Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

My adventures in gaining control of my car

This site may earn commission on affiliate links.
#81
msnow said:
The one person we know who could answer that question ain't talking about it.
Click to expand...
There's more than one who can answer that one, as there are several people with root (not just one)

But it is in fact easy to answer, the answer is "it depends", yes, Tesla certainly can replace password files and replace permissions, however that doesn't mean they have to. Also if you have root, you can equally tell the system not to apply those parts of an update (assuming you know how) or have the system automatically re-do your changes afterwards.
Additionally, the rooting process can often be repeated on the new firmware if the specific exploit used was not patched. And this here leads to the controversy...

Many people who have rooted the car don't want anyone talking about how to do it for fear that Tesla will learn their exploit and patch it in the next release, effectively locking them out. This is contrary to Elon's stated position on the matter, but actions speak louder than words, and Tesla's past actions indicate they would likely do exactly this.

That said, I personally believe that hacking should be done for the greater good, and not just for personal gain. I could have followed the example of all the others before me and not talked about it, and just tried to do it, but that, to me, feels a bit selfish. I'd rather give back to the community and help others who feel as frustrated as me to do something about it.

I'm taking a big risk by talking about it, and I'm sure I'm not making many friends here (between the "you should never do anything Tesla didn't ordain" crowd, Tesla themselves, and the community of already rooted users, a lot of people won't be happy)

That said, as I mentioned right at the start, this will not be a "how-to" guide for the novice user. But I do hope that I can provide enough information to let others who have a bit of knowledge in the right areas figure it out for themselves. (Assuming of course that *I* can figure it out for myself, and that is far from a guarantee) My hope is that this is considered an adequate compromise by the community and Tesla as it will not lead to a flood of people who don't know what they're doing rooting their cars, while still allowing the occasional techie to do so.

I've had several people reach out to me privately since I started this thread. I have assured all of them that I will not post anything they tell me privately in public without their express consent, even if I disagree with their reluctance to share information publicly. That said, those that are ahead of me on the process have so far shared nothing with me, only asked for mutual cooperation in the future and that I stop posting details publicly. While I am open to mutual cooperation (even if it means I can't share that information publicly) The lack of useful information at this stage of my journey does not encourage a wish to provide information back to them in the future.

Anyway, rant over, and hopefully tomorrow I'll be able to find a bit of time to continue my journey.
 
  • Like
Reactions: DaveBC, croman, Dave EV and 6 others
#82
JohnSnowNW said:
Have you tried black construction paper and velcro? I mean this seriously. Just using the velcro stickies and some sort of black material that you can remove when you want to use the screen?
Click to expand...

If I was really desperate I'd hook up a power switch to the backlight power. But, this is all getting beside the point. The main point was there was a lot of customization that an owner might want to do.
 
#84
green1 said:
There's more than one who can answer that one, as there are several people with root (not just one)

But it is in fact easy to answer, the answer is "it depends", yes, Tesla certainly can replace password files and replace permissions, however that doesn't mean they have to. Also if you have root, you can equally tell the system not to apply those parts of an update (assuming you know how) or have the system automatically re-do your changes afterwards.
Additionally, the rooting process can often be repeated on the new firmware if the specific exploit used was not patched. And this here leads to the controversy...

Many people who have rooted the car don't want anyone talking about how to do it for fear that Tesla will learn their exploit and patch it in the next release, effectively locking them out. This is contrary to Elon's stated position on the matter, but actions speak louder than words, and Tesla's past actions indicate they would likely do exactly this.

That said, I personally believe that hacking should be done for the greater good, and not just for personal gain. I could have followed the example of all the others before me and not talked about it, and just tried to do it, but that, to me, feels a bit selfish. I'd rather give back to the community and help others who feel as frustrated as me to do something about it.

I'm taking a big risk by talking about it, and I'm sure I'm not making many friends here (between the "you should never do anything Tesla didn't ordain" crowd, Tesla themselves, and the community of already rooted users, a lot of people won't be happy)

That said, as I mentioned right at the start, this will not be a "how-to" guide for the novice user. But I do hope that I can provide enough information to let others who have a bit of knowledge in the right areas figure it out for themselves. (Assuming of course that *I* can figure it out for myself, and that is far from a guarantee) My hope is that this is considered an adequate compromise by the community and Tesla as it will not lead to a flood of people who don't know what they're doing rooting their cars, while still allowing the occasional techie to do so.

I've had several people reach out to me privately since I started this thread. I have assured all of them that I will not post anything they tell me privately in public without their express consent, even if I disagree with their reluctance to share information publicly. That said, those that are ahead of me on the process have so far shared nothing with me, only asked for mutual cooperation in the future and that I stop posting details publicly. While I am open to mutual cooperation (even if it means I can't share that information publicly) The lack of useful information at this stage of my journey does not encourage a wish to provide information back to them in the future.

Anyway, rant over, and hopefully tomorrow I'll be able to find a bit of time to continue my journey.
Click to expand...
When you say "this is not Elon's stated position" what statement are you referring to? The only comments I recall on this topic was a) he had nothing to do with what happened to Jason and b) words to the effect that he respected hackers.
 
#86
green1 said:
I'm paraphrasing, but he said that hacking for good was a positive thing.

If it's positive, then it shouldn't be actively blocked.
Click to expand...
Yeah, I don't think he said it exactly like that maybe more like he thought hackers were geniuses but he was definately complimenting him as you say. But I wouldn't take that to mean he thinks it's okay to hack these cars. He pays serious money to try and prevent that but likely focus is on remote attacks.
 
#87
Remote attacks are a real security threat and should be stopped. There is no situation in which you would want a remotely exploitable vulnerability left un-patched.

Any "attack" that requires gaining physical access, taking apart half the dashboard, and doing custom wiring before you can even start, is not. Stopping this form of "attack" will not prevent a single malicious hacker as with the same level of access there is much worse that you can do with far less effort. Working to stop this level of "hack" is purely working against the company's paying customers. In the long run it never pays to treat your customers as criminals.
 
  • Like
  • Helpful
Reactions: croman, SW2Fiddler, deonb and 2 others
#88
green1 said:
Any "attack" that requires gaining physical access, taking apart half the dashboard, and doing custom wiring before you can even start, is not. Stopping this form of "attack" will not prevent a single malicious hacker as with the same level of access there is much worse that you can do with far less effort. Working to stop this level of "hack" is purely working against the company's paying customers. In the long run it never pays to treat your customers as criminals.
Click to expand...
Clearly you've never met rogue hacker valets.
 
  • Funny
Reactions: DaveBC, croman, deonb and 4 others
#89
ohmman said:
Clearly you've never met rogue hacker valets.
Click to expand...
I'm suspecting you jest, however on the chance that you are serious, if they have that much access to the car, they can steal it, they can cut the brake lines, they can drain the coolant, they can short the battery, they can burn the car to the ground, they can loosen the lug nuts, they can do all sorts of things depending on what result they want. going as far as is required for this exploit is so far past unlikely in comparison to any of that stuff that it really isn't worth considering. The only people likely to actually do this are those who own the car, and have a high level of technical knowledge already. Fighting them is both a) a losing battle as "possession is 9/10ths" and b) likely to alienate more customers than it attracts.
 
#90
green1 said:
Remote attacks are a real security threat and should be stopped. There is no situation in which you would want a remotely exploitable vulnerability left un-patched.

Any "attack" that requires gaining physical access, taking apart half the dashboard, and doing custom wiring before you can even start, is not. Stopping this form of "attack" will not prevent a single malicious hacker as with the same level of access there is much worse that you can do with far less effort. Working to stop this level of "hack" is purely working against the company's paying customers. In the long run it never pays to treat your customers as criminals.
Click to expand...
I think we just have to agree to disagree on that. I believe there's a lot of liability issues if people that don't know what they're doing make changes that could impact safety.
 
  • Helpful
Reactions: SW2Fiddler
#92
msnow said:
I think we just have to agree to disagree on that. I believe there's a lot of liability issues if people that don't know what they're doing make changes that could impact safety.
Click to expand...
I said I wouldn't engage in this sort of thing in this thread, so this will be my last post on this.

We allow people to rotate their own tires, replace their own brakes, re-do their power steering, and for that matter, replace ANY (and even in some cases EVERY) part on their vehicles, we do zero quality control on any of that work, and allow these vehicles on public roadways without a second thought. There are millions of cars on the road that have had work done by people who don't necessarily know what they're doing, and all of those things could (and in fact DO) affect safety. Nobody on here has even once suggested that we should stop allowing people to do this.

Meanwhile, Tesla has built their car so well, that even with root access to the centre stack, you still can't actually cause the car to do anything more dangerous than shut down the screens and accelerator at speed, this would have to be actively malicious (not passively incompetent) and would still leave the driver with full control of brakes and steering to bring the vehicle to a safe stop.

This means that the worst possible safety case of rooting the Tesla centre stack is far safer than a single botched brake job. Yet people are rallying against the former, while refusing to denounce the latter despite estimates that approximately 10% of collisions are caused by improper maintenance, and so far there have been zero collisions or safety incidents of any form attributed to hacking a Tesla. For that matter, even in vehicles with known, remotely exploitable vulnerabilities like Jeeps, there have still been no injuries or deaths reported from hacking.

Maybe people just don't understand software and are scared of it, but there's nothing special about software, vs hardware, they're just 2 different ways of accomplishing the same thing.

Again, I said I won't engage with people in this thread who want me to stop my attempts, I only replied originally to clarify a point I had made and which was being questioned. I will not reply further to this part of the discussion in this thread.
 
  • Like
  • Love
Reactions: StarLog, AperiodicCoder, Gizmotoy and 10 others
#93
green1 said:
I'm suspecting you jest, however on the chance that you are serious, if they have that much access to the car, they can steal it, they can cut the brake lines, they can drain the coolant, they can short the battery, they can burn the car to the ground, they can loosen the lug nuts, they can do all sorts of things depending on what result they want. going as far as is required for this exploit is so far past unlikely in comparison to any of that stuff that it really isn't worth considering. The only people likely to actually do this are those who own the car, and have a high level of technical knowledge already. Fighting them is both a) a losing battle as "possession is 9/10ths" and b) likely to alienate more customers than it attracts.
Click to expand...
Or.. you could use the onboard system as a medium to gain access to other, like the cellphone and fetch data from it or similar ( maybe on your car you have access to your e-mail? no? and in your e-mail there isn't your entire life.. no.. of course not .. ) and you can of course try to make him crash hard on something and auto-delete your hacking so no-one can know you did it ( just bang him with some sound he can't disable or something in the middle of a hard curve, changing the speed he thing he is going ) and this is only the beginning..
If killing people without getting caught or being suspected is a thing "ok" for you, then no.. of course.. only remote is a problem..

My point is: there is a really valid reason for not allowing someone the ability to thinker in the software and close all the door you can or at least make it really hard and time-consuming to do ( so you can't do in 1h while in a parking lot ). this isn't a cellphone, this is a car, there risk is too high
 
Last edited:
#94
S4WRXTTCS said:
It is of particular interest to the OP because having root access would allow him to turn off the road-type/speed-limit based restriction that was added to 7.1. He predicted during the release that it would function poorly, and he was correct. The other thing it would allow him to do is to turn off nags.
Click to expand...

By whose criteria does it function poorly? Yours? Certainly not by mine. I think it functions very well indeed, notwithstanding the fact that I wish it limited to ten instead of five MPH over the limit when encountering highway speedlimits (55 and up).

maratd said:
Because Tesla broke OPs car and he wants to repair it. The backend services stopped working on his version of the firmware and the solution Tesla provided was to upgrade the firmware, which he doesn't want to do.

So he wants to repair the firmware to work again and yes, that's a valid "right to repair" issue.

It's actually very unprofessional on Tesla's end. The backend services should be versioned and tied to specific firmware revisions. An older firmware should never stop functioning properly.
Click to expand...
This seems like a very contrived argument, to say the least. The case could more easily be made that the OP broke his own car by not accepting the Tesla updates that are designed to keep the car functioning safely and properly, in no small part by ensuring it remains compatible with the already-mentioned changes to outside interfaces.

green1 said:
Well, exactly as I knew would happen, nobody was capable of even reading my first post in this thread.
Click to expand...
Putting forth such an arrogant, condescending tone as this in your posts (including the one that started this thread) essentially guarantees that you'll get all sorts of flak. I'm a bit surprised that you're not getting more personal attacks than you are - perhaps enough to trigger the moderators to lock the thread completely. I hope that doesn't happen, though - I'm getting a bit of a kick out of this! Good luck with your endeavor, and please don't ever be on any road anywhere near me.

Now here's another perspective on this whole "hack the car" thing:

Breaking into the car's OS and changing ANYTHING will likely put the person who does that into one hell of a bad liability position if they ever get into a wreck. Any halfway decent attorney would be able to make the argument that, by changing anything in the software of such a highly integrated platform, the person who made the change may have caused the software to malfunction in some way that caused the crash, or made the crash possible. They don't have to PROVE the malfunction; they just have to convince a jury that it's possible (and juries, as we all know, are not chosen for their problem solving skills or technical acumen). Insurance companies may use that same sort of argument to refuse to pay (we also all know that insurance companies never do that). And finally, if Tesla knows of a hack and does not try to block it, they may be held negligently culpable for just letting it be done. So from a liability perspective, Tesla may be forced to try to intervene against someone hacking their car.

Far fetched? Sure. But take a look at what killed general aviation in the 1970's before you claim that too loudly.
 
  • Like
Reactions: rfmurphy81
#95
green1 said:
Maybe people just don't understand software and are scared of it, but there's nothing special about software, vs hardware, they're just 2 different ways of accomplishing the same thing.
Click to expand...

Seems to me this is exactly what's going on here. I'm sure if the internet had existed back when cars first became popular all sorts of folks who go off on home mechanics working on their cars.

Very few people understand the software architecture on this, or any other car and that makes them scared. Nobody would claim that by changing your windshield wipers or putting a sticker on the back of your car you could make it less safe, but that's exactly what folks here seem to be claiming about changing the software on the car.
 
  • Like
Reactions: Pdub2015
#96
msnow said:
You're right except for the "never" comment. Most have a longish upgrade path for bugs and security vulnerabilities among other things. Banks running embedded OS's on ATM's, for example, operate like that.
Click to expand...

I used the qualifier "most", which would cover exceptions like that. Most embedded products never have their kernels updated after release. Obviously security concerns for bank ATMs is an exception.
 
  • Like
Reactions: msnow
#97
jaguar36 said:
Seems to me this is exactly what's going on here. I'm sure if the internet had existed back when cars first became popular all sorts of folks who go off on home mechanics working on their cars.

Very few people understand the software architecture on this, or any other car and that makes them scared. Nobody would claim that by changing your windshield wipers or putting a sticker on the back of your car you could make it less safe, but that's exactly what folks here seem to be claiming about changing the software on the car.
Click to expand...
Are you sure YOU know enought of the software architecture to make that statement?
I'm a software architect so i know something of this, and i think you know enought to not being afraid, but you don't know enought to be scared of the consequences of manipulating a software like this.
I'm scared every time i push a software upgrade to a web site, and i made the software and i know every damn code line.. so you see.. you don't know enought if you aren't scared.

Just think of someone who just wanted the alert message to be different end he break it under some circustance ( like when the autopilot disengage so he doesn't have a clue of it ).. but .. hey, he wanted only it to be more clear to read so it's ok..
 
#99
Did you really say "drain the coolant" in post 89?

Seriously, computers have been in cars for years, I'd dare to say the percentage of cars "hacked" might be only a small amount more on this platform than conventional ICE due to tech nature of consumer.
 
#100
apacheguy said:
To be fair folks have been modifying and tinkering with their cars for decades. IMO, this is nothing new.
Click to expand...
Understood but there's over a hundred years of experience, knowledge and documentation working on those cars. Tinkering in the sense of "hmmm i wonder what will happen if I change this AP value to something else" concerns me as a driver on the road with my wife and kids in the car. I'll admit that when it comes to letting people play with technology that impacts my family I am pretty risk averse.
 
  • Disagree
  • Like
Reactions: ABC2D, Dave EV and supratachophobia
You must log in or register to reply here.

Similar threads

R
Model 3 rear ended [is my car totaled]
Replies
2
Views
273
Insurance
walla2
walla2
R
Should I upgrade to Plaid or keep my 2014 P85D w MCU2 and Ludicrous upgrade
Replies
33
Views
1K
Model S
MFrunkerOG
MFrunkerOG
G
MyQ opens my closed garage door when pulling away
Replies
2
Views
538
Model S
Patrick W
Patrick W
L
Review of Full Self-Driving (FSD) in a 2023 Tesla Model S
Replies
4
Views
167
Model S
cucubits
cucubits
M
Terrible service experience, why my 2023 Model S is a regrettable purchase
Replies
56
Views
1K
Model S
PEMDAS
PEMDAS
Top
Back
Blog
New
Forum list
Marketplace
Menu