Contributors can only report on tesla.com and must give Tesla “a reasonable time to correct the issue before making any information public”.
“We are committed to working with this community to verify, reproduce, and respond to legitimate reported vulnerabilities. We encourage the community to participate in our responsible reporting process,” the blurb on Bugcrowd read.
“In order to fully understand and mitigate risk, a system must go through ongoing, thorough, manual white box security assessment. With lives at stake, auto manufacturers in the era of the connected car should consider robust security assessment a business-critical mandate.” Source: Forbes
Picture Credit: Visitors look at a Tesla car during the 16th Shanghai International Automobile Industry Exhibition in Shanghai on April 24, 2015. AFP PHOTO/ WANG ZHAO (Photo credit should read WANG ZHAO/AFP/Getty Images)