Tesla tempts white-hat hackers with a Model 3 as a target, and a prize
Since 2007, the Pwn2Own computer hacking contest has tasked security researchers with finding new holes in common software and devices, but never before has a car been up for grabs. Tesla will be offering a Model 3 as a target for hackers at this year's event, who will battle it out for the keys to the increasingly popular electric sedan.
Winners of Pwn2Own in years past have taken home laptops, mobile phones and other gadgets to fall victim to their hacking abilities, along with significant cash prizes. This year organizers have introduced an automotive category for the first time, with Tesla's Model 3 serving as its very first subject.
For years, Tesla has been leveraging the minds of the white-hat hackers to uncover weaknesses in its software through the platform Bugcrowd, with rewards ranging from US$100 to $15,000 for each vulnerability reported. It has rewarded 324 vulnerabilities in total using the platform.
There will be significantly more money on offer for hackers able to crack Tesla's code at Pwn2Own 2019. The serious money is tied to the company's gateway, Autopilot and VCSEC software. These together are responsible for data around the car's powertrain, chassis, security functions and autonomous driving capabilities, like lane changing and parking. A successful exploit carries a cash prize of $250,000.
Other individual cash carrots hang over the company's infotainment systems, its Wi-Fi, Bluetooth and key fobs. The overall winner of the category, however, will drive home in a brand new, mid-range, rear wheel-drive Tesla Model 3.
"We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems," says David Lau, Vice President of Vehicle Software at Tesla.
Pwn2Own is part of the CanSecWest conference, which takes place in Vancouver March 20 to 22.
Source: Zero Day Initiative