The idea of a hacker holding your vehicle ransom is a very real idea, as computer technology turns our cars into products of “the internet of things.”
Automotive companies are working to ensure hackers cannot gain access to essential functions found in a vehicle, but a new report from Autoblog sheds light on how General Motors has taken a softer approach to “bug bounties.”
Bug bounties are reward payments for discovering errors in programming code. Approaches differ significantly on how automakers approach the idea of paying out for finding errors, with GM and Tesla showing stark contrasts.
GM has not paid out a single penny for bug bounties, but that’s because it has not set up a system in which to disperse such rewards. On the other hand, Tesla has been proactive in the bug bounty community, with 159 bug bounties paid out. The dollar amount is disputed, and Tesla affirms its bug bounty program is merely an extra step to scrutinize security, not a sign of a weak product.
GM’s program is proceeding slowly but surely. The report states the Security Vulnerability Disclosure Program, which began this past January, is becoming an “important” part of security teams.
However, Rebecca White, from GM’s cyber security and safety communications office, stated the company is still hesitant on the whole program.
“As the first major automaker to launch a program such as this, we employed a very strategic crawl, walk, run approach,” she said. “We have not implemented a financial component to the program to date, but continue to assess and adapt this program, and will consider recognition and incentive opportunities in the future.”
It’s all but inevitable that we’ll see these types of programs expand and grow as autonomous driving and future computers make their way to our vehicles. For now, GM is playing it more on the safe side.