- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
Researchers jailbreak a Tesla to get free in-car feature upgrades::A group of researchers found a way to hack a Tesla’s hardware with the goal of getting free in-car upgrades, such as heated rear seats.
You must log in or register to comment.
I’m amazed that it’s legal for a car company to sell you something, and then after you own it, remotely disable xyz aspects of the functionality unless you pay them more. How can that be legal? I own the car, it’s MINE now, how can I not use every single thing that’s in it?
I’ve seen a bunch of lab equipment do this as well. For some, there are firmware hacks available to enable features only available on models twice the price.
Unless you pay them more every month. Not everything needs to be a subscription and they’ll keep doing it unless people stop buying.
Same reason it’s legal for HP to brick your printer if you use third party ink. You violated their shitty TOS that none of us read because it’s 80 pages of legalese, but you agreed to it.
hmmm yes I suppose that’s true. Okay so let me rephrase: I’m amazed it’s legal for a car manufacturer to even HAVE a TOS like that when you purchase a car. It shouldn’t be legal to write language like “you are purchasing this but agreeing that you can’t use it” … wtf?
I agree that it’s wrong, but I don’t think, at least in the U.S., that there’s any law against it. Like I said, HP does the exact same thing with their printers. I certainly would like for it to be illegal.
Can any fill in how this is in the EU right now, as they often have better legislation regarding this issue?
As for Tesla, at least where I am in the EU, there is only one feature offered as a subscription: a mobile network connection for the car. Keeping its SIM card active basically. That one makes sense, I’d say.
Then there are three “features” that you can buy outright after the fact: an “acceleration boost”, that one is dodgy, and two levels of their auto-pilot/self-driving. The latter two currently do effectively nothing (especially in Europe that is also true for enhanced autopilot), so they are more or less an option to say “here have some money for future development” if you have too much…
No heating subscription or anything like that. I was going to say that I think the local laws seem to have at least discouraged them a bit, but BMW and VW are trying it too, so I don’t know.
In Germany, BMW and VW both offer subscriptions for functionality already built into the car. BMW is notorious for their heated seat subscription here and the Mk8 Golf I leased for a while had a bunch of minor stuff pay-walled like automatic high beams, changing color of the interior ambient lighting, etc.
You can still outright buy those features but it’s totally insane to pay for something that’s already physically inside the car. And it’s not like these are budget brands that need to upsell a bunch of stuff to be profitable. A base Golf starts at €31k…
So I’ve been in discussions like this for equipment on trains. It functionally goes:
You paid for X. The hardware we plan to use for faster build supports X+Y. You can either:
- pay for Y
- have us artificially prevent Y
- wait until the hardware that just does X comes in
I actually agree with the options prevented above. I just think that, as the owner, you should still have the right to reverse item 2 if you can figure out how. Especially if it’s out of warranty.
Don’t like it? Don’t buy it. Simple.
“Don’t like it? Move”
That’s the same dangerous logic. Heaven forbid people try to make things better.
First they enshittified Tesla and I didn’t care cuz I didn’t buy Tesla
Then they enshittified GM and I didn’t care cuz I didn’t like GM
Then they enshittified Toyota and I didn’t care cuz I didn’t buy Toyota
…
Then they’d enshittified everything, and since they also cut all corporate taxes and subsidized the oil companies my town has no public transit and I walk by the side of the road.
Lets be fair
TOSs you need two lawyers and an ai chatbot to explain to you, shouldnt be legal vs regular citizens.
They cannot expect anyone to read all TOS they get thrown in their face throughout a lifetime. Let alone understand them. Its often not written super clearly and not all users can even read the language very well to begin with.
I don’t disagree. I’m just saying how things are, not how they should be.
I really wonder if there’s a way to use LLMs just to point out every concerning thing in a EULA/TOS
To what end? Probably every eula/tos you click through has concerning shit that is against your best interest. Either you use the product or you don’t.
Yeah but I want to know just how fucked I am when I sign it
TLDR If you’re the consumer, you’re always the fucked party of a TOS.
That’s why EULAs or other contracts are not necessarily legally binding if they contain specific parts that could be considered “unfair”; at least in the European Union.
Probably not ChatGPT because who knows what was in its EULA and we couldn’t use it to summarize it before agreeing to it.
You can give this a try
Bet you could but not sure what that would get you. So you don’t click agree to it. Now what?
Lobbying.
Because you don’t own the car, you’re just leasing the use of it.
It’s a bit inevitable. There’s a market for a range of features - i.e. some people don’t want to pay extra for extra features. But it’s simpler (i.e. cheaper) to produce all models with the same hardware. So, to fill the market, some features are simply disabled in software.
Oftentimes it’s done because it’s cheaper, though oftentimes it’s actually more expensive but they calculate that money from licenses post initial sale gets them more revenue and margin in the end anyway.
Still, even if it always was cheaper for the manufacturer this way, the point here is companies should not be able to control something you physically own once you have purchased it. It’s a dangerous precedent to set and things like this will creep into more and more products if we let it.
Companies have owned your hardware for decades. Apart from a few open hardware systems like x86, everything comes software or mechanically locked to the price you pay.
So, when Tesla installed a rear seat heater module that’s unusable by the car owner because they didn’t pay for it, is the heater module actually legally owned by the car owner (even though it doesn’t work), or is it still owned by Tesla? If the module is legally owned by the car owner, does Tesla in this case only sell ability to turn on the heater module?
Imagine buying a house but you didn’t want to pay extra so one room is padlocked, or several windows boarded up, or a pool walled off.
If it brought down the price of the house, people who didn’t need those things would absolutely take the deal, and that’s the point.
The point is being locked out of something you own is immoral. People being will to take the immoral deal doesn’t make it okay.
do you think it’d be right for people to break into the room
Were the terms of the purchase in the contract that the purchasers weren’t allowed in the room? If so, then no. That would be breach of contract and wrong.
To be clear. I’m not a fan of paid upgrades for things that are already physically included but inaccessible without payment. But I get it because it still brings the price of the thing down to those who don’t care about having the extra thing.
The captalism, American politics bought and paid for.
I mean you are correct to some extent. But I’m curious, how does this not happen in a system where the state has full control? The only difference is the consumer has no other choices and the “politics” don’t have to be paid for as they are already fully in control.
Unless you mean to say that by the good graces of the government they’d never do that in a state run economy because it’s morally wrong. In which case… Lol
People who say things like that don’t understand what regulations are or that better regulated capitalism is probably what they want
State-run authoritarian economies generally aren’t so money-obsessed that they pull weird shit like this, but generally suffer from drastic inequality, distribution inefficiency, and a general lack of freedom and innovation. The most effective economic models from what I’ve seen are hybrid models, with a regulated market system with some nationalized industries. Morally though, I also believe that a nation’s economic system should be democratic and that people should have a say in how their workplace is run and who their workplace leadership should be.
Technological serfdom. You don’t own anything anymore. You can perpetually rent from your lord or you can suffer the consequences.
Or just don’t buy a luxury car
The “you wouldnt pirate a car” crowd will be shook when they finally realize " yes we would"
I used to think " I wouldn’t because that’s a stupid metaphor" but now that it’s not a stupid metaphor oh yes the fuck I would.
This looks to have already been discovered years ago as this company sells an OBD2 plug that can toggle all of this stuff, as well as highjacking some controls to add new functionality, as well as adding 50HP to those cars with a specific rear motor version https://ingenext.ca/products/ghost-upgrade
Is this method software only? Because the upgrades on that site are pretty expensive and proprietary.
deleted by creator
Teslas have x64 CPU’s? What the hell?
It does have the letter x in it…
/s
If I hear I can solder a modchip to a Tesla to get free features, bypass paid subscription stuff, I totally would.
I guess? But I also would never, ever, buy a Tesla.
as well as adding 50HP
Holy shit, IRL health buffs to mounts
Takes pay-to-win to the next level
If you read the article it is different. This relies on physically bringing connections to gain root access to the file system.
It’s also unlikely Tesla can’t just watch for modified files and update them everytime the car goes into drive or something. They probably won’t do it, but to claim it’s impossible is just disingenuous
“how to jailbreak your Mr coffee grinder and grind any beans you want!”
“5 hacks to get your doorbell to keep working without a subscription!”
“How to beat Microsoft Office drm to turn in assignments for free!”
“4 clever ways to keep your AC running all summer long for free, no CC required! #3 will shock you!”
Whoa there.
Any beans?
Garbanzo beans? Lima beans? Pinto beans? Kidney beans? So any bean I can find on Wikibeania?
100% Mr coffee drm go byebye
A lower hanging fruit is usually present in systems like this. I wonder if they’ve tried glitching because thats what they were familiar with it, or if the software was not easily exploitable.
Typically low level attacks such as these is where it starts because they grant access to parts that can be used to learn more about the system as a whole.
This understanding then can be used to find easier to exploit avenues.
A good example of this is the history of exploits on Nintendo hardware.
They almost all started with finding an exploit at the hardware level, which then subsequently lead to finding software exploits and ways to leverage them in an easy way for end users.
That’s interesting. In a world where everything runs webkit, I thought it would work the other way around.
How long the instructions would last if posted on Twitter?
It’s ridiculous how nowadays a lot of hardware car features are locked behind a simple software switch. Feels like both a massive waste of resources for people that don’t buy the upgrades, and like having to pay for a feature that is already physically present in your car. Software-only upgrades like full self driving are understandable, hardware upgrades locked behind a software gate aren’t.
[cross-posted from my reply to the same article on c/news]
Heated rear seats I can get behind
Why would you want to be behind the heated seats? Seems like it’d be warmer on the seat, not to mention that there’s no 3rd row in a Tesla so you’d be in the trunk…
Well it was a pun.
Get behind
Oh, you!
This song was ahead of its time https://m.youtube.com/watch?v=PWQL_XORalY and that time is now
It’s such a banger too. First thing I thought of when I read the title
RIP Groggs
deleted by creator
All four seats are heated for free if the battery explodes… /s
This is the best summary I could come up with:
A group of researchers said they have found a way to hack the hardware underpinning Tesla’s infotainment system, allowing them to get what normally would be paid upgrades — such as heated rear seats — for free.
This may also give owners the ability to enable the self-driving and navigation system in regions where it’s normally not available, the researchers told TechCrunch, though they admitted that they haven’t tested these capabilities yet, as that would require more reverse engineering.
“We are not the evil outsider, but we’re actually the insider, we own the car,” Werling told TechCrunch in an interview ahead of the conference.
Werling explained that what they did was “fiddle around” with the supply voltage of the AMD processor that runs the infotainment system.
With the same technique, the researchers said they were also able to extract the encryption key used to authenticate the car to Tesla’s network.
I’m a bot and I’m open source!
deleted by creator
Good bot
Never buying any car with this type of tech.
If it’s “our future” then I’ll stick to used cars for life
I have on old car. I should replace it, but it doesn’t have a lot of mileage. I’m honestly dreading the purchase of new car because of this practice, not just the subscription features, but the control the maker has by being networked to it. I love my old dumb car.
Just buy a used car instead, as it’s actually better nowadays with the insane dealer markups
Y’all should check out their new single too: https://youtu.be/rpsKDDGcDpw
Here is an alternative Piped link(s): https://piped.video/rpsKDDGcDpw
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
Here is an alternative Piped link(s): https://piped.video/PWQL_XORalY
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
Yeeesss first thing I thought when I read the title lmaoo
#thank you
I was afraid I’d get to the bottom and not find the perfect song.
of course it was the PSP. I’ll say it again and again; secure computing is like adding a back door that you know about. Fuck intel me, fuck amd psp, fuck apple sep, fuck microsoft tpm, and fuck anyone who wants to have control over a device I own.
Google: time to add DRM to chrome
Google has betrayed Google.
As all corporations eventually do.
Google is eating its children.
That’s a story of TITANic proportions
Can’t imagine a bigger “fuck you” to give to the Muskrat… other than when Xtwitter finally implodes.
