MotorBeat Blog

MotorBeat

MotorBeat covers the latest developments in car manufacturing, and technological advancements in transportation as a whole. The blog will help automotive enthusiasts and drivers to get a glimpse of the motoring future.

Jordan Perch loves automotive innovation and that is his ultimate passion. He is managing the resourceful DMV.com and is an active contributor to numerous consumer and automotive blogs.

Previous in Blog: Chinese Tech Giant to Launch an Autonomous Vehicle by the End of This Year   Next in Blog: Tesla's Affordable Model 3 To Be Challenged By Long-Range Chevy Bolt
Close
Close
Close
4 comments

Tesla Is Willing to Pay Hackers to Uncover Bugs on Its Website

Posted August 25, 2015 10:58 AM by Jordan Perch
Pathfinder Tags: bugs hackers Model S tesla website

Tesla Motors may be considered as a technological leader, but it doesn't mean that its products and services are immune to the challenges and threats posed in the Internet age, including hacking attacks. The company's website and Twitter account were hacked a couple of months ago, with perpetrators posting messages that only appeared to be aimed at pranking Tesla and its customers, an event that even though didn't do any real harm to the car maker, prompted it to start thinking more seriously about how to protect itself against potential security risks it may be exposed to.

Elon Musk's company has announced that it has decided to seek help from the hacker community as it tries to discover the vulnerabilities of its products and services and protect them from future attacks. Tesla has launched a bug bounty program on the Bugcrowd bug hunting platform, asking benevolent hackers to try and detect vulnerabilities on the company's website and report them to an email address set up by Tesla specifically for this purpose: vulnerability@teslamotors.com. As a reward, hackers will receive anywhere between $25 and $1,000 per bug, depending on the bug type.

"Tesla values the work done by security researchers in improving the security of our products and service offerings. We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process," stated the company on its Bugcrowd page.

Even though the cash rewards offered by Tesla are drastically lower than those involved in similar programs launched by companies like Facebook and Google, they still present some kind of incentive for those who are able to uncover security issues with the company's services to try and help it improve its digital security, which would benefit Tesla's customers, as well.

While trying to make its website less vulnerable to hacking attacks is definitely a good thing and can help the company provide better customer service, many people are still wondering whether Tesla intends to launch a similar program that would be aimed at increasing the digital security of its vehicles. Given that Tesla's cars rely on their on-board software extensively, they can be an easy target for hackers who are able to take control of various car functions remotely and jeopardize occupants' safety or steal personal information.

Last year, Tesla awarded $10,000 to Qihoo 360, a leading Internet security company based in China, after it hacked a Model S in a non-formal hacking competition. Considering that almost all major players in the auto industry are developing connected-car, as well as vehicle-to-vehicle and vehicle-to-infrastructure technologies, which allow vehicles to talk to each other and to the traffic infrastructure and wirelessly share important safety data, protection from cyber attacks and the ability to detect and fix security vulnerabilities in cars is expected to be one of the top priorities for most automakers in the future. That's when these types of bug bounty programs might come in pretty handy to car manufacturers.

Reply

Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.
Guru

Join Date: Dec 2010
Location: North West England
Posts: 1170
Good Answers: 153
#1

Re: Tesla Is Willing to Pay Hackers to Uncover Bugs on Its Website

08/26/2015 5:40 AM

This is nothing new. Both Microsoft and Netscape were offering bounties for finding bugs in their browser software twenty years ago. My son who at the time was studying Maths & Computing at Oxford University combed every line of every Beta copy update as soon as it was released to the university, and regularly earned $1000 paychecks. There was friendly rivalry between students at Oxford and Princeton over who could find and correct the bugs first. If the bounties payed twenty years ago were $1000 then the same sum today looks miserly. For $25 the average hacker or computer student wouldn't get out of bed.

Reply
Guru
Technical Fields - Project Managers & Project Engineers - New Member

Join Date: Oct 2013
Location: Texas.Baytown
Posts: 697
Good Answers: 26
#2

Re: Tesla Is Willing to Pay Hackers to Uncover Bugs on Its Website

08/26/2015 7:23 AM

If you want to know how well a safe performs , get a professional safe cracker.

__________________
If you want to know how well a broom works you do not ask the guy selling the broom or the guy who designed the broom, you ask the guy using the broom.
Reply
Anonymous Poster #1
#3
In reply to #2

Re: Tesla Is Willing to Pay Hackers to Uncover Bugs on Its Website

08/27/2015 3:10 AM

Fredski must have known something about this.

Reply
Guru

Join Date: Feb 2008
Location: Large hole formally occupied by furry woodland creature.
Posts: 3385
Good Answers: 97
#4

Re: Tesla Is Willing to Pay Hackers to Uncover Bugs on Its Website

08/27/2015 4:23 PM

I wouldn't care, as long as they sign an anti-disclosure form.

__________________
CRTL-Z
Reply
Reply to Blog Entry 4 comments
Interested in this topic? By joining CR4 you can "subscribe" to
this discussion and receive notification when new comments are added.
Copy to Clipboard

Users who posted comments:

Anonymous Poster (1); jhhassociates (1); texasron (1); Unredundant (1)

Previous in Blog: Chinese Tech Giant to Launch an Autonomous Vehicle by the End of This Year   Next in Blog: Tesla's Affordable Model 3 To Be Challenged By Long-Range Chevy Bolt

Advertisement