Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

TeslaFi vs TeslaMate

This site may earn commission on affiliate links.
H

HighlyCharged

Member
Sep 11, 2019
193
225
Brisbane
#1
Anyone is/has running both of these and have any opinions on them?

I signed up to the trial for TeslaFi and it works very well. However, as a techy guy who already runs home servers (I used to work for a major Linux vendor), the idea of running TeslaMate appeals, but the way it requires an advanced poke to start logging seems vastly inferior to TeslaFi which just polls the car's sleep status instead, and honestly puts me off using it.

Cheers.
 
#2
bigbones said:
Anyone is/has running both of these and have any opinions on them?

I signed up to the trial for TeslaFi and it works very well. However, as a techy guy who already runs home servers (I used to work for a major Linux vendor), the idea of running TeslaMate appeals, but the way it requires an advanced poke to start logging seems vastly inferior to TeslaFi which just polls the car's sleep status instead, and honestly puts me off using it.

Cheers.
Click to expand...
As a systems person from way back, I'm worried about any of these that prod the Tesla servers. Isn't this going to get them annoyed sooner or later?
 
#4
raynewman said:
As a systems person from way back, I'm worried about any of these that prod the Tesla servers. Isn't this going to get them annoyed sooner or later?
Click to expand...
It's an open, documented, API service. I can't see why they would.
Fredneck said:
These products improve the value of the Tesla cars, no? Why would they sweat communications with the Tesla servers? That is likely the cheapest part of the entire company.
Click to expand...
Agreed. They are probably expecting people to come up with cool stuff like this as well.
 
  • Disagree
Reactions: Silicon Desert
#5
bigbones said:
It's an open, documented, API service. I can't see why they would.
Click to expand...

The API is neither open nor documented. It has been reverse engineered by smart people and unofficially documented. Tesla hasn’t stopped third parties from using it, but it doesn’t mean they won’t in future if it presents a problem to their future plans
 
  • Like
  • Helpful
Reactions: ediflyer, Arctic_White, Skully and 2 others
#6
qdolan said:
The API is neither open nor documented. It has been reverse engineered by smart people and unofficially documented. Tesla hasn’t stopped third parties from using it, but it doesn’t mean they won’t in future if it presents a problem to their future plans
Click to expand...
You're right, my bad. Not sure why I had that in my head. In that case, it adds another question over whether to use a paid service that itself relies on an unofficial API.
 
  • Like
Reactions: ediflyer and Silicon Desert
#7
bigbones said:
It's an open, documented, API service. I can't see why they would.

Agreed. They are probably expecting people to come up with cool stuff like this as well.
Click to expand...
bigbones said:
You're right, my bad. Not sure why I had that in my head. In that case, it adds another question over whether to use a paid service that itself relies on an unofficial API.
Click to expand...
That's what I was saying (badly). Tesla have threatened to stop it and have occasionally done so.
 
#9
Tesla for such a forward looking company is really rather backward when it comes to accessing your own data or providing APIs to access your own data in a secure manner.

If somebody happens to break into a computer holding your Tesla name and password, and obtain said name and password, they have all the tools they need to locate and steal your car.

According to the TeslaFi website - It looks like they hold tokens instead of passwords, which they claim won't let you remote start the car. However remote start is only one potential dangerous command. I believe other operations (e.g. remotely unlock car) don't get this protection.

Security - TeslaFi.com
What are automatically renewing tokens? / Knowledge base / TeslaFi

(I would hold similar security concerns storing tokens on mobile devices - such as with the official apps for that matter - where the security depends on that provided by IOS/Android.)

I am not sure if TeslaMate stores passwords or tokens. I would like to think it stores tokens.

You still do provide your Tesla password in the first place, so it could be recorded then due to ignorance, neglect, or tampered code. Or even the good old phishing email. I wonder how the website contacts you to reset your password (e.g. after you reset your Tesla password and invalidated your tokens). Maybe an email that looks identical to a phishing email?

I imagine TeslaFi would be polling Tesla lots too, probably would make personal use of TeslaMate insignificant.

I am curious how often TeslaFi/TeslaMate polls Tesla? Too often and you risk upsetting Tesla. Not enough and you miss significant bits of data.
 
  • Like
Reactions: HighlyCharged and raynewman
#10
Brian May said:
According to the TeslaFi website - It looks like they hold tokens instead of passwords, which they claim won't let you remote start the car. However remote start is only one potential dangerous command. I believe other operations (e.g. remotely unlock car) don't get this protection.
Click to expand...
I think there's two sets of tokens - I refused to add the one that gives TeslaFi controls access, so it can't change anything in the car, it can only read data.

When I signed up I didn't even use my password, I went and generated a token manually. Working in IT security gives me a healthy dose of paranoia.

Brian May said:
I am not sure if TeslaMate stores passwords or tokens. I would like to think it stores tokens.
Click to expand...
Tokens.

Brian May said:
I am curious how often TeslaFi/TeslaMate polls Tesla? Too often and you risk upsetting Tesla. Not enough and you miss significant bits of data.
Click to expand...
It's every minute as far as I can tell. It gets the cars sleep status before it goes further though, to avoid waking it and keeping it idle (using more power).

I sent the TeslaFi support an email today asking if they have licensed access of the Tesla API. Unless they can prove to me they are legit users, they won't see me renew past the trial.
 
  • Informative
Reactions: Hairyman
#11
bigbones said:
I think there's two sets of tokens - I refused to add the one that gives TeslaFi controls access, so it can't change anything in the car, it can only read data.

When I signed up I didn't even use my password, I went and generated a token manually. Working in IT security gives me a healthy dose of paranoia.


Tokens.


It's every minute as far as I can tell. It gets the cars sleep status before it goes further though, to avoid waking it and keeping it idle (using more power).

I sent the TeslaFi support an email today asking if they have licensed access of the Tesla API. Unless they can prove to me they are legit users, they won't see me renew past the trial.
Click to expand...
I am sure there are no licensed users; one of the reasons I stopped using Visible Tesla.
Please let us know the results of your inquiries though.
 
  • Like
Reactions: HankLloydRight and HighlyCharged
#15
bigbones said:
Got a reply today. No, they don't license the API apparently...
Click to expand...

None of the apps / sites other than the official Tesla app, licenses the API / has overt permission.

Here's the guy (Tim) who documented their API Introduction

I would not worry about upsetting Tesla. If it stops working, stop paying. Fair enough to have a nice level of paranoia, but I certainly wouldn't call them suspect.

The address for the API is literally https://owner-api.teslamotors.com/ . I feel like Tesla wants us to explore. :D They're not stupid, TeslaFi has been around for YEARS.
 
  • Helpful
  • Funny
  • Informative
Reactions: Arctic_White, Hovean, raynewman and 1 other person
#16
meowsers said:
None of the apps / sites other than the official Tesla app, licenses the API / has overt permission.

Here's the guy (Tim) who documented their API Introduction

I would not worry about upsetting Tesla. If it stops working, stop paying. Fair enough to have a nice level of paranoia, but I certainly wouldn't call them suspect.

The address for the API is literally https://owner-api.teslamotors.com/ . I feel like Tesla wants us to explore. :D They're not stupid, TeslaFi has been around for YEARS.
Click to expand...

You can't stop paying if you paid in advance ;)

Tim's web site is what I first saw and stupidly assumed it was Tesla's documentation after briefly glossing over it and then forgetting about it for weeks. :(

I don't think anyone's worried about Tesla per-se, but I am concerned about giving money to a 3rd party that is using a reverse-engineered API. I'll add that I write APIs for web apps like this, for a living. And if I want people to use them, I document them, version them, and keep them stable. None of those three things apply to Tesla's API — if you read the TeslaFi docs, particularly around sleeping, they talk about changes in the API that affected they way they have to do things.
 
#17
bigbones said:
None of those three things apply to Tesla's API — if you read the TeslaFi docs, particularly around sleeping, they talk about changes in the API that affected they way they have to do things.
Click to expand...

Exactly, they've adapted. Idk I'm not too worried about 50 bucks for the year. It brings me value. I pay for it. If your time is worth less than 50 dollars to develop your own system for your peace of mind, go for it.

I think you guys are getting your panties all in a bunch for nothing. But that's just me. Lots of people write crappy PHP scripts to do things to websites that weren't the designers intent.
 
  • Like
  • Funny
Reactions: Arctic_White, Anubis, HankLloydRight and 4 others
#18
meowsers said:
. I pay for it. If your time is worth less than 50 dollars to develop your own system for your peace of mind, go for it.
Click to expand...

Totally this. If anyone thinks they can do a similar or better job for $50 of your time, please go for it. For me that's worth about 15-20 minutes of time. But if they do, they're all still using the same unlicensed Tesla API and subject to all the risks and challenges that entails.

I also don't understand all this agita over the "unlicensed" Tesla API. There are dozens of mobile apps and web apps that all access the API, and probably hundreds of other developers who have rolled their own API programs. If it stops working, they all stop working. So what? You're going to cry over $50 sent to Teslafi for his exceptional work if it suddently stops working? At this point, if Tesla closed all public access to the API, there would be a huge groundswell from thousands of people -- not just the app developers, but the thousands of affected users. I don't think at this point, that's in Tesla's best interest, even if they never intended to have 3rd parties access the API.
 
  • Love
  • Funny
  • Like
Reactions: Stuart1714, Arctic_White, Anubis and 2 others
#20
I might be a little naive in this department but are any of these the Tesla App I got from my Google Play Store.

I hired a Model 3 for a week last month (from evee.com.au) and the owner kindly gave me a temp password for me to be able to log in and use the app to control the car.

I thought it was absolutely magic to be able to control your car from your phone and it was a free service and worked like a charm.
 
You must log in or register to reply here.

Similar threads

kayrish
Multiple issues with my 2018 Model 3
Replies
29
Views
6K
Model 3
kayrish
kayrish
Joey D
  • Article
FSD 12 perspective from a previous skeptic
Replies
76
Views
4K
AI, Autopilot, & Autonomous/FSD
Saxman
Saxman
F
Risk Manangnent of Buying AP1 Model S
Replies
22
Views
961
Model S
FrugalS
F
Ostrichsak
This Latest Attempt to Force FSD Upon Everyone is Hurting the FSD Cause More Than Helping
Replies
240
Views
7K
AI, Autopilot, & Autonomous/FSD
Kevy Baby
Kevy Baby
kayrish
  • Article
5 Years with the Model 3
Replies
27
Views
9K
Model 3
nicksp
N
Top
Back
Blog
New
Forum list
Marketplace
Menu