A $10,000 bounty is at stake in what may be the first hacking contest for compromising the security system of a car.
According to Forbes, anyone who is registered for the conference is eligible to join the hacking competition. The organizers of the event said that there will be a computer and a Tesla vehicle on hand during the conference, giving would-be hackers the necessary tools to find holes in the car's security system. The people behind the event said that they expect the winner to control the vehicle with use of a computer. They would also require the winner to manipulate the car's in-dash browser into logging on to certain pre-determined websites. This is meant to assess the possibility of a malware infection in the vehicle's security system.
Tesla currently has a good reputation in terms of security. In fact, Tesla's Model S currently holds the highest safety rating in the entire car market, garnering a five-star rating from the National Highway Traffic Safety Administration. That might change if things go as planned during the conference. Nonetheless, some security experts argue that Tesla's reputation is due to the fact that its security system has yet to be tested by hackers.
"They have a good security reputation mainly because nobody has pounded on them yet," SANS Institute Director for Emerging Security Trends John Pescatore said.
Nitesh Dhanjani, a security researcher, shared Pescatore skepticism. In a research paper, he claims that the vehicle has security holes that can be used by attackers. He wrote that the six character password required for ordering a Model S from the company's website can lead to security problems. He claims that once that password has been compromised, the car can be located and unlocked through phishing, malware and brute-force attacks.
The details surrounding the competition remain unclear and so far, the event's organizers have not revealed much in terms of the rules for the contest. A spokesperson for Tesla said that the company is not involved in the competition, nor is it sponsoring it.