TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker or making a Paypal contribution here: paypal.me/SupportTMC

Phone App v2.0 (FW v6.0)

Discussion in 'Model S: User Interface' started by pgiralt, Sep 11, 2014.

  1. pgiralt

    pgiralt Active Member

    Joined:
    Jun 16, 2013
    Messages:
    1,476
    Location:
    Cary, NC
    Nice new features included in the new iOS app related to 6.0. From the release notes on the phone:

    Owners will now be notified when:
    - There's a software update available for install on Model S
    - Charging has started, been interrupted, or is complete
    - Car alarm has been triggered

    Owners will now be able to start their Model S from the app
    Support for the new Calendar feature in Model S Release v6.0
    New UI Layout
     
  2. bollar

    bollar Disgruntled Member

    Joined:
    May 1, 2013
    Messages:
    2,243
    Location:
    Southlake, TX
    So, can you start the car from your iPhone? I see that's not mentioned in the 6.0 release notes.
     
  3. GaryREM

    GaryREM Member

    Joined:
    Jul 16, 2013
    Messages:
    324
    Location:
    Fairfax, VA
    Which means there are probably other surprises (I hope). ;)
     
  4. FlasherZ

    FlasherZ Sig Model S + Sig Model X + Model 3 Resv

    Joined:
    Jun 21, 2012
    Messages:
    7,019
    Yes.

    Android app out this morning.

    Requires you to enter your My Tesla password to start the car, though. I think that's an incredible mistake as my phone is already secured, the keyfob is already less secure, and typing my (properly) complex password is a pain in the ass. I want the convenience... and if (Apple)pay can be as simple as tapping your phone to a pay kiosk, then (Tesla)Start can be as simple as just hitting the button. If you want security, Tesla could force you to log into the app each time you want to bring it up. I'd opt-out of that.

    It's a button at the top of the "controls" screen.

    Does not require BT or proximity to the car, just used OTA like the rest of the app functionality.

    ymy9ejez.jpg
     
  5. bollar

    bollar Disgruntled Member

    Joined:
    May 1, 2013
    Messages:
    2,243
    Location:
    Southlake, TX
    And a collective "ugh" comes from the room. I have a complex password as well.

    I assume you've also figured out if this is working via WAN or BT?
     
  6. Eggplant

    Eggplant Member

    Joined:
    Jun 5, 2013
    Messages:
    234
    Location:
    Hillsborough, NC
    Ouch. Great example of bad security.
     
  7. DaveT

    DaveT Searcher of green pastures

    Joined:
    Nov 15, 2012
    Messages:
    2,564
    Location:
    San Diego
    I am very confident that this will be updated in the future. The Tesla app will allow TouchID (on at least in iOS) instead of having to manually input your password to start the car. I think as is its an okay first iteration that will improve over time.
     
  8. Eggplant

    Eggplant Member

    Joined:
    Jun 5, 2013
    Messages:
    234
    Location:
    Hillsborough, NC
    Unfortunately it will only encourage people to use simple passwords on their account. This is textbook bad security. I though they hired some security expert out from Apple? They should know better.
     
  9. RichardL

    RichardL Member

    Joined:
    Oct 6, 2013
    Messages:
    404
    Location:
    San Carlos, California
    For now, it looks like this should be considered an emergency backup only
     
  10. bollar

    bollar Disgruntled Member

    Joined:
    May 1, 2013
    Messages:
    2,243
    Location:
    Southlake, TX
    Yes. If I understand FlasherZ correctly, it is using the API, so you would't be able to start the car if you didn't have some sort of WAN connectivity. That plus the password makes it emergency-only for me. So, instead of the zOMG!!! I was hoping for, I give it a "Nice."
     
  11. apacheguy

    apacheguy Sig 255, VIN 320

    Joined:
    Oct 21, 2012
    Messages:
    3,728
    Location:
    So Cal
    Disagree. It's up to the owner to secure their own car. If they want extra security they'll make a strong enough password. Otherwise, oh well, but who are we to tell them which passwords they can and cannot choose. That's one of my pet peeves about internet security. My passwords are not the strongest but they're fairly decent. I've never been hacked and I'm ok with taking the very small risk it entails.
     
  12. Adrian

    Adrian Title(D)

    Joined:
    Jan 2, 2014
    Messages:
    93
    Location:
    Tønsberg, Norway
    For those of you with jailbroken iPhones, you can use tweaks like iTouchSecure to use TouchID for autocompleting passwords. Combine that with Activator and you can start your car just by holding the home key for 5 seconds for instance :)
     
  13. jiaotong

    jiaotong Member

    Joined:
    Mar 13, 2012
    Messages:
    65
    Location:
    Las Vegas

    Know better than what?
    Tesla is giving the opportunity for people to determine their own risk levels. Continue to use your highly secure password and this is a non-issue for you.
     
  14. omarsultan

    omarsultan Active Member

    Joined:
    Jun 22, 2013
    Messages:
    1,496
    Location:
    Northern California
    In v2.x, maybe we can see TouchID integration? That would be very cool.

    O
     
  15. DaveT

    DaveT Searcher of green pastures

    Joined:
    Nov 15, 2012
    Messages:
    2,564
    Location:
    San Diego
    Firmware 6.0

    That's pretty awesome. Too bad I don't have my iPhone jailbroken.

    If the remote start uses their REST API, then I wonder if it's possible to create a custom ad hoc app where you can just launch the app and the car will start.
     
  16. Eggplant

    Eggplant Member

    Joined:
    Jun 5, 2013
    Messages:
    234
    Location:
    Hillsborough, NC
    That's not actually the point. Think about it this way:

    Another bad practice is to require users to rotate password too often. Sounds good on paper. People should be more secure because old passwords will have a limited life, and users will need to use more complex passwords instead of using the same password everywhere.

    But in the real world all it does is encourage users to write down passwords they can't remember, or use password that are as simple as they can get away with so they can remember them. Overall is lowers the security of a system.

    Same goes here. Most users will just be annoyed by this and use a password that is simpler than they would have otherwise. The end result may be compromised Tesla accounts. The press around it won't blame the users for using bas passwords, it will blame Tesla for having a system that was compromised.
     
  17. DaveT

    DaveT Searcher of green pastures

    Joined:
    Nov 15, 2012
    Messages:
    2,564
    Location:
    San Diego
    I think most users will use remote start just in emergency situations, thus won't be changing their password to make it simpler. It's probably just the very, very small 0.1% or less of users that will use the function as a key fob replacement and those owners if they change their password to make it simpler should understand the risks involved. Also Tesla probably has restrictions on how short/simple your password can be.
     
  18. bollar

    bollar Disgruntled Member

    Joined:
    May 1, 2013
    Messages:
    2,243
    Location:
    Southlake, TX
    At the car, even if the password is "1", that's substantially more secure than the fob. Of course, this is at the expense of opening up your Tesla account to some sort of malfeasance. I doubt most owners will understand that risk.

    My current password can't be typed into a phone, so I will have to decide if the emergency value of the feature is worth it.
     
  19. FlasherZ

    FlasherZ Sig Model S + Sig Model X + Model 3 Resv

    Joined:
    Jun 21, 2012
    Messages:
    7,019
    WAN. Works remotely.
     
  20. FlasherZ

    FlasherZ Sig Model S + Sig Model X + Model 3 Resv

    Joined:
    Jun 21, 2012
    Messages:
    7,019
    My phone is already protected by security because of the immense amount of access/information behind that security screen, which to me is a far greater risk than someone using my phone to start my car. The amount of damage someone can do with my unlocked phone is far, far greater than just taking my car. I want the convenience of the app to start the car with a simple one button push.

    Or, if you INSIST that it be protected, do like OnStar does - their remote start app doesn't require you to deal with a complex password, instead requiring a simple 4-digit PIN to unlock/start/lock the vehicle.
     

Share This Page