37 comments

[ 3.1 ms ] story [ 93.2 ms ] thread
sure would like to take a look at that script
It is ubuntu....

#!/bin/bash sudo su

"This goes through a secret process that eventually gets me connected to the CID (touchscreen) with root privileges."

give me back my 2 mins, please.

I'm pretty sure that wasn't disclosed as lots of dangerous things could be done in the wrong hands.
Right, so now we just have to wait until someone else with a Model S figures it out and actually posts code.
Like... um.... what, exactly? People could take control of their own vehicles and exercise the privileges that ought to come with ownership?

The ability to jailbreak a Tesla is the only thing that might make me interested in owning one.

Wonder given Elon's position on patents if they've even thought about open sourcing the software; guessing they have, but never know.
His position on patents is that if you patent something you make it public and the Chinese steal it regardless of the patent. By not patenting something they keep it secret. He is not anti patent he just understands that some people DGAF about a US granted patent and will steal your ideas anyway. As such I can't imagine they have ever thought of open sourcing the software behind their vehicles.
(comment deleted)
It seems like the new car that you just created should have to be checked out and approved as street legal. How do you know that the changes you have made still meet safety regulations and the like?
There are lots of things you can do to make a car not street legal. And people have access to them. And it's their responsibility to make sure they only drive a street legal car on the street.
One could reasonably propose that things ought to work that way, but that is not, in fact, the way things have ever worked, at least not in the USA. People routinely make very substantial alterations to their cars and continue driving them on the street with no legal process involved. "Street legal" is not an exacting standard and no inspections are required for an altered vehicle (so far as I know, anyway) beyond whatever routine process your state requires as part of the registration process. (Here in Washington state, that's just an emissions test.)

I used to be part of a 4x4 club; we routinely rebuilt our trucks' suspensions, changed out the gearing, replaced wheels and tires with bigger ones, installed power steering systems adapted from some other type of vehicle, swapped our engines or axles out for bigger, tougher ones, swapped out entire drivetrains - you name the component, somebody in the club probably modified or replaced it.

We weren't even doing anything unusual by recreational offroading standards, much less hot-rodding standards. We weren't building tube frames, and most of us didn't modify our frames at all. Nobody had ripped off all the sheet metal on their truck and replaced it all with a molded fiberglass replica; none of us installed superchargers or nitrous injection or anything like that. I'd guess no more than half of us even knew how to weld.

Modified cars are on the road all the time; you've seen thousands of them whether you realize it or not. If this were a big safety problem, there would have been a moral panic about it decades ago. Tweaking the software in a Tesla is completely insignificant by comparison. No, it doesn't need to be checked out and approved.

Tweaking the software in autopilot could cause it to kill you and anyone else on the road. For example, you might accidentally make it not return control to the driver when it can no longer navigate or cause it to accelerate out of control. It isn't clear to me that increasing horsepower or changing the wheels is as significant. There are a bunch of common modifications that are outright illegal like high/low-riding changes, emissions, lighting, etc. though it is on a state by state basis in the US.

http://blogs.findlaw.com/law_and_life/2012/07/the-top-5-ille...

Teslas are exposed to the internet via the wlan/gsm connection built into the car. It would be very bad if this were exploited.
Given that it involves physical access to the car, and a fairly intensive degree of it from the looks of the photo series, how exactly would anyone but the car's owner or an authorized mechanic go about using such an exploit?
I agree wholeheartedly, just as of now have decided not to release the procedure. I said elsewhere but Tesla knows of this and so far has chose to not change it. If it becomes a trend which every owner could easily do I have no doubt they would quickly change their minds. Barring that, there is enough information out there for a determined individual to accomplish this.
This. Complete waste of time.
I want my time back, plus compensation for the tremendous let down.
Totally worth to read the comments before reading the article. Thank you! (no irony)
Additionally,

> "This allowed me to make a special REST call to the CID to enable factory mode."

> "So, I plugged in my laptop and ran a script I had pre-written: obtain_root".

Then, an image of the a script that spouts gibberish to the console.

Props to the author for the significant effort they put in the hack. But it does seem like the author is intentionally glossing over some parts of the hack (actually spelling these things out would have been a lot easier).

Everyone (including Tesla) would like to know what you did in the script, not what you called it or what newfangled quotes it is printing out.

Tesla already knows of the procedure.
Can u email me srschere it is an arizona state University email address (.edu)... thanks!
It can be patched by Tesla. They have so far said they won't fix it, but if it becomes a trend I have no doubt they'll disable it. I know it sucks but it's a decision that I have made.
Would love to hear how the IC-connected network was setup.

> disconnect the cable from the IC and plug my earlier cable in to it. This allowed me to make a special REST call to the CID

So the cable from the side panel connects to the above network via VPN? Interesting approach :)

There was something about this recently where someone connected in to their Tesla. Then their phone rang and it was Tesla engineers telling them to stop. Did you get a phone call?
I'm not sure that actually happened. Recently Jason Hughes (wk057) released some info he found in firmware (P100D) and Tesla engineers rolled back his firmware remotely, but no one called him AFAIK.
And Tesla said they didn't do it or it was not done in retaliation but rather to resolve an issue with the firmware version wk057 was running. I think it eventually got reverted but can't be sure of that.
No, so far I have not seen anything to suggest Tesla knows.
If he's talking about getting root on that big screen in the middle, it's been done before:

https://teslamotorsclub.com/tmc/threads/let-the-hacking-begi...

However, the guy who did it before told everyone exactly how he did it, without any "secret script sorry :^)".

wk57 got direct access to the CID by unsoldering the ROM from a salvaged screen. I honestly wouldn't have the guts to do that.
This is an easy way to go if you are good at soldering under a microscope to put it back together. I've considered doing it this way but I'd prefer to figure out the software route...
As a tech and automotive geek, I find this interesting and would be interested in a deeper investigation into the legal implications between the manufacturer and hacker (software licensing, etc.) as well as how, if any, existing motor vehicle laws apply.

For context, I drive an old Jeep that has various modifications (AKA lifted, with various accommodations due to that fact) and I've given little thought to any legal ramifications. That said, I do live in state (Colorado) that, legally, has little to nothing to say regarding such modifications, or only addresses them broadly. In contrast, Utah has a number of very specific regulations on such modifications.