How do Superchargers know my ID?

[deonb]

I don't think they keep a database on a server or a map of where each car was last seen - at least, I've never read any evidence they are doing that.

Without knowing where the cars are, how would autopilot be learning?

 

[Saghost]

I

Without knowing where the cars are, how would autopilot be learning?

I thought it was fairly well established that the cars were recording the incidents as they happen (with location information, of course,) and uploading the information later.

 

[deonb]

I thought it was fairly well established that the cars were recording the incidents as they happen (with location information, of course,) and uploading the information later.

Oh, were you just suggesting Tesla doesn't know in real time. Yeah sure, I'd buy that. Their information is delayed by a few hours.

 

[kort677]

Doesn't Tesla pretty much know where all Tesla's are at all times? If your car were to get stolen, Tesla could pinpoint it for the cops. Am I wrong?

theoretically you are correct but I don't think they are actually monitoring the cars out there

 

[ohmman]

Anyone who has messed with the REST API will know that the servers are aware of the full telemetry of the car, in real-time. Many of us also collect it via the Tesla servers for their own analysis. I've used it for geofencing purposes and home automation.

The broader question is whether they save all of that information, and I think the answer must be yes. Collectively, it provides too much value to discard.

 

[kort677]

The broader question is whether they save all of that information, and I think the answer must be yes. Collectively, it provides too much value to discard.

the real broader question is how, when and why do the access the data and how do they use it or share it.

 

[AZ Desert Driver]

Anyone who has messed with the REST API will know that the servers are aware of the full telemetry of the car, in real-time. Many of us also collect it via the Tesla servers for their own analysis. I've used it for geofencing purposes and home automation.

The broader question is whether they save all of that information, and I think the answer must be yes. Collectively, it provides too much value to discard.

What? You have access to Tesla servers? you can use Tesla data for home automation? That seems wrong on so many levels.
I thought driving data would be collected by Corporate for their purposes, but that would be kept private. Accessing that for home-use seems to violate that implied secrete stuff. Can ANY one track my whereabouts by following your path? Please pull back the curtain a bit more.

 

[diamond.g]

What? You have access to Tesla servers? you can use Tesla data for home automation? That seems wrong on so many levels.
I thought driving data would be collected by Corporate for their purposes, but that would be kept private. Accessing that for home-use seems to violate that implied secrete stuff. Can ANY one track my whereabouts by following your path? Please pull back the curtain a bit more.

As far as I am aware you need a valid token (login) to be able to interact with your car. It is how all those iOS/Android Tesla apps work. Other than Tesla no one else should be able to see your vehicles information.

 

[lklundin]

the real broader question is how, when and why do the access the data and how do they use it or share it.

Indeed.

The way Tesla Motors collect sensor data to improve their autopilot makes me think higher of them.

If I were to learn that they sold the same information to f.ex. car insurances companies then that would change very quickly.

In fact, any one who wishes to maintain a shred of privacy should be massively worried about the data that all modern cars collect.

So more information about what Tesla do with the data that they collect from the cars would be interesting.

 

[wdolson]

If you're in an accident the police can get data on what you were doing just before the accident. When and how they can get it varies by state. In Washington they need a warrant, in Oregon they just need probably cause, and in some states they have very few limits on when they can access the data.

All cars built after, I believe, September 2013 and sold in the US need to have those "black boxes" to collect this data. Some car makers send it "home" like Tesla, others keep it in the car.

 

[AZ Desert Driver]

This is slipping off track - its NOT that Tesla collects data- that does not bother me a twit. Its that "others" can access that data on Tesla servers for home automation purposes. Now, I'm not against Home automation, but that Tesla data is open to the world does give me pause. ohman may be a good guy and without evil intent, but he has revealed a data breach. That is my concern. Who else can access Tesla servers?

 

[ohmman]

This is slipping off track - its NOT that Tesla collects data- that does not bother me a twit. Its that "others" can access that data on Tesla servers for home automation purposes. Now, I'm not against Home automation, but that Tesla data is open to the world does give me pause. ohman may be a good guy and without evil intent, but he has revealed a data breach. That is my concern. Who else can access Tesla servers?

I didn't realize you were completely serious before, so I didn't respond sooner. Tesla provides a phone app, with which you can see the location of your car, along with other metrics. You're able to turn on the climate control remotely, etc. This is tied to your personal login, and includes only your own vehicles. That communication uses a RESTful API and it's possible to log in with my credentials and get the same data about my vehicles. I cannot access anyone else's data, aggregated data, or Tesla-specific data. Just the stuff that's available to the phone app. I hope that clears it up for you.

On the other hand, when you log into TMC, I can watch you right through your computer screen. So stop making those faces at my posts!

 

[AZ Desert Driver]

I didn't realize you were completely serious before, so I didn't respond sooner. Tesla provides a phone app, with which you can see the location of your car, along with other metrics. You're able to turn on the climate control remotely, etc. This is tied to your personal login, and includes only your own vehicles. That communication uses a RESTful API and it's possible to log in with my credentials and get the same data about my vehicles. I cannot access anyone else's data, aggregated data, or Tesla-specific data. Just the stuff that's available to the phone app. I hope that clears it up for you.

On the other hand, when you log into TMC, I can watch you right through your computer screen. So stop making those faces at my posts!

Thank you for clearing that up. A phone-app that accesses your own car - that seems fine, logical and useful. Taping into the Tesla Servers to stalk others - not such a good thing. I assumed you were a good guy, but you confessed breaking into Tesla like it was simple. Glad I misunderstood.

Now - as to that damn avatar blink of yours - is that how you see my smirk face?

 

[bro1999]

Interesting thread (sorry for resurrecting a zombie post).
so I'm curious...when a Tesla is plugged into a SC, is there any kind of remote check sent to some Tesla server before authorizing the electrons to flow, or is the authentication handled 100% locally between the car and the SC? What if the cell network is down at the SC site (like during an cell network outage or natural disaster, etc...)?

 

[diamond.g]

Interesting thread (sorry for resurrecting a zombie post).
so I'm curious...when a Tesla is plugged into a SC, is there any kind of remote check sent to some Tesla server before authorizing the electrons to flow, or is the authentication handled 100% locally between the car and the SC? What if the cell network is down at the SC site (like during an cell network outage or natural disaster, etc...)?

Unless something has changed, the SC flag is on the car, no network connection required.

 

[Saghost]

Interesting thread (sorry for resurrecting a zombie post).
so I'm curious...when a Tesla is plugged into a SC, is there any kind of remote check sent to some Tesla server before authorizing the electrons to flow, or is the authentication handled 100% locally between the car and the SC? What if the cell network is down at the SC site (like during an cell network outage or natural disaster, etc...)?

I don't think we know for certain. I've never seen any evidence of an authentication loop, but it could be happening without us seeing it. Given the few bits we do know (like the car having a config setting about being permitted to Supercharge,) my speculation is that they don't do an authentication before allowing a charge, but they could still easily be doing a tracking log type - communicating during the session or after it completes to record the session. In fact, the cars that pay for charging are almost certainly doing that in order to get the MyTesla account charge to pay.

 

[ohmman]

I don't think we know for certain. I've never seen any evidence of an authentication loop, but it could be happening without us seeing it. Given the few bits we do know (like the car having a config setting about being permitted to Supercharge,) my speculation is that they don't do an authentication before allowing a charge, but they could still easily be doing a tracking log type - communicating during the session or after it completes to record the session. In fact, the cars that pay for charging are almost certainly doing that in order to get the MyTesla account charge to pay.

Right, I recall @wk057 setting a car up to Supercharge "unauthorized" and proving that there's no authentication to Tesla. That said, it was a while ago and things may have changed. Specifically, I wouldn't be surprised if they changed when Tesla implemented the occupancy feature for SCs on the nav.

 

[wdolson]

Since wk057 changed the setting to supercharge, Tesla has implemented paid supercharging for Model 3s and for future Model S and X.

I have free supercharging, but as I understand it, you put money on your account with Tesla and they deduct it when you supercharge. They have to detect the car and connect to your account when you plug in. I suspect they monitor activity with the free supercharging cars too.

 

[Saghost]

Right, I recall @wk057 setting a car up to Supercharge "unauthorized" and proving that there's no authentication to Tesla. That said, it was a while ago and things may have changed. Specifically, I wouldn't be surprised if they changed when Tesla implemented the occupancy feature for SCs on the nav.

If they didn't do it then, I'd bet they did when they started charging some people by the kWh. (But I still have no evidence one way or the other.)

 

[arg]

They have the advantage that they control the software on both sides of the interface and also the potential rate of fraud isn't very high - even if someone 'breaks' the system, they can only steal a few tens of dollars at a time.

So my guess is that there's currently no hard security, but lots of logging - and if there's signs of fraud they can overnight introduce software changes to frustrate the immediate problem, even if developing a proper architecture to make it permanently resistant to attack is a more major piece of work.