Story image

Tesla wants people to hack its Model 3

15 Jan 2019

Tesla is offering white hat hackers what could be the chance of a lifetime – the opportunity to hack one of its Model 3 vehicles.

Tesla joins Microsoft and VMware as partners in this year’s Pwn2Own contest in Vancouver, Canada, which will be held in March.

According to Tesla’s vice president of vehicle software David Lau, the company’s work with the security research is invaluable, particularly since the company strives to develop its cars with the highest safety standards “in every respect”.

“Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle – we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community,” says Lau.

In the Tesla Model 3 category, there are a number of target systems, including WiFi and Bluetooth systems, infotainment, autopilot, key fob and phone-as-a-key systems, modem or tuner, and others. The largest prices will be awarded to those who find vulnerabilities in the vehicle’s ‘Gateway, Autopilot, or VCSEC systems, which could net participants up to $250,000. On top of that, the grand winner will also win a Tesla Model 3.

“We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems,” continues Lau.

The full list of targets in this year’s contest include the Tesla Model 3, Oracle VirtualBox, VMware Workstation, VMware ESXi, Microsoft Hyper-V Client, Google Chrome, Microsoft Edge, Apple Safari, Mozilla Firefox, Adobe Reader, Microsoft Office 365, Microsoft Outlook, and Microsoft Windows RDP.

“With the recent announcement of Microsoft moving to a Chromium-based engine, exploits on Google Chrome definitely earn a premium over Edge, Safari, and Firefox,” says Pwn2Own.

“A browser exploit ranges from $40,000 for Firefox up to $80,000 for Chrome. We’re also offering $80,000 for anyone who can successfully exploit Edge with a Windows Defender Application Guard (WDAG) specific escape from the WDAG container to the host OS – something we’ve never seen at Pwn2Own before.”

“Contestants can add on another $70,000 if they escape the virtual machine and execute code on the host OS. Some say the browser is the gateway to the cloud. It’s certainly the gateway to online shopping. Either way, bugs in these products have a broad impact.”

Collectively, more than $1 million in cash prizes could be awarded to participants.

“Over the years we have added new targets and categories to direct research efforts toward areas of growing concern for businesses and consumers. This year, we’ve partnered with some of the biggest names in technology to further this commitment and continue driving relevant vulnerability research,” comments Trend Micro senior director of vulnerability research, Brian Gorenc.

Trend Micro also says it is working with the competition with the focus of expanding its focus on securing the connected world by partnering with major vendors.

This Iron Man drone wants you to fly like a superhero
Iron Man must be one of the most popular superheroes of 2019 – because this year he has been transformed into a robot, and now he’s styled as his very own drone.
HP back on board with Emirates Team NZ
HP 3D print technology will supposedly help the team innovate at speed.
Do you use the Peel Smart Remote app? Delete or update it now
Peel Smart Remote could leak your personal pictures, information, and documents to an unknown server.
How printing solutions can help save the planet
Y Soft has identified five key ways organisations can become more economical and reduce their environmental impact.
Information is power when choosing electricity plans
While 90% of respondents knew their average power bill over the summertime, more than half didn’t know their kilowatt hour (kWh) price, or their monthly usage amount. 
A quick look at Haier & LG's take on the smart home revolution
Haier is going all-in on the smart home revolution – and it believes your home should be smart all the way from the laundry to the bedroom.
An 8K TV for $80,000? Samsung has you covered
8K televisions have landed in New Zealand, but they come with eye-watering price tags of up to $80,000.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.