Successful connection on the Model S internal Ethernet network

[aviators99]

This is not really the same as the Apple case anyway. There Apple had protection mechanisms that had to be bypassed in order to jailbreak the devices. Since the DCMA has an anti-circumvention clause that makes that illegal, an exemption had to be sought. It's currently legal because the EFF successfully fought for the exemption, but could be made illegal again at any time by failing to renew the exemption.

Here, there's no protection whatsoever against viewing the data (the traffic on the Ethernet bus is readily visible and isn't encrypted), but owners have signed a license that prevents reverse engineering. Whether those terms can be enforced varies by jurisdiction (by state in the US). Apple doesn't do anything like that.

So, two very different situations.

I agree. I'm not the one who brought it up.

 

[apacheguy]

Here, there's no protection whatsoever against viewing the data (the traffic on the Ethernet bus is readily visible and isn't encrypted), but owners have signed a license that prevents reverse engineering. Whether those terms can be enforced varies by jurisdiction (by state in the US). Apple doesn't do anything like that.

But they would still have to prove intent to reverse engineer, which I'd imagine would be quite difficult. Even if I do something like gain access to the touchscreen through an exploit in the web server, I'm am not by default reverse engineering or decompiling the TM software. I would have to take additional steps to do that once I've gained root access.

 

[Gizmotoy]

But they would still have to prove intent to reverse engineer, which I'd imagine would be quite difficult. Even if I do something like gain access to the touchscreen through an exploit in the web server, I'm am not by default reverse engineering or decompiling the TM software. I would have to take additional steps to do that once I've gained root access.

It may vary by state, but reverse engineering is defined pretty loosely in CA. Here's it's as basic as learning the internal workings of a device. If you've wondered how something works and then used some process to figure it out, that's reverse engineering in CA. Arguably, then, watching the Ethernet traffic and trying to pick out data fields from the payloads could be considered reverse engineering. It's not tightly coupled to decompiling or otherwise coming up with a way to replicate or modify the system.

 

[ACDriveMotor]

Reverse engineering is now covered at the Federal level by the DMCA I believe. I don't think that state laws can be enforced that would alter/supercede.

Note: I am not a lawyer so this is pure spectrapolation (R). This is my newly minted and trademarked word (registration paperwork pending). Thanks to DMCA while you may be granted rights to use this word but may not attempt to reverse engineer this word or even guess at its meaning. That said I am willing to license certain limited uses of the word with favorable royalty terms.

 

[FlasherZ]

I too, like to specultrapolate(TM)(*).

(*)Use as directed. Compare to name-brand spectrapolation. FlasherZ is not related to, nor endorsed by ACDriveMotor, holder of the registered trademark of spectrapolation. Consult with your doctor should rash, sneezing, or violent flatulence impair your ability to lead a normal life.

 

[Gizmotoy]

Reverse engineering is now covered at the Federal level by the DMCA I believe. I don't think that state laws can be enforced that would alter/supercede.

The DMCA has exemptions that cover reverse engineering, but those involve its anti-circumvention provisions, which don't apply here.

This briefly covers some of the cases that recently upheld reverse engineering in CA as legal, even if you were to agree to a licensing agreement that prohibits it: http://www.lexology.com/library/detail.aspx?g=3e0bebe5-864d-47b0-810f-d18ca20da7bd

 

[lolachampcar]

Ok, so I do not touch the car I bought from Tesla and for which I agreed not to reverse engineer.

I go out and buy a wreck and reverse engineer that. No agreement signed to take possession. No obligation to Tesla.

Not saying I am going to do this; just saying it is one way to go do it without being on the wrong side of an agreement.

I wonder how BMW (and the other Mfgs) bought theirs as you know they are reverse engineering it and they are decidedly not posting about it.

 

[Gizmotoy]

I wonder how BMW (and the other Mfgs) bought theirs as you know they are reverse engineering it and they are decidedly not posting about it.

Was it Mercedes or BMW that bought 2 Signature Model S and wanted Tesla to ship them to Germany? Tesla sold them the cars, but made them figure out the shipping. Obviously they were aware of why they were being purchased.

Ok, so I do not touch the car I bought from Tesla and for which I agreed not to reverse engineer.

I go out and buy a wreck and reverse engineer that. No agreement signed to take possession. No obligation to Tesla.

Exactly. I posted about this possibility earlier in the thread. The agreement is pretty flimsy. I don't expect to see them attempt to enforce it.

 

[neroden]

No, I'm looking at this from another perspective.

Sooner or later somebody, somewhere in a black hole would have gotten his hands on a Model S and started doing the same "hacking" as we are doing right now.

That person might find a serious exploit in Model S and never tell us nor Tesla about it. So again, yes, I'm trying to find ways to exploit the car, but just to make sure "we" find them first instead of "them" (The people not telling anybody).

In the end somebody will find a exploit in Model S. Better be "us" then "them".

Damn straight! One of the principles of security, as any serious security consultant will tell you, is to make practically the entire design public: this is a principle old enough that it applies to safes. (Never trust a safe whose blueprints are a "secret"). Only keys and passwords are suitable matters for secrecy. Everything else needs to be public, so that as many "white hats" as possible can figure out any weaknesses and repair them preemptively.

- - - Updated - - -

mini_httpd 1.19 seems pretty old though! 19 dec 2003? But the website says it's the latest version: mini_httpd

Soooo many violations of BSD 2-clause licenses.... lazy lazy Tesla Motors...

- - - Updated - - -

If you do something that ends up forcing a service call or, even more unfortunate, if something completely unrelated to your exploration necessitates a service call, and they determine that there is software corruption or hardware damage that could be blamed on your exploration, then it is very likely that they would decline to honor the warranty and service plans.

I take that risk every time I go dabbling in one of my Android smart phones, but that is because I am content with the possibility of having to replace them out of pocket. The idea of losing the ability to drive my car or even worse, have an investigation into an accident cause Tesla and/or my insurance company to decide that they shouldn't cover me... I'm personally not comfortable with that right now. If you are, then I remain happy and interested to read about your exploration.

Yeah, this is an important thing to remember. Tesla might choose not to honor the warranty, and he should be aware of *that* risk.

At this point he's not doing anything which would actually change the car's behavior, he's just inspecting. Given that, I think the insurance company would still be required to cover any accidents, just as they do if you open up the hood of your car, look at things, and then close it again.

 

[nlc]

The dash and center console run Linux, normally Tesla should give all source code public !?

 

[aviators99]

The dash and center console run Linux, normally Tesla should give all source code public !?

There's a thread on that...

 

[nlc]

Interested to look at this, I try to found it !

 

[markb1]

The dash and center console run Linux, normally Tesla should give all source code public !?

Not really. It's perfectly legal to run closed source software on Linux. Only if they make modification to GPL software, such as the Linux kernel, would they need to share their source code.

 

[nlc]

Yes their software can be closed source. But all the operating system, rootf, etc... should be public if requested maybe ? The best is to talk about this on the other thread probably

 

[tom66]

Only Tesla's direct changes to kernel source need to be released.

Example: Panasonic plasma TVs use Linux kernel, and they released am_linux source (their version of Linux) which has a few minor changes. But you won't find any system control logic nor the code to control hardware, only the bare minimum.

It's possible Tesla have changed nothing so do not need to release the source.

Everything else is linked in and does not need to be disclosed.

 

[wonko]

Is there some thread that still deals with the technical details instead of FUD? I would love to get going as my car arrived today... .

 

[widodh]

Is there some thread that still deals with the technical details instead of FUD? I would love to get going as my car arrived today... .

That's this thread!

I simply haven't the time to do more sniffing. And it has been a bit cold here.. You have to have the driver's door open to access the port. So I'm waiting for some warmer weather

 

[brianman]

That's this thread!

I simply haven't the time to do more sniffing. And it has been a bit cold here.. You have to have the driver's door open to access the port. So I'm waiting for some warmer weather

1. Buy or borrow a garage.
2. Park Model S in garage.
3. Close garage door.
4. Open Model S door.
5. Open all 4 windows.
6. (Optional) Open sunroof.
7. Turn on the Model S climate control.
8. Set temperature to 75F.
9. Return to step 7 when climate control times out.

Warm garage.

 

[Eggplant]

Yes, can we please please get a moderator in here to move the FUD somewhere else and get back to technical details?

 

[rtz]

Splice one of these into it: EVTV Motor Verks Store: Generalized Vehicle Control Unit (GEVCU), NEW ADDITIONS - THIS JUST IN!, gevcu