Tesla Hackers Find ‘Unpatchable’ Jailbreak to Unlock Paid Features for Free::A group of security researchers claim to have found an “unpatchable” jailbreak for some Tesla vehicles, potentially unlocking in-car purchases

  • db2@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    220
    arrow-down
    49
    ·
    1 year ago

    in-car purchases

    That’s an absolutely disgusting combination of words.

    • HiddenLayer5
      link
      fedilink
      English
      arrow-up
      69
      arrow-down
      2
      ·
      1 year ago

      “It looks like you’re trying to flee a wildfire. However, you have just run out of Elon X Points and are unable to continue driving. Please wait 5 hours for your Elon X Points to replenish. Can’t wait? We’d like to offer you our once in a lifetime SpaceX Booster X bundle of 15,000 points for just $299.99!”

    • malloc@lemmy.world
      link
      fedilink
      English
      arrow-up
      38
      ·
      1 year ago

      micro-transactions in video games and media was only a test. Now it’s transitioning from the digital to physical world.

      • HiddenLayer5
        link
        fedilink
        English
        arrow-up
        9
        ·
        edit-2
        1 year ago

        That unlimited monthly transit pass is looking pretty good right now.

        (Speaking as someone who doesn’t own a car and take public transportation everywhere.)

  • TIEPilot@lemmy.world
    link
    fedilink
    English
    arrow-up
    125
    ·
    edit-2
    1 year ago

    This how people are gonna find out how bad of an idea to allow the manufacturer to have that much control over your car after purchase. Tesla will shut their cars off if they find them jail breaked.

    Just like the guy that wasn’t allowed to fix the cooling hose on the battery Tesla’s only option was to replace it. A third party fixed it but he still had concerns that they would shut it off (citing safety) because he wouldn’t buy a whole new battery after he fixed it. Also barring him from quick charge stations was another concern.

    • jhulten@infosec.pub
      link
      fedilink
      English
      arrow-up
      58
      ·
      1 year ago

      Neo-feudalism at it’s best. Make them pay the manufacturing costs but also make them rent the thing they paid for

      • Scotty_Trees@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        “make them rent the things they paid for” makes my blood boil. Like paying for a Wi-Fi router each month even though after a year it’s all paid off, they’ll still just charge you for it, literally free money by the millions for them. Fuck you Comcast.

      • I Cast Fist@programming.dev
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        1 year ago
        • jailbreak
        • disable all traffic from certain apps
        • add all tesla domains as 0.0.0.0 on /etc/hosts, just to be sure
        • ride off into the sunset
      • Buffalox@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Unless they find a legal workaround. They can probably do it, if they claim it makes the car unsafe.

          • Buffalox@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            It’s pretty easy to convince most people that ANY hacking is unsafe. It probably wouldn’t be that difficult to make a convincing argument, and as the maker of the car, they have a lot of authority.

            • JesusFistus@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              They will hve to provide evidence that explicitly links hacking to safety problems that have occured in real life, never gonna happen

              • Buffalox@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                Or they can just brick it, like Apple does with iPhone, when people jail break them.

                Did Apple ever lose a lawsuit on that? You put to much trust in the system.

  • arthurpizza@lemmy.world
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    1
    ·
    1 year ago

    A car with features locked behind a paywall is a broken car. These hackers simply fixed the car.

    • riesendulli@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      30
      arrow-down
      2
      ·
      1 year ago

      Insurance will gladly deny you in case of accidents containing your licensed and jailbroken device. Don’t buy this shit in the first place

      • HousePanther@lemmy.goblackcat.com
        link
        fedilink
        English
        arrow-up
        21
        ·
        1 year ago

        It would be incumbent on the insurance company to prove that you willfully circumvented the system. Given an accident serious enough, the Tesla’s computer could be physically damaged to the point where no data could be retrieved.

          • noqturn@lemm.ee
            link
            fedilink
            English
            arrow-up
            11
            arrow-down
            4
            ·
            1 year ago

            Insurance is generally not in the business of breaking contracts. If they have a legitimate reason to not pay, they won’t, but they won’t screw you over just because they don’t feel like paying. The risk is too high

            • halferect@lemmy.world
              link
              fedilink
              English
              arrow-up
              15
              arrow-down
              1
              ·
              1 year ago

              Ummm… Insurance companies are all about finding ways to not pay and breaking contracts. You think average Joe can spend millions going against insurance companies lawyers? And what risk? They can hold people in court until they break them or they die broke from fighting insurance companies. Hell, my mother’s life insurance didn’t wanna pay and we had to get a lawyer just to make them pay a pretty straight Forward insurance policy.

            • SulaymanF@lemmy.world
              link
              fedilink
              English
              arrow-up
              7
              ·
              1 year ago

              Insurances don’t want to lose in court but they will investigate and find reasons to deny a payout.

      • Patius@lemmy.world
        link
        fedilink
        English
        arrow-up
        19
        ·
        edit-2
        1 year ago

        Insurance would have to prove the modification caused the accident by disabiling some safety mechanism.

        Legally, software mods and hardware mods are no different, and people have been modifying their cars well before you could hack a seat heater on.

        Modifying your car isn’t a valid reason to yank coverage in most circumstances.

        Even making your car faster isn’t enough, assuming your mods are street legal.

  • Prandom_returns@lemm.ee
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    2
    ·
    1 year ago

    Nooo, think about daddy Melon, our saviour and inventor of all things! How is he going to save the world without his shitty car MTX?

    I want to go to mars, rocket-travel to Central Park, I want to have full self driving next year, use a Tesla tunnel and not get stuck in traffic, and maybe travel in a can in near-full vacuum! Maybe use X as my bank, when he has enough money to pay for the rent of twitter building.

    Pls think about all the inventions! Think about all the billions he could waste jerking his ego off by purchasing another community and turning it to shit!

    My god people, don’t sudo your cars and unlock features that are already installed, but disabled. Pls.

    • Patius@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      1 year ago

      BMWs have had this, to some extent, for a while. Bimmercode can do things like change sounds and enable software disabled features, like anti dazzle lights. (This is disabled because the NHTSA refuses to adopt ways for them to be easily tested in the US, despite their being approved for decades in Europe and a congressional mandate telling them to allow them on the roads, so every automaker has to disable them.)

      No exploits needed.

      • DarthBueller@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        In the US, night driving is 1000000000% worse than it was back in the day when everyone had shitty headlights. Now we’ve got those damn HIDs retrofitted into the wrong enclosure blinding oncoming traffic 1.2 million miles away.

        • Patius@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          Yep, and it’s all because the US regs only allow for high and low beams that can’t redirect and rely on clunky sensors, if they’re automatic at all.

          Meanwhile, in Europe and Asia, cars have adaptive, beam forming headlights that successfully solved this problem in the early aughts. Even American autos have them - Ford’s are so precise they can even create images like the Ford Logo with their lights.

          Still illegal to sell in the US because the NHTSA is refusing to allow them, even though Congress straight up told them to allow them a few years ago as a rider on the bipartisan infrastructure bill.

          • AndrewZabar@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            Ford’s are so precise they can even create images like the Ford Logo with their lights.

            That is fucking cool!

          • Slimy_Hog@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Still illegal to sell in the US because the NHTSA is refusing to allow them, even though Congress straight up told them to allow them a few years ago as a rider on the bipartisan infrastructure bill.

            LOL my country is fucked.

        • brygphilomena@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Oh god. Please don’t remind me about the joys of putting HIDs in my car. I had to order a Japanese part, because of course America didn’t get HID headlights as an option and then had to open and replace the bit that threw the beam for RHD.

          It was such a hassle to do it correctly.

  • Hazdaz@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    This issue is going to end up landing in front of the right-wing, pro-business Supreme Court, isn’t it??

    I can see it now. Tesla is going to write some software that detects this patch. They might not be able to stop it, but they can lock these cars out of the Supercharger network and potentially brick the cars. Buyers of these vehicles are going to sue Tesla. Probably go back and forth in the courts for a few years until it ultimately reaches the Supreme Court.

  • Car@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Cool stuff.

    As far as I know, the full self driving codebase doesn’t get delivered to an end-user unless they’ve paid for the feature and have been “approved” through some safe driving algorithm. This means we’re unlikely to see free FSD for all unless somebody manages to capture the firmware package and upload it.

    • Corkyskog@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Can we stop call it FSD, it’s not. It’s just assisted driving, and if I have to be monitoring the entire time, it’s no more useful than cruise control.

  • Jeff@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    We will just jailbreaks and beta test everything until all of the FMD features promised by muskrat years ago come out of beta.