- Joined
- Mar 3, 2018
- Messages
- 1,713
As cars get smarter, they also become more vulnerable to digital saboteurs. We've reported on several incidents where hackers managed to unlock a drive a Tesla away, but the company has repeatedly reaffirmed its commitment to security, as it did again this week. A post on the Zero Day Initiative's blog announced that, in "partnership with Tesla," prizes ranging from $35,000 to $300,000 will be awarded to hackers who can worm their way into a Tesla Model 3 at this year's Pwn2Own competition. In addition, the first researcher to break in will get a brand new Model 3. The specific hack categories are outlined in the post, and Tesla is awarding a particularly large amount of money for a "Gateway, Autopilot, or VCSEC" hack. Additionally, VMware and Microsoft are also giving out rewards for finding vulnerabilities in and Office, web browsers, and other software.
Starting in 2007, Pwn2Own has evolved from a small demonstration with prizes averaging around $10,000 per exploit, to one of the most well-known security contests in the industry, with millions of dollars of cash and prizes made available to contestants over the years. The contest serves as more than just an annual check-in on the state of browser and OS security. It also guides researchers as we add new categories and increase cash awards. Over the years, new veins of security research were mined after being a target of Pwn2Own. We saw that with exploit techniques like sandbox escapes, mitigation bypasses, and guest-to-host OS escalations. This year, on March 20-22 at the CanSecWest conference, we hope to see that research expand into our newest category, Automotive with the addition of the Tesla Model 3, which has quickly become the best-selling car in its class in the United States.
Starting in 2007, Pwn2Own has evolved from a small demonstration with prizes averaging around $10,000 per exploit, to one of the most well-known security contests in the industry, with millions of dollars of cash and prizes made available to contestants over the years. The contest serves as more than just an annual check-in on the state of browser and OS security. It also guides researchers as we add new categories and increase cash awards. Over the years, new veins of security research were mined after being a target of Pwn2Own. We saw that with exploit techniques like sandbox escapes, mitigation bypasses, and guest-to-host OS escalations. This year, on March 20-22 at the CanSecWest conference, we hope to see that research expand into our newest category, Automotive with the addition of the Tesla Model 3, which has quickly become the best-selling car in its class in the United States.