Elon Musk will open self-driving software to carmakers

Avatar By Le Williams | 2 years ago

Tesla CEO Elon Musk unveiled to a hacker conference in Las Vegas he plans to “open source” the software Tesla uses to secure autonomous-driving features from hacks or takeovers, allowing other carmakers to utilize the technology.

Tesla is attempting to make autonomous vehicle software safer by opening the software to more scrutiny, as experessed by Musk tp a private audience of around 100 people on Friday at DEFCON, an annual cybersecurity defense conference held in Las Vegas.

“I think one of the biggest concerns for autonomous vehicles is somebody achieving a fleet-wide hack,” he said according to people who attended. Musk confirmed the decision in a tweet on Saturday, writing it was “extremely important to a safe self-driving future for all.”

Musk said the move is partly meant to show that Tesla is putting security concerns above worries over protecting intellectual property, according to the people.

The “obscurity” emphasized by Musk, as a security strategy, has proven ineffective in several cases.

Experts have noted that keeping code secret makes it harder for attackers to find and exploit holes, it also makes it harder for security researchers and customers to find holes and demand a fix.

According to information from Bugcrowd, a company that facilitates Tesla’s bug bounty program, these rewards range from $100 to $10,000. The average payout to successful hackers in the past three months has been around $1,860, according to Bugcrowd.

Engaging security professionals in this way relies on a series of rules defined informally by bug bounty companies, corporations that wish to engage hackers and the hackers themselves.

“Those rules include that hackers who find a vulnerability must allow companies time to validate it and fix it before making the news public. This is an effort to avoid letting criminals know about the problem before it can be fixed”, CNBC reports.

Other rules include making efforts to avoid privacy violations and not modifying or destroying any data the bug bounty seekers access.