You can install our site as a web app on your iOS device by utilizing the Add to Home Screen feature in Safari. Please see this thread for more details on this.
Note: This feature may not be available in some browsers.
Well, let me clear up one thing briefly. If I find a remote exploit, sorry folks, but I'm not posting details about it until well after Tesla patches against it and people have had time to update their cars. I own two of these cars, and the last thing I would want would be someone able to remotely mess things up with mine of other's vehicles. I've not found any such issues, which is good, but that doesn't mean they don't exist.
Ohh, the amateur lawyer in me is so itching to give you some totally incorrect advise about "bundled distribution" and the applicability of the GPL on everything in that bundle (seriously, some bone-heads have tried that line or reasoning)... but your call is correct. Since the disk image contains proprietary software created by Tesla you can NOT post that image without clearly ending up on the wrong side of the rules.I will not post a dump of the filesystems. While I think technically there could be some wiggle room since there are almost no copyright notices on anything and it's mostly GPL type stuff anyway...... that's not a path I'm willing to take.
Because you're a huge Ariana Grande fan?I got 99 problems but dev mode aint one...
(Not sure why I felt the need to post that... :tongue: )
Keep up the good and interesting work wk057! Absolutely nothing wrong with what you’re doing in my book (IANAL). The one question I have for you, out of my own curiosity - since you have found a way to hack some of the software and display additional things on the IC or IVI screens – do you think YOU will ever feel comfortable using this information to modify the software on either of YOUR Tesla vehicles that you drive? I’m not talking reusing the knowledge to build yourself a project car using Tesla parts, I mean would you modify your own existing Model S?
Ohh, the amateur lawyer in me is so itching to give you some totally incorrect advise about "bundled distribution" and the applicability of the GPL on everything in that bundle (seriously, some bone-heads have tried that line or reasoning)... but your call is correct. Since the disk image contains proprietary software created by Tesla you can NOT post that image without clearly ending up on the wrong side of the rules.
BTW, can you PM me your address so I can send you a spare drive for "savekeeping"?
Because you're a huge Ariana Grande fan?
wk, what does the "Fonts" button take you to?
FYI: The steering wheel controls don't run through the IC. They are a separate module on the CAN bus.
Oh my. How I would love that ability. I cannot begin to tell you. but...Honestly, I think it'd be awesome to just replace the instrument cluster display with something custom and customizable, preferably without freaking out the CID. I think this would be one of the easiest and safest things to do, since the IC doesn't really control anything aside from stuff with the steering controls, which should be simple to implement in a custom display. I'm reasonably certain I could either completely replace the IC display, or overlay on top of the existing one with relative ease. Tesla did lock down the ethernet based X display stuff we saw exploited a while back, so would still need root to do it.
Yeah, that could turn into a ton of work... or you'd be stuck, just like I am nowA problem with this is that Tesla's updates wouldn't necessarily work anymore without intervention... and that could cause issues. I'd have to extract and inspect each update to see if it will interfere with my new instrument cluster or lock me out of things before installing. Given the frequency of updates lately, which have slowed significantly, it probably wouldn't be too bad... but things would always be slightly behind. (For now, we won't factor in that I'm rejecting updates to my car anyway until they remove the autopilot limitations that are coming).
*shrugs* We'll see how it goes.
That's really no different from a phone, my Android is rooted, but it won't automatically get any updates anymore because of it. I have the choice to unroot and return to stock, then update, then re-root if I want. Same deal here, you could put it back to stock, update, then mess with it again.Oh my. How I would love that ability. I cannot begin to tell you. but...
Yeah, that could turn into a ton of work... or you'd be stuck, just like I am now
AFAIK that was done by utilizing the VLAN feature of the Ethernet switch. IMHO it was not due to foresight of having to disable this connector, but still a cleaver workaround.Tesla can't really disable that one like the can with the diagnostic ethernet connector... although honestly I'm impressed they can do it with the diagnostic one and had the foresight to have the hardware to make it possible.
Something to consider here. By connecting the IC to the hub, you can run into few problems:I'll probably add a small ethernet hub behind the IC (yes a hub, not a switch... I want to be able to sniff the data they send between each other easily) and route an extra ethernet cable over to the glove box or something.
Are you 100% sure of that? Have you ever rebooted the instrument cluster while driving? As far as I know, the main IVI can be rebooted while driving (heck, it happened to me a few times when it crashed and rebooted itself) but the IC is not supposed to be rebooted while driving. This would imply to me that it does control something that may be safety critical and/or necessary to keep the car driving safely. Also, even if the IC doesn't directly control critical things, it doesn't mean it doesn't have access to control critical functions and/or interfere (be it accidentally) with critical communications. Just something to consider...Honestly, I think it'd be awesome to just replace the instrument cluster display with something custom and customizable, preferably without freaking out the CID. I think this would be one of the easiest and safest things to do, since the IC doesn't really control anything aside from stuff with the steering controls,
I was thinking, what if you were to have a camera capturing the IC screen, then provide your own IC display where you overlay whatever you want over the existing display – this way you never interfere with the IC operation other than potentially screw up the display (display the wrong speed because your software is slow, miss warnings, etc, but nothing absolutely safety critical).I'm reasonably certain I could either completely replace the IC display, or overlay on top of the existing one with relative ease. Tesla did lock down the ethernet based X display stuff we saw exploited a while back, so would still need root to do it.
You are correct. The problem is that it would be very hard for you to figure out whether the update interferes or interacts with your changes. You don’t have the test resources to test your patched version of software in every situation (say your hub problem causes lost packets which cause automatic braking to lag or not function sometimes at all).A problem with this is that Tesla's updates wouldn't necessarily work anymore without intervention... and that could cause issues. I'd have to extract and inspect each update to see if it will interfere with my new instrument cluster or lock me out of things before installing.
As long as you are messing only with your own car, you’re in the same boat as people who fix their own brakes or suspension. Yes you could present a danger to others, but society decided (and I agree) that some risks are worth taking in lieu of progress (you are pioneering things after all). I’ll be following your adventures!:smile:*shrugs* We'll see how it goes.
I've rebooted both screens many times while driving without any problems.
The only thing that doesn't work are the turn signals.
The body ECU handles the turn signals, only the sound is handled by the CID. So if you reboot it the signal continues, but with no sound.
You don't need to out a switch/hub in at all, you can just run tcpdump on the CID.
Thanks wk057, I’ll be watching. Some technical comments:
AFAIK that was done by utilizing the VLAN feature of the Ethernet switch. IMHO it was not due to foresight of having to disable this connector, but still a cleaver workaround.
Something to consider here. By connecting the IC to the hub, you can run into few problems:
If you insist on doing this, I would strongly suggest a switch with a monitor port instead - a bit more $ but less risk. It still suffers from some issues, like added latency or mismatched port configurations, but less likely to cause serious problems.
- If the interface on the switch and/or the IC is configured to a fixed, say full duplex 100Mbps link and auto-negotiate is disabled (common for embedded applications, simplifies testing), you will get packet collisions not detected as such (they will be seen as corrupted packets by the MAC) since the hub is half-duplex only. A lot of communications are over UDP which does not include retransmissions. Even if the interfaces auto-negotiate today, there may come an update that make the configuration static.
- You are changing the interface from full duplex to half duplex – something Tesla is not testing. That halves the total available bandwidth and increases packet latency.
- Hubs repeat packets to all ports, so potentially you may be introducing some replay traffic back into the system. Not necessarily bad, but something not tested. If there is another repeater in the system, you could cause packet floods that can flood the network causing a DoS situation, not sure whether any safety critical stuff runs over the Ethernet, but I think it does based on the DefCon demo where they shut down the car remotely.
- Whatever receiver you connect it to, be it a Windows or Linux machine, will introduce additional traffic to the car network (broadcasts, etc). Additional traffic, additional packets that Tesla software may not be tested with.
Are you 100% sure of that? Have you ever rebooted the instrument cluster while driving? As far as I know, the main IVI can be rebooted while driving (heck, it happened to me a few times when it crashed and rebooted itself) but the IC is not supposed to be rebooted while driving. This would imply to me that it does control something that may be safety critical and/or necessary to keep the car driving safely. Also, even if the IC doesn't directly control critical things, it doesn't mean it doesn't have access to control critical functions and/or interfere (be it accidentally) with critical communications. Just something to consider...
I was thinking, what if you were to have a camera capturing the IC screen, then provide your own IC display where you overlay whatever you want over the existing display – this way you never interfere with the IC operation other than potentially screw up the display (display the wrong speed because your software is slow, miss warnings, etc, but nothing absolutely safety critical).
You are correct. The problem is that it would be very hard for you to figure out whether the update interferes or interacts with your changes. You don’t have the test resources to test your patched version of software in every situation (say your hub problem causes lost packets which cause automatic braking to lag or not function sometimes at all).
As long as you are messing only with your own car, you’re in the same boat as people who fix their own brakes or suspension. Yes you could present a danger to others, but society decided (and I agree) that some risks are worth taking in lieu of progress (you are pioneering things after all). I’ll be following your adventures!:smile:
You don't need to out a switch/hub in at all, you can just run tcpdump on the CID.
At most, lets say I make an IC skin mod or something... I might release that code under GPL and others can do what they want with it, or not. Their choice. No warranties given nor implied.