[Discussion] What would it take to selfhost some of the backend that Tesla's connect to?
from otter@lemmy.ca to selfhosted@lemmy.world on 23 Mar 13:26
https://lemmy.ca/post/41134469
from otter@lemmy.ca to selfhosted@lemmy.world on 23 Mar 13:26
https://lemmy.ca/post/41134469
I saw this article earlier:
Tesla ‘going bankrupt’ is endpoint of protests, says local organizer
In the spirit of right to repair, self-hosting, giving a second life to old devices, and limiting data collection by car companies:
- What are some considerations?
- Are there any projects worth keeping an eye on?
An example that came to mind was Valetudo, which is a cloud replacement for vacuum robots enabling local-only operation. Some robot vacuums are easy to install this on, and others require more invasive modifications.
What I’ve found so far:
- FreedomEV, a project that was presented at FOSSDEM 2019 but doesn’t have recent activity
- TeslaMate, which is a popular and active selfhosted data logger for Teslas, but not necessarily a replacement for the software
threaded - newest
Some brainstorming from me:
Alternatively, what would a recycling/conversion program look like?
I’d guess that, like all tech that’s highly locked down, it will be very hard to do anything with - like Apple devices.
So the only thing to do right now is - not updating.
Everything that polls Tesla data goes through (at lease negotiated access) Tesla servers.
That includes TesMate, TeslaFi, Tessie, etc.
Assuming that Tesla goes bankrupt, actually shuts down forever, and shuts its servers down…
At a minimum someone would have to find out where the software sends and receives data from. Then you’d have to reverse engineer the software to control the vehicles.
Then you’d have to reprogram the software to send to your C&C server. I don’t think it would really take all that much to host that… it’s getting there that’s difficult.
If I had a Tesla and someone smart enough to hack into I wouldn’t doubt I could probably figure out how they build their dashboards and reverse engineer them, they’re most likely browser based or qt or something like it. It’d be too costly to do it in anything else and Id bet many spacex dashes are the same tech. But I ain’t rich enough to get one of those things so someone else has to. There’s only so many ways to draw pixels on a screen in the name of profit
They are browser based, their whole UI and much of the in car backend is a JavaScript.
Ah, they’re that kind of evil.
You’d likely need all kinds of cryptographic keys to get anywhere with that. Tesla is unlikely to ever publish those, even if they go bankrupt.
On the upside: if you mod your car to get around all that, you’ll probably be able to emulate old consoles on it and play pokemon games while driving.
…But will it run DOOM?
Pretty sure someone would have already done it. Anything with a screen and some sort of computer behind it is low hanging fruit for doom. It’s shit like running it on a calculator using potatoes that raises the bar!
Yeah it’d be a LOT of constant wireshark and reverse engineering to figure out every API it calls. Then probably something in the middle to sit on the host, need to figure out https certs since you’d be spoofing the host, and of course making sure you get the responses absolutely correct.
Not impossible, but it’s not trivial anymore either.
First, second and third most important point is : Tesla needs to allow the connection to an alternative server.
The fourth should be access to the api and data that are exchanged.
You shouldn’t mess with the FW of your own car even for some innocent feature like this one, you don’t know/understand the interactions that may happen between different Sw components and the hw layer, you can not provide a similar of level of testing, including some worst case scenarios, that can make your car unsafe during some problems or unforeseen conditions. And perhaps also, the car could loose its license for driving…
If tesla allows that, then we can start speaking about it. But last time I check on that was not possible
That mentality is how we got here in the first place. A person should have a right to understand and repair/modify everything happening in devices they own. Because they don’t, we get stuck in the shitty situation where Elon Musk can unlock any Tesla he pleases and I can’t refuse to send my data to him. Or any other car manufacturer. Or tractor manufacturer. Or IoT manufacturer.
Mixed feelings on this. Yeah, you buy it you should own it. But if your ability to fuck with a two-ton rolling death machine puts my ass at risk, we’ve got a fucking problem.
I have some bad news for you - any random idiot with a driver’s license and a two-ton death machine already puts your ass at risk, all the time. We call it “traffic” because we’ve just gotten used to it
It is not comparable, not even by far.
Assuming your are not a psycho, to safely drive a car is orders of magnitude (in plural) easier than modifying the Sw in a safe and deterministic way.
It is not only that bad people exists, it is about that making a small mistake can kill you
I’m talking ‘I disabled the awareness requirement of autopilot’ or ‘I fucked with the object detection and here goes my beta test yolo’ or ‘I added a button to disable all the lights so I can covertly street race’ or…
Imagine thinking Tesla has all-that-much in place to prevent those things in a stock configuration. Full-stop, any self-driving is one of the first features anyone trying to disconnect their cars from Tesla servers would lose outright.
Ehh doubt, but I don’t have a tesla to verify. If I can sever the connection to the home base, I can fuck with it however I want, and their kill switch is useless. Maybe they implemented the kill switch in the modem or something, but again I can’t test. I highly doubt that when you’re road-tripping in bumfuck nowhere the ap disables itself…
Anybody want to give me $40k? We can be besties.
And? People can already do this with most cars.
There’s a difference between ‘physical work required’ and ‘plug in this dongle and run the exe’ though
Have you never heard of tunes?
Any idiot can make substantial software changes to almost any modern car with easily available inexpensive hardware. Look up Cobb, ECUtek, openflashtablet, Hondata, etc
You literally just plug it into a port and flash the software
See above nested comment; tune aren’t inherently a safety concern.
Nothing has stopped people with ice vehicles.
People fuck with two ton rolling death machines every day. What are mechanics? What are car enthusiasts? You just have accepted that you can’t touch the computer because they told you you can’t. That’s stupid.
See above nested comment
Then don’t buy tesla, or force legislation about introducing such feature.
But make yourself a favor and don’t play Russian roulette with something that you can not understandbecause there are not data available.
And for final tip, if you really cares about that then enforce the fsf (fsf.org)
I agree we should legislate it! But in the US, that isn’t going to happen, and the EU also doesn’t seem to quite have enough teeth yet to do it.
And buddy, we play Russian roulette all the goddamn time. The people that modify their cars start off not knowing shit. Why would the computer in said car be any diferent?
Because the modification of that computer is order of magnitudes more difficult than a mechanical modification of a moving part. The humanity / regular human is able to understand much better the interactions of the mechanical parts that usually are always local and well defined.
This does not exist in the Sw, FW and digital hw, the interactions are not local and are millions timesmore complex to understand and properly modify.
It would be an utterly irresponsability to modify (blindly) the Sw of an xray machine that could make it unsafe and ultimately it could kill humans, and it is the same concept with the car. It is irresponsable to make a modification that can make the system unsafe.
For the rest? Regulations, free software foundation and good selfhosting Cheers
Yeah, the potential for real hazard to life and limb is very high here. This isn’t like fucking around with your IOT lightbulbs. This could kill somebody.
I am pretty sure it would be impossible.
That connection I expect to be secured by using signature keys that are private and would need to be released by Tesla to allow anybody connect its car to a different back end.
And remove the need for keys to exchanged and suddenly the impossible is possible. Access to the hardware can always beat any software, it just needs wits. It has to communicate over some sort of NIC or other chip that can be desoldered and replaced with a custom firmware. Or its pins might have a Linux socket connection. Who knows how many insecure holes are there once you have access to the boards. Once you get there it, and enough people care to do it, it can be as easy as an ifixit guide away with an open source board or something, or hopefully just a flash of firmware away.
Just sell the car to a derby demolition show. We all win.
That’s wasteful and dangerous
Harvest the beast for batteries and GPUs
Then sell it to a demolition derby show.
A problem is volunteers and critical mass.
Open source “hacks” need a big pool of people who want something to seed a few brilliant souls to develop it in their free time. It has to be at least proportional to the problem.
This kinda makes sense for robot vacuums: a lot of people have them, and the cloud service is annoying, simpler, and not life critical.
Teslas are a whole different deal. They are very expensive, and fewer people own them. Replicating even part of the cloud API calls is a completely different scope. The pool of Tesla owners willing to dedicate their time to that is just… smaller.
Also, I think buying a Tesla, for many, was a vote of implicit trust in the company and its software. It’s harder for someone cynical of its cloud dependence to end up with an entire luxury automobile.
The right to repair. It’s going to require the ability to make changes to the software on the vehicle. At a minimum the ability to replace the public encryption keys used to communicate with the servers. The bootloader and software is probably locked behind signing keys; so you need to be able to disable or add your own keys. I doubt anyone has access to the full protocols used to communicate with the servers. So, the full technical standard need to be released (which is never going to happen) or reversed engineered through unencrypted traffic analysis and reverse engineering the software.
A good right to repair law could require some of that be releasable while the company is still active or all if the company goes belly up. IIRC there was a smaller EV company that went bankrupt and there was a concern that once the servers were shutdown the vehicles would be bricked. Not sure what happened in the end. In any case, cars as IOT is the stupidest idea ever created.
This is the answer. Though there’s a really small chance someone reverse engineers the whole thing, but I ain’t doin it.
Not in these next 4 years.
Afterwards, if judges still exist, you can try to force Tesla (with the help of judges) to allow your right to repair.
You can’t
We are talking about a car here not some random cleaning robot.
Not that you aren’t entitled to your opinion, but software running on a Tesla is, in many ways just as mallaible as code on a vacuum robot.
There are several challenges, but basically the protections stopping people from reading and writing firmware would need to be defeated.
I think there have been some software jailbreaks on earlier models already that have been patched, but software is complicated, it’s hard be bug free.
If you bought a live service car you’re probably shit out of luck
It’s not.
probabaly full replacement of the motor controller and user facing hardware. basically a diy ev conversion using tesla motors but converting the tesla itself. you would lose features but they would be lost regardless.
Something else that people don’t think about besides the backend server is the connectivity. A lot of these cars use LTE with eSIMs that can’t be replaced, and getting an internet package for it will be next to impossible since Tesla gets them at bulk rates. Once upon a time cars did allow “bring your own SIM cards” but not anymore. Also as cars get older the cell networks get shut down. Some companies did offer upgrades but that was few and far between. Most just said “sorry, you’re SOL”.
So even if you could hack your car, your car won’t have any way of talking to a custom endpoint.
And this is another reason why putting internet on cars is a bad idea
I mean, what’s the alternative? It’s not like it has to have internet. Anything internet connected is mainly quality of life:
Except maybe Teslas, damned if I know what they do. But they’re nice to have things that generally require realtime updates but the car functions just fine as a car without it.
Again though, they are all quality of life things. You don’t have to use it on most cars. Don’t want it, don’t pay for it and don’t use it. So just like giving people the choice of AA/CP, what’s wrong with giving them the choice of using those features?
Public transit/bikes are (or should be) a good alternative if you can’t find normal, used, dumb cars anymore
That’s a non-sequeter. You started by saying that internet on cars were bad and then switched to “you should be using bikes”
Could a Tesla ever work if the cell network went down
I think I mentioned it in another post but Schwaticars are a bit different. Though I’d assume they’d have to have some basic functionality in the event of an outage. “Always on” hasn’t come to cars… yet
It would be funny if old cell network dependency bought down tesla. Just every car made in gets bricked in the Future
You’re better off building an open source car. Teslas aren’t complicated
that’s pretty obvious. Their body panels are falling off and showing how little there actually is their vehicles :D
Realistically they would get a bailout “for the consumer”.
More likely than central hosting would be some of the same people enabling faster modes via software hacks currently making them run offline.
Bailout, or government ownership run by DOGE? I hear they have some servers available - well, soon.
so, from what little I know, and I’m absolutely not even remotely a car person:
car electrical systems run at really high voltage with much harder systems than you’d find inside a normal computer, because it’s an extremely noisy environment that has to survive lots of fucked up shocks
and AFAIK the standards are only kinda-sorta standards. interfacing with them is very very hard. im sure this gets easier once you get TO the network, but flashing that shit and changing what it does with the network seems like a pretty tall order. maybe try swapping out something near the cellular chip itself? that’s probably a pretty standardized part, right?
I wait for the day when we install Graphene OS Automotive Edition on the car
It sucks that the stick is rising. Trumps asshats are actually investing.
You or anybody, even huge masses of people, have zero impact on the stick, zero point several hundreds of zeroes of impact. Even if all magahats invested at the exact same time. The institutions, mainly brokers, have full control of bundling all investments and settling outside of the market. What the stick does is what very wealthy hedgies decide it should.
What about Comma-AI ?
Depends what you want to do. They don’t require a network connection to operate as a vehicle. So if you don’t care about the remote app features (local ones such as lock/unlock still work over BLE), live traffic, streaming music or updates, then a network connection isn’t necessary.
If you do want any of those features, then you would need to either get root access to the gateway and infotainment systems to modify the endpoints or take over the C&C server (formerly named “mothership”) domains and certificates.