The downside with offering APIs to interact with a car is that someone else’s security problem might become your own.
David Colombo explained in the thread that the flaw “wasn’t a vulnerability in Tesla’s infrastructure. It’s the owner’s fault.” He claimed to be able to remotely disable a car’s camera system, unlock doors and open windows, and even start driving without a key. It could also determine the exact location of the car.
However, Colombo has made it clear that it can’t actually interact with Tesla’s steering, throttle, or brakes, so at least we don’t have to worry about an army of remote-control electric vehicles doing a Fate reenactment.
Colombo says he reported the issue to…