Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Bug The Almighty Buck

Tesla Rewards Hackers With Bug Bounty 33

An anonymous reader writes: Tesla Motors is offering up to $1,000 to anyone who uncovers security issues on its website. Forbes reports that the program is not yet available for its vehicles however. Using a security crowdsourcing company called Bugcrowd, researchers have found 22 bugs for Tesla so far. A statement on the Tesla Bugcrowd page reads in part: "We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process."
This discussion has been archived. No new comments can be posted.

Tesla Rewards Hackers With Bug Bounty

Comments Filter:
  • up to $1K (Score:5, Insightful)

    by turkeydance ( 1266624 ) on Sunday June 07, 2015 @02:00PM (#49862647)
    or down to nothing.
    • Re:up to $1K (Score:4, Insightful)

      by schlachter ( 862210 ) on Sunday June 07, 2015 @03:54PM (#49863077)

      yeah, will never happen with their cars. way too much risk.

      never understood why companies don't pay out big $$ for these bugs. has to be worth way more than $1K to them.

  • Riiiiiiiight. (Score:3, Insightful)

    by mongothesecond ( 3992413 ) on Sunday June 07, 2015 @02:04PM (#49862665)
    They want to pay "hackers" less than pen testers, with ambiguous escrow or payout deadlines, and trust that all vulnerabilities found are reported, or reported well. What could possibly go wrong.
    • They want to pay "hackers" less than pen testers, with ambiguous escrow or payout deadlines, and trust that all vulnerabilities found are reported, or reported well. What could possibly go wrong.

      From where I'm sitting, it looks pretty good; people will try to hack them anyway, if people report vulns they can reward them with whatever amount they like, it's cheap to do.

  • ...and the check is in the mail!
  • by Anonymous Coward

    $1000 for applying highly specialized skills? UP TO?

  • by Eloking ( 877834 ) on Sunday June 07, 2015 @03:31PM (#49862997)

    Granted it's a lot better than many other that prefer to sue your ass over discovering security flaw but, compared to some other bounty reward, isn't "up to" 1K$ a little low?

  • by lucm ( 889690 ) on Sunday June 07, 2015 @05:02PM (#49863321)

    Out of curiosity I went to their website and did a view-source. Apparently they use Drupal. So I'm going to add them to my "Uses drupal" bookmark folder for that time when the next Drupal security exploit comes out...

    Also for some reason they use jQuery 1.8. Isn't that version vulnerable to a known XSS exploit?

  • by PPH ( 736903 ) on Sunday June 07, 2015 @05:13PM (#49863357)

    ... my windshield is covered with bugs.

Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"

Working...