Yeah, I didn't mean to create work for the mods by moving posts. Just create two sticky posts, similar to how they have the Investor Discussion chat post. Add an introductory note saying what the thread is for, and I'm sure many users will adhere to the guidelines and help cut down on the noise.
Firmware 6.0
- Thread starter vgrinshpun
- Start date
Yeah, I didn't mean to create work for the mods by moving posts. Just create two sticky posts, similar to how they have the Investor Discussion chat post. Add an introductory note saying what the thread is for, and I'm sure many users will adhere to the guidelines and help cut down on the noise.
brianman
Burrito Founder
- Nov 10, 2011
- 17,515
- 2,980
REST data
Bad news: It was transient. It's back to 221. Perhaps they just reset the params on the algorithm to "no historical data, recalibrate settings to defaults until more data is available" (or whatever) with the upgrade to the new firmware.
The end of my charging session last night:
- - - Updated - - -
BTW... like 5.11, 6.0 resets the suspension auto-levelling back to the default of "100+ mph". (I have mine set to 55+ mph and it keeps resetting it every time I upgrade.)
Code:
timestamp,soc,range,est_range
1410760092502,90,221,181 9/14/2014 10:48:12 PM GMT-7 [1.59.56]
1410760093002,89,238,201 9/14/2014 10:48:13 PM GMT-7 [1.65.11]Bad news: It was transient. It's back to 221. Perhaps they just reset the params on the algorithm to "no historical data, recalibrate settings to defaults until more data is available" (or whatever) with the upgrade to the new firmware.
The end of my charging session last night:
Code:
timestamp,soc,range,est_range
1410918508381,80,198,142 9/16/2014 6:48:28 PM GMT-7 [1.65.11 charging_state=Charging]
...
1410919997502,90,221,159 9/16/2014 7:13:17 PM GMT-7 [1.65.11 charging_state=Complete]- - - Updated - - -
BTW... like 5.11, 6.0 resets the suspension auto-levelling back to the default of "100+ mph". (I have mine set to 55+ mph and it keeps resetting it every time I upgrade.)
ChriZ
Member
6.0 is a great release. I do foresee that there will be more thefts of the Model S due to the remote start feature. Since its a one way authentication and not two way (i.e. using SMS, email, voicemail as second auth), anyone who steals your password can locate your car, start it, drive away and turn off mobile access. This is quite scary in my opinion and would love a pin or some other device authentication for remote start.
For now , never give out your Tesla password and rotate it often.
For now , never give out your Tesla password and rotate it often.
Brian, are you also still on the .11 flavor of 6.0?
With my .13 edition, I had no change...
The API now provides a method to change password, but I don't think it's implemented in the apps yet(?), so they have probably thought about it, and I think we'll see more updates to the apps and interfaces shortly.
Volume has had 3 positions per number since I received my car in August of 2013. This is not a new feature.
brianman
Burrito Founder
- Nov 10, 2011
- 17,515
- 2,980
How would someone know your password and login ID unless you give it to them? And at that point, well, you only have yourself to blame. A brute force password hack using a smartphone app is highly unlikely. Nobody would steal a car this way because they could be very easily identified and traced. I think people are overreacting to a non-issue.
Did anyone else jump when they read this? Is anyone else on 6.0 seeing this as well? That would be a huge regression...
bollar
Disgruntled Member
No, mine is set for 50+ and that has remained through two upgrades.
I can say that if you view the setting and then press cancel when you close the dialog box, the setting changes to 100+. Perhaps that's what brianman is seeing.
ChriZ
Member
We are currently at the information age and anything data related can be obtained. Look at iCloud, Target, Home Depot, list goes on. Anything on a server or going over the internet can be stolen ie logging in via telsa app, visibletesla, teslamotors.com. Even Apple has learned its lesson and started two way authentication for iCloud.com. Worth it or not, hackers don't value the asset but just the fact that they can do it. I just like a piece of mind that two authentication gives me which is prevents the more unlikely of hacking my SMS and Tesla account for example. Now, if the mobile access is turned off, can Tesla still trace the car is another question...
Mark Petersen
Model S EU P71
We'll the problem is that the username is easy to guess or find as it is just you e-mail address
Also with a bit so social engendering you can probably get a user to provide it
Finding tesla users you just have to search some of the forums tesla,TMC, local ev forums, charging provide apps
and often a user will be using the same password on different sights, so if you get. A list of the compromised password/email from site A you can often use the same info on site B
Also with a bit so social engendering you can probably get a user to provide it
Finding tesla users you just have to search some of the forums tesla,TMC, local ev forums, charging provide apps
and often a user will be using the same password on different sights, so if you get. A list of the compromised password/email from site A you can often use the same info on site B
ecarfan
Well-Known Member
I do not share your concern. The thief would have to know your Tesla account username and password. How would they know that? They would have to hack Tesla's server.
If they stole your phone and it was logged in to the Model S app, they won't be a problem because of course you have a password on your phone, right? If you do not I strongly recommend you do so.
brianman
Burrito Founder
- Nov 10, 2011
- 17,515
- 2,980
Perhaps I wasn't specific enough.
It reset to the default of 100+ mph across the upgrade. After the upgrade is complete, it properly retains my 55+ mph setting. In other words, you just have to set it back to your desired setting once (unlike traction control disable, for example).
bollar
Disgruntled Member
tomas
Out of warranty...
FWIW, this security issue was debated ad nauseum in this thread which initially communicated "leaked" content of 6.0. There were probably 100 or more posts on the topic of securing remote start, which then devolved into debate about pros/cons of various smartphone operating systems.
Mods, if this thread veers off in that direction, I'd politely request moving the posts to a new thread.
- - - Updated - - -
Brianman seems to be anomaly-prone.:smile:
on 59.13 as of yesterday am, still VERY happy with v6 overall.. one thing i want to mention is i had this morning my first ever door handle goofup in two years of ownership: walked up to car, handles didn't present, pressed driver's handle, it extended - the others didn't, which isn't typical - put my fingers in to open and it closed rather quickly giving me a little pinch (just a little, didn't hurt, bit surprising is all) i pulled my fingers, handle closed, then all the handles presented and door opened as normal.
not a big deal, keeping an eye on it, but as i say this is the first anything like this i've had in two years. fwiw.
not a big deal, keeping an eye on it, but as i say this is the first anything like this i've had in two years. fwiw.
Lots of ways. Screen captures apps, memory reading apps, and other malware are easily installed without the users knowledge. Man-in-the-middle attacks impersonating Tesla's server. Social engineering. Brute force attacks.
The list is long, and passwords can be obtained without hacking the back-end server.
a) Your username is your email address. While I, and probably a few others have plenty of email addresses to choose from, I guess most owners have one or maybe two.
We also know that people are people, and they regularly use the same password for many services. So with a bit of trial and error, and with a few of the leaked password-lists that are readily available on the net, it is quite probable that you would manage to get hold of at least a few combinations that are valid for logging in to Teslas services.
And as far as I know, there is nothing that stops you from being logged in from multiple devices at the same time. This means that you would neither know if someone else is logged in as you right now.
Nothing stops me from collecting usernames and passwords for a while, and simply checking if any of the cars owned by these users are somewhere in the neighbourhood, parked, waiting for me to pick them up.
I don't need to steal your phone, I can just as easily log in using your credidentials from my own phone.
I don't say this is a big risk, cars are stolen all the time, even without this possibility. But at least you should make sure you use a unique and really hard to guess password for your Tesla login.
I do. You might do it. But everyone does not, and that is a big risk.
We also know that people are people, and they regularly use the same password for many services. So with a bit of trial and error, and with a few of the leaked password-lists that are readily available on the net, it is quite probable that you would manage to get hold of at least a few combinations that are valid for logging in to Teslas services.
And as far as I know, there is nothing that stops you from being logged in from multiple devices at the same time. This means that you would neither know if someone else is logged in as you right now.
Nothing stops me from collecting usernames and passwords for a while, and simply checking if any of the cars owned by these users are somewhere in the neighbourhood, parked, waiting for me to pick them up.
I don't need to steal your phone, I can just as easily log in using your credidentials from my own phone.
I don't say this is a big risk, cars are stolen all the time, even without this possibility. But at least you should make sure you use a unique and really hard to guess password for your Tesla login.
I do. You might do it. But everyone does not, and that is a big risk.
Similar threads
