Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Does Kia have a bug bounty like Tesla does? Tesla paid out 200k and a Tesla a few months ago.


From https://www.hyundaiusa.com/us/en/vulnerability-disclosure:

  In submitting reports, please note that although Hyundai Motor America sincerely
  values vulnerability reports, we do not provide monetary compensation (“bounties”)
  or non-monetary remuneration in exchange for submitted reports. This program is
  only meant to facilitate the responsible reporting and resolution of cybersecurity
  vulnerabilities.
Note: Kia is owned by Hyundai.


Kia America Vulnerability Disclosure Policy:

https://www.kia.com/us/en/vulnerability.html

   Please also note that we do not award bounties for reporting vulnerabilities.


Almost all vehicle manufacturers have bug bounty programs of some kind (open or closed) but I seriously doubt Kia is one of them.

BTW, the Tesla bug from April is really scary. $100K is peanuts for the ability to remotely control the engine from an adjacent vehicle.


Any source for this issue, I could not find any reference, but am not doubting that it exists.


Not yet fully public, sorry :(

I will give you one hint: cars have sensors that are read wirelessly by ECUs on the internal (unprotected) network.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: