[capableweb]

I always assumed unlocking your Tesla with the phone would use Bluetooth, NFC, even ad-hoc but I never expected it to be dependent on a round-trip to a internet-connected server. That seems like a really crap design and ripe for security issues, especially since it seems the Tesla customer support team has the ability to unlock cars remotely too.

[jeroenhd]

The first commenter that says they can't enter their car also said their keyfob died that morning.

Bluetooth keys work but not all Tesla cars have those. Some cars unlock by phone via the app through an internet connection, it seems.

I'm surprised remote unlocking is as easy as calling a number and convincing an operator that you're the owner. Another reason to avoid the brand, I suppose.

[k8sToGo]

The keyfob can still be used by holding it to the door like the NFC card, even if the battery is dead.

[cptskippy]

Yeah, this is industry standard stuff. Nissan keys act the same way.

[mcherm]

I have been locked out of my car before. I would be very pleased with the service where remote unlocking is as easy as calling a phone number and convincing the operator that you're the owner. Of course, that comes with one important condition: Tesla would have to be the one who absorbed the risk that the authentication was false and the car gets stolen.

[capableweb]

> Tesla would have to be the one who absorbed the risk that the authentication was false and the car gets stolen.

Couldn't they just claim that "someone stole your identity" because that seems to works for banks and similar institutions?

[ryanlol]

Except that this clearly doesn’t work for banks, as they foot the bill when such things happen.

[monocasa]

A lot of times they kick that financial responsibility down to the merchant.

[mike_d]

> I'm surprised remote unlocking is as easy as calling a number and convincing an operator that you're the owner

I've consulted on on stolen luxury vehicle cases and I can tell you this isn't unique to Tesla. If you know what to say and can say it convincingly you can locate, disable, and unlock a higher end car pretty easily.

[ryanlol]

> I'm surprised remote unlocking is as easy as calling a number and convincing an operator that you're the owner. Another reason to avoid the brand, I suppose.

You probably want to avoid cars altogether if this bothers you. For basically all cars, there are far easier and less time consuming methods to unlock the doors.

[dijit]

Reminds me (strongly) of a scene in die hard 4.

https://youtu.be/2830e75aAOk

[Darkskiez]

Yes, you can unlock your car with the NFC keycards (or app via NFC), the bluetooth fobs or bluetooth phone, with no connectivity for either.

The problem that happened last time was that people opened the app to do something and logged out to try and fix it, thus clearing their credentials, and then can't log back in, and cant log back in to reauthenticate their device.

[cptskippy]

> The problem that happened last time was that people opened the app to do something and logged out to try and fix it

They should add some friction to the logout process. Like a server API call to allow you to logout.

[nottorp]

So you can invalidate your keys (not the phone app) via your phone by mistake?

[ajross]

No, the keys are fixed to the car, not managed by the app. You can delete them only AFAIK from within the car UI. And IIRC it requires you have at least two active at all times.

[api]

> I never expected it to be dependent on a round-trip to a internet-connected server.

But everything needs cloud! I mean you can't unlock something three feet away without sending some packets over 2000 miles round trip.