well you pay for it in the cost of the car. Interesting side note though, could you hack it to share it's connection with other devices? Also this proves that Tesla does collect a lot of user data...
free premium LTE
well you pay for it in the cost of the car. Interesting side note though, could you hack it to share it's connection with other devices?
Also this proves that Tesla does collect a lot of user data (why I'd never buy a "smart" car). And possibly more that wasn't caught by this xss attack.
Why? it's a relatively small amount of money / resources they spend on this compared to hiring people to do the bug testing for them. If they hire people, they have to pay em no matter what they...
Why?
it's a relatively small amount of money / resources they spend on this compared to hiring people to do the bug testing for them.
If they hire people, they have to pay em no matter what they find. With bug bounties they only have to pay if a bug is found.
Bug bounties also provide a monetary incentive for those who do find bugs to disclose them to Tesla instead of publicly releasing the exploit or using it themselves to cause chaos / make money (ransomware?) or whatever.
So it's good PR for Tesla and is (probably) cheaper.
I’m not in IT so this is the first time I’ve heard about a company doing that. Is it fairly common ? I’ve only seen stories about Apple stonewalling known bugs and certainly not paying out to...
I’m not in IT so this is the first time I’ve heard about a company doing that. Is it fairly common ?
I’ve only seen stories about Apple stonewalling known bugs and certainly not paying out to someone who’s found one.
I'm speaking largely out of conjecture and tidbits that I've heard. I have an interest in tech but I don't work in IT. I do not think bug bounties are that uncommon, especially for critical flaws....
I'm speaking largely out of conjecture and tidbits that I've heard. I have an interest in tech but I don't work in IT.
I do not think bug bounties are that uncommon, especially for critical flaws. A large company will probably happily offer up a large (to the bug reporter, small to the company) sum of cash to prevent user data being leaked and causing bad pr. And of course paying out incentivises people to go find more bugs.
I also think it's a great idea like @Loafer75 because crowd sourcing is far more efficient and for the fact that even though $10,000 is not that much in comparison to their internal cost for this,...
I also think it's a great idea like @Loafer75 because crowd sourcing is far more efficient and for the fact that even though $10,000 is not that much in comparison to their internal cost for this, it makes a huge difference for the individual and makes you feel proud of being part of the effort to bring a well built electric bmachine to the auto market.
well you pay for it in the cost of the car. Interesting side note though, could you hack it to share it's connection with other devices?
Also this proves that Tesla does collect a lot of user data (why I'd never buy a "smart" car). And possibly more that wasn't caught by this xss attack.
I’m just impressed that Tesla offers to pay for found bugs and will help you fix your car if you brick it.
Why?
it's a relatively small amount of money / resources they spend on this compared to hiring people to do the bug testing for them.
If they hire people, they have to pay em no matter what they find. With bug bounties they only have to pay if a bug is found.
Bug bounties also provide a monetary incentive for those who do find bugs to disclose them to Tesla instead of publicly releasing the exploit or using it themselves to cause chaos / make money (ransomware?) or whatever.
So it's good PR for Tesla and is (probably) cheaper.
I’m not in IT so this is the first time I’ve heard about a company doing that. Is it fairly common ?
I’ve only seen stories about Apple stonewalling known bugs and certainly not paying out to someone who’s found one.
I'm speaking largely out of conjecture and tidbits that I've heard. I have an interest in tech but I don't work in IT.
I do not think bug bounties are that uncommon, especially for critical flaws. A large company will probably happily offer up a large (to the bug reporter, small to the company) sum of cash to prevent user data being leaked and causing bad pr. And of course paying out incentivises people to go find more bugs.
I also think it's a great idea like @Loafer75 because crowd sourcing is far more efficient and for the fact that even though $10,000 is not that much in comparison to their internal cost for this, it makes a huge difference for the individual and makes you feel proud of being part of the effort to bring a well built electric bmachine to the auto market.