"In the second hack, Synacktiv researchers exploited a heap overflow vulnerability and an out-of-bounds write error in a Bluetooth chipset to break into Tesla's infotainment system and, from there, gain root access to other subsystems."
Not really comforting to know that the infotainment system has a way to gain root-access to other subsystems. Established car-manufacturers considered infotainment a foreign untrusted system by definition, at least when I worked with them (which was prior to the merge of A/C controls with Car-Radio), but I imagine this is now called "overengineering".
It's like a zero-day exploit allowing you to break out of your in-flight entertainment and take control of the plane-engine. I don't care if you fix the exploit, the fault is in your architecture...
Not really comforting to know that the infotainment system has a way to gain root-access to other subsystems. Established car-manufacturers considered infotainment a foreign untrusted system by definition, at least when I worked with them (which was prior to the merge of A/C controls with Car-Radio), but I imagine this is now called "overengineering".
It's like a zero-day exploit allowing you to break out of your in-flight entertainment and take control of the plane-engine. I don't care if you fix the exploit, the fault is in your architecture...