On Wednesday of this week, an Israeli firm called Regulus Cyber issued a press release stating that “spoofing attacks on the Tesla GNSS (GPS) receiver could easily be carried out wirelessly and remotely.” In the firm’s demonstration attack on a Model 3, “the car reacted as if the exit was just 500 feet away—abruptly slowing down, activating the right turn signal, and making a sharp turn off the main road,” according to Regulus. “The driver immediately took manual control but couldn’t stop the car from leaving the road.”
Tesla’s official response could best be described as “brusque.”
So, a company most of us haven’t heard of tells us that it’s demonstrated disturbing vulnerabilities in Tesla. Tesla, in effect, says said company is just looking for a buck and there’s no problem, but it doesn’t really provide any details. Where does the truth lie? That question necessitates a look at the merits of this specific Regulus-vs-Tesla claim—and then a broader glance into the history, technology, and possibilities of GNSS spoofing itself.