357
Elektrek: "Tesla FSD Beta tried to kill me last night"
(electrek.co)
This is a most excellent place for technology news and articles.
It may be difficult to spoof a certificate today, but tomorrow is a whole new day. To wit, OpenSSL has a pretty long history of serious vulnerabilities, despite being the best SSL library out there.
It is absolutely only a matter of time until the Tesla OTA functionality is compromised. There's too many moving parts for it to not be.
There are still a lot of other layers that need to be compromised past the cert for such an attack to even be possible. Even so, I suspect when such an attack does happen it will probably be for stealing cars. Your car would just wake up in the middle of the night and drive itself somewhere else to be cut up for parts. Less likely is any kind of safety issue since its so easy to take over control of the car.
"Attack surface" is the term you want. Big software means big attack surface. So keep code lean for security as well as efficiency.