Search results

i need one more to get anything good http://ts.la/greg4419

my DS just confirmed we will still be getting the white.

we chose white for our MX that's being delivered in December, i wonder if they will honor the choice or if we will have to change it

i wonder if a sniper shooting the rocket could cause it to explode, that article mentions a quiter bang sound prior to the explosion, my first thought is gun fire

Agreed

it wouldn't suprise me if it was ignorance on EM/teslas part. it's relatively easy to force anything with wifi to connect to a malicious HotSpot without logging on. id bet a dollar that's what keen was referring to, EM is probably under the impression that you have to intentionally connect...

i went to doctors for a year about side, shoulder and neck pains, all they wanted to do was drug me up.. the chiropractor had me fixed up in 2 months, I haven't had any pain since.

Re: point #2 - Privacy & Legal | Tesla

Im not so sure you would have to use the browser for it to be exploitable from what i read. Have you ever connected to a hotel or hospital wifi and had that popup automatically show up asking you to log in or accept some terms of service, its called a captive portal. I wonder if a captive...

interesting, I'm glad to hear they implemented code signing, hopfully they fixed the wifi attack vector as well. the fact that they were able to remotely execute code on connection is really scary, that means they could have setup a rogue AP close to a highway and gained entry into every tesla...

I don't have a tesla yet, but we did barrow one for a whole day for a test drive, it seems like I was able to add way points by pressing on the map where we wanted to add the way point for a couple seconds.

I did a little more checking teslamotorsclub.com is definately not using public key pinning which means they are susceptible to a man in the middle attack. A man in the middle attack means that if you are on the site at say a coffee shop or at work, someone could remove the https encryption and...

Of course, please understand that I am not trying to be defensive, I apologize if it comes across that way, I simply want it to be clear with whomever it concerns that a typical man in the middle attack is trivial and that it is most likely the attack vector used with the most recent...

it doesn't, It was a theoretical situation as an example of a local attack enabling a remote attack, I highly doubt the situation is remotely the same, if tesla was that careless with security I would cancel my order. Congrats on retiring. if you are speaking specifically about Tesla's...

That's good to know and not reported nearly well enough, i think the assumption is access to brakes means sudden stops at high speed

with all due respect, it is trivial, if it's unencrypted. i do this everyday for my customers. What is it that you do? pentester? security researcher?

an example local attack that could enable remote attacking would go something like this. 1. hacker sets up a rogue acces point, 2. tesla has wifi enabled with an AP called "homewifi" saved in the preferred network list and is sending out probes for that AP 3. hackers AP responds to the tesla...

its most likely that the initial exploit required a local mitm atrack thus enabling remote access considering the video showed him searching for charge points first. remote mitm attacks on a tesla would require a different attack vector such as compromising teslas servers or discovering a way...

That's a really good point! hopefully they were thorough.

i don't use exchange so i can't speak with any specifics in that regard. but i can say that hsts and pinning are enforced by the clients, for instance Internet Explorer does not enforce pinning whereas chrome Firefox and others do so its a two part problem to solve, enabling the features on...

hmm i could be wrong about teslamotorsclub.com https, looks like they are using cloudflare, i said they weren't properly implementing https because uri-report.io is reporting they dont have hpkp pinning but cloudflare seems to be according to ssllabs so further investigation is needed

https is a hard thing for a website to get right, if you do it wrong its the same as not having it at all and the encryption can be stripped very easily. also if you don't implement public key pinning and hsts its almost as bad as not implementing https anyways hsts and public key pinning...

Since i don't have a tesla yet (December can't come fast enough) I'm not entirely sure what they've done, i can only speak to my experience. my preference would be for tesla to completely eliminate wifi probe requests and make it so that if you wanted to connect to any wifi you have to hit a...

We have the clek fllo, we are getting the 7 seat so we can use the 2nd row middle seat. during the test drive we tried the outer seats and found them to be too tight, I think the foonf is actually bigger than the fllo.

Sadly that isn't true, pre-shared keys only protect the AP there is very little protection for the client. if the only approved AP in your phone was "dd-wrt" it would connect to anything that said it was "dd-wrt" your phone doesn't confirm the AP it assumes the AP is who it says it is. The...

I am the head of engineering for a tech company, security research is a big part of what i do every day. it is actually very trivial to set up a rogue AP. wpa, wpa2, wep etc only protect the AP they do not protect the clients connecting to the AP. wifi protocols are flawed in this regard...

unless tesla has implemented a new standard for connecting to known wifi its extremely easy to fake an access point and snoop traffic or inject packets, it doesn't have to be a random connection, it will almost always be one you've connected to before. most devices will send out beacons of...

we've been trying to figure that out as well. The manual states that the outter seats are safer; I wrote tesla inquiring about rear facing seats because the manual is surprisingly vague about them. Our car seat manual states it should not touch the seat it sits behind (if behind the...

my MX comes in December but you're welcome to make my first payment.

did you know that you are 13x more likely to sound foolish when you make up statistics based on assumptions, that's a fact.... because I said so.

here's another referral code http://ts.la/greg4419

geesh i had to watch that video 30 times just to figure out where the tesla hit the curb..... are there any more details about the wheel being destroyed, sounds like fluff at the moment since there are no photos of the wheel

Elon works in another dimension, in his reality he has already posted the updates, other dimensions have to catch up to what he has already done!

That must be for the model 3, Elon has publicly said it won't be free to super charge because of the 35k price. Truth be told, after reading this thread I thought maybe I had been lied to, i was concerned the MX we just ordered would cost me to supercharge even though i was told it would be...

niice, i used to ride a 2006 Suzuki Hayabusa (fastest production street bike at the time) , hayabusa is Japanese for peregrine falcon, oh the memories

ha, like X men, clever

We really wanted to get blue with white seats for our MX and name it the TARDIS (bigger on the inside) but the cost was just out of our budget, so we got the base white and charcoal MP seats. I'm looking for another clever name and wondering what you guys have come up with?

I thought maybe they were hacked so i didn't add my CC# especially since i had already put in my CC# for my down payment, I thought it was weird they were asking again. its weird for them to store credit card numbers; its hard to do safely and adds unnecessary security obligations, such as...

we confirmed last week, delivery is set for November-December i hope we get the update

Fresh Referral | Tesla, if you're in the tesla Oregon tesla store ask for Ava Ames, she was Amazing to work with.

We just confirmed our MX!!! Delivery is set for December to buy us some time to prepare and hopefully get AP 2.0 should new hardware be added this year. We Ordered the 60D, 7 seats, White Paint, MP seats, Subzero (because why not), AP , Smart Air and Tow. The Portland Store in Washington...

@Rocky_H Wow, excellent information, that is very helpful, Thank you. I was thinking it might be awkward calling an RV park or campground but I imagine its not much different than if you were planning to stay there anyways. Also Regarding the paying a fee to use a place without using their...

well i was hoping to hear about the twins who didn't know they were twins until the day they bumped into each other while charging their blue MX's at the same super charger. or perhaps the time mom forgot dad at the super charger. perhaps a story about stopping at an rv Park that turned...

Does anyone have any funny or Unusual happenstance stories that happened when you were charging?

After I placed an order for our 60D MX tesla was kind enough to let us barrow a 90D for the day, so we did what anyone close to a coast would do, we went to the beach :) The total trip was about 200 miles, which in the 90D was no problem, however there were no superchargers on the route we...

we took the plunge and ordered our X, no regrets so far :)

Australia eh, my business is currently based in Australia, (I live in the US though) I do feel the pain on price as well , AUD to USD really sucks atm, if the exchange rate gets better the tesla would be a lot easier to swallow. Thanks for sharing your experience, it's good to hear you...

The wife and I are in love with the MX but the monthly cost is borderline over our comfort zone of spending. We need a family vehicle (we have a 22 month old) , we currently have a prius and a Dodge 3500 dually (for the horses). The prius simply doesn't cut it for the family and the Dodge...

@aesculus thanks for the reply, that's exactly what she wanted to hear. We currently have a dodge dually with a huge 3 horse trailer which is such a chore to utilize that she doesn't really get to go riding anywhere except on our own property, unless she prepares for a big excursion. We're...

my wife and I test drove a MX recently, when she found out it could potentially haul her horses around it suddenly became a possibility for us to get one. is anyone using their MX to haul horses, can you tell me a little about your experience.