Photo: Zero Day Innitiative
Tesla wants white hackers to discover vulnerabilities in its cars and lures them with eye-popping prizes. The EV maker will put a Model 3 and a Model S on the line, and hackers who compromise the vehicle’s security layers will get to drive them home.
With more computers inside modern vehicles came the danger of them being hacked. All carmakers faced painful moments while transitioning to the connected car era, this being a completely new domain for most of them. Tesla had a major advantage here because it started from a computer and put it on wheels instead of trying to figure out how to use it inside its vehicles. Although Tesla cars are also prone to hacking, no known cases exist when a vehicle or the backbone informatic systems were completely compromised.
One of the reasons could be Tesla’s connection with the ethical hacker community. Tesla has been a partner in hacking competitions, with Pwn2Own as one of the most famous. This year, Tesla is again partnering with the Zero Day Initiative, Pwn2Own organizers, to have its cars checked by hackers for any unknown vulnerability. The prizes in the Automotive category easily dwarf all others, with the top prize at $600,000 for the person who manages a total compromise of the Tesla vehicle. Not only that, but they get to drive that particular Tesla home.
There are two Tesla cars for hackers to try their magic on, a Model 3 and a Model S, and both are offered to the smartest guy who manages to compromise the car’s security systems. Contestants can register an entry against either a Tesla Model 3 (Intel or Ryzen-based) or the Tesla Model S (Ryzen-based). Since every car has multiple layers of security, there are various tiers of awards within the Automotive category.
Tier 1 is the highest level, and contestants will need a complex exploit chain to get arbitrary code execution on three different sub-systems in the vehicle. Success here gets a big payout and, of course, a brand-new Tesla. The big prize is $500,000, but contestants can go for the additional options to raise the payout to $600,000. This represents the single largest target in Pwn2Own history.
It’s not guaranteed that someone would completely compromise the Tesla, but the competition doesn’t skimp on prizes. The second tier in this category requires the contestant to get arbitrary code execution on two different sub-systems in the vehicle. The largest single payout for Tier 2 is $400,000, plus the car. Finally, Tier 3 means compromising only one sub-system to win a prize, but only those hacking the Autopilot would get to drive the car home.
The Pwn2Own event will take place at the Sheraton Wall Center in Vancouver on March 22-24, 2023, but hackers will be able to also compete remotely. More than $1,000,000 in cash and prizes are available to contestants, including the Tesla vehicles, in all categories. These are Virtualization, Web Browser, Enterprise Applications, Server, Local Escalation of Privilege, Enterprise Communications, and Automotive.
One of the reasons could be Tesla’s connection with the ethical hacker community. Tesla has been a partner in hacking competitions, with Pwn2Own as one of the most famous. This year, Tesla is again partnering with the Zero Day Initiative, Pwn2Own organizers, to have its cars checked by hackers for any unknown vulnerability. The prizes in the Automotive category easily dwarf all others, with the top prize at $600,000 for the person who manages a total compromise of the Tesla vehicle. Not only that, but they get to drive that particular Tesla home.
There are two Tesla cars for hackers to try their magic on, a Model 3 and a Model S, and both are offered to the smartest guy who manages to compromise the car’s security systems. Contestants can register an entry against either a Tesla Model 3 (Intel or Ryzen-based) or the Tesla Model S (Ryzen-based). Since every car has multiple layers of security, there are various tiers of awards within the Automotive category.
Tier 1 is the highest level, and contestants will need a complex exploit chain to get arbitrary code execution on three different sub-systems in the vehicle. Success here gets a big payout and, of course, a brand-new Tesla. The big prize is $500,000, but contestants can go for the additional options to raise the payout to $600,000. This represents the single largest target in Pwn2Own history.
It’s not guaranteed that someone would completely compromise the Tesla, but the competition doesn’t skimp on prizes. The second tier in this category requires the contestant to get arbitrary code execution on two different sub-systems in the vehicle. The largest single payout for Tier 2 is $400,000, plus the car. Finally, Tier 3 means compromising only one sub-system to win a prize, but only those hacking the Autopilot would get to drive the car home.
The Pwn2Own event will take place at the Sheraton Wall Center in Vancouver on March 22-24, 2023, but hackers will be able to also compete remotely. More than $1,000,000 in cash and prizes are available to contestants, including the Tesla vehicles, in all categories. These are Virtualization, Web Browser, Enterprise Applications, Server, Local Escalation of Privilege, Enterprise Communications, and Automotive.
Google News