Here’s What’s Really Going on in That Video of a Tesla Being Tricked into Speeding by Black Tape

There’s more to the story than sensor failures and short sellers.

byRob Stumpf|
Here’s What’s Really Going on in That Video of a Tesla Being Tricked into Speeding by Black Tape

In-car technology is evolving at a rapid pace. Driver assistance systems in many of today's vehicles monitor other cars in your blind spots, adapt your cruise control speed to the world around you, automatically apply the brakes, and even nudge your steering to keep you centered in your lane. Despite all that, a new video is making the rounds purporting to show that your supposedly advanced car can still be dangerously fooled by something as simple as a strip of black tape. But there's a bit more to the story.

On Wednesday, McAfee Advanced Threat Research published the results of an experiment where they stuck a piece of tape on a 35 mph speed limit sign to distort the first digit, tricking a Tesla Model S into reading it as 85 mph and accelerating accordingly. What's important is that they tried to figure out ways to do so where a human would still easily recognize the sign as saying 35 mph. 

The clip shows a Tesla's forward-facing Mobileye camera detect the altered sign and display a little "85" indicator on the instrument cluster as it rolls along slowly; the driver then activates the car's Traffic-Aware Cruise Control and holds on as it immediately tries to jump to 85 mph. The test is cut off at 50 mph, but the results look unequivocal on the face. In the battle of tape vs. Tesla, the tape won. Or did it?

The short answer is yes. The slightly longer answer is that this test involved an older Model S, outdated hardware and software, and took place in very specific circumstances. This particular attack targets a specific kind of forward-facing camera chip that Tesla used in its Autopilot-equipped Model S and Model X vehicles from September 2014 to October 2016: the Mobileye EyeQ3. Mobileye is a major supplier of tech used in vision-based self-driving systems across the industry, and it worked with Tesla extensively before a very public split that followed a fatal Autopilot crash in 2016.

At the time, that camera tech was part of Tesla's Autopilot Hardware v1 package, which is fairly rudimentary compared to the robust assortment of sensors and cameras that pepper today's wannabe-self-driving cars: just one forward camera working together with forward radar and 360-degree ultrasonic sensors. And unlike how Musk talks about Autopilot today, Tesla was more upfront back then in saying that this was very much a work in progress.

Critically, Tesla's Traffic-Aware Cruise Control works the same as any automakers' adaptive cruise systems in that speed limit signs are just one of several data streams used to determine an appropriate velocity, the main one being the presence of a car in front of you. So it's not like the tape can trick your Tesla into ramming stopped traffic ahead.

Tesla vehicles built after October 2016 aren't believed to be affected by this particular exploit because they're fitted with Tesla's Nvidia-based solution called Hardware 2. Later cars were equipped with a newer iteration of Hardware 2.5 or "feature-complete" Hardware 3 (which is developed completely in-house).

McAfee ATR says that it was able to get its hands on a MY2020 vehicle that wasn't fooled in the same test, though a 2019 experiment from Tencent Keen Security Lab was able to trick a newer Tesla using stickers on the ground to force an automatic lane change.

So it seems highly unlikely that the bored teens of the future will be able to prank a bunch of autonomous pod riders by sticking some tape on a sign by the side of the road. But that's not to say this doesn't showcase an inherent risk. Given Tesla's sales at the time, there are probably around 50,000 vehicles out there that are vulnerable to this exact trick, though it's entirely possible fewer are still on the road. They also can't be easily upgraded to more advanced versions of Autopilot because of the huge hardware difference between v1 and v2.

Furthermore, it's important to note that Mobileye EyeQ3 isn't a component exclusive to Tesla vehicles. During its four-year run, the platform was baked into numerous other ADAS-equipped vehicles on the road today, including models from Audi, Mazda, Nissan, and other household-brand automakers. It doesn't appear that this test (or anything like it) has been run on any of those vehicles, so there's no data to show that they too are vulnerable.

But the numbers are a bit daunting. When EyeQ3 was first launched in 2014, Mobileye already had 3 million vehicles on the road. By the time the next-gen EyeQ4 was introduced four years later, the number of shipped EyeQ chips had ballooned to 8.7 million—meaning the vulnerable EyeQ3 is potentially hiding in up to 5.7 million vehicles around the world.

The research team disclosed the vulnerability to Tesla and Mobileye in September 2019 after 18 months of research, however, neither vendor expressed a plan to address the issue on legacy platforms. 

As we've said many times before, it's ultimately the responsibility of the driver to maintain control of their vehicles, and to keep paying attention when they hand over that control to a computer. But that's in a perfect world, while this one is very much not. So can a small piece of tape really cause a Tesla to go crazy? Yes—even if the chance of it happening is pretty small.

Got a tip? Send us a note: