TeslaFi.com

[SDRick]

I like the app and it has a great safety record. The chance of something bad happening to me is almost nil. The chance of something catastrophic happening to me, less than nil. The odds of getting injured or killed driving the car is higher. Life is risky, the app not so much.

 

[SucreTease]

I like the app and it has a great safety record.

You have no idea what it's safety record is. You only do not know of any intrusion, which is not the same thing by any means. The only demonstration of safety is for rejected attempts to infiltrate the system or exfiltrate its data. I mean, your comment is equivalent to saying that a couple trying to get pregnant has a great safety record with their birth-control method because they haven't gotten pregnant yet.

How often has someone tried to compromise the system? How many times did they succeed? How many times was that acted upon by the compromiser? None of us know the answer to any of those questions.

 

[SDRick]

You have no idea what it's safety record is. You only do not know of any intrusion, which is not the same thing by any means. The only demonstration of safety is for rejected attempts to infiltrate the system or exfiltrate its data. I mean, your comment is equivalent to saying that a couple trying to get pregnant has a great safety record with their birth-control method because they haven't gotten pregnant yet.

How often has someone tried to compromise the system? How many times did they succeed? How many times was that acted upon by the compromiser? None of us know the answer to any of those questions.

So what is your point? You seem to focus on the track record comment of my post and ignored the rest. One could argue a single developer is less apt to encounter bad actors as compared to huge companies with large numbers of employees, disgruntled and otherwise.

To me, the important part of my comment was...

The chance of something bad happening to me is almost nil. The chance of something catastrophic happening to me, less than nil. The odds of getting injured or killed driving the car is higher. Life is risky, the app not so much.

 

[WannabeOwner]

Not knocking the app

Yes you are. Its been discussed plenty over the years, just read the threads.

just want to make sure people are aware and safe

its been discussed. Either you avoid all APPs, or you have a level of Trust. For the more paranoid you can create your own token, and upload that, or you can use TeslaFi's token-generator - which does require you to enter your Tesla Login/password, and to assume that is not being stored / used in an unsafe manner / etc.

Either way, if at any time you become concerned you can just change your Tesla password and all tokens become invalidated.

There has been discussion that Tesla should have implemented a different method of security / tokens ... but probably that would just lead to a different debate about security, rather than this one.

Plenty of opportunity for bugs, or even "I didn't expect that". A different 3rd party product logs data against the VIN. If you sell the car then the new owner would have access to all your historical data - unless you "do something" in the APP when you sell the car. Is that bad? Yes, I think it is. Do I care if such unexpected things happen, or consider the risks not worth the reward? No. If you do then fine, don't use the APP.

I trust Apple and Tesla a lot more to know what their doing than a random developer doing this a hobby

So don't use TeslaFi, or any other 3rd party APP then.

All you are doing here is implying that you know more about this than Jdeck and casting aspersions about his abilities and the security of TeslaFi, but you have no knowledge or evidence of any of that - other than citing data breaches from other, totally unrated, companies - who are all Apple / Tesla sized companies, rather than Jdeck sized ones ...

What Jdeck has going for him is a track record of good service. That's good enough for me, if something were to happen I am confident he would move heaven and earth to get it sorted.

If your bar is higher then don't use the APP. I seem to be not alone in repeating myself ...

 

[Fiver]

Also what's the worst that can happen? OK, someone can see where I am at any moment, and where I've been. That doesn't bother me, my phone provides the same information and carriers are selling your info regardless of if you use Android or Apple or a dumb flip phone. So as long as you carry a cell phone, you're being tracked.

Beyond that, it's honking the horn, and maybe gaining access to the frunk and car. I don't have anything of value in my car, and I'm smart enough to know that for someone to gain that access they would need to target me. ME, and I'm pretty sure no one would bother for me.

I guess the car could be stolen, but again, that would be a targeted attack, and it's still trackable if stolen (outside Europe that is). But again, the car could be stolen Europe style here also, so there's another security risk I'm not worried about.

I fully am aware of what you consider a security risk and am ok with it. There's no secret here. But then again, I'm not a criminal, and I'm not a sensitive military target. I'm just a dude going about my boring life. The worst really would be perhaps my insurance company seeing my average speed is usually ~5mph over the speed limit and raising my rates, but that happening isn't an "if", it's just "when". Already some insurers offer deals if you install a device that tracks your driving, rewarding people with "safe" driving habits.

 

[Fiver]

I should add, if I was a criminal, or someone plotting something evil or nefarious, I would be smart enough not to drive a Tesla and not to carry a cell phone. The real bad people, planning bad stuff, are (unfortunately) smart enough to not do the things that get you caught easily. As they say, door locks only provide homeowners peace of mind, a real thief will just go through the window.

 

[AWDtsla]

I should add, if I was a criminal, or someone plotting something evil or nefarious, I would be smart enough not to drive a Tesla and not to carry a cell phone. The real bad people, planning bad stuff, are (unfortunately) smart enough to not do the things that get you caught easily. As they say, door locks only provide homeowners peace of mind, a real thief will just go through the window.

A criminal smart enough to do a repeater attack wouldn't opt to breach the site, steal your token, then either steal the car or open your garage door through the car's interface? Really Tesla even pushed an update to try and stop the repeater attack thefts, they've gotten so popular in Europe. No they can't do this with your smartphone unless you're way behind on updates.

You can argue how likely it is for this to happen to you, but don't argue that it's not plausible, or even that it's as safe as automation protected by your iCloud password.

 

[Fiver]

Never said it wasn't possible. I just said I'm not worried about it. Might care a bit more if I lived somewhere else, but I genuinely don't worry about it here.

You can deactivate all the features that make theft like that possible, but it really kills the Tesla experience.

 

[bmah]

I'm pretty sure this is going to be one of those "agree to disagree" things. Different people are going to evaluate the risks and benefits differently and, especially since we don't have a complete picture of the risks, it's hardly surprising that people reach a wide range of conclusions about the use of TeslaFi (or any other service).

Bruce.

 

[brkaus]

Yes, I do appreciate the risks being spelled out. I will then make my informed decision.

 

[clostridium]

I'm pretty sure this is going to be one of those "agree to disagree" things. Different people are going to evaluate the risks and benefits differently and, especially since we don't have a complete picture of the risks, it's hardly surprising that people reach a wide range of conclusions about the use of TeslaFi (or any other service).

Bruce.

Exactly. Everybody should make their own informed decisions about what trade offs between risk and benefit they find acceptable when it comes to their privacy and security.

Having a connected car brings on a whole new list of potential ways to have privacy compromised. It’s not just a teslafi issue.

The point about the potential risks has been made repeatedly by multiple people. Unless someone has info about a specific new vulnerability it doesn’t need to be repeated over and over.

 

[Fiver]

You know, actually, after pondering it for a day. I do wonder about the insurance implications of the potential security holes we've been mentioning.

While in general I don't worry about being targeted for theft or having my driving info out there, my comment about the insurance thing did get my mental wheels spinning... If my car is stolen, I would assume it's covered by insurance, but could my insurance company claim the potential holes as a liability and deny my claim?

If I leave my keys in my ICE car in the driveway, and someone drives off with it, am I still covered?

 

[insaneoctane]

Simple question ... Does TeslaFi use the same API as documented by Tim Dorr? If so, I thought people who hammer the Tesla servers risk being blacklisted? I have seen data from TeslaFi that looks like it must have polled the server very frequently....Thanks for any clarification!

 

[Vintronex]

Is their website down?


Also I charged my car for the first time... Why did my car charge all the way to the 90%. Then I open Tesla app and it drained like 7 miles so it started charging again...

 

[ohmman]

If I leave my keys in my ICE car in the driveway, and someone drives off with it, am I still covered?

Yes.

 

[pjw65]

Simple question ... Does TeslaFi use the same API as documented by Tim Dorr? If so, I thought people who hammer the Tesla servers risk being blacklisted? I have seen data from TeslaFi that looks like it must have polled the server very frequently....Thanks for any clarification!

Yes, there is no other way.
Nomal is 1/min., sometimes it can reach up to 4 times / min.
Is's no problem since I use it (9 month).
You can change the Idle poll:
Enter how often you would like TeslaFi to poll for data during idle sessions. A time of 1 minute will poll every minute. A time of 2 minutes will poll one time every two minutes, or every other minute. 1 minute is the default and recommended setting.

You can use peter855 as referral code (teslafi.com) and receive a one month trial instead of two weeks.

 

[HankLloydRight]

... If my car is stolen, I would assume it's covered by insurance, but could my insurance company claim the potential holes as a liability and deny my claim?

If I leave my keys in my ICE car in the driveway, and someone drives off with it, am I still covered?

Like @ohmman said, yes. I live in a pretty affluent, but apparently stupid town. EVERY WEEK on the police blotter are reports of fancy cars like Land Rovers and Mercedes being stolen from the owners' driveways. In every single case, the cars were unlocked WITH THE CAR KEYS inside... and in most cases, along with wallets and cell phones.

I mean, it's idiotic enough to leave your keys inside your unlocked fancy car... but who on earth leaves their wallets and cell phones in their cars overnight? These people get what they deserve... unfortunately, the insurance usually pays out on these claims.. so they just go buy another fancy car and leave their keys and stuff inside, unlocked.

You'd think people smart enough to make a lot of money, buy a huge home with fancy cars would have enough sense not to do this. Nope. Happens every week around here.

 

[X Fan]

JDeck-

Thanks for compiling such a usable product.

Have you thought about creating another section in your site that uses the data from drivers site to provide trip energy forecasting and need? An EV planner that uses real data by vehicle to estimate trip usage.

ie I want to travel from Naples to Charlotte...what is the Teslafi lo, high, average between chargers naples-brandon or sarasota, brandon or sarasota to ocala, ocala to kingsland, etc.

 

[rfmurphy81]

JDeck-

Thanks for compiling such a usable product.

Have you thought about creating another section in your site that uses the data from drivers site to provide trip energy forecasting and need? An EV planner that uses real data by vehicle to estimate trip usage.

ie I want to travel from Naples to Charlotte...what is the Teslafi lo, high, average between chargers naples-brandon or sarasota, brandon or sarasota to ocala, ocala to kingsland, etc.

Great idea! Have you submitted it to the support site yet? If you make it public, other users can upvote it so James gets the appropriate visibility for what's most popular from a feature request perspective.

 

[HankLloydRight]

Have you thought about creating another section in your site that uses the data from drivers site to provide trip energy forecasting and need? An EV planner that uses real data by vehicle to estimate trip usage.

ie I want to travel from Naples to Charlotte...what is the Teslafi lo, high, average between chargers naples-brandon or sarasota, brandon or sarasota to ocala, ocala to kingsland, etc.

That was the original idea for my (now defunct) LogMySC.com website back when SCs were few and far between. The idea was to allow people to collect and summarize their own trip data like Teslafi.com (although self-reported, not via API access).. and then publish anonymous summaries of the legs between selected superchargers.

Once it was clear that Teslafi.com did everything my site did and so much more and better, I took it down and now I just use Teslafi.com.