-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Firmware 6.0 (beta version discussion)
- Thread starter VHS-or-Beta
- Start date
chickensevil
Active Member
I would assume all of them. If you look at Visible Tesla (which is basically the same concept, but for your desktop) you can do all the same things you can from your phone right now AND THEN SOME, since there are some other things that they expose through the API that the App doesn't allow (for example venting the sunroof, You can close it if it is open, but the vent button only moves it to the "vent" state... there is an actual open ability through Visible Tesla)
SlyWombat
Member
But in that case there is not a windows app, so since there is only Android and iOS, it totals 100%, I don't know if the windows app (that is wonderful by the way, and I seriously would not have bought my car if it did not exist) provides a user agent string. I don't think it does, it is just web service calls. I think that there are more Windows phones in higher value homes (than in the general sales figures).
That has certainly been the expectation, but in practice...not so much. See Heartbleed bug for the downfall of the "many eyes" theory. I've contributed to a few open source projects over the years, and was a paid contributor on one project. At best, myself and one other programmer looked at what I'd written during code reviews. Unless your code is part of a world wide research project (i.e. the Linux kernel), no one, and I mean no one, is watching your checkins. OpenSSL is getting a bit more attention now that Heartbleed bit hard, but some obscure device driver or boring web framework...no.
Not really in this particular post you've quoted. It was responding to a post from someone who was suggesting criminal liability. Regarding the earlier post, however,
I just said that there was an implication. I'll quote your post here again:
It discusses the fact that it was too late to "do anything", which implies an action of some sort. In addition, it was in response to the following:
You correctly asserted that this forum is not Tesla. Then you responded that it was too late to do anything [anyway]. I don't think it's that much of a stretch to say that implies you would have "done something", as I stated. I'm glad to hear that there would have been discussion, but your post didn't say (or imply) that. I certainly hope that the discussion would have favored a free dialogue, despite any upset at Tesla.
bonnie
I play a nice person on twitter.
Wow. Just wow. Since we don't censor stuff here, I feel a bit pushed against the wall. Sorry you feel the need to twist things around. I'm not going to engage in whatever game you're trying to play here. I think my history speaks for itself. Plenty of people have received positive rep from me for contrary opinions, when it was contributing to the discussion. Words can easily be twisted to mean different things. You clearly decided to twist my stuff a certain way.
Since I personally don't have a history of censoring, nor does this forum, I'll let that do my speaking for me.
- - - Updated - - -
I will say this, however (because hey, it's hard for me to just stop there). Earlier in the process, if we'd had a chance, I probably would have tried to find out if we were publishing IP. We will not knowingly publish intellectual property without permission on this forum. If it was information that was not yet public, held by a public company - then I'm not sure what my position would have been. But protection of IP for a public company is a big deal. That's not censorship. And if it was IP for YOUR company published inappropriately, I don't think you'd be calling it censorship to have it removed. Just my two cents.
At the end of the day the discussion would have been held and the right thing would have been done. We expect that people will abide by the TOS signed when they joined this site and if we found there was a violation, then we would have taken appropriate action.
And I'm not going to apologize for that.
Never was asking for an apology. And I would never twist your words, which is why I took great care to re-quote your postings even when VB didn't do it automatically. I was merely pointing out the ambiguity of your posting, and as I said, it was just my opinion "for what it's worth". Thank you for clarifying, and I'm happy to leave it at that. And as a once-moderator of an extremely high-traffic message board for many years myself, know that I appreciate your service, and understand what you deal with every day.
Yep... open to viruses and spyware and...
My goodness, it was a joke! I'm not sure what jailbreaking has to do with anything, as the supermajority of iPhone users don't need to do this and probably don't even know what it is. However, it is interesting that you would have to specifically put the iPhone into a compromised state by jailbreaking or rooting its operating system (Android equivalent) in order to make it susceptible to malware. I understand that Android phones have to be similarly jailbroken in order to remove the OS overlays that companies like Samsung put on top of the base Android UI that makes the phones, well, less usable.
It's good to laugh!
- - - Updated - - -
I would think that a site like TMC might be a little bit concerned about hosting information that may violate Tesla's IP. If TMC does nothing, it may be viewed as an accessory and willing participant in the dissemination of this information. Some due diligence on TMC's part would seem par for the course, especially for a forum that has had a great relationship with Tesla and where Tesla officers came to post information in the past. George Blankenship posted a few times here, even starting a thread about the different colors of the car.
I think you've pushed this a bit far in your attacking Bonnie over an implication that you inferred from one line of one of her posts. But regardless, I fully support TMC and its moderators doing what they need to do in order to protect the viability and longevity of this forum. I think you should treat the moderators with more respect than you've shown here.
chickensevil
Active Member
My goodness, it was a joke! I'm not sure what jailbreaking has to do with anything, as the supermajority of iPhone users don't need to do this and probably don't even know what it is. However, it is interesting that you would have to specifically put the iPhone into a compromised state by jailbreaking or rooting its operating system (Android equivalent) in order to make it susceptible to malware. I understand that Android phones have to be similarly jailbroken in order to remove the OS overlays that companies like Samsung put on top of the base Android UI that makes the phones, well, less usable.
It's good to laugh!
I did not see it as a joke, or I would have left it alone. Many people actually believe that Apple devices don't get malware and that couldn't be further from the truth.
And to clarify, in order to root your apple device you are finding a flaw in the code, it is simple privilege escalation from there. I was not implying that post jailbreak is when you are finally open to malware, but rather the act of jailbreaking is malware (in the simplest terms... it is a hack, on your own device that exploits a flaw in the underlying code... Apple would look at it as malicious, hence why they keep patching these flaws out to prevent people from jailbreaking their devices... if it wasn't a flaw in the code then there would be no patch).
My point about it was that same flaw one would exploit to jailbreak their device could also be used maliciously by an attacker to do whatever they wanted.
And rooting an Android phone is not the same at all. It is the equivalent of logging off your home PC and logging in as an administrator account thereby giving you full control of your PC. It is a process that is built into the system and was fully intended from the start. Which is why Google has never attempted nor do they care if you root your device.
@apacheguy: I hope that clarifies some of your question. But the final piece is that because you are now running the device with elevated permissions you are opening yourself to easier attack by malicious code... basically if they drop into your device they don't have to fight with privilege escalation (that is, changing from a regular user to an admin) and can do what they want from the start.
GaryREM
Member
In the iOS world, where apps are normally completely sandboxed and cannot interact with each other (and yes that reduces flexibility), most jailbreaks also open up the sandboxing and let apps directly interact with each other. Hence a malicious app can get access to things it would normally not be able to (which is why you did the jailbreak) and leave you in a less secure position. Since you now can download 'non-curated' apps from non-Apple sources the onus is on the user to somehow validate they are doing something OK.
I'm not sure how you couldn't say the environment was probably less secure for the average individual trying this.
I've been jailbreaking all my devices for several years now. I've never once had a problem with malware. Furthermore, within the jailbreak community there has never been widespread reports of malware finding their way onto such devices.
GaryREM
Member
I have no doubt you have, as an 'enlightened' user, had success. It's just that you said 'How does jailbreaking open your device to malware?', implying that it's not a potential issue and I don't think that is correct...
Back to the original topic...
Off topic reply: on iOS at least, jailbreaking patches the kernel to disable the code sign checks (allowing you to run code from anywhere, but disabling the ability of the OS to verify the integrity of Apps to be run ).
Stop stop stop on the smartphone geek hijack of threads. Mods, where R U? Do we have to roll brianman or aviator back out to activate you?
NigelM
Recovering Member
It's too messy Tomas, I looked at splitting things out but there's no good way to do it without losing some relevant discussion. Hopefully it'll get back on track or Tesla will finally release the real FW v6.0......
chickensevil
Active Member
Sorry Nigel, I feel I said enough on topic anyway, anyone else more inclined can Google further on the subject.
About the starting of the car from the phone this us an interesting dynamic because your key and the security in place is supposed to act as the barrier from theft. There was a pretty great description of the unlock and moving process behind this that was submitted to the NHTSA if I am not mistaken and a lot actually happens here.
Pulling just from memory the car does a check for the key when you go to unlock the doors. When you sit down it looks for the key again, and when you press the break it does one more check. If at any point it fails these checks it will lock down the car preventing it from moving. There was a far more technical description of this in the document sent and I don't know where it is off hand in order to reference.
Shifting this into your phone you would potentially attack this in one of two methods. Most phones have the ability to send other signals not just the cell frequencies being used to call someone or transmit data. Hypothecially they could emulate the key through the software in order to unlock the breaks and allow the car to drive. I don't know if the phone emits the right signal for this though and would likely limit it to a specific brand or brands of phones.
The second being through the 3g on the car using the exact same connection the app has by default. This would make it compatible with any phone that has the app and would not be brand or hardware or software specific (would just need to code in the extra menu option on the app which might be why it is IOS only right now). The interesting bit about doing it this way is not just allowing the car to drive away using the phone, but the way the connection is made, I could be on the other side of the planet and allow my car to be driven.
Hey Bob can I borrow your car? I heard you were across the country in LA for a conference.
Sure, hold on, I don't have a key to give you, but let me turn it on for you through my phone.
The implications are interesting, but I wonder if this breaches the requirements mandated by the NHTSA and if they will have to submit a waiver or something?
Obviously you selectively read or considered only portions of my posts, and your accusation of an "attack" of bonnie and lack of respect are both misplaced and disregard the very post you quoted (where I talk about respect).
Also, your first paragraph expresses exactly what I was disappointed about, so it completely contradicts your second paragraph where you say I shouldn't have inferred or implied what I inferred or implied!
Similar threads
