-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Tessie App
- Thread starter Nick77
- Start date
Jerryjal
Member
No problem, was used to this feature on Teslafi. It did/does come in handy.No way to do this, yet anyway.
Ignore my post on the official app thread.
Last edited:
Many of us on here prefer teslamate, there's a thread on it. You self host it so its a bit more tricky but you're not giving anyone your tokens (which means nobody can find your car, open it, and drive it away, even if you have pin to drive turned on). All 3rd parties claim to have great security, and they may have, but you have no idea just how secure. Nobody sets out to allow a security breach.
Is driving possible without a key? Is it possible to remotely unlock and register a new key without using an existing one?
Yes, there's a feature "remote start" through the app which also bypasses pin to drive. You don't need a keycard. Your question is the reason I mention it, many think because lots of people give away their tokens to third parties it must be safe. I gave up on the UK Owners group when they simultaneously fought for Pin 2 drive, then took out a sponsorship agreement with Teslafi which was effectively recommending people to give out their credentials.
It might, but Teslamate is open on github so I think we can be fairly sure there are no back doors in it where the author sends themselves your details otherwise it would have been reported by now. Self hosting might give rise to an issue if you've poor home security, but even then, a hacker needs to drop lucky by penetrating your network, then knowing what Teslamate is, and then wanting to exploit it. The third party websites are no doubt targeted by hackers who are trying to get their hands on Tesla details. Tesla have done at least one enforced mass password change which may well have been due to a breach somewhere, not that we'd expect either the culprit or Tesla to admit it.
Depends when it was done.. originally you couldn't use that API without the actual password, so a token wasn't going to allow you to drive the car - you could do all sorts of things, like open the sunroof, wind down the windows, honk the horn 24/7... but not drive it.
Then Tesla removed the password requirement for some reason, and I've never given my token to a 3rd party since. Too risky.
Rooster6655
Active Member
It's possible to store the keys locally on the phone and not transfer to third parties, the problem is when using the apps, the source code isn't shared so have to have some trust
If you are hosting via a Pi on your own network behind a firewall not accessible through the web I wouldn't worry about it, Teslamate doesn't offer the remote functions like some of the other apps.
Local keys are an option, but as said, you still have to send them somewhere as a direct call to the Tesla API isn't as easy as it once was, you often need to wake the car, mix get and post requests, maintain the keys so they don't expire inconveniently etc or have somewhere to capture all that data, which is what 3rd party apps try and do for you. Even generating the keys for Teslamate isn't easy. I know some of the "key generation" services explain how to get part of it directly from Tesla, but there's still trust involved.
This isn't a slight of Tessie as such, and James might be a very responsible and trustworthy person (he almost certainly is), but would you give anyone on here the keys to your car? Thats effectively what you're doing with any of the 3rd party apps. You may be happy, and that's fine, just don't be ignorant of the potential risk, even if it's small.
This isn't a slight of Tessie as such, and James might be a very responsible and trustworthy person (he almost certainly is), but would you give anyone on here the keys to your car? Thats effectively what you're doing with any of the 3rd party apps. You may be happy, and that's fine, just don't be ignorant of the potential risk, even if it's small.
Tesla recently moved to a new authentication system that allows scoping. I'm sure they'll enable it in time.
The API is already enabled; you bought the car and so your car always has it on unless you disable mobile data access. So Tessie uses what is already there - it just tries to make the most effective, beautiful, and useful thing possible out of it.
Some customers have used the data to reduce insurance liability and premium increases (things like speed and location data of crashes, valet joyrides and erroneous speeding tickets.) Some insurers have premium deductions if vehicle tracking is enabled as well. These are the only two insurance effects that I'm aware of.
Rooster6655
Active Member
Tessie communicates with Tesla via a randomized OAuth token after you link your account. There isn't any login data stored. The tokens are stored encrypted in Google data centers in the US.
, is tessie coming to watchos(samsung watch 5 pro) anytime soon? Just switched from the apple world to samsung but miss the app that I had on my apple watch.
Oh and android widgets?
WearOS and Android widgets are in active development!
edit: Android widgets out now!
Last edited:
Benito1283
2021 MYLR 19"
Is there a way to see whether the car is sleeping or awake via the widget? I’d love that option, instead of going into the app to check.
I agree. I simply am not THAT interested in the state of degradation of my battery and monitoring every trip in my Tesla. Now, if I had a teenager driving my car, or a relationship partner you were suspicious of, it has some utility, but hopefully you don't have those concerns.
Wattsisname
MY Red/White/Gems
Tessie shows my costs in USD. What abbreviation does it use for British pounds please?
Similar threads
- Article
