Tesla Taking Car Security Seriously

One of the neat and odd things I saw in the Defcon vendor area was a Tesla car. This is especially true when talks about hacking cars are given regularly:

The guys in that video are awesome presenters by the way. As it turns out Tesla was at Defcon preciously because it doesn’t want to be featured in one of these videos:

Tesla is one of the only household corporate names with an official presence this year at Def Con, an annual security conference held in Las Vegas, where attendees try to hack the hotel elevators and press room. The company is here courting hackers who can help it find holes in the software that controls its cars. It’s looking to hire 20 to 30 security researchers from Def Con alone, Ms. Paget says. Moreover, hackers who report bugs to Tesla get a platinum-colored “challenge coin.” If they show up at a Tesla factory and give the security team a heads-up, they get a free tour.

This is something I’m happy to read about. Computer security in the automotive industry, like the medical industry, is seldom considered. I’m not surprised by this fact since security costs time and money, which means it’s only considered after products have been fallen to widespread exploitation. Your computer and smartphone are only as security as they are (which isn’t to say they’re very secure but they are veritable fortresses compared to systems from earlier days) is because corporate and personal computers have been the targets of an almost uncountable number of exploits. Each industry seems destined to experience these same mistakes instead of learning from other industries that have already done so. Tesla, on the other hand, is acting more like a smartphone company in this regard by taking security seriously enough to hire people dedicated to ensuring its cars’ computers are at least somewhat secure.

This will pay off in the long run for Tesla. As vehicles become more integrated with technology they are going to become bigger targets for malicious attackers. If automotive manufacturers don’t nip this in the bud now they’re going to suffer many years of lawsuits related to their lack of on-board computer security.