I'm on @wk057 network and he doesn't even send me a christmas card. Worst network ever, would rate it 1/10 
-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Beside you 2 guys, do you think there are other people here that are not idiots ?
I personally met other people here who are not idiots and did useful things together in servicing these cars.
Anyway, it is good for this community that at least 2 guys are not idiots so we, all the rest, may pay you guys to do whatever you want on our cars as we are anyway too idiots to understand what you are doing
What happens if, for example, nobody can reach you for a while ? You have already secured other people's cars so they can not be hacked anymore. What these people can do with their cars, as we know are impossible to service without software access ?
Of course I hacked it myself! This is anyway a good test: if you can hack it, you most probably know what is all about and you will not brick it, you are safe to full control it ! But... is is not really rocket science!
This is a contradiction to me: How can Tesla have in the same time an awesome security team and the security flows that you discovered, which are worse than anybody could imagine !
I presume (I have no info, it is just a supposition) that you can not publicly post because they probably made an agreement with you when they paid you bounties. Anyway, nobody here is interested in hacking Tesla network I think. Less people will be interested even in hacking the cars when Tesla will release a free version of Toolbox (if this will ever happen) so anybody could service his car.
There is no such thing as 100% security. I truly believe that anybody who feels responsible should have full access to their car.
My point was why we can not have both: hack our cars ourselves and have paid support from highly experienced guys like you ? I mean, what is the difference if the user has a way to control his car and anytime wants to drop the connection with you, or if something goes wrong with you, the user can move freely to another service guy ?
Although I supported some guys for free repairing dead CIDs, I am not personally interested in providing any paid services to others, I just believe and say it laud that no person in this world is the smartest, nobody knows everything, and nobody should make decisions regarding other people's property without letting these people (idiots or not) have responsible control of their property. Anybody (feeling idiot or not) should stand up for its rights to control its property.
Last edited:
This is why, as Tesla owners, we need to start raising @#@#$# to force a change. We want to be able to fully work on our cars without spending an ungodly amount to peak behind the curtain. We also need easily available and reasonably priced parts. We need the technical manuals to make sure we are doing things correctly and safely.
Last edited:
Beside you 2 guys, do you think there are other people here that are not idiots ?
I personally met other people here who are not idiots and did useful things together in servicing these cars.
Anyway, it is good for this community that at least 2 guys are not idiots so we, all the rest, may pay you guys to do whatever you want on our cars as we are anyway too idiots to understand what you are doing
What happens if, for example, nobody can reach you for a while ? You have already secured other people's cars so they can not be hacked anymore. What these people can do with their cars, as we know are impossible to service without software access ?
Of course I hacked it myself! This is anyway a good test: if you can hack it, you most probably know what is all about and you will not brick it, you are safe to full control it ! But... is is not really rocket science!
This is a contradiction to me: How can Tesla have in the same time an awesome security team and the security flows that you discovered, which are worse than anybody could imagine !
I presume (I have no info, it is just a supposition) that you can not publicly post because they probably made an agreement with you when they paid you bounties. Anyway, nobody here is interested in hacking Tesla network I think. Less people will be interested even in hacking the cars when Tesla will release a free version of Toolbox (if this will ever happen) so anybody could service his car.
There is no such thing as 100% security. I truly believe that anybody who feels responsible should have full access to their car.
My point was why we can not have both: hack our cars ourselves and have paid support from highly experienced guys like you ? I mean, what is the difference if the user has a way to control his car and anytime wants to drop the connection with you, or if something goes wrong with you, the user can move freely to another service guy ?
Although I supported some guys for free repairing dead CIDs, I am not personally interested in providing any paid services to others, I just believe and say it laud that no person in this world is the smartest, nobody knows everything, and nobody should make decisions regarding other people's property without letting these people (idiots or not) have responsible control of their property. Anybody (feeling idiot or not) should stand up for its rights to control its property.
They keep it close to the chest so we can all reap the benefits. All it takes is one person with root access to walk into the SVC and have them figure out exactly whats going on and potentially shut it down. We've already seen hardening in the 2.5 and Model 3 assemblies. Just a matter of time, as more people figure it out (such as yourself), a higher chance Tesla will potentially patch the fleet. I have no problem with how my car is supported, and I appreciate the effort everyone puts in here to keep us on the forefront.
That would make too much sense.... so it'll never happen.
I'm sure there are individuals who are not idiots. But my original statements stand. People are idiots.
While out of 100 people, a few might have enough savvy to not cause problems if given root access to a vehicle, the majority wouldn't know what to do, historically have just screwed things up, and overall just cause themselves more problems with such access. There's no reasonable way to know for sure which group an individual may fall into, which leaves me with the general rule that people in general are idiots.
Anyway, it is good for this community that at least 2 guys are not idiots so we, all the rest, may pay you guys to do whatever you want on our cars as we are anyway too idiots to understand what you are doing
What happens if, for example, nobody can reach you for a while ? You have already secured other people's cars so they can not be hacked anymore. What these people can do with their cars, as we know are impossible to service without software access ?
Of course I hacked it myself! This is anyway a good test: if you can hack it, you most probably know what is all about and you will not brick it, you are safe to full control it ! But... is is not really rocket science!
I agree that if you can hack it yourself without any tutorial or major assistance from anyone else, then you likely know enough to get by without causing too much mayhem.
As for people that no longer want my modifications on their MCU, they're always welcome to perform a factory reset. I've specifically made sure doing so wipes out any and all trace of my software ever being there, and I inform my customers of the same. To-date, only one customer has bothered.
This is a contradiction to me: How can Tesla have in the same time an awesome security team and the security flows that you discovered, which are worse than anybody could imagine !
I presume (I have no info, it is just a supposition) that you can not publicly post because they probably made an agreement with you when they paid you bounties.
First, I'm under no such NDA regarding the vulnerabilities reported and the bounties received from Tesla. I personally choose not to publicly post the details of such vulnerabilities for a multitude of reasons. My primary motivation is that I've worked in IT security and know how these things play out. If the team is diligent about correcting an issue that's specific to their software upon reporting, then it doesn't do anyone any good to essentially publicly shame them for having the bug exist in the first place. It's corrected, fortunately no harm was done, and Tesla specifically rewards such white hat work generously.
Now, if upon reporting a critical vulnerability to them they took an absurd amount of time to respond and correct the issue, leaving customer products vulnerable to attack, then they wouldn't be an awesome security team. However, in the case of Tesla's team, I reported a bug chain that resulted in a huge escalation of access on their fleet network, and demonstrated this to them at 10PM on a Friday night (honked the horn using root on a demo car of their choosing, then cranked the media player playing an MP3 of the audio from "woman in the red dress" scene from The Matrix...). The security team was called in for emergency response. A game plan to correct the issue was devised, and before midnight a stopgap measure was put in place that prevented exploit of the vulnerability. The team then worked over the weekend to put in place permanent fixes for the entire chain of vulnerabilities. By Monday afternoon fully validated patches were put into production. The middle of that week a critical security update was pushed to the entire fleet of Tesla Model S/X that went a step further and added additional security on the vehicle side to better mitigate the impact of such a Tesla-side breach, should one somehow occur again in the future.
So when I say Tesla's software security team is awesome, I mean it. Doesn't mean they're superhuman and catch every potential vulnerability. But their duty as the security team is to mitigate these issues as best they can, and they do that very well.
How do you know? To a blackhat, unrestricted access to Tesla's fleet VPN with every connected car is a potential for disaster and/or a lucrative ransom. Imagine if instead of reporting the bug chain which gave me such access I went and demanded a $5,000,000 ransom (paid in Bitcoin, of course) within some unreasonable time-frame, or else every Model S/X in the fleet would become bricked to the point where they require a tow to the service center for MCU replacement? And of course, I would push that time bomb to the entire fleet before making my demands to ensure a pull-the-plug-on-the-servers solution wouldn't work.
Honestly, I could easily see a black hat hacker or hacker group doing just that, and when I spoke to the head of Tesla's security team on the phone late that Friday night, I joked that I should have just demanded a loaded P100D in exchange for the vulnerability report. Good thing I'm not in this with nefarious intentions.
Tesla has been actively working against this, so I'm pretty much going to just assume at this point that this will never happen. Unless there is some Federal-level legislation that explicitly requires it, Tesla will just fight everyone on a case-by-case like they have been.
Agreed.
Disagree.
As noted above, people are welcome to cut their connection to me at any time and can do so without my intervention.
Honestly, I don't even want to provide such services to people. I really don't. It takes a lot of time, causes headaches, and is not really something I like getting into. However, with such limited resources available for people to do anything with these cars, I feel like as someone with the power to do something that I probably should help when possible. At the same time, I'm not going to spend countless hours working on someone's problem for free or for pennies. My time is somewhat valuable, and I have to price it accordingly. Even so, I set expectations pretty low when I can. People tend to think that I can perform miracles remotely with their car, and most of the time people tend to have ridiculously high expectations.
I agree. You should have full control over your property. But I'm not going to give you that control over your car if you don't already have it. That's something Tesla should be doing. Since they don't, it's not my responsibility to do so. If you want my assistance with something, it's on my terms. I don't have to do these things at all, but I do. So take it or leave it. Don't like it, go get some laws made that require Tesla to allow people full access to the vehicle's systems... or spend years in hardware/software design and security so that you can discover a way in yourself.
Last edited:
I also believe, as I've seen in code reviews in my career, that once you know about a bug or a flaw, you know a lot about the developer and can spend more time zooming in on flaws along those lines.
If WK or anyone published the attack vector, we'd be pointed true north, even if the hike was 3000 miles we'd at least be in the right direction and get there eventually.
If WK or anyone published the attack vector, we'd be pointed true north, even if the hike was 3000 miles we'd at least be in the right direction and get there eventually.
Not sure I agree. There is a reason that CVEs exist and it is in the general interest of users to have vulnerabilities documented. This is done for practically every OS, every IoT device, etc. I don’t see why Tesla developers should get preferential treatment in this regard.
Further, if there is a vulnerability that allows fleet wide access, it is in the interest of owners to know that this vulnerability exists and which firmware versions are affected. For any other device I own, I can go online and research the vulnerability myself and determine the potential effect on my systems. But Tesla doesn’t disclose this information so it’s a bit of a Black box.
This specific issue was with internal software on Tesla's side. You won't find many folks posting CVEs about their internal proprietary software.
As for the changes made to the vehicle side of things, they were just common sense additions to a few services that simply made it more difficult to actually do anything disruptive with a blind connection to the vehicle, such as if there were some future attack vector that granted someone similar access to the Tesla-side internal network in the future without the accompanying metadata for the connections. (Translation: No simple way to brick the entire fleet even with access to their network.)
For the vehicle side, yes I think they should certainly disclose vulnerabilities and provide patches and such. They need to start by providing a changelog for a firmware update BEFORE you install it.
Probably won't happen.
Change log, hahahhahaha. Does tesla even know what one is, sighs.
Well I could argue release notes are even easier, you don't even need to depend on developer git commits the business could do it and well we all see how well that goes....
Phil, this is a plain lie.
What happened to your server? After you bricked his tuner and wanted $350 for that, we decided to take out the complete main screen (MCU) and replace it with a european MCU, so my friend can use LTE.
Before that point, I didnt care about the car at all, as I didnt have time and he paid you a lot of money to fix the car plus using your web services.
The original MCU we removed and where your work is on, is still unrooted and even untouched at all (Software wise) and in the shelf, as its worthless in EU.
I can root it and post the auth log here if you want or my friend can send/sell the MCU to someone in the US (who can actually use it) for $300 and they can post the logs here.
You did a good job on my car 2 years ago, but on my friends car it was just scam. And now telling, that the car was engaged in a hack attempt on your server is even more disappointing and a simple lie.
bkp_duke
Well-Known Member
Yeah, Tesla did BAD. Disabling Supercharging (a feature sold with the car) is possibly illegal. Tesla has done this in the past, and there are federal and state laws that prohibit manufacturers (and dealers where applicable) from removing features that were existent at the time the care was first put in service (end users, that's a different story).
And THIS is why my cars don't talk to the Tesla mothership, don't use the Tesla SIMs, etc.
But it can be re-enabled. Do they check anything online when supercharging? I think there is a setting to not even send the vin for charging telemetry. Anybody tested that?
I think most all of us agree that its a pretty dick move to disable it.
The question is, is it legal or not. They've been doing this forever, and have actually backed off on it in recent years. That makes me think it is legal in some cases, but who knows. It may be that a prior owner (the insurance company) agreed to have it disabled. Or there maybe some obscure NHTSA rule that allows them to do this to make the car 'safe' That's the key question.
If its illegal, then get a lawyer and have fun, should be a pretty open and shut case.
If its legal, whelp, that's what happens when you buy a salvage.
Tesla cannot alter your car after delivery without permission. They know that, but currently it's cheaper for them to just pay for the few lawsuits they get from this bad behavior.
If you take this to court, you will win, because they admit to the judge of their doing.
I don't know why any company would want to be so hostile to their customers(especially one that sells such expensive products), but they are. Very shortly sighted approach, especially with the Model 3 being such a disaster. Sooner or later this hostility is going to wipe them out. Imagine buying a Model 3, which is a weirdmobile/model S cross that is inferior to the Model S in almost every way, paying $60k for it, and then discovering these shenanigans, along with incompetents service centers, and 6 month+ waits using their body shops that are the worst of the worst. It's a recipe for disaster....
bkp_duke
Well-Known Member
I concur. I have VERY mixed feelings about Tesla. I love my Powerwalls (supported, under warranty), but get frustrated if I ever have to do anything with my cars (unsupported, out of Tesla's touch).
If this behavior continues with Model 3 cars, those buyers have FAR less patience than us "early adopters". I foresee a class action lawsuit coming, and that's not the kind of PR that Tesla needs.
JRP3
Hyperactive Member
I agree it's a bad move by Tesla but the numbers of people buying salvaged vehicles is tiny so I'm not sure how significant an impact this would have on the company.
First thoughts on my Model 3 vs. my Model S
Obviously the people buying the car don't agree with that assessment, especially those who think it's better than the S.
First thoughts on my Model 3 vs. my Model S
