Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

Tesla has blocked Teslafi from getting information from our cars.

jmaddr

Member
Mar 29, 2019
876
873
Florida
@hcdavis3 - Why do you say Tesla has blocked getting that info? I can still access the API so I'm assuming TeslaFi can too. I ran get vehicle data config and was even able to send commands. I didn't check the streaming API so are you saying Tesla is now blocking access to the streaming API? That would affect my Teslamate too though it can now see the non-streaming pages (like I just tested with Postman)

EDIT: Ah! Looks like they blocked it on an IP layer (assuming the below reddit post is true). That explains why I could still access the data as well as my Teslamate.
Tesla blocked connections to the API from the AWS range of IP addresses. TeslaScope was also affected and has already put together a workaround
 
  • Disagree
Reactions: NpOverspeed

acarney

Active Member
Jul 9, 2019
2,405
1,475
Richland, WA
As Teslafi suggests, retweet their tweet to Elon and hopefully it'll gain some traction. It may be that Elon just needs to lay out some guidelines or security rules for their API, but he normally seems to be supportive of 3rd party stuff...
 

dmurphy

Woof.
Dec 7, 2018
3,401
4,603
New Jersey - Morris County
@hcdavis3 - Why do you say Tesla has blocked getting that info? I can still access the API so I'm assuming TeslaFi can too. I ran get vehicle data config and was even able to send commands. I didn't check the streaming API so are you saying Tesla is now blocking access to the streaming API? That would affect my Teslamate too though it can now see the non-streaming pages (like I just tested with Postman)

It seems to me this may be an overreaction ...

I'l lay my guess on the line now:

DDoS attack originating from the AWS IP space leads to Tesla blocking the AWS IP block as a mitigation measure.

And if it turns out to be that ... much ado about nothing.
 

acarney

Active Member
Jul 9, 2019
2,405
1,475
Richland, WA
It seems to me this may be an overreaction ...

I'l lay my guess on the line now:

DDoS attack originating from the AWS IP space leads to Tesla blocking the AWS IP block as a mitigation measure.

And if it turns out to be that ... much ado about nothing.

Apparently it's more cloud services now...
 
  • Like
Reactions: hcdavis3

pjensen

Member
Jul 24, 2020
155
91
Highland Village, Texas
DDoS attack originating from the AWS IP space leads to Tesla blocking the AWS IP block as a mitigation measure.

I see these attacks daily on my email/web servers from amazon cloud service IPs. Also from google and microsoft cloud services. Best way to handle it is to put an ip block on them. Stops it cold.

Perhaps teslafi should get their own address space and servers (and not use the amazon cloud).
 
  • Like
Reactions: dmurphy

GtiMart

Member
Nov 13, 2019
673
549
Quebec City, Canada
Blocking all IPs from cloud servers must work but damn is it harsh. The decision to buy/host/maintain your own hardware/OS/network/configuration vs using a cloud provider isn't that simple. I'm sure you know if you work in the IT industry.

Now, as much as we like the API, Tesla doesn't owe us anything. That api was built for their mobile application. People simply discovered it and used it. Don't get me wrong, I love TeslaFi and appreciate all the applications that people have built around the api. The api is good and could be enhanced further. I would love it. I'm just saying it's not an entitlement :)
 

acarney

Active Member
Jul 9, 2019
2,405
1,475
Richland, WA
Blocking all IPs from cloud servers must work but damn is it harsh. The decision to buy/host/maintain your own hardware/OS/network/configuration vs using a cloud provider isn't that simple. I'm sure you know if you work in the IT industry.

Now, as much as we like the API, Tesla doesn't owe us anything. That api was built for their mobile application. People simply discovered it and used it. Don't get me wrong, I love TeslaFi and appreciate all the applications that people have built around the api. The api is good and could be enhanced further. I would love it. I'm just saying it's not an entitlement :)
Keep letting Musk know that! He’s an ultra nerd just like us, if it doesn’t open them to security issues or overload servers, I’m sure he would be open to supporting something official if fans (owners) made it know how much we love it!
 
  • Disagree
Reactions: camalaio

jjrandorin

Moderator, Model 3, Tesla Energy Forums
Nov 28, 2018
7,789
8,612
Riverside Co. CA
Keep letting Musk know that! He’s an ultra nerd just like us, if it doesn’t open them to security issues or overload servers, I’m sure he would be open to supporting something official if fans (owners) made it know how much we love it!

I wonder how many many hours tesla has lost due to canceling appointments, and talking to end user customers who start with the phrase "Teslafi says my battery........."

Just musing here, not advocating one way or another. I can understand peoples desire to see all this detailed data that isnt intended to be customer facing, and I could totally understand tesla blocking it (both as an accident, and on purpose).
 

pjensen

Member
Jul 24, 2020
155
91
Highland Village, Texas
Blocking all IPs from cloud servers must work but damn is it harsh

I just block the address range where the attack is coming from. Works great.

The decision to buy/host/maintain your own hardware/OS/network/configuration vs using a cloud provider isn't that simple. I'm sure you know if you work in the IT industry

It is like the difference between owning a home and renting an apartment. For a (real) business, it is well worth owning the servers and an address space - for security, customization and complete control. I've been running servers since 1995. It is dirt cheap compared to any cloud service. But you are correct - you have to be technically capable or forget it.
 
  • Like
  • Funny
Reactions: Rocky_H and ucmndd

ucmndd

Well-Known Member
Mar 10, 2016
6,320
11,764
California
For a (real) business, it is well worth owning the servers and an address space - for security, customization and complete control.

2008 called, they’re wondering where their postmaster and webmaster went. Please check in with them, they’re concerned.

“Real” businesses realized paying employees to run commodity services at one-off scale stopped being economical a decade ago.
 

pjensen

Member
Jul 24, 2020
155
91
Highland Village, Texas
2008 called, they’re wondering where their postmaster and webmaster went. Please check in with them, they’re concerned.

“Real” businesses realized paying employees to run commodity services at one-off scale stopped being economical a decade ago.

Agree with you. Most companies use an outside service to manage their servers. Very few employees have the skill needed. Or the company can not afford them.

Getting back to the subject - if teslafi is getting ip blocked by possibly being in the spammer ghetto (AWS), then it would seem they have the tech ability to run their own server and address space. Thus avoid being ip blocked.
 
  • Disagree
Reactions: camalaio

dmurphy

Woof.
Dec 7, 2018
3,401
4,603
New Jersey - Morris County
“Real” businesses realized paying employees to run commodity services at one-off scale stopped being economical a decade ago.

It’s ALL about scale. When your monthly AWS bill is mid-8 digits, you figure out real quick that maybe running things yourself might actually just be cheaper. (And yes, I have a customer doing exactly this - and re-homing from AWS.)
 

camalaio

Active Member
May 28, 2019
1,483
2,085
Vernon, BC, Canada
This would do both Tesla and the users a favour at this point. Is it still blocked?

I'm glad I abandoned work on my Tesla API service since it would've been based on AWS. Phew.

I see these attacks daily on my email/web servers from amazon cloud service IPs. Also from google and microsoft cloud services. Best way to handle it is to put an ip block on them. Stops it cold.

Perhaps teslafi should get their own address space and servers (and not use the amazon cloud).

This is overlooking huge issues.
  • Address space is not cheap, nor widely available.
  • Servers come with maintenance. Something the size of TeslaFi absolutely cannot justify running a personal server farm and employing people to maintain that around the clock.
Blocking all IPs from cloud servers must work but damn is it harsh. The decision to buy/host/maintain your own hardware/OS/network/configuration vs using a cloud provider isn't that simple. I'm sure you know if you work in the IT industry.

Now, as much as we like the API, Tesla doesn't owe us anything. That api was built for their mobile application. People simply discovered it and used it. Don't get me wrong, I love TeslaFi and appreciate all the applications that people have built around the api. The api is good and could be enhanced further. I would love it. I'm just saying it's not an entitlement :)

I've often wondered why Tesla even tolerates it. Surely they must see the massive amount of traffic coming from services like TeslaFi.

The app only uses the API briefly, and slowly. Maybe a few requests per day. But these other services? They're pounding the Tesla servers with requests. Some of them poll every few seconds. It's completely ridiculous, orders of magnitude more traffic than they should be serving for just app usage.

Even if Tesla is running this out of their own data centre, this surely impacts their load, number of servers needed, bandwidth, etc. All of those ultimately have costs associated with them, which is why someone like Amazon charges for all of those things (and various other granular things).

Keep letting Musk know that! He’s an ultra nerd just like us, if it doesn’t open them to security issues or overload servers, I’m sure he would be open to supporting something official if fans (owners) made it know how much we love it!

Yeeeaah, no. Elon is still the CEO of a company that needs to survive and make business decisions.

I'd wager that third party services already make up >90% of the API load on those servers that serve the API. If I was on that team, I'd start asking questions like...
  • Who is the "customer"? (it's supposed to be the official Tesla app only, but TeslaFi perhaps? TezLab? TeslaMate?)
  • What changes can we make without upsetting our customers? (Again, they normally have full control over the app so they'd only upset themselves... but if they change how something works that TeslaFi depends on, who has the right to get angry?)
  • What are the design/testing requirements? (with only the app, the load can be well defined. with other services, this completely changes requirements)
And I'd only ask that from the developer perspective. A product manager has further, harder questions to ask. They're at some weird in-between where it's not an official product (not even documented externally), but people use it as such. Heck, people are paying third parties to use it. That's really weird!

Getting back to the subject - if teslafi is getting ip blocked by possibly being in the spammer ghetto (AWS), then it would seem they have the tech ability to run their own server and address space. Thus avoid being ip blocked.

Anyone and their dog can run a service on AWS. Being on AWS does not imply you have the means, ability, employees, or other logistics to handle running and owning a physical server farm at a real, owned building.

It’s ALL about scale. When your monthly AWS bill is mid-8 digits, you figure out real quick that maybe running things yourself might actually just be cheaper. (And yes, I have a customer doing exactly this - and re-homing from AWS.)

This. But AWS bill optimisation is a thing, and I personally find it fun. Transforming services so they're more financially efficient on the AWS offerings (basically, leverage specific AWS services and don't just run an EC2 [VM] fleet hooked to RDS [VM with Database]). Plenty of success stories there.
 

About Us

Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.

Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


SUPPORT TMC
Top