[Mister_Snuggles]

You are correct.

According to the article, the car's network consists of three devices - the centre console, the dashboard, and one unknown device. There's no way that the whole car has only three computers.

My guess is that this ethernet network is only for the user interface. I'd also guess that the unknown device serves as a gateway (and, hopefully, a firewall) between the critical systems of the car and the car's UI.

[mschuster91]

Firewall? The CAN bus interfacing with the core vehicle components assumes no access controls or anything. Any device connected to it is inherently trustable, no questions asked.

[Gnewt]

I think the commenter you replied to was inferring that the whole CAN bus was not accessible via the Ethernet network.

[mschuster91]

Get ssh access to the box connected to the CAN bus and boom, you have access.

There must be at least one of those connected because Tesla is able to remote-unlock your vehicle.

[hengheng]

There are usually discrete CAN bus firewalls that sit between controllers that are explicitly programmable, and the bus. They might be ASICs, microcontrollers or FPGAs, but there's no way into the mfrom the network. The only attack vector onto the bus is to stab the car with a sharp knife until you have the PCB in your hands, at which point you have owned the car anyways.