-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Successful connection on the Model S internal Ethernet network
- Thread starter nlc
- Start date
-
- Tags
- Model S User Interface
I didn't say sound.. Just video
but yea, i know. I'm more waiting to see how we can grab a copy of the firmware from somewhere.
green1
Active Member
My hope is that Tesla will choose in the long run to do as they have promised, and be different than other manufacturers. This means that they should spend their limited resources wisely on improving their systems, not waste those resources on fighting the owners who try to make it do something Tesla never thought of.
I hope I'm not setting my expectations too high here. Please Tesla, do the right thing and focus on making the better product, not on fighting your owners.
chickensevil
Active Member
Someone with access to their information might want to look into a DARPA funded project: "A Framework for Automotive Computing Systems"
"Provides a framework for programmers to develop and execute code to monitor and control the various embedded systems in computerized automobiles."
DARPA - Open Catalog
I actually got a chance to see a demo on this at an event. The guy had sucked all the key parts out of a Prius and for the demo had the two seatbelt motors hooked up. He sent a command from his computer to "tell" the "car" he was slamming on the breaks, and it actuated the motors on the seatbelt. He also had video of them walking next to a prius and driving it remotely. All this because of the exposed CAN network in vehicles.
Anyway, there are people attempting to do research in this field, for cars in general... it is just that there is a gigantic cost associated with it, since you have to buy a rather expensive car in the first place. If I had more information on the subject I would provide it... sorry.
- - - Updated - - -
Here, even better. The same guy doing this research, Dr. Charlie Miller, has a pretty awesome whitepaper going over a Prius and Escape. Might have some useful information.
http://illmatics.com/car_hacking.pdf
"Provides a framework for programmers to develop and execute code to monitor and control the various embedded systems in computerized automobiles."
DARPA - Open Catalog
I actually got a chance to see a demo on this at an event. The guy had sucked all the key parts out of a Prius and for the demo had the two seatbelt motors hooked up. He sent a command from his computer to "tell" the "car" he was slamming on the breaks, and it actuated the motors on the seatbelt. He also had video of them walking next to a prius and driving it remotely. All this because of the exposed CAN network in vehicles.
Anyway, there are people attempting to do research in this field, for cars in general... it is just that there is a gigantic cost associated with it, since you have to buy a rather expensive car in the first place. If I had more information on the subject I would provide it... sorry.
- - - Updated - - -
Here, even better. The same guy doing this research, Dr. Charlie Miller, has a pretty awesome whitepaper going over a Prius and Escape. Might have some useful information.
http://illmatics.com/car_hacking.pdf
Wow. This rabbit hole does go deep, at least for Ford an Toyota! After reading the article, I am shocked how badly these systems are secured. He was able to simply read the entire firmware from a module in a Ford Escape (he does not write about Tesla!), despite every micro controller having copy protection modes since the 80's. Even the Chinese McDonalds children toy give-aways have better code protection.
lolachampcar
Well-Known Member
Modern fuel controls are being protected by RSA encrypted RipeMD hashes. There are still some patch work arounds to get around that stuff (mostly learned from the phone guys/gals) but manufacturers like BMW and the like are closing those doors as fast as they are found. They literally own each one of the tuning tools, wait for the tool manufacturers to update the tool to deal with the latest "tuner protection" version of the fuel control software then see what the tool manufacture did and then close that loop hole. It is fun to watch from the side lines but was a real pain in the butt when I was coding up flash tools
Sooner or later manufacturer's will close all the loop holes, add these reprogramming protections to all critical modules in the car (not just the fuel control) and implement network secured communications for inter module communication. It is just a matter of time. The Mfgs can do it as demonstrated with the fuel control (where they have an unfunded warranty liability when people hop up the engine without the Mfg's permission) so it can be done if the incentive is there.
Sooner or later manufacturer's will close all the loop holes, add these reprogramming protections to all critical modules in the car (not just the fuel control) and implement network secured communications for inter module communication. It is just a matter of time. The Mfgs can do it as demonstrated with the fuel control (where they have an unfunded warranty liability when people hop up the engine without the Mfg's permission) so it can be done if the incentive is there.
chickensevil
Active Member
I think you underestimate how easily it is to find flawed code to break software. MS Paint, which has been around forever, used to be one of the biggest things people would use for software fuzzing examples, and as such, they found a ton of software bugs in that relatively small and simple program. The only reason it isn't publicly used anymore is because Microsoft got a little bit upset about them using Paint and convinced the public forums to stop using it at their attack example.
From what I can tell, they have been coding cars since the 80s without a care in the world about security (or at least very little), for 20+ years now... it is very likely that cars will remain a huge security issue for many more years. As long as their is incentive for someone to hack it, it will be hacked.
What they need to do, is make it so tuners can do what they want with their cars WITHOUT having to hack it... then we will see the incentives drop off dramatically and it will fall back into obscurity.
The best example of this is looking at console hacking (as in xbox, PS3, Wii, etc). Consoles primarily get hacked because people want to stick their own software on their consoles... Not because they want to pirate games. All of the hacks that have hit the market for consoles have been for this purpose with the exception of I believe the PS1... where the lines are a little blurred. The outlier here was the PS3... it remained unhacked for 3 years. Why? Because those who wanted to load their own software could. They had a linux kernel they could play with. It wasn't until Sony took that away from people, that it finally was hacked because there was now a strong incentive to hack it.
AND, if you get the tuners on your side, as in, allow them full control over the car to do what they want, then you have an ally in the fight against hacking, since they will report any flaws they find so they can be fixed rather than hoarding them so they can continue in their existence. It is your car, you should be allowed to do what you want with it...
green1
Active Member
Sounds like Tesla is going to be one of "those" companies. Treat their users like criminals instead of like allies. (send C&D letters, turn off the ethernet port, next step encrypted traffic, all just to try to prevent their owners from doing what they want with a product they bought and paid for)
Opening their patents, but closing their cars.
Opening their patents, but closing their cars.
dirkhh
Middle-aged Member
They have been quite hostile to all attempts to interact with the software. I'm not surprised. I'm sure their layers don't want the risk. It's way too easy to get sued...
stopcrazypp
Well-Known Member
It's the fine difference between software and hardware. Software is licensed, hardware is owned. The only way around this is not updating the software or bearing all the risk of any failures (voided warranty). Even of "open" software like Android, you void your hardware warranty once you tinker deep enough (root or unlocked bootloader). The manufacturer can't be responsible for any damage caused by your tinkering.
Their C&D letter was the only thing that might have been out of line with this (it should not be enforce-able except for the warranty voiding part). The rest is simply for reducing their own liability in case something goes wrong.
Their C&D letter was the only thing that might have been out of line with this (it should not be enforce-able except for the warranty voiding part). The rest is simply for reducing their own liability in case something goes wrong.
There's no warranty or liability for patents. Blame the game (lawyers, regulations, etc.) not the player (Tesla).
Similar threads
