Hackers expose Tesla vulnerability and win a car

Bubbajim

TechSpot Staff
Staff member

Tesla has a fairly positive history when it comes to interacting with the hacking community. Last year they increased their maximum payout for any reported vulnerabilities to $15,000. This week at the Pwn2Own hacking event they took things even further, giving away a Tesla Model 3 to anyone who was able to successfully gain access to the car’s systems.

Pwn2Own is an annual hacking and security conference where, as the name suggests, if a hacker successfully ‘pwns’ a device by exposing a previously-unknown vulnerability, they win the device itself plus other commemorative prizes.

Tesla this year became the first car maker to ever take part in the conference, and on the last day of the event their challenge was beaten, as two-man team ‘Fluoroacetate’ managed to infiltrate the Tesla Model 3’s infotainment system.

The winning pair, Amat Cama and Richard Zhu, didn’t offer much information on how they managed to crack the infotainment system, other than saying they introduced “a JIT bug in the renderer” for the in-car browser. But true to their word, Tesla thanked them for exposing the vulnerability and gave the pair the car.

Commenting on the company’s involvement in Pwn2Own, Tesla’s VP of Vehicle Software, David Lau, said, “we develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us.”

So Tesla cars are now one step closer to being safe from hackers – if only they could also stop their cars from driving towards traffic barriers, that'd be great for safety, too.

Permalink to story.

 

Steveb8189

TS Booster
Aha, but that person wouldn't harm himself. Why is it dumb?
Why would anyone (especially the person who hacked it) accept a flawed product when they fully know in what ways is it flawed. I mean, yeah, it's a car, but still.
When was the last time you saw a product that's completely flawless?
And the whole point of finding these flaws is so they can be fixed. I imagine it was a pretty quick job to close the vulnerability.
 
  • Like
Reactions: timespacematter

Uncle Al

TS Evangelist
Soooooo ..... when he does finally get around to launching a crew to Mars will hackers take it over and have it actually touch down in New Jersey? I can see it now "oh look Bob, this one is already populated ... looks like we'll have to move to another planet..."