Page 2 of 20 FirstFirst 12345612 ... LastLast
Results 11 to 20 of 197

Thread: Please Enter Access Code

  1. #11
    R1211 & S282 NigelM's Avatar
    Join Date
    Apr 2011
    Location
    Sarasota, FL
    Posts
    10,598
    Blog Entries
    2
    Quote Originally Posted by SteveH View Post
    I wonder why we're locked out of these screens. If there's the potential to do real damage to the system from here and it turns out that there is a single code that works for all cars or a simple adaptation of VIN, this would be pretty alarming to me.
    We're locked out to prevent us from messing up certain parameter settings. You can mess around with your PC for example, but risk crashing it. There's not much to be gained from messing around with your car settings and crashing that.

    As for the codes, in the case of the Roadster I was told that each Ranger has a personal access code and that way Tesla can also track in the logs who did what to the car. Sounds sensible to do the same thing with Model S.

  2. #12
    Member
    Join Date
    Oct 2012
    Location
    Denton, Texas
    Posts
    272
    Quote Originally Posted by NigelM View Post
    We're locked out to prevent us from messing up certain parameter settings. You can mess around with your PC for example, but risk crashing it. There's not much to be gained from messing around with your car settings and crashing that.

    As for the codes, in the case of the Roadster I was told that each Ranger has a personal access code and that way Tesla can also track in the logs who did what to the car. Sounds sensible to do the same thing with Model S.
    The problem is, if it's a static code per Ranger it's just bad security. Sooner or later someone's going to watch what their Ranger typed in and post it online. I assume Tesla could push out an update to disable that particular code, but how long will that take. If they don't want us to get in there, in which case they should implement some type of time-based password system. While this is a little concerning to me, it raises deeper concerns over Tesla's information security program in general.
    P3,339: 60 kWh, blue/gray/lacewood, 19 inch wheels, tech package, sound package, air suspension
    Delivered: February 8, 2013

  3. #13
    Model S - R140
    Join Date
    Jan 2010
    Location
    Weston, Florida, United States
    Posts
    1,323
    Quote Originally Posted by SteveH View Post
    The problem is, if it's a static code per Ranger it's just bad security. Sooner or later someone's going to watch what their Ranger typed in and post it online. I assume Tesla could push out an update to disable that particular code, but how long will that take. If they don't want us to get in there, in which case they should implement some type of time-based password system. While this is a little concerning to me, it raises deeper concerns over Tesla's information security program in general.
    You wouldn't necessarily need to push out an update to disable a code. If they assume Internet connectivity (which they already seem to assume for everything except moving the wheels), it could authenticate in real time. Of course, this would cause a problem if a tech needs to get in and the Internet is not working (either due to a fault or due to coverage), but it would be more secure, and could be overcome via the use of a dongle instead of code authentication in those cases.
    Model S - R140 - 5YJSA1DN4CFP01275 - 85kWh, Dolphin Gray, Black Leather, Piano, Tech, Audio, Suspension, 19", Pano, Twin, HPWC.

  4. #14
    S85 - VIN:P05130 - 3/2/13 jerry33's Avatar
    Join Date
    Mar 2012
    Location
    Texas
    Posts
    7,829
    Still, it would be nice if they gave us a read-only mode. Not as many would be interested in messing with the settings compared to those who would just like to see them (and maybe download them for tracking). A read-only mode would also ensure against accidental changes.
    1. Do not copy anything that I post outside of the TMC forum without permission.
    2. Any advice or opinions posted here are to be taken as my personal opinions only. There is no implied warranty, fitness for purpose, or official statements from any company I may have been or am affiliated with.
    3. Even the best recommendations are wrong when used inappropriately.

  5. #15
    Roadster #1144 + Sig 114 dsm363's Avatar
    Join Date
    May 2009
    Location
    Seattle
    Posts
    13,471
    Quote Originally Posted by SteveH View Post
    I wonder why we're locked out of these screens. If there's the potential to do real damage to the system from here and it turns out that there is a single code that works for all cars or a simple adaptation of VIN, this would be pretty alarming to me.
    There is the chance to mess up your car which is why Tesla doesn't want people in there.
    Moderator - Model S, Mountain/Southwest, Texas, Northwest, Off Topic forums
    PLEASE NOTE: Posts are the copyrighted intellectual property of the author, and are intended as part of a conversation within this forum. My words may NOT be quoted outside this forum, without my expressed consent.

  6. #16
    Burrito Founder brianman's Avatar
    Join Date
    Nov 2011
    Location
    TMC.com
    Posts
    12,548
    I agree with jerry re: read-only mode.
    Truly Electric Spaceship-Like Adventure ~ Signature Model Spaceship

    PLEASE NOTE: these musings are the copyrighted intellectual property of the author, and are intended as part of a conversation among the Tesla Motors Clubs membership. My words may not be quoted by any third party outside the Tesla Motors Clubs forums, without my expressed consent. Especially the NYT, which is clearly ethically challenged.

  7. #17
    Senior Member stopcrazypp's Avatar
    Join Date
    Dec 2007
    Posts
    3,533
    Quote Originally Posted by SteveH View Post
    The problem is, if it's a static code per Ranger it's just bad security. Sooner or later someone's going to watch what their Ranger typed in and post it online. I assume Tesla could push out an update to disable that particular code, but how long will that take. If they don't want us to get in there, in which case they should implement some type of time-based password system. While this is a little concerning to me, it raises deeper concerns over Tesla's information security program in general.
    Depends on if someone can steal the car (or do something similar) with just that code and the menu (AFAIK you need the fob anyways to access the menu). The ODB port supposedly is required to be open in the first place so in most cars, as long as you have a reader you can pull lots of information from there (even program a new key).

    http://www.extremetech.com/extreme/1...w-in-3-minutes
    Because there are tons of crazy people in this world...

  8. #18
    Happy Model S Owner
    Join Date
    Apr 2011
    Location
    Ithaca, NY, USA
    Posts
    1,680
    Quote Originally Posted by jerry33 View Post
    Still, it would be nice if they gave us a read-only mode. Not as many would be interested in messing with the settings compared to those who would just like to see them (and maybe download them for tracking). A read-only mode would also ensure against accidental changes.
    That's what I'd like, certainly.

    - - - Updated - - -

    Quote Originally Posted by SteveH View Post
    The problem is, if it's a static code per Ranger it's just bad security. Sooner or later someone's going to watch what their Ranger typed in and post it online. I assume Tesla could push out an update to disable that particular code, but how long will that take. If they don't want us to get in there, in which case they should implement some type of time-based password system. While this is a little concerning to me, it raises deeper concerns over Tesla's information security program in general.
    I would just assume that Tesla has bad information security on the cars. But whatever. There's a basic principle that the person who possesses the physical car can do whatever he likes with it, given time; there's no point in trying to secure it against anything except accidents.

    I also don't think trade secrets are worth much in Tesla's case, so I'm not really worried as an investor about Tesla's information security, either; it's culture and attitude which are differentiating Tesla. Anyone, given enough money, could have built an electric car from the ground up, used a squirrel-cage motor, picked commodity battery cells, temperature-regulated them using a heat pump, placed the battery under the floor for a low center of gravity, etc., but every other company made *choices* to do it a different way, and Tesla is now years ahead on setting up mass production.

    EDIT: Of course, I just thought of the worrisome scenario (stupid me, this is probably the one you were thinking of): someone figures out how to distribute bogus updates over the air, and kills some or all Tesla drivers using hacked firmware.

    Yeah, this is a real worry. It would be very nice to know what the over-the-air security protocols are. Personally I'd rather not have any over-the-air connectivity for exactly this paranoid reason.
    Last edited by neroden; 2012-12-02 at 12:33 PM.
    I take "Electro", my amazing Model S, to the train station: yes, it's a station wagon

  9. #19
    Member
    Join Date
    Oct 2012
    Location
    Denton, Texas
    Posts
    272
    Exactly. As far as the broader infosec concerns, I'm most worried about a vulnerability in the OS or browser in the car that would allow malware to be uploaded. Even assuming that the key car functions like acceleration and braking are isolated, what about a malicious app that randomly opens and closes the sunroof, opens the hatchback, turns volume to max, etc.

    Unless I can get more info on their security and how they manage it, browsing on the car will be kept to a minimum. Hopefully they never enable Flash.
    P3,339: 60 kWh, blue/gray/lacewood, 19 inch wheels, tech package, sound package, air suspension
    Delivered: February 8, 2013

  10. #20
    BLUTSLA #516-REDTSLA #272 DrComputer's Avatar
    Join Date
    Jan 2009
    Location
    Sherman Oaks, CA
    Posts
    787
    Blog Entries
    1
    Shoot! At our Motor4Toys event today we had three Model S's there. One had the new 4.0 Firmware installed. Tesla decided to change the secret code on the new firmware. Guess we will have to sleuth and figure out the new code.
    ____________________________
    2010 Tesla Roadster #516
    2012 Model S Signature Performance #272
    6kW Solar System by REC Solar with TigoEnergy optimization and monitoring


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Know the code?
    By DrComputer in forum Model S: User Interface
    Replies: 0
    Last Post: 2012-10-20, 07:48 AM
  2. SJMN: EVs poised to enter the mainstream
    By rabar10 in forum News
    Replies: 3
    Last Post: 2011-04-11, 09:07 PM
  3. Mazda to enter electric car market in Japan 2012
    By dpeilow in forum Electric Vehicles
    Replies: 2
    Last Post: 2011-01-24, 09:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •