As security threats worsen, the prize money needs to be attractive too. At the annual Pwn2Own hackathon at the CanSecWest conference in Vancouver, Canada, security researchers finding bugs take home the laptops they exploit, but this year, they can take home a Tesla. Pwn2Own normally concentrates on hacking Web browsers or corporate software.
Tesla has announced that it is partnering with Trend Micro’s ZDI Pwn2Own contest to offer up a Model 3 to be ‘pwnd’. In a post on the ZDI (Zero Day Initiative) site, contest organisers explain that the Tesla Model 3 will be the first vehicle in the contest’s new ‘automotive category’. The Pwn2Own 2019 contest will be held from March 20 to March 22 at the CanSecWest conference. Notably, Tesla launched its own bug bounty programme in 2014.
Instead of good old laptops, security researchers will attempt to find bugs with the Model 3. If they are successful, they could drive home the swanky new car. Prizes for hacking a Tesla Model 3 range from $35,000 to $300,000 (roughly Rs. 25 lakhs to Rs. 2.1 crores), depending on a variety of factors including the exploit used. The first successful researcher can also drive off in their own brand new Model 3 after the Pwn2Own Vancouver 2019 competition ends, the organisers said.
“Starting in 2007, Pwn2Own has evolved from a small demonstration with prizes averaging around $10,000 per exploit, to one of the most well-known security contests in the industry, with millions of dollars of cash and prizes made available to contestants over the years. The contest serves as more than just an annual check-in on the state of browser and OS security,” the blog post reads.
“We’ll have a Tesla Model 3 on-site as a target for our automotive category, which has six different focal points for in-scope research. Tesla essentially pioneered the concept of the connected car with their Model S sedan, and in partnership with Tesla, we hope to encourage even more security research into connected vehicles as the category continues to expand,” the blog post added.
In a statement, David Lau, vice president of vehicle software at Tesla, said, “We develop our cars with the highest standards of safety in every respect, and our work with the security research community is invaluable to us.”