David Colombo, a 19-year-old cybersecurity researcher in Germany, came upon the biggest discovery of his young career by accident.
He was performing a security audit for a French company when he noticed something unusual: a software program on the company's network that exposed all the data about the chief technology officer's Tesla Inc. vehicle. The data included a full history of where the car had been driven and its precise location at that moment.
But that wasn't all. As Colombo dug deeper he realized that he could push commands to Tesla vehicles whose owners were using the program. That capability enabled him to hijack some functions on those cars, including opening and closing the doors, turning up the music and disabling security features. (He couldn't take over the cars' steering, braking or other operations, however.)
The discovery, which Colombo published on Twitter this week, triggered a vigorous discussion online as the latest example of hacking risks associated with the so-called Internet of Things, where seemingly every product -- from refrigerators to doorbells -- now have an internet connection.
View Full Article