Hacker News new | past | comments | ask | show | jobs | submit login

Tesla takes their security pretty seriously. There were at DEF CON, both in the contest area and the front row of the talk where someone dumped their firmware. The presenter was overall pleased with their design. Expect to see something on 60 Minutes in the coming months.



If they allow over the air updates, even encrypted, there's a big potential risk. Exactly how are the crypto keys generated and protected? An attack on the download signing server, rather than the car, offers an entry point.


From what I've seen, in multiple industries (but not automotive), pretty much anyone serious about signing firmware holds the keys in a HSM.

When you factor the total impact of firmware signing on the product lifecycle, a HSM is a drop in a bucket...




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: