently FIAT had many few times less key barrels for their Uno model in the 80s. I remember a story about a car that used to be parked in a street. It was along the lines of
This smells like BS to me. I've been in similar situations - in a rush I run to a tesla that looks like mine on the street, near where I parked. When I try to open it though I can't I get frustrated for a minute before I realize I'm a dunce and my identical looking car is 2 spots over.
Everything worked there as expected. This other random car didn't open. The way these key pairing systems are built it wouldn't really make sense for it to open or start. Thats why to me this smells like BS.
This is the kind of thing where the lack of a traditional PR presence hurts Tesla. I'd like to say the story sounds unlikely but at the same time there is nothing about it that says impossible. If they aren't going to respond with what looks to have happened from their system's point of view then it's hard to give them unilateral benefit of the doubt whenever these kinds of stories come out. Some problems are real, others aren't, and it's not feasible to say which this is right now.
How can you not notice that you are in the wrong car? Different people have different stuff lying around in their cars. Stickers, scratches, dents, dirt. Cars smell differently.
Long ago I was tasked with swapping someone's Porsche off to them at their house, as the service writer the evening before had given the customer the wrong car.
Both black. One a panamera (so?) 4, one a 4s. One with dealer plates (the one they ended up taking home..) , one with a custom plate.
So, after showing up to this persons house (through a golf course, up a winding top of the hill driveway), I knocked on his door and asked him the same question (after apologizing for the workers mistake).
"Oh, well, it was evening and the radio stations were programmed in the same, so I just didn't even think about it. In the morning I said "well, that's strange, usually they wash the car nicely before returning it -- then I realized it wasn't my car".
Guy was super down to earth about it, not a care at all and the exchange was very pleasant.
Point being: some people just really go with the flow, and even with 100k+ cars 20 years ago, sometimes just don't really pay attention to, well, much of anything. Bigger fish to fry, I guess.
I'll never forget the whole interaction, fully expecting a grumpy person and coming face to face with "eh, life!".
I definitely don't have a lot of stuff lying around in my cabin. At the moment the only things visible in the cabinet are an electronic parking disc and a 12V two-port USB charger. If I encountered a clean car with the same interior colours as mine, I might not immediately notice it.
And the same seat and correct mirror positions? Sure, it is not impossible, but I have a hard time imagining that one would not notice driving away in the wrong car.
At a former SaaS startup my colleague rolled out some updates that affected an apache module's connection pooling persistence defaults.
Everything had worked fine in his testing, but once in production there was enough concurrency to make this change in caching behavior matter. One customer's web login would spuriously see another customer's content, it all seemed completely random.
A similar change (or rare bug) could easily result in one customer's boolean "yes they're allowed" reach another who should have received "no they're not". There's all sorts of opportunities in the backend to cross such streams, especially things that need to scale and do a lot of caching.
> “After five, 10 minutes I got a text on my phone that said ‘Rajesh are you driving [a] Tesla,’” he explained to the outlet. Randev went on to say the person who messaged him told him he was driving the wrong car.
> all he’s gotten from the automaker is radio silence
So...where did the text come from? No indication that the police were involved in the article. How did the other Tesla owner get his cell number?
> When the two Tesla owners met up, the rightful owner of the car Randev was driving told him he’d found Randev’s phone number on a document inside Randev’s car.
> When the two Tesla owners met up, the rightful owner of the car Randev was driving told him he’d found Randev’s phone number on a document inside Randev’s car. That means, if you’re following along, the other guy was able to gain access to Randev’s Tesla as well. Wild.
That makes it even less plausible! Teslas have been around for years. If people could unlock each others cars we’d have heard about it a long time ago.
> Randev said the other Tesla driver told him he was able to get his number because he had printed out a document, which was in his car and it had his phone number on it.
Indeed. I don't understand how that worked. You need to create a "phone key" in the app to unlock / use the car. You do that by swiping your card key once. Those keys can't be used in different cars unless something very fishy is going on.
People have lots of trouble with Paypal (e.g., accounts being locked). People have lots of trouble with Tesla. Twitter has been a complete disaster since Elon took over. So... how in the world has SpaceX managed to do so well?
SpaceX has a management structure which has evolved to babysit Musk and mitigate the damage that he does to the organization.
Keep in mind that PayPal is basically in the same boat as systems like Venmo and Cash App (Zelle is a little different). They all have problems. Musk’s main contribution to PayPal was actually x.com. X.com got absorbed into PayPal and PayPal is somewhat different from Musk’s vision for x.com.
Peter Thiel came out with confinity, then 1 year later x.com launched. They for some reason merged. Musk wanted to keep the name x.com Jusk was fired before it became paypal.
He was more or less fired as CEO of Paypal IIRC, but I'd be hard-pressed to call it a failure either way. Overall I'd say he's done quite well but the world is full of people that were great in one venture and then failed miserably in another.
