0

Tesla wants researchers to probe the Model 3 for security bugs as part of a hacking contest

Tesla announced today that as a kind of expansion of its bug bounty efforts, the electric carmaker is making a Model 3 available for use in the Pwn2Own hacking contest that will be held in March in Vancouver.

It’s the first time the contest will include an automotive category, and among the contest’s potential winnings are more than $1 million in cash and prizes available for researchers. A Model 3 is also being given away to one winner in accordance with the contest rules. Tesla, of course, has issued hundreds of over-the-air software updates that have served to fine-tune the performance, safety and security of the company’s cars ever since making the first OTA software update available back in 2012. And its involvement in the hacking competition is likewise an expansion of sorts for the carmaker’s bug bounty efforts, which included expanding the maximum reward payments from $10,000 to $15,000 last year.

“We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us,” said Tesla vice president of vehicle software David Lau. “Since launching our bug bounty program in 2014 — the first to include a connected consumer vehicle — we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community. We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems.”

As we reported here, Tesla’s Model 3 was actually the best-selling luxury car across both cars and SUVs for all of 2018. The company would likely have sold more were it not for a number of highly publicized production issues that dogged the company for most of the year.

As far as the contest, meanwhile, the addition of a Tesla Model 3 as a new platform to join the existing list of targets continues on an expansion made for the recent Pwn2Own held in Tokyo which added consumer Internet of Things devices to the mix. The additions expand on the contest’s existing targets that include virtualization platforms, enterprise applications, web browsers and more.

“Since 2007, Pwn2Own has become an industry-leading contest that encourages new areas of vulnerability research on today’s most critical platforms,” said Brian Gorenc, senior director of vulnerability research for Trend Micro. “Over the years we have added new targets and categories to direct research efforts toward areas of growing concern for businesses and consumers. This year, we’ve partnered with some of the biggest names in technology to further this commitment and continue driving relevant vulnerability research.”

facebooktwittergoogle plus