When researchers from Tencent’s Keen Security Lab discovered that they were able to leverage vulnerabilities to remotely hijack Tesla cars, they reported the issues to the automotive company and rushed them into implementing a security feature they have been working on for a while: code signing.
The vulnerabilities were several, including one in Tesla S’ browser that would allow attackers to direct users towards a website hosting the malicious payload, and a privilege elevation flaw in the car’s Linux operating system that would allow attackers full access to the car’s head unit.
