Fiat Chrysler's most notable security vulnerability occurred when two gentlemen wirelessly accessed a Jeep Cherokee's vehicle systems. They didn't do it to cause terror across the land, but someone very well could. In order to get ahead of these issues, FCA will now offer cash bounties for pointing our vulnerabilities through Bugcrowd.
If you find and point out a security issue via Bugcrowd, depending on the severity of said issue, you can make between $150 and $1,500. It's a far cry from Facebook, which gave a 10-year-old $10,000 for finding an issue with Instagram, but hey, it's a start.
The goal is, rather obviously, to prevent bugs from becoming public knowledge before they're able to be fixed. FCA patched the issue that Wired wrote about, and now, future bugs will (hopefully) remain far away from the headlines, where Facebook-sharing aunts and uncles will clutch pearls and pray to be saved from our terrifying, robot-overlord future.
"Exposing or publicizing vulnerabilities for the singular purpose of grabbing headlines or fame does little to protect the consumer," said Titus Melnyk, FCA's senior security manager, in a statement. "Rather, we want to reward security researchers for the time and effort, which ultimately benefits us all."