this post was submitted on 03 Sep 2023
330 points (91.9% liked)
Technology
59421 readers
5527 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You should finish watching that first episode before making such bold statements.
I mean I think its still a valid point. The car in the show was sabotaged, and that is definitely something that might be a thing once all cars self-drive. Especially once they remove controls like steering wheels.
There hasn't been a tesla FSD hack yet, but it would take spoofing a software update (and spoof the authentication and certs, etc)... The attacker would need to have access to a pretty massive supercomputer to make their own custom self-driving software and today getting the certs and everything right is next to impossible... but even then its only next to impossible, not impossible.
It may be difficult to spoof a certificate today, but tomorrow is a whole new day. To wit, OpenSSL has a pretty long history of serious vulnerabilities, despite being the best SSL library out there.
It is absolutely only a matter of time until the Tesla OTA functionality is compromised. There's too many moving parts for it to not be.
"Attack surface" is the term you want. Big software means big attack surface. So keep code lean for security as well as efficiency.