> Don't forget that Tesla is now in this space, and turning off Tesla's access to it will turn off your car, period.
Which is super scary. A couple years ago one of their firmware engineers had his NDA expire, and he posted some stories about his time there in some forum.
One of the stories that stuck with me is they were really sloppy with their updates. One time the pushed one that wasn't fully cooked (it might have bricked some, I can't remember), so one of the engineers literally wrote a script to SSH into each of the cars to roll back part of the update.
This was really iffy even then. If the car is connected by cellular, it doesn't have a unique IP address to SSH into. If it is connected to WiFi, the router has to be configured to forward that port.
Since the author remains anon, I always thought it was just a troll.
The whole thread doesn't hold water. It was just a mix of plausible, implausible, jargon and some profanity for relatability.
Full quote:
> model s and x use openvpn to talk to their backend. inside that backend there are metadata services that feed info to the system, one of those things being a ~20MB+ (generated by the worst erp system) json payload that describes supercharger shit for the map in the touchscreen. somebody was smart enough to do automated linting but forgot to validate against the custom parser the car runs which caused a segfault in the qt app that runs the ui, which in turn for a variety of reasons forces a reboot of that component. I think we clocked about 15 seconds before it read the file and faulted after boot. it was doing that for an hour before everyone panicked and got me and qa on the phone to fix it. i wrote a quick python/fabric script that ssh’d to as many cars as possible at a time to rm the file
- "On that note, China has a law in place that mandates all electric cars send real time telemetry to their government servers - Model S/X/3, NIO cars and any other electric car if they're driving already complies with that law to be road certified"
- "Don't be surprised if that becomes a mandate in other countries"
Which is super scary. A couple years ago one of their firmware engineers had his NDA expire, and he posted some stories about his time there in some forum.
One of the stories that stuck with me is they were really sloppy with their updates. One time the pushed one that wasn't fully cooked (it might have bricked some, I can't remember), so one of the engineers literally wrote a script to SSH into each of the cars to roll back part of the update.
Update: here's the original source: https://twitter.com/atomicthumbs/status/1032939617404645376