lolachampcar
Well-Known Member
If it is like most other cars on the road, everything of any importance goes over CAN or FlexRay.
You can install our site as a web app on your iOS device by utilizing the Add to Home Screen feature in Safari. Please see this thread for more details on this.
Note: This feature may not be available in some browsers.
Physical interaction with the device is quite different than talking to already-public-facing servers that answer the requests from the phone app.If Tesla doesn't give clearance for the REST API then why in hell would they give their clearance to snooping in on the internal bus? Seems silly to formally ask the question when you already know the answer. In fact, it makes it worse to ask.
You're justifying proposed new bad behavior with old bad behavior. I don't agree.Exactly, and just to add to that why do we feel so compelled to communicate our hacking efforts to Tesla when they have repeatedly demonstrated their inability, and general lack of interest, to communicate with us?
Yup, this is part of the reason I said what I said.From the MVPA I signed way back when ...
View attachment 45430
I disagree with your first sentence. They should be doing exactly that.Tesla is on the wrong side of this by reaching out to people with warnings. They need to find a way to work with their customers that have legitimate curiosity WRT MS and not against them. We own the car and there are people that will want to tinker. There must be a sane way to allow the curious to feed their need to learn while still protecting Tesla's interests.
This evening I got a call from service center :crying:
They told me Tesla USA engineers seen a tentative of hacking on my car...
I explained it was me because I tried to connect the diagnosis port to get some useful data (speed, power, etc...). They told me it can be related to industrial espionage and advised me to stop investigation, to not void the warranty....
Don't know if they really seen something in the log, because I just sniffed the network. Or maybe they seen the port scanning with nmap ? Or maybe they just read this topic ?
I agree with you. But this ethernet port is probably not only a diagnosis port, we seen that we can access some internal communications, and maybe change some internal parameters. That's the problem, they explained me let's imagine I am able to remove the speed limitation, or boost the power. If my motor die, it will be my fault, not Tesla fault, and they will not change my motor under warranty.
It's an extreme case, but we don't know (and the Tesla employee who called me too), what can be done through this diagnosis tool, with or without hacking exploit.
I think if we just connect the port, and just capture data, they cannot do anything because I think they cannot see the connection. Or they can see the ethernet connection going "up" somewhere.
Tesla is on the wrong side of this by reaching out to people with warnings. They need to find a way to work with their customers that have legitimate curiosity WRT MS and not against them. We own the car and there are people that will want to tinker. There must be a sane way to allow the curious to feed their need to learn while still protecting Tesla's interests.
This issue of providing tools to work on their cars is going to start cropping up more and more as time goes by. They can hold it off for a few years with their excellent warranty work but it will crop up. Unlike the dealer thing, they will be on the wrong/loosing side of that argument.
They told me it can be related to industrial espionage and advised me to stop investigation, to not void the warranty....
I'll be brief. As a programmer I found this post insulting and misdirected.(Removed by request.)
Industrial espionage has a defined meaning, and this is clearly not industrial espionage. It's not performed clandestinely, and it's not for commercial gain.
Personally, (as a programmer and technologist), I think it would be great if we could keep this particular thread about the findings and ideas. Another thread on legality and morality would be useful (but not of interest to me).
Personally, (as a programmer and technologist), I think it would be great if we could keep this particular thread about the findings and ideas. Another thread on legality and morality would be useful (but not of interest to me).
Personally, (as a programmer and technologist), I think it would be great if we could keep this particular thread about the findings and ideas. Another thread on legality and morality would be useful (but not of interest to me).
The findings will go on, but you will hear of it less and less here and more in private select closed groups that Tesla will never find out.
The best for Tesla and for that matter any company is to embrace these positive beneficial hackings and learn the vulnerabilities, before an oil funded effort releases a virus out.
Agree. If someone wants to create that thread in the Off Topic area then that would be best.
I don't see how this is off topic as it is very much relevant to the issue being discussed.
Agreed. And consider this a plea to be invited to any such groups. I am very trustworthy (I'm a YPO Member, in case there are any others here who belong to that cult and would understand what that means, in terms of confidentiality).
We own the car and there are people that will want to tinker.
We own the car and there are people that will want to tinker.
Apple would disagree with you
- - - Updated - - -
Apple would disagree with you too haha
And the EFF disagreed with Apple, and the EFF won.