Dec 1, 2012
brianman Sigh. This is going to keep me up all night.
Legit photo, no fooling this time.
Edit: Old territory apparently...
Dev Console | Forums | Tesla Motors�
Dec 1, 2012
NEWDL Why was this going to keep you up? Are you looking for a code? What is the concern with the car that needs access to TESLA vehicle settings?�
Dec 1, 2012
widodh Sometimes it's just fun to read diagnostic data, it can explain stuff to certain owners, you can learn from it!�
Dec 1, 2012
miemrich Brianman,
how do you get to that screen, please?�
Dec 1, 2012
GSP In Brianman's link, one of the posts said to touch and hold the Tesla T on the center screen for 1-2 seconds.
GSP�
Dec 1, 2012
ibcs It's amazing at all the details behind the screen. I got to see them yesterday for about 30 seconds while a Tesla Ranger adjusted my headlights. I wish I had taken a picture of the heating / cooling diagram for the car it was amazing.�
Dec 1, 2012
Babylonfive Can't you just start guessing the codes? Take a while, but so what? I bet it's four digits and related somehow to the vin...�
Dec 1, 2012
timdorr Try 12345. I have the same combination on my luggage.
(Yes, that's a joke)�
Dec 1, 2012
Laumb My guess is 83752.
That TESLA the old T9 way.
_____
Tapatalkin' from iTalatut.�
Dec 1, 2012
SteveH I wonder why we're locked out of these screens. If there's the potential to do real damage to the system from here and it turns out that there is a single code that works for all cars or a simple adaptation of VIN, this would be pretty alarming to me.�
Dec 1, 2012
NigelM We're locked out to prevent us from messing up certain parameter settings. You can mess around with your PC for example, but risk crashing it. There's not much to be gained from messing around with your car settings and crashing that.
As for the codes, in the case of the Roadster I was told that each Ranger has a personal access code and that way Tesla can also track in the logs who did what to the car. Sounds sensible to do the same thing with Model S.�
Dec 1, 2012
SteveH The problem is, if it's a static code per Ranger it's just bad security. Sooner or later someone's going to watch what their Ranger typed in and post it online. I assume Tesla could push out an update to disable that particular code, but how long will that take. If they don't want us to get in there, in which case they should implement some type of time-based password system. While this is a little concerning to me, it raises deeper concerns over Tesla's information security program in general.�
Dec 1, 2012
aviators99 You wouldn't necessarily need to push out an update to disable a code. If they assume Internet connectivity (which they already seem to assume for everything except moving the wheels), it could authenticate in real time. Of course, this would cause a problem if a tech needs to get in and the Internet is not working (either due to a fault or due to coverage), but it would be more secure, and could be overcome via the use of a dongle instead of code authentication in those cases.�
Dec 1, 2012
jerry33 Still, it would be nice if they gave us a read-only mode. Not as many would be interested in messing with the settings compared to those who would just like to see them (and maybe download them for tracking). A read-only mode would also ensure against accidental changes.�
Dec 1, 2012
dsm363 There is the chance to mess up your car which is why Tesla doesn't want people in there.�
Dec 1, 2012
brianman I agree with jerry re: read-only mode.�
Dec 1, 2012
stopcrazypp Depends on if someone can steal the car (or do something similar) with just that code and the menu (AFAIK you need the fob anyways to access the menu). The ODB port supposedly is required to be open in the first place so in most cars, as long as you have a reader you can pull lots of information from there (even program a new key).
http://www.extremetech.com/extreme/132526-hack-the-diagnostics-connector-steal-yourself-a-bmw-in-3-minutes�
Dec 2, 2012
neroden That's what I'd like, certainly.
- - - Updated - - -
I would just assume that Tesla has bad information security on the cars. But whatever. There's a basic principle that the person who possesses the physical car can do whatever he likes with it, given time; there's no point in trying to secure it against anything except accidents.
I also don't think trade secrets are worth much in Tesla's case, so I'm not really worried as an investor about Tesla's information security, either; it's culture and attitude which are differentiating Tesla. Anyone, given enough money, could have built an electric car from the ground up, used a squirrel-cage motor, picked commodity battery cells, temperature-regulated them using a heat pump, placed the battery under the floor for a low center of gravity, etc., but every other company made *choices* to do it a different way, and Tesla is now years ahead on setting up mass production.
EDIT: Of course, I just thought of the worrisome scenario (stupid me, this is probably the one you were thinking of): someone figures out how to distribute bogus updates over the air, and kills some or all Tesla drivers using hacked firmware.
Yeah, this is a real worry. It would be very nice to know what the over-the-air security protocols are. Personally I'd rather not have any over-the-air connectivity for exactly this paranoid reason.�
Dec 2, 2012
SteveH Exactly. As far as the broader infosec concerns, I'm most worried about a vulnerability in the OS or browser in the car that would allow malware to be uploaded. Even assuming that the key car functions like acceleration and braking are isolated, what about a malicious app that randomly opens and closes the sunroof, opens the hatchback, turns volume to max, etc.
Unless I can get more info on their security and how they manage it, browsing on the car will be kept to a minimum. Hopefully they never enable Flash.�
Dec 2, 2012
DrComputer Shoot! At our Motor4Toys event today we had three Model S's there. One had the new 4.0 Firmware installed. Tesla decided to change the secret code on the new firmware. Guess we will have to sleuth and figure out the new code.�
Dec 2, 2012
aviators99 I guess I have a reason to hope my car is delivered with old firmware, after all!�
Dec 3, 2012
Jrhodesmd Just killed 2 hours playing with this new information. Didn't change anything (except finally made my rims black like they were suppose to be but came programmed as silver.)
mod note: Edited with OP's permission. b.�
Dec 4, 2012
GeorgeB Hi everyone,
I know I do not have the right to post this, but I will anyway.
The screens behind this password are behind a password for a reason. These diagnostic screens contain information that is not meant to be public. These screens are accessible in the car to help our technicians help our customers. They contain information about the car and its systems.
I won't go into all the reasons why I would prefer these screens not be posted here, or anywhere else for that matter, but if anyone reading this owns or works at a business that has information that is not meant for public display, then they will understand my request. If you work at a company with a client list, you would prefer that your client list not be published on the web. If you use any type of proprietary software or hardware, you would prefer not to have the code published on the web. If you have a new technology that you are fighting very hard to bring to market, you'd prefer that all the workings behind your new technology not be published on the web.
I could go on and on, but I will not. I will simply say that what is behind this password is not meant for public display. It is there to allow us to help our customers as quickly and efficiently as possible, and I would respectfully ask that the screens and content of the screens not be posted openly anywhere.
Thanks for your consideration.
GeorgeB�
Dec 4, 2012
ibcs Thanks George,
You have every right and expectation that the access code information be kept as company information. Unfortunately, curiosity is very powerful. I hope everyone respects your wishes and keeps Tesla proprietary information secret.�
Dec 4, 2012
JackA I have been in the situation of trying to assist those who have "peeked at", just opened" or "might have changed" proprietary settings on their networks or computers. The technician has no baseline starting point when modifications to expected settings are existing. Anyway, if you want a Service Ranger to get to the problem and fix it quickly my recommendation is to leave the password protected service diagnostic/service data alone...�
Dec 4, 2012
brianman @GeorgeB
Sorry if my post started the forum down an apparently uncomfortable road. Wasn't intended. I happened to run across what looked like an interesting place to explore (and perhaps an easter egg) and opted to share out the discovery. You might note that I (and a few others that I talked to privately) were conspicuously shy in following up on the thread. In part it's for the reasons you call out -- some things are best not posted. I even considered asking the mods to close the thread (but leave it alive) so that it just fades from the "new posts" lists and so forth.
I do have one piece of feedback though.
The reason I came across the prompt is because I went looking for two things:
(1) Tire pressure readings.
(2) A way to force the latest update to download.
Please consider including both of these in the future UI.
Regarding #2, I'm fine with having to take a ride to the Tesla store and/or service center to have them tap some magic incantation to begin the download if that's necessary.
As an example, I called the store near me as well as 6 (closed) service centers this weekend trying to make progress on getting the update. Weekend is when I have time to explore the updates and make sure my car is performing well, and that the driver is attuned to the changes. Having little control over the timing of the download is very frustrating.
I realize Tesla is under no obligation to make the download available to all users at the same time, nor is there any prohibition of doing phased rollouts, batches, etc. Nonetheless, if you want delighted customers, it seems like it's very easy to do better here.�
Dec 4, 2012
J in MN Not allowing owners to see the diagnostic information is just nonsense.
I own the factory diagnostic tool for every car I've owned so far, and have full read and write access to all the ECMs. Not having this access in the Model S is another item on my long list of reasons not to get it.�
Dec 4, 2012
Johan It could be that it's just not diagnostics behind this screen, but also configurable options/settings that actually change the driving dynamics thereby having impact on safety etc. where it could also become a big legal problem for Tesla if someone tweaked these and the car somehow behaved in a way not intended an caused an accident, etc. Who's fault is that? The user's? Tesla's? Joint responsability?
I for one would like access to any and all diagnostic info there is, including tire pressure sensors, detailed battery diagnostic info, energy read-outs/charts etc. etc.�
Dec 4, 2012
raptorweb I agree with this I don't need to be able to change settings but I would prefer to be able to look at diag info. Maybe a good solution would be to have a generic pass code that gives a read only access. This code wouldn't have to be widely distributed just to people that are really interested in it.
So say a person that doesn't care to look at it accidently finds the spot for the code they see it and ignore it with out any "scary" data. Myself or other members on this forum will see this and really want to know what is behind that screen, we could easily ask a ranger or another Tesla employee and they can give us a read only code that is impossible to cause any harm.
For me this would be an acceptable level of access that I would not even attempt to figure out a different code whereas with no access I am a bit more curious and prone to dig into it more.�
Dec 4, 2012
4sevens.com read only please...�
Dec 4, 2012
dsm363 I definitely think an advanced read-only mode with items like tire pressure for each tire, battery temp (like the Roadster) would be nice.�
Dec 4, 2012
doug That kind of stuff should just be on an advanced user screen. No need to have it locked behind a code.�
Dec 4, 2012
dsm363 I agree, that's what I meant to say. It could simply be in the settings or maybe a separate app that contains the information they are willing to share.�
Dec 4, 2012
jerry33 Agreed. I don't want to change anything, just see what the numbers are. Tire pressure is particularly important to me. The various temperatures and such are interesting and may help me drive better.�
Dec 4, 2012
lgagliardi Just proves this car is truly different!�
Dec 4, 2012
pxy Never mind service access and hidden interfaces, maybe there is certain readout information that could be presented in a skinned 'app' in the future; no doubt functions will be added in updates. Certainly non-revealing info like TPMS, coolant temps, battery readout as a percentage would be nice without the risk of over interpretation. As an owner, the correct analogy is a 'systems monitor' overview capability like a PC or iPhone with just the right amount of info for self-help. But to continue the iPhone analogy, I don't demand to see signal strength in db's to diagnose a dropped call...�
Dec 4, 2012
brianman Well I was gonna reply to your defragger comment but you pulled it. OT ramble quashed!�
Dec 5, 2012
aviators99 Hey, this worked. The car was delivered with the new firmware. I knew Tesla would read that! ;-)�
Dec 5, 2012
NigelM Everyone always says you shouldn't choose an obvious password....
And ummm, didn't you used to work for a computer company? :wink: (Oh man, I just blew my chance of getting any updates with that joke but I still couldn't resist!)�
Dec 5, 2012
Rodolfo Paiz I understand and respect your request, as a user, an erstwhile programmer, and a business owner. I would never do such a thing in the first place. However, there will always be some people out there (a) whose curiosity got the better of them, (b) who changed something but won't admit it, (c) who want that information for unethical reasons, (d) who are or may be in competition with you and seek intelligence, and so on. You will never be able to rely on the good faith of everyone out there.
Therefore you really have no choice but to employ the best security you can to well-and-truly LOCK people out of those screens. I suggest that, at a minimum, you need to combine a Ranger's individual password with a time-synchronized token such as those by RSA. Moving to two-factor security where one item (password) is something the Ranger KNOWS, but the other item (60-second numeric code on token) is something the Ranger HAS, is a very large step up. And it won't be very hard to program into the car's OS. There are other, even more secure, solutions, but this one works and has a very reasonable cost.
And by the way, I'm with the group that would like the user to be able to see more data. EVERYONE should be able to see something like tire pressure (that's basic driving safety info), and some "advanced info system monitor" screen with battery temps or whatever details Tesla is willing to share, should also be available for us geeks who care.�
Dec 5, 2012
rolosrevenge Wait, brianman, did you actually guess the code and get in?�
Dec 5, 2012
markwj Nerding out...
Too complex. RSA would require the car to be online for the ranger to get in. The reasons are twofold: 1) it requires the public keys of all the ranger tokens who could possibly access the cars, which would have to be kept up to date with rangers joining and leaving the company (leaving in particular), and 2) the key fobs suffer from clock drift, so the system relies on the fob being regularly used and the current drift value of the fob from real time regularly updated.
Point 2 is the big issue. RSA fobs work by the system generating not just the correct code for the current time / 30 seconds, to check against what the user enters, but also codes for N time periods before and after. It is configurable, but usually 4 or 5 time periods each way. If it finds a code that matches, it records the current offset for that user, and uses it in future - so it can deal with drift over time (so long as the user regularly logs on - at least more often than it takes his fob's clock to drift N*30 seconds).
The RSA system works fantastically for banks because it is a single large centralized system. One ranger would be looking after hundreds of individual cars, and that is a very distributed offline system.
What does work is a time-limited password based on the unique car. The ranger would visit an online internal website (access to which could be protected by RSA fob, or whatever), and be given a time-limited password valid to access a specific car. The access token would be made up of a hash of the vehicle unique ID (not necessarily vin), the date, and a secret. RSA asymmetric cryptography can be used to avoid the secret being shared. The centralized system better be damn reliable, or rangers might be unable to do their work.
It is not rocket science, and the various algorithms are public knowledge,
That said, I reckon the screens that hold proprietary information and/or allow changes to the vehicle systems, should be securely locked down. The other advanced technical information should be available to the user.
That said, it is probably a waste of time. With physical access to the car, and sufficient determination, whatever Tesla do could be worked around. They can make life difficult for the hacker (tinkerer?), but they cannot stop them. Witness iPhone jail breaking.�
Dec 5, 2012
SteveH Agree with everything you said except that it would be a waste of time. Nothing is ever completely "safe", but we still have security. Increasing the difficulty of the hack is helpful and limits the exposure. While it may well be possible to jail-break the Tesla, my guess is that owners are far more reluctant to do that with an $80,000 vehicle than they are a phone. But if all they have to do is enter a static password that works all the time on every car made then that's a much simpler thing and less likely to result in a loss of warranty.�
Dec 5, 2012
jerry33 And anyway, the RSA fobs were hacked a few months ago so they aren't very secure to start with.�
Dec 5, 2012
Rodolfo Paiz Also agree that it's not a waste of time. Sure there is someone out there who is determined enough, and skilled enough, to hack into a properly-secured system such as you or I described. But that'll be 1% or less of the potential cases. It limits Tesla's legal risk of being named in a liability suit when someone screws up their internal settings, it reduces the risk and spread of industrial espionage, and if the system is good enough it'll be darned hard to crack.
If all Rangers log into their internal systems using the RSA token as I described, then each Ranger will be using his/her token at least a few times per week and that's more than enough to manage drift. However, I do agree that the car needs to be online for that to happen. There'd have to be a contingency method for the (probably pretty rare) cases when they need to work on a car that does not have connectivity.
Your method works well too, by the way. As you noted, the algorithms are available, and none of this is rocket science. For that matter, I would hope that all of the communication between the car's internal computers and the mothership is sent over a simple SSL-encrypted connection (HTTPS would work well, so would SSH, and so on...). We have no way of knowing whether Tesla does that or not, but I submit that they're already using Linux so they have all the tools they need (for free, at that) in order to implement some very good common-sense security measures for the car.
- - - Updated - - -
The fobs were hacked, yes. But I've been using them for 10-12 years at least with great results, and I can count the number of times they've been hacked in that time on the fingers of one hand. They're pretty secure. All systems are eventually hacked, because nothing's perfect, but these are pretty good. In this case, I'm just mentioning them as an example of an approach which is far more secure than a simple password. Lots of ways to skin this particular cat.�
Dec 5, 2012
NigelM Posts covering GeorgeB as the most interesting man in the world and speculation about Bonnie being a man in drag went here: The-Most-Interesting-Man-In-The-World
(Really people? How bored were you all?)
�
Dec 9, 2012
widodh I think neroden should have tuned it down a bit, but he has a point.
When I buy the car I want to see that information about my car.
I don't really mind right now since I'm still waiting, but in the future I'd like to get access to this info.
Tesla is a new brand and they are fighting the established brands, so I'm not going to 'bug' them with this now, maybe in a year
Sent from my phone, so my apologies for typos.�
Dec 9, 2012
Trixie But half the fun is trying to figure it out�
Dec 9, 2012
NigelM @neroden: buying a product doesn't give you a right too any and all proprietary information behind that product; it also doesn't give you a right to publish any of that proprietary information should you manage to access it.
I would also remind you that everyone expects a certain level of civility here on TMC; GeorgeB is a fellow member and IMO your aggressive tone is not appropriate. Further to that everyone realizes that in his position GB is totally unable to respond in any sort of manner the way another member would have. That makes your aggressive behavior a cheap shot.�
Dec 9, 2012
bonnie Exactly. Very well said, Nigel.�
Dec 9, 2012
kvietor Thanks Nigel, you say it so well. I get too emotional.�
Dec 9, 2012
NigelM Mod Note: some posts moved to snippiness; apologies to any innocent posts that got moved along also, there's never a good way to split these.
- - - Updated - - -
I get that, but you also have to remember that any company who sells you a product isn't obliged to give you everything you want. In some cases it may be good marketing to fulfill your wishes, in other cases it may be prohibitively expensive either because it costs too much or reveals too much.�
Dec 9, 2012
vfx Why are some people assuming Tesla will not show this information in the future? Tesla has a energy package coming out with all sorts of info about the car's usage. The firmware updates are coming out every 8 to 10 weeks exactly as we were promised. Sit back and let them roll in. If the car was "done" then there would be no cool upgrades for us to obsess on and brag to others about.�
Dec 10, 2012
cinergi Perhaps people aren't understanding what's behind that access code. It's far more than information -- it's controls for things that can affect your (and others on the road) safety, and knobs for features that may or may not exist in the future. That "super secret portal" is not supposed to be there in the long term. It's there because they're in the early stages of setting up servicing, etc. So even if we got access to it (why?) the point is moot -- it's going away. And you can bet the priority of making it go away is higher than it was due to this thread.�
Dec 10, 2012
Arnold Panz That's truly unfortunate if it happens. Tesla has enough things to worry about than having to hurry up something like this because some super-curious souls can't stop themselves from trying to crack the code. Not sure what they're hoping to accomplish anyway.
I reviewed the posts that got sent to "Snippiness", and it seems like neroden's main complaint was that GeorgeB used inapt analogies to explain Tesla's concerns. However, there are several relevant examples where someone "owns" something, but doesn't own the component pieces of it, or the secret sauce behind it. For example, I can go buy a Coke and say that I "own" the Coke, but does that mean I'm "entitled" to the secret recipe that is arguably the most famous trade secret in the world? What if I were a food scientist who could take the Coke and reverse engineer the ingredients to figure out the formula? The law absolutely allows Coke to prevent me from revealing the formula if I'm lucky enough to figure it out. This is not to argue that whatever stuff Tesla has behind the password is trade secret, but the point is that just because you "own" something sold by a company doesn't mean you have an absolute right to do with it (or publish) anything related to it without restriction.
Similarly, Tesla could take an approach and say that they are selling you the physical pieces behind the Model S (like hardware in a computer), but the software is only "licensed" to you (like the software in the computer), and so you don't "own" the software, but merely license it from Tesla like every other piece of software you use in your daily life. This would make sense because if I truly "own" the software in the Model S, Tesla has no "right" to update (and thereby erase or materially alter) the current software I have in there. (n.b., if you work at TM, PLEASE do not think that I don't want the v.4 update -- I really, really, really do! Thx!)
I haven't thought this approach out fully, but the basic concept demonstrates my larger point, which is that just by virtue of the fact that you have physical possession of something doesn't give you the unfettered right to do whatever you want with it. If people can't help themselves and arguably put the vast majority of owners at risk by going behind the password wall, Tesla will only be forced to take the additional, otherwise unnecessary, steps to protect everyone. The vast, vast majority of Model S owners in the future (and probably now) aren't techies and couldn't care less about finding out what's behind the password wall, so why should a small minority force a material change by the company? It always sucks when a few bad apples ruin things for everyone else.�
Dec 10, 2012
qwk I would bet that there has already been a model s bought and taken apart for reverse engineering, and many more are going to be facing the same fate. It would be very naive to think otherwise. Technology this SUPERIOR to what everyone else has to offer gets the attention of the competition VERY fast.
The existing automakers face an interesing dillema. They essentially are peddling a very inferior product(a good example:how many people would buy a cell phone from the 1990's today?), and can't innovate fast enough to avoid cannabalizing their existing product which pays all of the bills. That's why they are pushing hybrids so much. Hybrids buy them time so the change is slow.�
Dec 10, 2012
cinergi The MVPA states you cannot reverse engineer the car (I'd need to look up the exact wording) ... not that that'll necessarily stop everyone obviously.
What's behind the secret code was intended to be temporary (I believe this thread has no impact on that except perhaps timeline).
And I don't disagree we should have more access to the raw numbers behind the UI. But access to the Tesla diagnostic switches and things that are on those screens purely for *Tesla employee* testing purposes is not access we should have. This is different than access to stuff to diagnose issues with existing features in the car (e.g. Right to Repair and related laws).�
Dec 10, 2012
Arnold Panz No doubt, but hopefully Tesla's 150+ patents (and counting) will prevent anyone from actually using Tesla's technology to make a copycat car anytime soon.
Actually, if you think about Elon's goal of having Tesla lead the way to more EVs from every car manufacturer, he'd personally probably prefer that other car manufacturers use Tesla's technological innovations to make EVs. But Elon the CEO of Tesla Motors, Inc., the public company (TSLA) definitely wants to have those patents enforced to protect their market share!�
Dec 10, 2012
Doug_G Personally I think this whole thread is disappointing. As a nerdy engineer I would have loved to take a peek in there, just for my own private and personal edification - I'm not stupid enough to have pushed any buttons. But I have no "right" to be in there, and the average user should NOT be able to access it. Tesla is absolutely right to have a password on the screen.
Companies absolutely are allowed to have proprietary information in their products, which the customer is not privy to. Modern products of all sorts are full of processors, and they pretty much all have debug and troubleshooting features buried in them. Are you going to demand the source code for your toaster?
I absolutely agree with the section moderators for moving that mess to snippiness. Heck the whole thread can go there IMHO.
What I would like to see from Tesla is an optional display of additional information - motor and power electronics temperatures, the ability to download trip and charging logs like we can with the Roadster - that sort of thing.�
Dec 10, 2012
Discoducky I stand by GB in this instance to protect TMs IP; Plain and Simple. I want the company to succeed more than my desire to see behind the curtain.�
Dec 10, 2012
mnx Agree 100%.
�
Dec 10, 2012
brianman That's a pretty broad and, IMO, overly harsh characterization.
Are you disappointed in George's post? Or those that have respected his request and acted accordingly?
Sorry, but you come across too strong for my taste painting with such a broad brush.�
Dec 10, 2012
Doug_G You are entitled to your opinion.
I'm disappointed that he had to respond.
You're just being pendantic.�
Dec 10, 2012
brianman I don't know what pendantic means, but I'm just taking what you said at face value. Should I not?�
Dec 10, 2012
EcoHeliGuy 110% agree
I feel that George should have said at "midnight to night this bug in the software will be removed" or something to that extent. I know that updates aren't that quick, but in my opinion this is a software bug when it's in the wrong hands, and a tool in the rightful hands. We aren't taking about extra gauges, performance enhancements or features here. We are taking about vehicle safety's systems that are regulated by legal systems, People's lives, Property ect. As cars get smarter the avg joe gets dumber so to say, you use to change rear end gear ratios to modify your car. It's not that easy today, people will get killed when one wrong number in a line of code is changed.
I work in aviation, I can tell you, you don't want pilots adjusting systems in aircraft. And believe me when I say the vast majority of engines in aircraft are still to is day controlled by nothing but air pressures, and fly wheel based governors.�
Dec 11, 2012
Doug_G There you go again - that was a typo. Pedantic
- - - Updated - - -
There's a quote... "Beware programmer who caries screwdriver". But I digress...�
Dec 11, 2012
brianman Apparently my humor here was too dry.�
Dec 11, 2012
AnOutsider I think we all need to just chill. The screen is there. George has made his request, and you can choose to follow it, or not. We've heard every reason why you shouldn't (mess up your car, ruin Tesla's chances for success [huh?]), but at the end of the day it IS there and curious folks will be curious. I just hope that anyone who messes anything up fesses up to it and doesn't try to act like it just happened.�
Dec 11, 2012
NigelM It means being fussy about writing implements.�
Dec 11, 2012
vfx Or that Tesla outs them like they did Top Gear and Mr Brick.�
Dec 11, 2012
Mark Petersen hmm, well we have bought the car, and in some states / countries they are required to provide information on how to service the car, in such a way that you won't void your warranty
but I also understand that "George" would prefer that this information isen't easy available on the Internet
as I see it they have at least 2 options
1. change the system so you need to connect a USB key that will bump a file that they can read with a Tesla Service Program
2. change the GUI so it reveal less sensitive information
my guess that they will do both
but in the end, no-matter what they do, we will find a way to read the file
so unless they encrypt it with a public tesla encryption key, we will guess it
the same apply to the information that is transferred via wireless or 3g
sooner or later some of us will sniff it
the best solution for tesla is to give us nerds access to some of the data so we can play with it
and thereby be in controle of what is being released
on a different note, wonder what information is available in the system
my guess is individual cell history and log for each censor in the system�
Dec 20, 2012
jhs_7645 One other thing for folks who *did* read the specifics is that IIRC Tesla uses 3rd party car management software, and it's quite possible/likely that those screens are generic for the platform, and have nothing to do with every feature installed in the Model S. Bottom line, don't get too excited�
Dec 20, 2012
AnOutsider Source on this? I'd imagine Tesla would want to control as much as possible? And isn't it likely, that even if they don't control the underlying stuff, the interface is theirs? So why write an interface for functionality you have no plans on using?�
Dec 20, 2012
jhs_7645 I'll see if I can find the source, as I recall there was a press release from a company shortly after S started shipping that they were the provider for this software. On the 'why write an interface for functionality ...' question. If it *is* a 3rd party provider, it's quite likely that it's harder to customize the software than to deliver it with all the features where only a subset of those features are used. Of course, in the customer facing interface, you would only expose the features that are used, but that's not what we're talking about here.
- - - Updated - - -
Found it:http://www.cypress.com/?rID=70833
Now... this could be all wrong.. who knows. I'm just theorizing here.�
Dec 20, 2012
arg This is just the lowest layer software for turning the outputs of the touch sense hardware into useful key-press/gesture events, nothing to do with the main user interface or vehicle systems. Note that the key feature of their software that they call out in the release is "the ability to track 10 fingers at once".�
Dec 20, 2012
jhs_7645 Yes, that's what the press release babble says, but if you read their web site, they offer software that integrates automotive sensors and the OS.
But whatever, my real point was this: just because it's in a screen somewhere in the admin UI doesn't mean it's a coming feature. So people shouldn't get their panties in a bunch if their Model S doesn't have feature X because some admin screen had that option on it. That's all I'm really saying.�
Dec 20, 2012
AnOutsider I think that was understood from the beginning and was never in question. What I personally disagree with though, is why make an ADMIN interface for something you won't use? Admin tools are usually rawer and more spartan than any user facing thing (given how the menu operates, it's pretty clear they didn't bother with too much polish). As a developer, if I have access to an API and I build admin tools to access that API, I'm NOT going to build admin tools to interface with pieces of the API I have no desire to use.
Again, it doesn't mean we'll ever see the features there, but I highly doubt they ARE there because some software exposed a hook to it so they figured "let's write a UI for it!".�
Dec 20, 2012
jhs_7645 I agree with that 100%. Which is why I was theorizing it was a 3rd party app. That would explain why there are things in there that might not be part of the car. Otherwise, I think it's just wishful thinking that Tesla has already written admin screens for features that are just lying in wait to be deployed in the car. Either way, I think we're closer to saying the same thing that not.�
Dec 20, 2012
brianman Economy of scale is one reason. Perhaps they took the S, X, III, and Roadster (tentative) feature sets and wrote the UI once for all 4?�
Dec 20, 2012
AnOutsider Doubtful bman, its software. Ignore it for now and touch it when you HAVE to. One thing to note, is that power folding mirrors was missing off the lists, and from rumors, it sounds like its not in the works�
Dec 22, 2012
dtich lmao. nice one.�
Dec 22, 2012
Brian H Do you also have a penchant for singing to them?�
Dec 25, 2012
tezco Guess I'm getting to this thread a little late, but personally I welcome any input from the folks at Tesla. I can understand that company policy may require that only certain high level employees post in the forums (so that any information provided is accurate, not counterproductive from a legal aspect and non-proprietary), but I hope that that there is not a perception at Tesla or in this Forum that "official" Tesla input is unwelcome.
I also think that many Tesla owners are very curious as to how certain aspects of their car works, and many of us read the service manuals which are made available for almost all other automobiles. I would encourage Tesla to develop a better owner's manual (the current version is really just a quick guide), and/or an owner's service manual (either of which would cover non-proprietary services which many owners are ready to perform such as wiper blade and fuse replacement, tire rotation, brake repairs, 12V battery location (for a "jump" start), or its replacement etc).
Considering the current problems that some owners still seem to be experiencing with their 12V batteries, some additional information with regards to how often the battery is topped off, and how the need to top off is determined might prove helpful. Owner's of other EV's can find this information in their owner's or service manuals, and can modify their driving and charging habits to help insure that their 12V battery enjoys a long service life, especially since it seem a paradox that your electric car won't start for the want of 12 volts, despite having a fully charged 400V Li-ion battery pack on board.
B>�
Jan 24, 2013
josh_b For folks who are squeamish about getting stern warnings from Tesla I would agree not posting any controversial material is for the best. I would also like to point out though that if Tesla intends on courting "hackers" and early adopters in general, it would do best to be as open as possible with the diagnostic screens. Frankly we have made a large financial and emotional investment and we want to know as much as we can about it. We're entheusiasts. That's what we do.
I'm also a bit worried that Tesla thinks a reply from George is enough to curtail potential competitors from giving the 'S a once over for tech details. I have a lot of respect for George but I think its a foregone conclusion that someone (has) will break into the diagnostic screens.
I don't get why everyone is so worried that a ranger would experience trouble diagnosing an issue caused by customer edits to the configuration. Isn't it as simple as having an audit log and/or a "defaults" button? Many softwares also keep previous copies of the configuration for such an occasion. Furthermore if a Mercedes customer modifies the ECU values, Mercedes can see this when the car is returned for repair. They can then determine if the issue was caused as a result of the customer's changes. If so, it's no longer a warranty issue. Same with safety repercussions. If I modify my Hyundai and subsequently get into an accident as a result of the modifications, Hyundai is not to blame. It's not reasonable to assume Hyundai can test every modification a user could make and hence they would likely be held harmless in such a scenario.
In many countries reverse engineering is permitted for the purposes of academia. (Including for personal research, of course.) (Reverse engineering - Wikipedia, the free encyclopedia) Locking us out from the diagnostic screens only means people will need to find alternate ways of discovering the same information. Unfortunately in my home country (Canada) we seem to have poorer laws with regard to reverse engineering: Copyright Law | Samuelson-Glushko Canadian Internet Policy and Public Interest Clinic (CIPPIC). Regardless, wouldn't it just be easier to admit people are going to get the diagnostic-level info anyways and make everyone's lives easier?
Tesla -- All I want to do is be able to investigate the car. I want to understand it intimately because I am a geek. If you want to prompt me with a warning screen that absolves your company of liability and identifies the patents protecting what I'm about to look at, I understand entirely. But please do not stop me from looking.
Thanks for listening.�
Jan 24, 2013
lolachampcar At the risk of getting hammered here, I've been in the calibration (and source, but that is a different discussion) area of BMW, MB and Porsche Engine Control Modules to name a few. I did not tear up a single engine or otherwise do any damage and this area really is highly sensitive calibration data.
I did the work out of curiosity and a desire to understand modern fuel (and transmission) controls. I really have no desire to look inside Tesla's speed controller or inverter calibration data but I would think the information available to RoadRangers through the diagnostics screen would be interesting and useful. Having the ability to transfer data logs (see Roadster threads on this.. bright people doing interesting and non-destructive things) and screen shots to a USB stick would be nice along with being able to do simple maintenance like activating circulatory pumps to purge different systems.
I view these areas of the vehicle not as proprietary source code or calibration data but more as test tool interfaces. Large OEMs are obliged to publish their test tool interface specifications to allow groups like Autologics and the like to build third party test tools. I believe there are laws compelling the OEMs to do so but never really had a need to look into it. In my opinion, having diagnostics tools in responsible hands is not really such a bad thing.
- - - Updated - - -
Most tuners will put a car back to the stock calibration before having the customer go in for service. The OBDii specification requires Software Verification Numbers (SVN) be assigned to each calibration (and code) release. This number is a cryptographic (hash RipeMD if memory serves me on MB) checksum of the code in question and there are very heavy fines for hackers modifying code to provide false SVNs. The car comes in and the dealer simply does an SVN query and checks that against the expected value for the firmware release. If even ONE BIT is changed, the SVN is wildly different.�
Jan 24, 2013
josh_b I never knew the method by which this happened but I have friends who've been caught before! Now I know. Thanks for the info.�
Jan 24, 2013
bonnie All reasonable requests. But there is an assumption that interesting diagnostic information is all that is hidden from you. What if there is information that would point to future configurations and offerings? It is not unheard of for a smart software developer, knowing what the next round of updates will be, to code that in and then disable. If I were Tesla, I might not want my competition knowing those details.
I have no doubt that Tesla will make the kind of information you're asking for available. But perhaps not 'quite yet'.�
Jan 24, 2013
NielsChr Fairly easy to implement a 'not posible to crack' password.
Every time the car connect to tesla the car recive 10 random passwords ( or pins)
the car then uses the first from the list as the first valid password, after a sucessful login it the changes password to the next on the list ( circular buffer)
Tesla will then have a online list of passwords for any given VIN.
ranger will allways need to go online to access current valid password list (or have looked up forhand)
it will then be almost imposible to hack, as not 2 cars will have same password, even if you look over your Rangers shoulder, you would not be able to use the password as it would be a one time use password.
ofcourse if the car does not recive new valid passwords due to offline, it would need to reuse Thise currently held 10 passwords.
sceen should therefor display the password seq # out of the 10 it expect.
- - - Updated - - -
Forgot to mention, after 5 failed passwords, it should prevent logins for 5 min. After 10 failed passwords it should lock the promth for 10 min ect.
it also posible best practise only to update the 10 passwords No more than once a day.
since a ranger always will need to login to a online portal in ordet to get the current 10 valid passwords, tesla can log witch ranger did access the passwords for any given car at any given time.�
Jan 24, 2013
dtich agree. i also have the suspicion that besides diagnostics there are feature settings in this mode and while i assume tm will eventually, if they haven't already, move those toggles to an even more secure area, they very understandably don't want customers to access those settings. perhaps they will open some diag screens to users after they sandbox out some of the more secure settings. hopefully. i too love to see behind the curtains of the gear i own. learn a lot.
before all this however i'd like to see valet mode and wifi, etc. so. i'm not holding my breath for this above other things.
my 2�.�
Jan 24, 2013
josh_b Same issue occurs when companies like Nvidia (interestingly the purveyor of the CPUs in the screens within the 'S) and AMD update their GPU drivers. New product SKUs often appear in the *.inf files before the products are released. Similarly ATI and Nvidia have had modified drivers crafted by "hackers" that re-enabled formerly disabled functionality in their video cards through software. (The 9800 to 9800XT Soft-mod was one example.) Whether tech companies like it or not, hardware buyers will figure out how to enable the functionality they desire or to snoop around. Given the fact that Tesla needs to sell as many cars as they can for the maximum profit, I see their motivation in attempting to lock these interfaces down but I think ultimately these efforts are futile. It would be better to concentrate on keeping folks like us happy and debugging to the best of their ability.�
Jan 24, 2013
brianman Almost made it a month...�
Feb 19, 2013
Ron95030 I recall sitting in an early white beta model at the Menlo store during early 2012, with a store manager, who pressed and held the big 'T'. There was no password at that time. IIRC, I soon saw a large graphic display of the battery layout, with each cell having what looked to be an identifier on it; most were green, a rare few were red. In the time I stared, they all looked remarkably similar. In retrospect, I believe this 'identifier' was actually the cell temperature.
And then it was gone, as the person brought up a command line interface, (which looked to be Linux) and some log files went scrolling quickly by. That was it. He quickly returned to the GUI, as I asked another question...
Yeah, surely there is interesting info in there, and surely it's protected for good reason. I have to admit - the car is just too much fun for me to be concerned with "all the sausage making". Yet in time, I'll get more curious.
My 2 milliwatts.
-Ron�
Feb 19, 2013
brianman So close. Almost made it a month again.�
Feb 20, 2013
gsxrex Reminds me of those workplace safety placards. XXX days without an accident. Rip 'em down and restart the counter at 0.�
Feb 20, 2013
lolachampcar The world is going to need some documentation on the car at some point and access if there is to be non-Telsa maintenance.�
Apr 13, 2013
MrOteece Diagnostics Mode: interesting look under the covers
When I got my Tesla back from service, they hadn't turned off the diagnostic mode, so I got to poke around a bit.
Hoping some of the settings indicate future features:
* Adaptive cruise control y/n
* Blind spot sensor y/n
* Lane departure warning y/n
Slightly different Linux kernel versions for the cluster and the center display: 2.6.36.2 and .3. Tomcat 7. A zillion version numbers for all sorts of components.
Lots of temperature data, including a nice graphical view of various components and temps. Seems like they could show us some of this under normal conditions.
I thought about leaving it in this mode, but I was getting some weird errors so I rebooted out of it. Would like to know how to boot back into it though�
Apr 13, 2013
Ohms.Law MrOteece - those settings are extremely tantalizing. Good find. You have just ignited the ferver of hundreds of speculation theorists!�
Apr 13, 2013
vcor Thanks for posting! To get back in you would need a special Tesla code. You press on the "T" top center for 4-5 seconds and then get the entry mode (for Tesla personnel). Since none of us know the code (and I suspect it changes often) you'll not be able to get back in.
Others have seen these screens before, but I think you're the first to get it active on the way home!
There was some talk before that the options may be related to a licensed software component sold to many car makers. If so, the options are listed (y/n) may be more as generic items and not any guarantee that the MS will ever have them (of course parking assist has been announced for European deliveries).�
Apr 13, 2013
DaveVa I want!!!!!!!�
Apr 13, 2013
yobigd20 Uh oh ... That technician's gonna get in trouble LOL. This may be their big "under the nose" announcement ....�
Apr 13, 2013
DrComputer Nothing new here. Those options have been in the hidden diagnostics screens from day one.�
Apr 13, 2013
bhuwan Really?�
Apr 13, 2013
gg_got_a_tesla MrOteece, any pics of the display?�
Apr 13, 2013
nolngrgrsngslde I am afraid that these features all need physical sensors which are probably not built into our cars otherwise someone would have found them.�
Apr 13, 2013
PRJIM Found this on another forum
�
Apr 13, 2013
brianman Almost two months! Sorry, George; it just won't die.�
Apr 13, 2013
waidy Is there a button label "change access code y/n"?�
Apr 13, 2013
vfx Tricky!�
Apr 14, 2013
HansK In the category of simple things I'd like to do that I can't because I don't have access to the diagnostic mode: add the car's mobile number to my AT&T microcell. Frustrating.�
Apr 15, 2013
DEinspanjer Going back to the authentication bits.. the vehicles have USB ports, so a solution using Yubikeys would be very simple for the service people to use, and if necessary, could even be implemented with offline support.
Sent from my SPH-L710 using Tapatalk 4 Beta�
Apr 16, 2013
Darren This would be amazing! I have the 3G Microcell at home as well.�
Apr 16, 2013
FlasherZ I inquired about this a few months ago, as I would like to boost the car's signal.
AT&T's contract with Tesla prohibits sharing the phone number with the customers. I imagine if they started seeing them appear in places you'd see them removed from diagnostic screens.
For me it becomes a moot point once the Wi-Fi is turned on.�
Apr 16, 2013
zdre :drooling:�
Apr 16, 2013
hans Looks like a roadster, not a Model S. Two doors, Battery Pack and PEM in the rear.�
Apr 16, 2013
gg_got_a_tesla On what looks like a tall (17") screen?!�
Apr 16, 2013
Doug_G Uh, no, that's the Model S.�
Apr 16, 2013
vfx
Nope
two radiators
two chargers
Rotor-Trans-Drive Inverter as a single unit
It's an S�
Apr 17, 2013
neroden Only if it's a GPL-licensed Linux toaster.�
Apr 19, 2013
brianman Mods - Can you please consolidate all source code request discussion to a thread somewhere? Preferably somewhere that never shows up in my New Posts list.�
Apr 19, 2013
AnOutsider To be fair, discussion of that is pretty relevant to the theme of the thread.�
Không có nhận xét nào:
Đăng nhận xét