Seems like Tesla could shut this down fairly easily if they put some effort in to it.
Couple of point to ponder:
The car is already keeping an inertial location solution for tunnels and other areas where it loses GPS reception based on speed and course, and it monitors speed and acceleration and a thousand more parameters continuously.
So If the car was looking for it, it should have seen an impossible jump in GPS location that the inertial solution didn't support, and known it was being spoofed. Then it can yell for help, go to a fallback logic and inertial Nav only, use one of the other two GPS networks (if only one is being spoofed,) or take other action.
The car is also always connected to a cell network, which means it always knows the exact signal strength to all of the cellular towers in range. If necessary, this can provide a location from the tower IDs/locations and signal strengths, like cell phones sometimes use, though it isn't anything like GPS accuracy of course. Could use this solution to validate the GPS solution, or compare the three GPS systems against each other (though they might all be spoof together. Also not positive if Tesla has hardware for all three.)
I am really surprised that NoA jumped over lane lines to exit when it thought it was by its exit. AP normally refuses to cross solid lines under any circumstances, and I know I've seen the car start planning for a lane change coming up to an interchange, and then give up when the line goes solid (construction zone with solid lane lines on my commute a quarter mile short of an interchange.)
It looks to me like whatever logic caused it to bypass the AP rules following the lines is the only reason this test had any dramatic results.
