Three months after a Tesla Model S owner was warned against accessing the vehicle’s onboard software, an Asian Internet-security conference is offering hackers a cash prize to anyone who can gain remote access to the vehicle’s Linux-based onboard operating system.
The two-day 2014 SyScan will begin Wednesday in Beijing and will feature discussions about the security of the computing protocol used by the automotive industry. The Tesla hacking challenge that could see one enterprising geek walk away with $10,000 is aimed at underscoring one of the more vulnerable areas of car connectivity: the link between a driver’s mobile phone and the car’s onboard computer system.
“Nowadays, advanced diagnostics enable cars to generate lots of profile data of engines and drivers, and submit them to the connected vehicle cloud,” according to the 2014 SyScan website. “Meanwhile, with the fast evolution of mobile technology, the number of mobile devices grows exponentially. When mobile connects both car and the vehicle cloud via mobile apps, the car becomes the new threat target.”
Through the vehicle’s onboard Linux-based operating system, owners can check battery charge and lock and unlock the car using their mobile devices. The Model S also connects to the Internet through mobile phones. This week’s challenge will try to exploit any possible vulnerabilities between the mobile device and the car’s software.
In November, Tesla Motors Inc. (NASDAQ:TSLA) disclosed just how much control of the vehicle can be taken when it released an “over-the-air update” that raised the Model S ground clearance at highway speed. The wireless adjustment was made by the Palo Alto, California, electric carmaker after two Model S sedans were involved in collisions with highway debris last year.
Tesla is aware enough of the potential hacking issue that it hired computer security expert Kristin Paget from Apple Inc. (NASDAQ:AAPL) in February to bolster the security of the Model S and the upcoming Model X SUV due out next spring.
“Can’t say too much but ‘securing things’ is a fair bet :),” Paget old the online webzine Re/code.
In April, Tesla contacted a Model S owner who was snooping around the vehicle’s software by successfully connecting to the car’s internal Ethernet network using a cable and posting details of the connectivity to a Tesla fan forum.
Three weeks later, he received a phone call from the car company informing him that his vehicle had been hacked. When he informed the company of what he had done, Tesla warned him that accessing the company’s onboard software could be considered industrial espionage, and, in any case, could void his warranty.