By on March 25, 2019

tesla model 3

Computer experts successfully broke a Tesla Model 3 at the “Pwn2Own” hacking event held recently in Vancouver. However, Tesla Motors isn’t biting its nails over someone finding vulnerabilities in its system, as it was privy to the plan. The automaker has operated a “bug bounty program” for the past 4 years, rewarding anyone who can pull it off — going so far as saying it wouldn’t void a vehicle’s warranty if a customer successfully hacked it in “good faith.” It even offered a maximum reward of $15,000 (USD) last year.

Meanwhile, the group that managed to break the Model 3 in Canada this month received more than a sack of cash from the automaker. 

In addition to a corporate blessing for some top-shelf, white-hat hacking, Tesla provided the group with a car of their own, according to Electrek:

Amat Cama and Richard Zhu of team Fluoroacetate targeted the infotainment system on the Tesla Model 3 and used “a JIT bug in the renderer” to manage to take control of the system.

For exposing the vulnerabilities and giving the automaker the opportunity to improve its software security, Tesla is giving them the Model 3.

It’s adding to several more prizes won by team Fluoroacetate during the competition.

The hack job was apparently no cakewalk. Electrek reports that the team only managed to find a functional exploit on the last day of competition, though they were quite busy for the duration — often working on other challenges.

“We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us,” said David Lau, Vice President of Vehicle Software at Tesla, leading up to the event. “Since launching our bug bounty program in 2014 – the first to include a connected consumer vehicle– we have continuously increased our investments into partnerships with security researchers to ensure that all Tesla owners constantly benefit from the brightest minds in the community.”

He added, “We look forward to learning about, and rewarding, great work in Pwn2Own so that we can continue to improve our products and our approach to designing inherently secure systems.”

Unlike its beta-tested Autopilot system, Tesla’s approach to digital security is admirable and decidedly wise. Rather than penalize individuals who break its system, it’s been rewarding them — giving hackers an incentive to work with the company, rather than against it. Back in 2016, Keen Security Labs remotely hacked the Tesla Model S through a malicious wifi hotspot. It identified the vulnerability and went to Tesla first, who promptly fixed the exploit. The automaker has reportedly given away hundreds of thousands of dollars in rewards to hackers who’ve exposed vulnerabilities in its systems.

[Image: Tesla]

Get the latest TTAC e-Newsletter!

Recommended

6 Comments on “Hackers Digitally Invade Tesla Model 3, Winning One...”


Read all comments

Back to TopLeave a Reply

You must be logged in to post a comment.

Recent Comments

  • here4aSammich: They won’t have to title or register the car out of state. Can’t speak for all states, but...
  • here4aSammich: Living outside Toledo, I might be able to answer this for you, having purchased cars across state...
  • SPPPP: Also remember that the original Murano was a rather big deal, as one of the first SUVs putting style first.
  • SPPPP: Well, 93mph is 150kph, so that might help explain the exact number.
  • SPPPP: Well, Musk used his personal funds to become the main investor before the public funds came in, but then the...

New Car Research

Get a Free Dealer Quote

Staff

  • Contributors

  • Timothy Cain, Canada
  • Matthew Guy, Canada
  • Ronnie Schreiber, United States
  • Bozi Tatarevic, United States
  • Chris Tonn, United States
  • Corey Lewis, United States
  • Mark Baruth, United States