-
Want to remove ads? Register an account and login to see fewer ads, and become a Supporting Member to remove almost all ads.
Please Enter Access Code
- Thread starter brianman
- Start date
-
- Tags
- Model S User Interface
Nerding out...
Too complex. RSA would require the car to be online for the ranger to get in. The reasons are twofold: 1) it requires the public keys of all the ranger tokens who could possibly access the cars, which would have to be kept up to date with rangers joining and leaving the company (leaving in particular), and 2) the key fobs suffer from clock drift, so the system relies on the fob being regularly used and the current drift value of the fob from real time regularly updated.
Point 2 is the big issue. RSA fobs work by the system generating not just the correct code for the current time / 30 seconds, to check against what the user enters, but also codes for N time periods before and after. It is configurable, but usually 4 or 5 time periods each way. If it finds a code that matches, it records the current offset for that user, and uses it in future - so it can deal with drift over time (so long as the user regularly logs on - at least more often than it takes his fob's clock to drift N*30 seconds).
The RSA system works fantastically for banks because it is a single large centralized system. One ranger would be looking after hundreds of individual cars, and that is a very distributed offline system.
What does work is a time-limited password based on the unique car. The ranger would visit an online internal website (access to which could be protected by RSA fob, or whatever), and be given a time-limited password valid to access a specific car. The access token would be made up of a hash of the vehicle unique ID (not necessarily vin), the date, and a secret. RSA asymmetric cryptography can be used to avoid the secret being shared. The centralized system better be damn reliable, or rangers might be unable to do their work.
It is not rocket science, and the various algorithms are public knowledge,
That said, I reckon the screens that hold proprietary information and/or allow changes to the vehicle systems, should be securely locked down. The other advanced technical information should be available to the user.
That said, it is probably a waste of time. With physical access to the car, and sufficient determination, whatever Tesla do could be worked around. They can make life difficult for the hacker (tinkerer?), but they cannot stop them. Witness iPhone jail breaking.
Agree with everything you said except that it would be a waste of time. Nothing is ever completely "safe", but we still have security. Increasing the difficulty of the hack is helpful and limits the exposure. While it may well be possible to jail-break the Tesla, my guess is that owners are far more reluctant to do that with an $80,000 vehicle than they are a phone. But if all they have to do is enter a static password that works all the time on every car made then that's a much simpler thing and less likely to result in a loss of warranty.
Also agree that it's not a waste of time. Sure there is someone out there who is determined enough, and skilled enough, to hack into a properly-secured system such as you or I described. But that'll be 1% or less of the potential cases. It limits Tesla's legal risk of being named in a liability suit when someone screws up their internal settings, it reduces the risk and spread of industrial espionage, and if the system is good enough it'll be darned hard to crack.
If all Rangers log into their internal systems using the RSA token as I described, then each Ranger will be using his/her token at least a few times per week and that's more than enough to manage drift. However, I do agree that the car needs to be online for that to happen. There'd have to be a contingency method for the (probably pretty rare) cases when they need to work on a car that does not have connectivity.
Your method works well too, by the way. As you noted, the algorithms are available, and none of this is rocket science. For that matter, I would hope that all of the communication between the car's internal computers and the mothership is sent over a simple SSL-encrypted connection (HTTPS would work well, so would SSH, and so on...). We have no way of knowing whether Tesla does that or not, but I submit that they're already using Linux so they have all the tools they need (for free, at that) in order to implement some very good common-sense security measures for the car.
- - - Updated - - -
The fobs were hacked, yes. But I've been using them for 10-12 years at least with great results, and I can count the number of times they've been hacked in that time on the fingers of one hand. They're pretty secure. All systems are eventually hacked, because nothing's perfect, but these are pretty good. In this case, I'm just mentioning them as an example of an approach which is far more secure than a simple password. Lots of ways to skin this particular cat.
If all Rangers log into their internal systems using the RSA token as I described, then each Ranger will be using his/her token at least a few times per week and that's more than enough to manage drift. However, I do agree that the car needs to be online for that to happen. There'd have to be a contingency method for the (probably pretty rare) cases when they need to work on a car that does not have connectivity.
Your method works well too, by the way. As you noted, the algorithms are available, and none of this is rocket science. For that matter, I would hope that all of the communication between the car's internal computers and the mothership is sent over a simple SSL-encrypted connection (HTTPS would work well, so would SSH, and so on...). We have no way of knowing whether Tesla does that or not, but I submit that they're already using Linux so they have all the tools they need (for free, at that) in order to implement some very good common-sense security measures for the car.
- - - Updated - - -
The fobs were hacked, yes. But I've been using them for 10-12 years at least with great results, and I can count the number of times they've been hacked in that time on the fingers of one hand. They're pretty secure. All systems are eventually hacked, because nothing's perfect, but these are pretty good. In this case, I'm just mentioning them as an example of an approach which is far more secure than a simple password. Lots of ways to skin this particular cat.
NigelM
Recovering Member
Posts covering GeorgeB as the most interesting man in the world and speculation about Bonnie being a man in drag went here: The-Most-Interesting-Man-In-The-World
(Really people? How bored were you all?
)
(Really people? How bored were you all?
)
I think neroden should have tuned it down a bit, but he has a point.
When I buy the car I want to see that information about my car.
I don't really mind right now since I'm still waiting, but in the future I'd like to get access to this info.
Tesla is a new brand and they are fighting the established brands, so I'm not going to 'bug' them with this now, maybe in a year
Sent from my phone, so my apologies for typos.
When I buy the car I want to see that information about my car.
I don't really mind right now since I'm still waiting, but in the future I'd like to get access to this info.
Tesla is a new brand and they are fighting the established brands, so I'm not going to 'bug' them with this now, maybe in a year
Sent from my phone, so my apologies for typos.
Trixie
Member
But half the fun is trying to figure it out . It's like discovering a hidden compartment or secret decoder ring!
. It's like discovering a hidden compartment or secret decoder ring!
NigelM
Recovering Member
@neroden: buying a product doesn't give you a right too any and all proprietary information behind that product; it also doesn't give you a right to publish any of that proprietary information should you manage to access it.
I would also remind you that everyone expects a certain level of civility here on TMC; GeorgeB is a fellow member and IMO your aggressive tone is not appropriate. Further to that everyone realizes that in his position GB is totally unable to respond in any sort of manner the way another member would have. That makes your aggressive behavior a cheap shot.
I would also remind you that everyone expects a certain level of civility here on TMC; GeorgeB is a fellow member and IMO your aggressive tone is not appropriate. Further to that everyone realizes that in his position GB is totally unable to respond in any sort of manner the way another member would have. That makes your aggressive behavior a cheap shot.
bonnie
I play a nice person on twitter.
kvietor
Model S VIN 168
NigelM
Recovering Member
Mod Note: some posts moved to snippiness; apologies to any innocent posts that got moved along also, there's never a good way to split these.
- - - Updated - - -
I get that, but you also have to remember that any company who sells you a product isn't obliged to give you everything you want. In some cases it may be good marketing to fulfill your wishes, in other cases it may be prohibitively expensive either because it costs too much or reveals too much.
- - - Updated - - -
I get that, but you also have to remember that any company who sells you a product isn't obliged to give you everything you want. In some cases it may be good marketing to fulfill your wishes, in other cases it may be prohibitively expensive either because it costs too much or reveals too much.
Why are some people assuming Tesla will not show this information in the future? Tesla has a energy package coming out with all sorts of info about the car's usage. The firmware updates are coming out every 8 to 10 weeks exactly as we were promised. Sit back and let them roll in. If the car was "done" then there would be no cool upgrades for us to obsess on and brag to others about.
Perhaps people aren't understanding what's behind that access code. It's far more than information -- it's controls for things that can affect your (and others on the road) safety, and knobs for features that may or may not exist in the future. That "super secret portal" is not supposed to be there in the long term. It's there because they're in the early stages of setting up servicing, etc. So even if we got access to it (why?) the point is moot -- it's going away. And you can bet the priority of making it go away is higher than it was due to this thread.
Arnold Panz
Model Sig 304, VIN 542
That's truly unfortunate if it happens. Tesla has enough things to worry about than having to hurry up something like this because some super-curious souls can't stop themselves from trying to crack the code. Not sure what they're hoping to accomplish anyway.
I reviewed the posts that got sent to "Snippiness", and it seems like neroden's main complaint was that GeorgeB used inapt analogies to explain Tesla's concerns. However, there are several relevant examples where someone "owns" something, but doesn't own the component pieces of it, or the secret sauce behind it. For example, I can go buy a Coke and say that I "own" the Coke, but does that mean I'm "entitled" to the secret recipe that is arguably the most famous trade secret in the world? What if I were a food scientist who could take the Coke and reverse engineer the ingredients to figure out the formula? The law absolutely allows Coke to prevent me from revealing the formula if I'm lucky enough to figure it out. This is not to argue that whatever stuff Tesla has behind the password is trade secret, but the point is that just because you "own" something sold by a company doesn't mean you have an absolute right to do with it (or publish) anything related to it without restriction.
Similarly, Tesla could take an approach and say that they are selling you the physical pieces behind the Model S (like hardware in a computer), but the software is only "licensed" to you (like the software in the computer), and so you don't "own" the software, but merely license it from Tesla like every other piece of software you use in your daily life. This would make sense because if I truly "own" the software in the Model S, Tesla has no "right" to update (and thereby erase or materially alter) the current software I have in there. (n.b., if you work at TM, PLEASE do not think that I don't want the v.4 update -- I really, really, really do! Thx!)
I haven't thought this approach out fully, but the basic concept demonstrates my larger point, which is that just by virtue of the fact that you have physical possession of something doesn't give you the unfettered right to do whatever you want with it. If people can't help themselves and arguably put the vast majority of owners at risk by going behind the password wall, Tesla will only be forced to take the additional, otherwise unnecessary, steps to protect everyone. The vast, vast majority of Model S owners in the future (and probably now) aren't techies and couldn't care less about finding out what's behind the password wall, so why should a small minority force a material change by the company? It always sucks when a few bad apples ruin things for everyone else.
Last edited:
I would bet that there has already been a model s bought and taken apart for reverse engineering, and many more are going to be facing the same fate. It would be very naive to think otherwise. Technology this SUPERIOR to what everyone else has to offer gets the attention of the competition VERY fast.
The existing automakers face an interesing dillema. They essentially are peddling a very inferior product(a good example:how many people would buy a cell phone from the 1990's today?), and can't innovate fast enough to avoid cannabalizing their existing product which pays all of the bills. That's why they are pushing hybrids so much. Hybrids buy them time so the change is slow.
The existing automakers face an interesing dillema. They essentially are peddling a very inferior product(a good example:how many people would buy a cell phone from the 1990's today?), and can't innovate fast enough to avoid cannabalizing their existing product which pays all of the bills. That's why they are pushing hybrids so much. Hybrids buy them time so the change is slow.
The MVPA states you cannot reverse engineer the car (I'd need to look up the exact wording) ... not that that'll necessarily stop everyone obviously.
What's behind the secret code was intended to be temporary (I believe this thread has no impact on that except perhaps timeline).
And I don't disagree we should have more access to the raw numbers behind the UI. But access to the Tesla diagnostic switches and things that are on those screens purely for *Tesla employee* testing purposes is not access we should have. This is different than access to stuff to diagnose issues with existing features in the car (e.g. Right to Repair and related laws).
What's behind the secret code was intended to be temporary (I believe this thread has no impact on that except perhaps timeline).
And I don't disagree we should have more access to the raw numbers behind the UI. But access to the Tesla diagnostic switches and things that are on those screens purely for *Tesla employee* testing purposes is not access we should have. This is different than access to stuff to diagnose issues with existing features in the car (e.g. Right to Repair and related laws).
Arnold Panz
Model Sig 304, VIN 542
No doubt, but hopefully Tesla's 150+ patents (and counting) will prevent anyone from actually using Tesla's technology to make a copycat car anytime soon.
Actually, if you think about Elon's goal of having Tesla lead the way to more EVs from every car manufacturer, he'd personally probably prefer that other car manufacturers use Tesla's technological innovations to make EVs. But Elon the CEO of Tesla Motors, Inc., the public company (TSLA) definitely wants to have those patents enforced to protect their market share!
Personally I think this whole thread is disappointing. As a nerdy engineer I would have loved to take a peek in there, just for my own private and personal edification - I'm not stupid enough to have pushed any buttons. But I have no "right" to be in there, and the average user should NOT be able to access it. Tesla is absolutely right to have a password on the screen.
Companies absolutely are allowed to have proprietary information in their products, which the customer is not privy to. Modern products of all sorts are full of processors, and they pretty much all have debug and troubleshooting features buried in them. Are you going to demand the source code for your toaster?
I absolutely agree with the section moderators for moving that mess to snippiness. Heck the whole thread can go there IMHO.
What I would like to see from Tesla is an optional display of additional information - motor and power electronics temperatures, the ability to download trip and charging logs like we can with the Roadster - that sort of thing.
Companies absolutely are allowed to have proprietary information in their products, which the customer is not privy to. Modern products of all sorts are full of processors, and they pretty much all have debug and troubleshooting features buried in them. Are you going to demand the source code for your toaster?
I absolutely agree with the section moderators for moving that mess to snippiness. Heck the whole thread can go there IMHO.
What I would like to see from Tesla is an optional display of additional information - motor and power electronics temperatures, the ability to download trip and charging logs like we can with the Roadster - that sort of thing.
I stand by GB in this instance to protect TMs IP; Plain and Simple. I want the company to succeed more than my desire to see behind the curtain.
Similar threads
