back to article General Motors turns key on bug bounty program

General Motors (GM) has opened a bug bounty program to allow hackers to report vulnerabilities in its vehicles. Vulnerability reporting guidelines are stringent; GM agrees not to "pursue claims" against researchers if bug hunters do not harm or violate the privacy of GM or its customers, drop a zero day, or breach criminal law …

  1. allthecoolshortnamesweretaken

    Time to roll out the classics...

    1. BebopWeBop Silver badge

      In more ways than one

  2. Anonymous Coward
    Anonymous Coward

    Tip of

    the autonomous iceberg. As motor firms morph into tech firms, or vice versa, this is going to be standard practice.

    Presumably, security consultants will be making a living from their beds soon

  3. Tom Chiverton 1

    no sue ball if "breach criminal law"

    As hacking in means breaking the DCMA (or local versions of), that's no help

  4. Nocroman

    Back in the day

    Back in my days as a design engineering supervisor. GM used CGS, (corporate Graphics System 3D) which was pretty much an enclosed system for designers to use. All Vendors also used this system.EDS took care of the CGS system. Then it all went to hell when GM bought EDS tried to run it and failed. Then changed systems and went to Uni-graphics 2D.

    The problem with hacking and viruses come with the Engineers and their office computers that are not used for design, which engineers put games, and are very non-vigilant about who's looking when they type in their passwords. Add to that fact that some engineers take home some work and do that work on their personal computers which have already been hacked. They make a disk and bring it back to work with the hackers set of instructions for accessing all new computers it finds it's way into.

    Corporations need to start using finger prints of their employee's to access their computers. If an employee leaves, then finger print is immediately removed from the system. new employee, add to system. coupled with auto virus and malware scan on every file brought in to the system should eliminate pretty much most of the security breaches. Hackers are stopped as they do not have a valid finger print to access the system.

  5. Teddy the Bear

    Security in Cars? What a novel idea!

    How on earth have motor manufacturers been so lax as to only be introducing bug bounties in 2015??

    The new Astra TV ad (UK) goes on about the 4G hotspot which you can use to stream via the in-car entertainment system. I don't know what sort of testing has been done, but I sincerely hope that some white-hat gets stuck into it sharpish. Motor manufacturers have basically ignored all IT security on cars for years - about time something happened. I just hope it spreads across the industry.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019