new update of "remote S for tesla" allows summons while you are not near car?

[modelx007]

Watch out because I used the Android app and it actually crashed as I was using summon. I had to quickly get my key fob out to stop it.

 

[TaoJones]

I've been told that the Summon function is very sensitive to resistance, so if it hits a bump like a cat, it would stop. But let's say that it does manage to happen. Who's fault would it be in that case? It would be negligence on the driver's part, right? Because he's ultimately the one who issued the command to Summon the car. It would be no different than if he put a brick on the gas pedal. The person issuing the command would be responsible, right?

Hey, I'm on your side. Hopefully that's how a jury would view it.

I am reminded of a seminal case back in the day concerning one of the first software-driven radiation treatment devices (the Therac 25). After a couple of patients got cooked to death due to technicians repeatedly hitting the "P" key to clear error messages that appeared every now and then, a case ended up in court. The question became, "Who is responsible?" The technicians who operated the machine? The hospital that bought the machine? The vendor who sold the machine? The coders retained by the vendor who wrote the software that enabled the machine to function? The patient, for being there? Sad, that last one.

It makes complete sense to me that the driver is responsible for what the car being driven does. However, the driver's insurance company may hold a different view, and cast the hairy eyeball of suspicion/liability and their willing cadre of expert witnesses/modeling and simulation experts in the direction of the car's manufacturer, and potentially in the direction of a well-intentioned app developer. Frankly, given that the Law of Deep Pockets applies, I'd be surprised if any such hypothetical case got much past the insurance policy limits and/or the manufacturer. *Especially* since the car is intended to stop at the slightest bump (just like it does when parallel parking). And once case law supports what we all expect would be the case (leave the app developer alone), that would be that.

And given that, were I a dedicated app developer, I'd just add this to the list of things to run by a competent attorney periodically. Or just scan Lexis/Nexis once in awhile.

Your mileage may vary. Thanks again for creating a very cool app.

 

[Haggy]

If this was a murder, this would actually be very hard to prove who did it. Anyone in the world with an internet connection and the MyTesla login to the car could have done it. How do you prove who pressed the button‽

That's one of the things that make the security so bad. The same password used for the app is used for the website, and a person could take some email addresses, systematically try to determine passwords, find the cars on maps, and get cars out of locked garages and drive them away.

If you think it's so hard to get email addresses, look into the problem related to spam for tesla-box. Plenty of people who got it used an email address that they gave only to Tesla. If you own a Tesla, it's fair to assume that your email address is out there on a list.

I have other apps such as the one that controls my home, including the door locks, thermostats, cameras, etc. Putting the app on a device wasn't enough. It uses a PIN that's unrelated to an account password. The account has a user name unrelated to the email address. The specific device has to have the app put on it, and then a special code is needed to register that specific device to the account, and nobody who knew my pin or other credentials could merely install the app on a random phone. With Tesla, anybody can install the app and it will automatically be associated with any car on the account, rather than requiring an extra step in the car that authorizes a device based on MAC address or anything else. Furthermore, the way the app works makes it easy for a husband and wife to have different PINs unrelated to an account password, the account password can be something long and complex that's impractical to use with the app and doesn't have to be something that all drivers of a car must potentially remember.

If somebody steals a phone, having a PIN would still make it unlikely that a person could make use of the app to steal the car, especially with the additional security of credentials such as a fingerprint or pattern, or anything else that would be unlikely to bypass, especially before a person got a chance to log on and deactivate a device. Also, physical possession of the phone to start with is another layer of security, and a knowing that a phone has been stolen is more likely than knowing that somebody got into your Tesla account on the web.

 

[Haggy]

The owner (driver?) has the responsibility. Since the Tesla app has the same feature, so should the Remote S. I've used the Tesla app to summon my car when my FOB was nowhere around.

That's true only to the extent that a driver is responsible for a stolen car. There's no way to show who moved the car or whether somebody "stole" it by guessing a password. Somebody would have to subpoena Tesla's records to try to show what device was used to move the car. Tesla's privacy policy says that data is kept only to the extent that it's necessary for those things itemized in the policy. Your specific location in particular is one thing that's locked down on a need to know basis, and even roadside assistance doesn't get to see that when you call them. I would expect that by the time it got to court and somebody asked Tesla for the data, it would be long gone from their system.