Tesla offers a free Model 3 to anyone who can hack its system

Cars are becoming computers, and Tesla has always been at the forefront of that trend. For years, the company has worked with the “white hat” hacker community to pro-actively identify and fix security flaws in its vehicle software. Electrek reports that, over the past few years, Tesla’s bug bounty program has paid out serious money in rewards to hackers who exposed vulnerabilities – as much as $15,000 per reported bug.

Now the Savants of Silicon Valley have upped the ante in a big way, offering a free Model 3 as a prize for cracking the vehicle’s software system.

Tesla will be the first automaker to participate in the annual Pwn2Own computer hacking contest, which is run by Trend Micro’s Zero Day Initiative. At the event in Vancouver this March, Tesla will give away a Model 3 to the winner of the hacking contest.

That’s not all: There will be $900,000 worth of prizes available for hackers who expose flaws in Tesla software. The biggest prize will be $250,000 for hacks that execute code on the car’s gateway, Autopilot, or Vehicle Controller Secondary (VCSEC) systems. (The gateway interconnects the car’s powertrain, chassis, and other components and processes the data they send. The VCSEC is responsible for security functions, including the alarm.)

“We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us,” said Tesla Vice President of Vehicle Software David Lau. “Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle – we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community.”

 

Sources: Electrek, Ars Technica

  • DiegoFCardenas

    Back a few years ago I reported a vulnerability which they classified as a social engineered hack, since it was not a systems hack there was no bounty paid! At the end I got nothing for finding the exploit and reporting it (sucks for me). I still love my Tesla tho… Just this month I got en email from their vulnerability department changing the policy which now covers the type of vulnerability that I found and reported! Happy hacking everyone!! https://uploads.disquscdn.com/images/a1c61d15e8b3e51e6103abd7e5898b367f385eed58e30b45fc667ca006d2cfb8.png