Bug bounty alert: Musk lets pro hackers torpedo Tesla firmware risk free
Carmaker won't void warranties, fling sueballs at pros seeking security vulnerability rewards
[...] Tesla will allow vetted security researchers to hunt for vulnerabilities in its vehicle firmware risk free – as long as it is done under its bug bounty program.
The luxury electric automaker said this week it will reflash the firmware on cars that have been bricked by infosec bods probing for exploitable bugs in its code, provided they have suitably enrolled in the Elon Musk-run biz's bounty program. And any sanctioned searching can be carried out with worrying about being sued by Tesla's legal eagles.
"If, through your good-faith security research, you (a pre-approved, good-faith security researcher) cause a software issue that requires your research-registered vehicle to be updated or 'reflashed,' as an act of goodwill, Tesla shall make reasonable efforts to update or 'reflash' Tesla software on the research-registered vehicle by over-the-air update, offering assistance at a service center to restore the vehicle's software using our standard service tools, or other actions we deem appropriate," Tesla's updated security policy now reads.
(Score: 0) by Anonymous Coward on Friday September 07 2018, @03:08PM
He must have said it during one of these [nymag.com] interviews.