Tesla announced on Twitter that they are launching a bug bounty program and are allowing “good faith” researchers to probe into its vehicles’ firmware to identify the vulnerabilities in the code.
— Tesla (@Tesla) September 5, 2018
“Tesla has complete discretion as to the software or other assistance that will be provided, and it may be only for a limited number of times. Tesla’s support does not extend to any out-of-pocket expenses (e.g., towing) incurred by you.“
Until this announcement, the company had a policy that voided the warranty of the car if anyone tampered with the vehicle’s firmware including security researchers.
Besides, Tesla said that they would not take any legal actions against the security researchers who are interested in playing around the code of the vehicle; they need to stick to the rules enlisted on the Tesla’s official site and Bugcrowd’s bounty page for Tesla.
With this announcement, Tesla has joined the league of companies that have opted for not pursuing any legal actions against security researchers under their bounty program.
Tesla’s decision has been praised by the security researcher community who take this as a welcome step towards strengthening the code.
Would you want to hack a Tesla car given there would be no legal repercussions? Express your views in the comment section and keep reading at Fossbytes.