Home » » Tesla’s new bug bounty protects hackers — and your warranty

Tesla’s new bug bounty protects hackers — and your warranty

No comments

Good news if you’re into hacking your car, you probably won’t void your warranty.

The electric car giant confirmed the move in a tweet this week. Tesla’s product security policy now says that if, through “good-faith security research” you brick your car, the company will reflash the software over-the-air or at a service center.

It’s thanks to an overhaul of the company’s bug bounty program, which guarantees “safe harbor” to car owners who hack their cars, so long as they stay within the bounds of its rules.

It may not sound like much, but security researchers — whose job it is to find bugs and security flaws — say it’s a step in the right direction, and one that reduces the legal liability of hackers who have long argued that US cybersecurity hacking laws are far too restrictive.

The company also said it won’t bring copyright infringement claims of those working within its bug bounty rules, a legal tool used by some companies to stifle the publication of security research.

Tesla said the new bug bounty, which went into effect during the Def Con security conference last month, was in response to researchers who were concerned that hacking their cars might affect their warranty.

Bugcrowd chief technology officer Casey Ellis, which administers Tesla’s bug bounty, tweeted that the move “rings a very loud bell for the legitimacy of good-faith security research.”

Amit Elazari, a Berkeley Law School doctoral candidate and bug bounty legal expert, told TechCrunch that Tesla’s safe harbor move “is aimed to address the murkiness of the current legal landscape” during the past year where security researchers and reporters have faced threats and legal action.

“We have seen other manufacturers, like [tractor maker] John Deere, taking an aggressive approach against researchers, and even users, seeking to test — or even just repair — their equipment,” said Elazari. “I hope this step by Tesla would serve as a benchmark for others to follow, until we establish best practices in the industry and embrace the help of friendly hackers.”.

Tesla follows in the footsteps of other tech giants that have pushed for safe harbor exceptions for security researchers under its bug bounty.

Dropbox was one of the first to change its bounty program to better shield security researchers from legal action, and Mozilla joined months later to better protect bug bounty participants.



from www.tech-life.in
Share:

No comments:

Post a Comment

Search This Blog

Blog Archive

Powered by Blogger.

Edo raises $12M from Breyer Capital to measure TV ad effectiveness

Edo , an ad analytics startup founded by Daniel Nadler and actor Edward Norton, announced today that it has raised $12 million in Series A f...

Blog Archive

Recent Posts

Unordered List

  • Lorem ipsum dolor sit amet, consectetuer adipiscing elit.
  • Aliquam tincidunt mauris eu risus.
  • Vestibulum auctor dapibus neque.

Sample Text

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation test link ullamco laboris nisi ut aliquip ex ea commodo consequat.

Pages

Theme Support

Need our help to upload or customize this blogger template? Contact me with details about the theme customization you need.