Tesla Model 3 hacked in less than 3 seconds
darkreading.com"In the second hack, Synacktiv researchers exploited a heap overflow vulnerability and an out-of-bounds write error in a Bluetooth chipset to break into Tesla's infotainment system and, from there, gain root access to other subsystems."
Not really comforting to know that the infotainment system has a way to gain root-access to other subsystems. Established car-manufacturers considered infotainment a foreign untrusted system by definition, at least when I worked with them (which was prior to the merge of A/C controls with Car-Radio), but I imagine this is now called "overengineering".
It's like a zero-day exploit allowing you to break out of your in-flight entertainment and take control of the plane-engine. I don't care if you fix the exploit, the fault is in your architecture...
Fully agree. The architecure design is weak, given the fact that TEE-based approaches allow the hardening of process isolation.
What bothers me is not that the hack is done in 3min, but the capability to open the front trunk and door while driving
No need for hyperbole, the actual "less than 2 minutes" from the article are impressive enough