[HN Gopher] Hackers manage to unlock Tesla software-locked features
___________________________________________________________________
Hackers manage to unlock Tesla software-locked features
Author : 1970-01-01
Score : 595 points
Date : 2023-08-03 16:44 UTC (6 hours ago)
(HTM) web link (electrek.co)
(TXT) w3m dump (electrek.co)
| rkagerer wrote:
| Seeing this gives me the same warm, fuzzy feeling I had when I
| jailbroke my first iPhone to gain features that were impossible
| otherwise.
|
| I wonder if Tesla will start using physical one-shot fuse bits
| buried deep in hard-to-access components (eg. hardwire a heater
| control relay open in the final programming step at the factory)
| to make these type of attacks more difficult. Of course that
| would preclude up-selling the feature later.
| frankus wrote:
| I think it's all about the possibility to later upsell. I don't
| think the economics work out where it's cheaper to install
| something like a seat heater in every car and permanently
| disable for price discrimination purposes (the way you might
| for e.g. a CPU).
|
| My brain can kind of rationalize this as "it makes the up-front
| price lower, and you can add features to your car without even
| visiting a dealer", but my heart definitely recoils at the idea
| of paying for something like that already in my possession.
| mrkeen wrote:
| "Full Self-Driving ... will soon allow the car to steer on its
| own". April 6 2023 [1]
|
| I think the hackers should have waited.
|
| [1] https://www.digitaltrends.com/cars/is-tesla-full-self-
| drivin...
| gcanyon wrote:
| Because what could _possibly_ go wrong hacking a hunk of metal
| that transports you at lethal speeds...
| waterheater wrote:
| Everyone accepts a certain risk simply by driving, and we all
| have relative risk tolerance. Point in case: I knew of a
| 20-year-old driver who owned a nice, safe vehicle but was too
| afraid to drive on an interstate highway because they were
| afraid. That's not a "hunk of metal" issue but a risk-comfort
| "issue," which really is relative.
|
| Regardless, your point highlights the eternal fight between
| liberty and "safety and security." A society which tolerates
| little risk seeks to minimize liberty and maximize safety and
| security. A society which tolerates much risk seeks to maximize
| liberty and minimize safety and security.
|
| To use cars as the prime example: why am I required to purchase
| a vehicle equipped with airbags [1]? They're expensive, bulky,
| decrease fuel economy, and may cause harm to a passenger if it
| improperly inflates. By owning a vehicle, I assume sole
| responsibility for the correct and proper operation of it as
| well as the physical well-being of any passengers. Frankly, I
| should be able to purchase a vehicle equipped without airbags
| to decrease the overall purchase price, thereby allowing me to
| use that money on other things.
|
| The same argument doesn't apply to certain things like ABS,
| which I argue should be regulated because poor braking affects
| people both inside and outside the car. Airbags, on the other
| hand, only apply to people inside the car. By carrying any
| passenger in the vehicle, the owner assumes legal
| responsibility for their safe carriage.
|
| [1] https://www.history.com/this-day-in-history/federal-
| legislat...
| kelnos wrote:
| I think it makes more sense if you frame it that the
| manufacturer is required to sell cars with airbags. We don't,
| as a society, want people to have to make a choice between
| safety and cost in that particular situation, so we mandate
| that the manufacturer can't even sell without them.
|
| Beyond that, if we assume airbags, on average, decrease
| injuries and deaths, then society also has an interest in
| helping to ensure that. Heavily injured and dead people put
| more of a strain on our health care system, and the costs for
| that are not solely borne by the person who gets injured or
| dies.
|
| Certainly there's room for disagreement on whether or not all
| that is worth the added per-individual cost, the regulatory
| cost, etc. But let's remember that there are many things
| that, on first glance, seem to only affect an individual, but
| actually ripple out and affect others as well.
| fwip wrote:
| > why am I required to purchase a vehicle equipped with
| airbags?
|
| The same reason that you can't sell food that's sweetened
| with lead. You can add lead to your own food if you want,
| just like you can drive a car without airbags.
| waterheater wrote:
| Yes, keep lead out of food. The comparison is not accurate
| because the risk-reward profiles of lead-in-food and
| airbags-in-cars are misaligned. Food is consumed under all
| circumstances, whereas airbags are only employed during an
| emergency situation.
|
| You're also right that I can drive a car without airbags,
| but the point is that you can't buy a new car without
| airbags.
| iramiller wrote:
| This line of reasoning is what is used to justify lock-in and
| anti-right to repair legislation. Following this reasoning you
| shouldn't be allowed to change a flat tire on your car as it
| could be improperly tightened and fly off at speed.
|
| Technical constraints to lock out owners/users only serve to
| enforce a manufacturer's feudalistic rent seeking and revenue
| extraction policies.
|
| In the overall scope of driving a personal automobile cellphone
| use or even adjusting the car entertainment system are far more
| common causes of accidents and death and yet these are not
| locked away via technical controls despite being very easy to
| accomplish.
| gedy wrote:
| As someone who made and drives a rat rod, it's basically the
| same situation? If the car fails due to my physical hacking,
| it's on me. Should be same for software.
| EspressoGPT wrote:
| In other news: If you intercept the boot process of a system and
| open a root shell there, you can access the system.
| londons_explore wrote:
| There are already third party garages offering to unlock various
| things for less than Tesla wants (or upgrades Tesla simply
| doesn't sell).
|
| They tend to involve a gizmo intercepting can messages though.
| The gizmo is usually keyed to the serial number of the car so you
| can't clone/move/resell them.
| ajsnigrutin wrote:
| This should be "hacked" by the regulator and not by the hackers.
| If they sold you a car with heated seats (so if the hardware is
| there), the heated seats should be available for the consumer to
| use.
| abandonliberty wrote:
| So people should not have the option of paying less of paying
| less for less features? Everyone must pay for features that
| only a subset of customers use?
|
| You make a common argument that's deceptively anti-consumer.
|
| Yes, this can be abused - but that's a different argument.
| hot_gril wrote:
| I'd be happy paying less for less features. Or paying less
| and then hacking the features in. It's kinda like ad-
| supported YouTube, pretty nice for me cause I just ad-block.
| ajsnigrutin wrote:
| If they sell you a car with heated seats, you should have
| heated seats. They already sold you the heated seats, you
| already have the heated seats, and they just want more money
| for something they already got money for, and you already
| have.
| TobyTheDog123 wrote:
| >So people should not have the option of paying less of
| paying less for less features?
|
| They should, it's called buying a different car without those
| features installed.
|
| >Everyone must pay for features that only a subset of
| customers use?
|
| You are already paying for those features upfront as part of
| buying the car - there is no recurring expense to the
| manufacturer. If you do not want or are unable to pay for
| those features, you buy a different car without them
| installed.
|
| What you're arguing for is for everyone to have to pay
| another monthly subscription, and conflating "paying more for
| a car" with "paying monthly for non-consumable resources for
| a car".
| notpushkin wrote:
| I think this can then be "hacked" back by not selling you car,
| but instead renting it for something like $1/yr + the price of
| the car as a contract setup price. Personally, this is not the
| world I would like to live in.
| sushid wrote:
| How do you feel about CPU/GPU/RAM binning?
| j_walter wrote:
| Will be interesting to see how they did it. Using low cost off
| the shelf parts means nothing if you have to dismantle the entire
| car and solder to the tiniest of points. I still remember the
| first Xbox mod...30+ wires attached to the smallest of points on
| the motherboard.
| kklisura wrote:
| > Generally, these exploits are shared with Tesla, and it helps
| the automaker secure its systems.
|
| We need to bring back hackers/crackers of the old and NOT share
| exploits with these companies.
| system2 wrote:
| I won't be buying any car with software locked features.
| slowmovintarget wrote:
| The 21st century equivalent of yanking the governor chip out of
| the Grand National? Well, OK, not quite.
|
| https://www.thedrive.com/cars-101/39941/what-is-a-buick-gran...
| sakopov wrote:
| Am I the only one who thinks it's incredibly irresponsible to
| disclose this without going through proper channels first? They
| claim this hack unlocks a host of other features. Seems like a
| great way to get a bunch of people messing with their cars which
| could lead to all kinds of catastrophic consequences.
| kerkeslager wrote:
| No, fuck that. Tesla is locking people out of their own cars'
| features. Being allowed to mess with your own car is one of the
| privileges of owning a car.
| sangnoir wrote:
| > Seems like a great way to get a bunch of people messing with
| their cars which could lead to all kinds of catastrophic
| consequences
|
| People have always been able to do this with a wrench since
| before the invention of cars.
| sakopov wrote:
| I don't think anyone's taking a soldering iron to their on-
| board computer in a standard ICE vehicle. The fact that tesla
| has vehicle control code running on it (beyond your typical
| lane assist) makes this infinitely worse. Or am I missing
| something? I get that people disagree with these features
| being locked down and I agree. My point is this isn't like
| changing a cold air intake in your ICE car. This can have you
| go into a fucking wall at high speeds.
| 1970-01-01 wrote:
| >I don't think anyone's taking a soldering iron to their
| on-board computer in a standard ICE vehicle.
|
| This is a multi-million dollar industry in the USA.
| sangnoir wrote:
| There's no reason to limit the components people can tinker
| with to electronics! Everyone is free to (attempt to)
| replace their brake fluid - or repair the brakes - which
| can cause disaster at high speeds if not done correctly.
| I'm yet to hear anyone asking for access to vehicular
| hydraulics to be locked down in order to protect people
| from themselves.
| denysvitali wrote:
| The part they're messing with it's "just" the infotainment
| system. The autopilot system and a lot of other things are
| "protected" by a gateway.
|
| You'd still need Tesla's signing key to rewrite the
| Autopilot software or mess up some more important
| components.
|
| Now, the CID is still coordinating some parts of it - but
| AFAIK the car works also without that, to the point that
| you can simply reboot the infotainment system without
| losing control of the vehicle / Autopilot
| ngneer wrote:
| Game theory at play. Tesla and its customers are adversaries,
| vying for the same dollars. Tesla implementing these security
| measures directly translates to being able to charge more for
| services. Same as John Deere and many others. This is a minmax
| problem. How to pay the least to cause the other actor to pay the
| most. If the feature costs $15K and breaking security costs $15K
| then it is effective security. Obviously not the case here.
| logifail wrote:
| > Game theory at play. Tesla and its customers are adversaries,
| vying for the same dollars
|
| Umm, I think this is more like "airlines vs passengers" when
| passengers read about "hidden city ticketing" in a travel blog,
| think it sounds cool yet haven't properly understand it, yet
| decide to go to town on it anyway.[0]
|
| Since most providers are entirely at liberty to tell a customer
| they're no longer welcome, as a customer you have to be really
| really sure you want to own up to the provider as being an
| adversary, since you might end up needing another provider. For
| ever.
|
| (Full disclosure: have been looking for, booking, and flying on
| less-than-entirely-legitimate airfares for a looong time. Have
| occasionally broken out in a cold sweat at an airport in some
| far-flung country on a dodgy itinerary when I think I've been
| rumbled...)
|
| [0] https://www.insider.com/skiplagging-american-airlines-
| banned...
| dktoao wrote:
| Fascinating article, didn't know skip lagging was a thing or
| that it is illegal. It definitely shouldn't be, just seems to
| be government protecting entrenched corporate interests at
| the cost of the populace. aka par for the course.
| whelp_24 wrote:
| Skip lagging isn't illegal, iirc a recent court case
| reaffirmed that. Airlines don't like it though so they may
| cancel you.
| logifail wrote:
| So if you buy a Tesla and the T&Cs prohibit you from
| hacking it/modding it, then you decide to hack away at it
| anyway, what happens if Tesla were to brick the online
| features of your vehicle and/or completely cancel you as
| a customer?
| whelp_24 wrote:
| I mean the whole point is that Telsa should not be able
| to brick the car you purchased because you changed
| something in your car. Why does a car come with
| conditions?
|
| Granted I may not be in the demographic for a telsa, i
| wouldn't ever want my car connected to the internet.
| mrguyorama wrote:
| In america the current legal standard is that you go and
| get fucked. You do not have a right to something you have
| purchased anymore as long as the seller puts enough magic
| fine print together.
| logifail wrote:
| > Fascinating article, didn't know skip lagging was a thing
| or that it is illegal
|
| It's not illegal, but it is against the airline's T&Cs ...
| which you have to agree to when you purchase a ticket.
| liendolucas wrote:
| > Software-locked features that need to be activated by the owner
| paying or subscribing to a service are becoming increasingly
| popular in the auto industry.
|
| Sorry, WHAT? People should absolutely boycott companies that try
| to squeeze bucks in this miserable way.
| pkaye wrote:
| BMW has plans for locking features behind subscriptions like
| seat heaters, heated steering wheels, recording from your car's
| camera, etc.
|
| https://www.theverge.com/2022/7/12/23204950/bmw-subscription...
| hot_gril wrote:
| My friend bought a new BMW, and the seat heater subscription
| is already a thing on it.
| lambersley wrote:
| This isn't new. Automakers following software companies'
| subscription model
|
| https://www.foxnews.com/tech/automakers-bmw-gm-mercedes-char...
| oatmeal1 wrote:
| People overreact to this. If this didn't exist, they would just
| manufacture cars the old way where multiple version of the same
| car are produced at high and low prices. I have seen no
| evidence provided this actually increases the total price of a
| high feature car. This might actually lower the average price
| paid because of the economies of scale achieved by making fewer
| different versions of the same car. Resale value can increase
| as well, since the person buying your car can get the features
| they want, even if you didn't originally purchase those
| features.
| circuit10 wrote:
| In an ideal world we could just give everyone those features
| if they didn't cost any extra to add instead of creating an
| artificial pricing structure to get more money out of people.
| Maybe it can't work that way but making people's lives worse
| just to punish them for paying less in order to incentivise
| them to pay more, rather than as compensation to the company
| for doing more work, seems wrong
| liendolucas wrote:
| I'm not overreacting to this. I'm absolutely tired to learn
| that subscriptions are being pushed everywhere. Having to pay
| for something that is already in a vehicle is insulting to
| me. Car manufacturers should sell cars, not subscriptions of
| ANY kind. What's going to be tomorrow? Will I have to
| subscribe to a service to actually let my speakers emit sound
| despite that I have payed for them? Ridiculous today, a
| business tomorrow.
| ryathal wrote:
| You better be ok with building your own car then, because every
| major player is adding subscriptions for various features.
| Remote start and remote lock/unlock are the most common, along
| with satellite radio.
| liendolucas wrote:
| The way I see it is that you're supposed to own the car and
| every feature you paid for it.
| stjo wrote:
| I could give companies a pass for features that require
| continuous maintenance from them, like remote unlock
| (properly secured servers). But there was a car company
| that tried to sell you your own seat warmers, which
| definitely crosses my barrier.
| ulamel wrote:
| big tech is trying to erase this concept from the consumer
| mind. Assuming someone tried to do everything legally (not
| pirating) when was the last time anyone "owned" anything.
| Music, Movies, TV shows, Software, you don't own any of it
| you are simply paying for server space.
| liendolucas wrote:
| You couldn't have stated that more clearly. Is a
| disgrace. We're basically headed to rent features of all
| kinds. It's terrible.
| forgetfreeman wrote:
| I am very ok with building my own car if it comes to that.
| It's the cretins willing to actually go along with bullshit
| like this that are the problem.
| eganist wrote:
| if everyone is doing it, it's time for the law to step in.
| hot_gril wrote:
| Or having an older car. Personally this concept doesn't
| bother me; I'd just not pay for the features. Many old cars
| have features locked behind buying the physical button to
| activate them. Hackers find their ways around that, and now
| it's becoming harder to hack. Fine, whatever. But I just
| don't trust the crappy software they increasingly put into
| new cars, so I'm riding out my old one for now.
| kramerger wrote:
| Wait a minute... heated seats are software locked on Teslas?
|
| WTF guys?
| yardie wrote:
| As are the footwell lights, fog lights, and premium audio.
|
| Heated front/rear seats have been standard equipment since 2020
| I believe.
| jh00ker wrote:
| Premium audio isn't a software-disabled feature. You can buy
| a wiring harness on Amazon to enable the disabled, yet
| installed, speakers: https://amzn.to/3rVBrel
| ggreer wrote:
| That's not true. The fog lights and premium audio both
| require hardware retrofits.
| yardie wrote:
| From what I understand the foglight is there but disabled
| from computer. The aftermarket lights bypass this lock
| completely by tapping into the main light cluster harness.
| ggreer wrote:
| Before November of 2021, the cheapest Model 3 had heated front
| seats, and the rear heated seats could be unlocked for $300
| (later reduced to $200).[1]
|
| In November of 2021, they made heated seats standard. I think
| the only software unlocks available for current vehicles are
| acceleration boost, enhanced autopilot, and FSD.
|
| 1. https://www.tesla.com/support/upgrades#tesla-
| accordion-123-w...
| DistractionRect wrote:
| I kinda get it. Rather than maintaining a supply of multiple
| parts which complicates your supply chain and install/repair
| procedures, Tesla is making cars nearly 100% identical
| physically and differentiating in software.
| LesZedCB wrote:
| so make them all cost the same then.....?
| yreg wrote:
| No. I don't need the rear heated seats.
| [deleted]
| Night_Thastus wrote:
| The supply and install problem clearly isn't that hard, auto
| makers have been doing it for many decades at this point.
|
| Plus, it seems backwards from a business standpoint. You
| _always_ have the cost of installing the hardware, but now
| you only get a % of users who agree to pay for the additional
| cost? The only way to "fix" that is to artificially raise
| the price of the product so effectively everyone is paying,
| which means now you're double-dipping from the people who
| _do_ want it.
|
| It's just crap. If I buy a physical device (not renting) then
| I own it and should be able to use its full capabilities. The
| only thing that should cost more is anything that has ongoing
| cost to the manufacturer if I use it.
| kelnos wrote:
| From the perspective of the manufacturer, having fewer
| model variations and factory/assembly configurations may
| end up saving more money overall.
|
| They may also believe that there is a large-enough group of
| people who would decide not to get heated seats installed
| at purchase time, but would later regret that and wish they
| had it. The manufacturer might make more on "install
| hardware unconditionally and charge a fee for zero work
| later" than "install hardware later on demand".
|
| The true cost of things to the manufacturer often depends
| on more than just the cost of that item and the direct
| labor cost to install it.
|
| But I absolutely agree that we should applaud people who
| get around these sorts of software lockouts. If the company
| is going to give you a piece of hardware, it should be fair
| game for you to figure out how to get the most use out of
| it.
| gruez wrote:
| >The only way to "fix" that is to artificially raise the
| price of the product so effectively everyone is paying
|
| You know what's better than "artificially raising the price
| of the product" so you can pay for the heated car seats or
| whatever? Raising the price of the product, and not
| installing the car seat in the first place and keeping the
| extra money for yourself. The idea that carmakers can pass
| the cost of software locked (ie. non-functional) parts to
| consumers makes zero sense.
| bhauer wrote:
| > _The supply and install problem clearly isn 't that hard,
| auto makers have been doing it for many decades at this
| point._
|
| Are you referring to the legacy auto manufacturers that
| still can't make EVs profitably in 2023? Perhaps Ford with
| its negative 58.9% EBIT margin on their EV division [1]?
|
| Of course you can "solve" a more complex supply-chain and
| multiple vehicle configurations. It just costs more money.
| And therefore reduces your profit margin. If you do too
| much problem-solving of this type, your margin might end up
| negative. Not every EV manufacturer can subsidize their EV
| business with a high-margin ICE business.
|
| [1] https://media.ford.com/content/fordmedia/fna/us/en/news
| /2023...
| Night_Thastus wrote:
| Installing heated seats or these common add-on features
| has nothing to do with EVs vs ICEs. It's not specific to
| either, or harder/easier for either.
| Workaccount2 wrote:
| And getting the suckers who pay up to cover the cost for all
| vehicles having it.
| gruez wrote:
| Isn't that fully borne by the manufacturer? Suppose you're
| the manufacturer of a car that costs $30k to make and sells
| for $50k. You're posed with the question of whether to add
| a non-functional part that costs $5k. If you add the part
| and don't raise the price, then you're eating a $5k loss.
| If you add the part and raise the price by $5k, you don't
| eat the loss, but it also means you could have charged $55k
| for the car. No rational consumer is going to be like "I
| would have paid $50k for this car, but now that it contains
| $5k of non-functional component, I'm willing to pay $5k
| more for it now!".
| Bissness wrote:
| Ah yes, "full" self driving
| oittaa wrote:
| It's getting pretty good.
| https://www.youtube.com/watch?v=75A9g4HsQiU
| redundantly wrote:
| The video being sped up makes it feel dishonest. Would have
| been nice to have a regular recording.
| [deleted]
| spikels wrote:
| Omar post raw versions of all his FSD videos. There's a
| link in the YouTube description. Here's the one for this
| drive:
|
| https://www.youtube.com/watch?v=oFYspCLoLTY
|
| Frankly the sped up versions are more useful for
| understanding the technology because most driving is
| boring, even for a self-driving system. But it is good to
| be able to go to the raw version if needed.
| internetter wrote:
| This video seemed to have pretty good performance actually,
| but I've seen articles where the car just gets stuck, makes
| unsafe maneuvers or just violates laws and this guy (whole
| mars catalogue) defends it. Watching prior videos shows it
| fail to yield to stop lights, stop in the middle of
| intersections or just total incompetence about highway
| etiquette (such as the highly watched SF -> LA video (in this
| video the whole highway is dubious, also violations at 1:18,
| 1:24, 1:30, maybe 17:24, probably others I missed... 3 in the
| span of 15 seconds)). I'm not at the point where I trust this
| thing.
| jchw wrote:
| > Software-locked features that need to be activated by the owner
| paying or subscribing to a service are becoming increasingly
| popular in the auto industry.
|
| Popular is the wrong word. Common, maybe. But popular?
| dathos wrote:
| From the point of view of the auto industry I would say popular
| is the right word.
| jchw wrote:
| Call me pedantic but I think using the word popular without
| qualifying it any further really begs for you to interpret it
| more generally, even in this context. Prevalent or common are
| better terms here in my opinion, since they regard the status
| quo rather than opinions.
| retrocryptid wrote:
| [flagged]
| tamimio wrote:
| Who cares about upvotes/downvotes.. and I agree, Tesla is just
| meme hype, and for that reason I will never buy "smart" car
| that spies on me and my family, while these videos are shared
| as a joke among Tesla employees.
| retrocryptid wrote:
| But it also has the great benefit that the data it collects
| doesn't belong to you. It belongs to tesla.
| froggertoaster wrote:
| Care to elaborate?
| retrocryptid wrote:
| Let's say you have a Tesla, but you didn't buy the "full"
| self driving package. You sell your Tesla to a third-party.
| Tesla (of course) resets the system to disable "full" self
| driving, but you have the tool to activate it so you turn it
| on for the new owner. Presumably you received money in
| exchange for the vehicle, as is traditional in our culture.
| You take some of that money and buy a 1958 Dodge D100 pickup
| truck and the Hayes Manual so you know where the spark plugs
| go. You use the remainder of the money to purchase a mix of
| mutual funds, Ford Motors stock, artwork by mediocre, yet
| somehow popular modern artists and maybe a crate of 2018 red
| wine.
|
| In 10 years you still have the D100, though you have spent
| more money on spark plugs and air filters than you would have
| imagined possible. The Hayes manual is covered with grease
| stains so it is no longer re-sellable. The Ford Motors stock
| has (of course) tanked, but it allows you to justifiably rant
| on internet message boards. The artwork has appreciated and
| you recently sold it to a European collector for a profit.
| The red wine would have appreciated in value, but by this
| time you've drunk all of it.
| fredoliveira wrote:
| Care to elaborate without this much analogy? I suspect
| you're trying to say the value of a Tesla ain't going to be
| there in 10 years, but I'm not quite sure that's true.
| retrocryptid wrote:
| Step 1. Unlock the "full" self driving feature you did
| not purchase.
|
| Step 2. Sell your tesla.
|
| Step 3. Unlock the "full" self driving feature for the
| new owner.
|
| Step 4. Take the money the new owner gave you and use it
| to purchase another vehicle.
|
| Step 5. Profit
|
| In this sequence of events, the value of the tesla in 10
| years is of no consequence to you because you do not own
| it.
| dang wrote:
| " _Eschew flamebait. Avoid generic tangents._ "
|
| https://news.ycombinator.com/newsguidelines.html
| retrocryptid wrote:
| Sure. If you don't believe that the resale value of Teslas
| are a point of legitimate conversation, this is nothing but
| flame-bait. But I think there are some here who believe that
| the fundaments of capitalism are legitimate subjects of
| conversation. But I get it, I touched on Tesla / Elon. We're
| not supposed to profane the holy Elon with our lowly speech
| or deny the sacrament of the Tesla Motor Car.
| dang wrote:
| We don't care about any of that; we just care about HN
| discussions being fresh and interesting vs. tedious and
| boring. Generic flamewar tangents are the latter,
| especially when they're re-repeated as often as this one
| has, so please don't take threads in those directions.
|
| If you have a substantive point to make about resale value,
| or something like that, that's totally fine, as long as you
| do it in a way that isn't flamefodder/snark/name-calling.
|
| https://news.ycombinator.com/newsguidelines.html
| eimrine wrote:
| Can electric car be not a computer-powered car?
| okanat wrote:
| You cannot get rid of the entire computerization because of the
| battery management. Also having some smarts for different
| terrain conditions generally enable some efficiencies. The hard
| truth is energy in Lithium ions will never be as energy dense
| as breaking a hydrocarbon bond. So electrification will always
| need some computers unlike the efficiencies we can gain from
| changing the mechanical design of the engine (which can also
| and did improve with computers).
|
| However as many industries the car companies try to keep the
| infinite growth premise alive by entirely computerizing all
| parts and close off any innovation with patents. Just like ICs,
| in the future nobody will own their car and those who want that
| will need hundreds of billions to burn to create companies that
| has no chance of competition.
| vessenes wrote:
| Pretty sophisticated attack vector: low voltage attack on AMD
| secure execution environment during boot. I wonder how many tries
| you need to get whatever bits you need in the right place. Also,
| I imagine you only need to cut 12V wires to do this, but I admire
| the willingness to get in there direct on these systems. I'd be a
| little nervous to make those cuts personally.
|
| Buried in the article is the claim that this will let them pull
| the RSA private key the car owns out for other uses -- while this
| is likely to remain a very niche attack vector, that's got to be
| really bad news for someone in vehicle security at Tesla. On the
| other hand, post jailbreak you could anonymize your location on
| Tesla's servers, which would be nice.
| brewtide wrote:
| Semi related question I suppose. Do the Teslas simply use GPS
| for their location information? If so, couldn't one spoof the
| GPS using a hackRF or similar?
| comboy wrote:
| I have no idea about Tesla specifically but normally you'd
| also you cell and wifi information (in their case probably
| also information from other teslas around) and additionally
| you have accelerometer and the whole "self-driving" computer
| to estimate where the car is and where it's going. It's also
| a known attack vector and likely covered because GPS signal
| is really weak so it's easy for somebody outside the car to
| try to make a mess.
| ballenf wrote:
| Targeted by the FCC seems worse than violating a Tesla
| clickwrap agreement.
| myself248 wrote:
| Only an idiot would let their GPS spoofer onto the air. You
| unplug the antenna cables from the receiver and pipe the
| spoof signal in there.
| FirmwareBurner wrote:
| _> that's got to be really bad news for someone in vehicle
| security at Tesla._
|
| It says in the article: " _Generally, these exploits are shared
| with Tesla, and it helps the automaker secure its systems. "_
|
| So it's only a matter of time till Tesla patches it.
| capableweb wrote:
| More relevant quotes from the article:
|
| > The group of hackers claims that their "Tesla Jailbreak" is
| "unpatchable" and allows to run "arbitrary software on the
| infotainment."
|
| And the full quote of what you put:
|
| > Electrek's Take
|
| > Generally, these exploits are shared with Tesla, and it
| helps the automaker secure its systems.
|
| > In this case, the hackers said that despite the exploit,
| they believe Tesla's security is better than other
| automakers.
|
| Doesn't seem like the security researchers actually shared
| the exploit with Tesla, at least as far as I understand.
| kelnos wrote:
| The information in this article alone is likely enough for
| some Tesla engineers to sit down and figure out the exploit
| themselves.
|
| And if this research group wants to enable regular people
| to "jailbreak" their cars, they have to publish their full
| methodology anyway.
| vorticalbox wrote:
| That's likely because it's a hardware issue, nothing really
| for tesla to do.
| bumby wrote:
| Apologize for my ignorance, but isn't it up to Tesla to
| define what hardware they want to integrate? Or is there
| no design alternative?
| Knee_Pain wrote:
| But how much time until the hardware is changed? And all
| the current models?
| avrionov wrote:
| What they meant is that it is not possible to fix it
| without replacing the hardware.
| bumby wrote:
| I see. But replacing the hardware would still be very
| much in the purview of "Tesla's problem" if you think
| they are a car manufacturer.
| pitched wrote:
| Changing hardware would mean a recall and this doesn't
| seem to warrant it.
| denysvitali wrote:
| Although this seems unpatchable without an HW upgrade
| samstave wrote:
| On the black-hat-flip-side ; This is exactly what a Black Hat
| would want to say - preventing from Tesla stating that they
| "aint got shit" from the hackers...
|
| So hackers can claim they called tesla, and tesla can ignore
| it and we no wiser
| klysm wrote:
| I don't understand how you can defend against low voltage
| attacks like this.
| weebull wrote:
| Make sure all security critical state is initialised to known
| values at reset, then have very tight tolerances on your
| power watchdog to initiate reset.
|
| However, that doesn't make for a stable system when powered
| from batteries.
| jsheard wrote:
| The Xbox 360 was broken by voltage glitching, and Microsoft
| successfully prevented it from happening again with the Xbox
| One: https://www.youtube.com/watch?v=U7VwtOrwceo
|
| In short, there's now a hardware watchdog which reboots the
| system if anything weird happens to the
| clocks/temps/voltages, and they carefully structured their
| boot ROM (the only code they can't patch later) to ensure
| that even if you somehow manage to sneak one glitch past the
| watchdog, no single branch condition being inverted will lead
| to a compromised state.
| ddalex wrote:
| > you could anonymize your location on Tesla's servers
|
| I already anonymise my location on Tesla's servers by simply
| not owning a Tesla
| 93po wrote:
| Cool
| coolspot wrote:
| Your car is filmed and recognized by other teslas.
| closewith wrote:
| That can't be legal? Not in the EU, anyway.
| bonestamp2 wrote:
| Which part? Lots of German cars use cameras to recognize
| cars for various safety and convenience features.
| ballenf wrote:
| Are you saying dash cams are illegal broadly there?
| closewith wrote:
| Dash cams are much more tightly regulated in the EU than
| elsewhere (you become a Data Processor and have all the
| responsibilities that comes with that).
|
| Private ANPR in public spaces is unlawful in I think
| every EU state?
| Ylpertnodi wrote:
| Fucking hell, here we go again: "Dash cams are much more
| tightly regulated in _some parts of_ the EU than
| elsewhere. "
|
| It depends on the eu country of which there are
| several...including an ex-eu country.
|
| How it comes accross: One of the things i hate about
| America is that in new york all the californian building
| restrictions and zoning are killing free speech.
| closewith wrote:
| With respect, the GDPR is a Regulation and this applies
| uniformly across the bloc. Enforcement varies, obviously.
|
| TBH your comment comes off as very condescending and ill-
| informed.
| mahathu wrote:
| Preach it brother
| liber8 wrote:
| Coming from an American perspective (where, when you are
| in public, you have basically no expectation of privacy),
| this seems insane.
|
| Does this mean that if I'm filming a vlog at Brandenburg
| Gate (which inevitably includes video of other people in
| the background enjoying the area), I'm in violation of
| privacy laws?
|
| Does that mean if I take a video selfie of me and my
| family members (which, again, includes images of others
| in the background, and which is automatically uploaded to
| icloud) I'm a data processor and am in violation of
| privacy laws?
|
| I assume there is some line here, but I can't think of
| the logic separating a person's dashcam from my examples?
| monksy wrote:
| There are differences between private photographs and
| commerical products.
|
| Vlog/youtube would be considered to be potentially
| commerical .. so you would probably be responsible fore
| GDPR and likeness recording. (The onious is on you to
| blur)
|
| Video selfie/photograph personal/non shared use - you're
| free do this
|
| https://allaboutberlin.com/guides/photography-laws-
| germany
|
| I am not a lawyer, nor is this legal advice.
| closewith wrote:
| As other have pointed out, the rules on photography vary
| from country to country within the bloc. However, the
| rules governing data protection and the processing of
| personal data (including photos) come from the GDPR, and
| very basically say that any processing of personal data
| requires a valid legal basis.
|
| There is an exception for personal use - the household
| exemption - but as soon as you cross the line into
| commercial operations or certain activities such as
| publishing, creating databases, etc, you lose the benefit
| of that exception.
|
| That doesn't mean you can't continue, just that you now
| need a legal basis and need to follow the rules (inform
| data subjects, allow the right to be forgotten, etc).
|
| So in general, dashcams are fine (unless a local law
| prohibits them) as you have a legitimate interest in
| recording your driving in case of an accident. Creating a
| facial recognition or ANPR database with the same footage
| would be unlawful, however.
| ukd1 wrote:
| Why is A[LN]PR unlawful for private citizens to perform
| on their own footage? (e.g. using
| https://www.openalpr.com)
| closewith wrote:
| It's unlawful as it means you lose the household
| exemption, and so need a legal basis for the processing.
| You also need to inform others of the data collection in
| advance, the purpose for which the data is collected, and
| the contact details of the data controller.
|
| Private ANPR-equipped vehicles are rare (and outright
| illegal in some EU states), but when you see them they'll
| have large decals with the above information on all
| sides.
|
| Facial recognition is considered biometric data, which is
| special category data under the GDPR and forbidden to
| process except in very strict circumstances. Apart from
| law enforcement/government, it is more or less impossible
| to lawfully process biometric data with informed consent
| from the data subject. The household exemption does not
| apply.
| avar wrote:
| The European perspective is broadly to have the "freedom
| _from_ ", whereas the American one is the "freedom _to_
| ".
|
| You've got the freedom _to_ aquire an arsenal, I don 't,
| but I prefer the freedom _from_ other people gunning down
| my kids, which by extension limits the narrow personal
| freedoms of myself and others.
|
| Likewise, the American perspective is to draw a hard line
| on "in public", the European one is more nuanced.
|
| Yes, you can film your vlog without fear, but a random
| pedestrian in Berlin also has the freedom from being
| associated with your public vlog.
|
| Therefore you have a responsibility to either get their
| permission to broadcast it, or to anonymize them.
|
| A useful way to think about it is to shift your view from
| "can I do X?" to "will I bother anyone else by doing X?".
| codedokode wrote:
| > Does this mean that if I'm filming a vlog at
| Brandenburg Gate (which inevitably includes video of
| other people in the background enjoying the area),
|
| I don't know about the law in Germany but I think it is
| very impolite in any country. You should ask people's
| permission before putting them online. On Japanese TV
| they blur out faces of people passing by for example when
| filming an interview in the street.
| klausa wrote:
| Broadly speaking the line is: someone in the background,
| appearing briefly: fine.
|
| Taking photos of specific people in public without their
| consent: not fine.
| littlestymaar wrote:
| > Does this mean that if I'm filing a vlog at Brandenburg
| Gate (which inevitably includes video of other people in
| the background enjoying the area), I'm in violation of
| privacy laws?
|
| No (at least not in France, which also has pretty
| stringent privacy policy so I think it's still a relevant
| answer) you can film people or cars in public streets but
| you cannot do any kind of data processing on the things
| you film (you can't keep a database with the license
| plates you have on your personal videos for instance).
|
| In short the line is: pictures and films by themselves
| are OK [1], but doing anything with the personal info you
| get from those video is forbidden.
|
| [1]: (under conditions, you must not cause harm in the
| process: for instance no "happy slapping" videos)
| anamexis wrote:
| In Germany, dash cams specifically are a bit of a gray
| area, but for example CCTV of any public areas is
| generally illegal.
|
| https://europe.autonews.com/automakers/tesla-warns-its-
| camer...
| someplaceguy wrote:
| I think EU countries are supposed to be using the same
| legal privacy framework, although the exact way the laws
| are phrased and interpreted might differ from country to
| country.
|
| I believe in Spain, generally speaking, it is legal to
| record your interactions with someone when you are in
| public.
|
| But I think many people are not aware that this is legal,
| including some police officers, because privacy laws are
| perceived to be quite strict.
|
| Similarly, I think dashcams are actually legal, even
| though most police probably think they are not.
|
| I think these recordings can even be used in court cases,
| and in fact in many cases it's probably the reason why
| they are legal, otherwise it would be hard to see a
| legitimate purpose that would override the privacy
| drawbacks.
|
| However, there are restrictions. Indiscriminate recording
| (i.e. CCTV) of public areas is illegal, as in Germany.
| This is also true for the entrances of personal homes:
| you are only allowed to have CCTV outside if it's
| pointing directly at your door, not the street in general
| (and you must post a sign).
|
| An obvious restriction is that I think you are not
| allowed to publish a recording without either anonymizing
| the people in them or getting their permission.
|
| An interesting restriction that comes to mind is that a
| few years ago, there was a court case of a man who was
| caught filming children on a school playground while
| positioned outside the school, which at the time it was
| presumed to be for sexual purposes, I think because of
| the way he was doing the recording (big lenses, I think?)
| and because he didn't have a legitimate motive for doing
| that (like being the parent of one of the children, or
| filming a documentary, etc).
|
| He was sentenced and received a large fine, but I think
| the legal reasoning was that children on a school
| playground are expected to have a legal right to privacy,
| even though it's a public school. So the judge considered
| it the legal equivalent of filming someone in their
| private home from outside.
|
| I'm very happy for cases like these where common sense
| prevails over legal / ideological dogma (even though I'm
| also aware of the dangers it can pose when laws aren't
| interpreted to the letter).
| someplaceguy wrote:
| > you are only allowed to have CCTV outside if it's
| pointing directly at your door, not the street in general
| (and you must post a sign).
|
| I forgot to mention that I highly disagree with this
| restriction.
|
| It's really, really bad for home and personal security:
| pointing the CCTV at your door does absolutely nothing
| when a robber / kidnapper enters your house while wearing
| a ski mask.
|
| However, pointing the camera outside could much more
| easily catch them in the days previous to the crime while
| they were staking the house (obviously it's not very
| feasible to stake a house wearing a ski mask).
|
| Or at least, it would deter them much more heavily and
| possibly prevent a not-insignificant proportion of
| kidnapping cases, since most of them seem to occur in
| people's own homes, which seems to be the easiest choice.
|
| I am similarly an extremely big critic of self-defense
| laws in European countries, which basically leave you
| completely defenseless in your own home even if you or
| your family are being kidnapped, due to the huge
| asymmetric advantage that an attacker has over you.
|
| Or at the very least, you risk going to jail for many
| years if anything goes wrong.
| chemmail wrote:
| Not to worry, chinese made cams broadcast everything for
| everyone on the internet to see. Nothing closed circuit
| about that!
| bigbillheck wrote:
| I don't think they're all that concerned about the law.
| [deleted]
| painted-now wrote:
| That's why I only hang out in the metaverse and don't leave
| my home anymore. Umm, ...
| brador wrote:
| >Your car is filmed and recognized by other teslas. -
| coolspot
|
| Is this true?
| xavdid wrote:
| - filmed: definitely - recorded: not sure (probably
| not long term) - recognized: unlikely
| mtlmtlmtlmtl wrote:
| Recorded, definitely based on the fact that Tesla
| employees were sharing various "funny" clips from these
| cams among themselves.
|
| https://www.reuters.com/technology/tesla-workers-shared-
| sens...
| WeylandYutani wrote:
| I thought the Chinese were being paranoid about Tesla but
| really anything from the US can be used to spy on your
| military bases.
| nonrandomstring wrote:
| Teslas, Roombas and Rings...
|
| https://cybershow.uk/episodes.php?id=12
| bonestamp2 wrote:
| Tesla owners can use the cameras as "dashcams" and save
| the recordings. Here's an example from r/dashcam: https:/
| /www.reddit.com/r/Dashcam/comments/15ezdjd/tesla_dash...
| thefounder wrote:
| Just like on social media/chat apps
| jcuenod wrote:
| That's why I also rotate license plates and repaint my car
| twice a year.
| culi wrote:
| you're joking, but there's a whole genre of "adversarial
| fashion"[0][1] dedicated to making clothing that spams
| these sort of public data recognition services. Hoodies
| with license plates, face masks with weird facial
| features, etc. Often optimized against actual neural
| networks too
|
| [0] https://adversarialfashion.com/
|
| [1] https://www.capable.design/
| syx wrote:
| That's really cool, I wonder effective these designs
| really are! This reminds me of a font that came out 10
| years ago ZXX [1] that was presumably designed to hide
| from OCRs.
|
| [1] https://www.businessinsider.com/zxx-fonts-that-
| google-cant-r...
| JohnBooty wrote:
| This is awesome, and thanks for posting this. I had no
| idea.
| pests wrote:
| Gait detection renders any of this obsolute sadly.
| berniedurfee wrote:
| Something something silly walks
| [deleted]
| zapdrive wrote:
| I also change my facial hair style 4 times a year. Will
| start getting plastic surgery twice a year starting next
| year.
| 867-5309 wrote:
| sounds like a slippery slope to voluntary hip surgery for
| gait correction
| cool_dude85 wrote:
| I always wondered if this could be beat by putting a
| pebble in your shoe or something.
| fleshdaddy wrote:
| It's been a long time since I read it but I think that's
| exactly how it was beat in Cory Doctorow's novel Little
| Brother.
| silisili wrote:
| Not sure if it's changed now, but just wearing flip flops
| used to defeat gait recognition...
| mcbuilder wrote:
| I just inked an adversarial CV tattoo onto my face,
| worked great until that image leaked into the training
| data.
| zapdrive wrote:
| Should have tattooed a QR code that auto downloads a
| malware that bricks A100s.
| wongarsu wrote:
| Against face recognition you could use CV dazzle makeup
| [1] to look less like a face. However I wouldn't
| recommend using that approach for your vehicle
|
| 1 https://dangerousminds.net/comments/foil_facebooks_faci
| al_re...
| fho wrote:
| I think that's actually quite common on new car models.
| The dazzle paint job makes it harder for the press to see
| the shape.
|
| E.g.: https://www.bmw.com/en/automotive-life/prototype-
| cars.html
| zapdrive wrote:
| I don't want my car "harder to see" going at 100 miles
| down the highway.
| myself248 wrote:
| Oh no, it's super easy to see, just harder to tell if
| it's a coupe or a sedan or whatever. New lines in the
| body panels get drowned out by the pattern, etc.
| ukd1 wrote:
| I always wondered if this still worked with a IR/UV
| camera too...?
| rascul wrote:
| I vaguely recall reading (probably in the book All
| Corvettes Are Red) that the C5 Corvette was driven around
| with Camaro body panels to fool the media.
| vondur wrote:
| I wonder how the face painting antics of Death Metal
| bands would hold up to face recognition software?
| Accacin wrote:
| Sorry for being pedantic, but it's usually Black Metal
| bands that wear the face paint that you're thinking of :)
| jancsika wrote:
| That's why I wear an rpi connected to four lcd's on my
| face that display randomly chosen beard tiles.
|
| It's also why I started Our Lady of the Anonymity Pool
| where we gather for music and fellowship, and to recharge
| and distribute beard screens to our congregants and
| visitors.
| alinaval wrote:
| Phillip K Dick imagined a "scramble suit" that did just
| that in a Scanner Darkly, continuously randomizing the
| users facial features.
| knodi123 wrote:
| That's why my license plate is shaped like 3 different
| light bulbs, and is hidden in a grid of light bulb shaped
| objects.
| zoky wrote:
| Oh hey, I just did your license plate as a CAPTCHA!
| [deleted]
| EMCymatics wrote:
| Yeah, how much do you trust Musk and company?
| gumby wrote:
| This is a plausible attack vector, parallel to the profiles
| Facebook, Linkedin et al maintain for people who don't have
| accounts.
| [deleted]
| ModernMech wrote:
| I drive a firetruck, so I'm invisible to Teslas.
| cozzyd wrote:
| fortunately I only own a bike...though maybe this makes me
| ineligible for some Illinois class action lawsuit...
| steelframe wrote:
| That's why I cycle everywhere. With my phone switched off
| and stowed in a Faraday bag.
| moffkalast wrote:
| Ah, but where's the challenge in that?
| bastardoperator wrote:
| Definitely sophisticated, but something console hackers have
| been doing for quite some time now including the boot flow. I'm
| wondering if a Tesla vehicle/computer is more sophisticated
| than say a PS5?
| suction wrote:
| [dead]
| bushbaba wrote:
| Isn't this a huge risk to AMD's confidential compute offering.
| It's a major security flaw.
| kccqzy wrote:
| I have reviewed the threat model carefully before. AMD never
| claims that their confidential compute offering is immune to
| attacks involving physical access. I assume what you mean by
| confidential compute is technology like AMD SEV SNP? Those
| are very different in that they allow you to run a trusted
| virtual machine on an untrusted hypervisor. This attack is
| completely different; it's akin to breaking Secure Boot on a
| PC.
| judge2020 wrote:
| Anonymizing your location - until you put in route and your car
| asks for traffic information from teslas servers.
| d4l3k wrote:
| If the map can't talk to Tesla it'll use Google maps
| directly. I usually don't allow connections to Tesla on my
| rooted Model 3
| zoover2020 wrote:
| Hoe did you root yours? Did you lose out on any
| functionality?
| d4l3k wrote:
| There's some functionality loss but it's mostly been
| mitigated. I have a custom app I wrote since I can't use
| the stock app.
|
| The one feature I miss is that there's no voice commands
| since that requires Tesla's servers but at the same time
| I also haven't been bothered enough to plug in a custom
| backend
| lrem wrote:
| _wait_
|
| So the company that goes "we don't need physical buttons
| since we have voice commands" also goes "you don't need
| those in underground parkings"?!
| majikandy wrote:
| It's ok, the voice commands are barely understood anyway.
| At least in the UK they aren't. Gets it drastically wrong
| and messes up your navigation destination, because you
| asked it to open the glovebox "navigating to Columbia"
| adamgamble wrote:
| I also would like to subscribe to your newsletter.
| d4l3k wrote:
| I've got a blog if you're interested haha
| https://fn.lc/post/
|
| I've been hacking on my car and creating my own self
| driving models
|
| Code is at https://github.com/d4l3k/torchdrive
| seanthemon wrote:
| Very cool, am going to eat this up. FYI some of your
| images won't load for me, shoots me a 502 here
| https://fn.lc/post/diy-self-driving/
| d4l3k wrote:
| Not sure why they aren't loading, seem to be fine now
|
| They're also at
| https://github.com/d4l3k/fn.lc/tree/master/static%2Fdiy-
| self...
| acer589 wrote:
| Is that legal?
| malwrar wrote:
| How does this work with their charging network? Are you
| still able to use their chargers, or are you stuck with
| home charging & third parties?
| wholinator2 wrote:
| Oh no, don't give them ideas. It'll become the HP instant
| ink of car charging
| d4l3k wrote:
| Supercharger auth is between the car and the charger and
| doesn't require an internet connection. I get billed the
| normal way via my Tesla account since the VIN is
| registered
| striking wrote:
| > I wonder how many tries you need to get whatever bits you
| need in the right place.
|
| For the Xbox 360, the "Reset Glitch Hack" (which worked
| similarly) would just try over and over again until it got it
| right. A computer is happy to try tens or hundreds of times on
| your behalf.
| jsheard wrote:
| However the next Xbox added active countermeasures against
| glitching attacks which force a reboot if the clocks,
| temperatures or voltages go outside of reasonable bounds, and
| that's never been defeated. Glitching attacks can be very
| powerful, but they have a limited shelf life if the hardware
| manufacturer cares to prevent them.
|
| https://www.youtube.com/watch?v=U7VwtOrwceo
| striking wrote:
| Definitely. Not arguing that this can't be fixed, but
| rather outlining how a similar successful attack was made
| more reproducible.
| closewith wrote:
| Can you not turn off vehicle tracking?
| speedgoose wrote:
| Since a few weeks you get a classic consent screen for
| various categories of tracking. At least in Norway. You can
| turn everything off but I think some data is still sent to
| your phone through the Tesla servers. And I assume it's not
| end 2 end encrypted.
| mgiampapa wrote:
| Just like we used to have cable box guys willing to sell you an
| unlocked box for premium channels, we are eventually going to
| have feature unlock guys that you go do and for a small fee
| perform some slightly more technical hack to enable features
| that are already there.
| technothrasher wrote:
| This market already exists for things like enabling
| Navigation on VW/Audi cars. People were offering to enable
| the hidden Android Auto support on my Porsche Macan for $600,
| which I almost went for until I found the scripts and
| instructions to do it myself.
| mgiampapa wrote:
| I did the same on a Mazda CX5 a few years back, but it was
| a software only hack to get root first. I suspect the
| actual physical hardware modification line is the one that
| most users are going to be unwilling to cross unless they
| are in the "Download a Car" crowd.
| littlestymaar wrote:
| > I suspect the actual physical hardware modification
| line is the one that most users are going to be unwilling
| to cross unless they are in the "Download a Car" crowd.
|
| Idk, hardware modification of the first _Playstation_
| that allowed to play ripped games became mainstream very
| quickly in my country (France) and you could even go to
| some shops that sold Playstations to get it done. It only
| stopped when it was made openly illegal.
|
| "I paid for this shit, I do what I want with it" is a
| very powerful sentiment (and a legitimate one actually:
| corporation adding "Digital Right Management" system to
| deprive people from their property right is dystopian as
| hell).
| acer589 wrote:
| Okay, but in that PlayStation example you DIDN'T pay for
| the games, but still decided to 'do what you want'. How
| is that legitimate but attempting to prevent it not?
| harshalizee wrote:
| Doesn't the Mazda CX-5s all ship with Android Auto and
| Apple Carplay by default?
| BonoboIO wrote:
| $600 is not cheap. What model year do you have? Does
| Porsche not provide an update or possibility to upgrade.
| fragmede wrote:
| If you're in the market for a recent Porsche, which go
| for let's say ~$100k, $600 _is_ cheap to you. Cheaper
| than the time you 'd spend on doing it yourself really,
| but doing it yourself is half the fun.
| mrguyorama wrote:
| If $600 is something you have to think about, you should
| never own a Porsche.
|
| If you can't afford to maintain an expensive car, you
| can't afford to purchase an expensive car.
| robterrell wrote:
| This is how I got CarPlay on the used BMW I bought. Gave
| some guy in Thailand my VIN and $60, he sent me firmware to
| install, and now I drive around with working CarPlay and
| the vague notion that I've maybe been p0wned in ways I
| don't fully understand.
| nobleach wrote:
| Wait, CarPlay is a "premium" feature on a BMW?
| greenthrow wrote:
| On older models. Current models come with it.
| knodi123 wrote:
| When your car idles, it's contributing to his
| Folding@Home account rank
| TedDoesntTalk wrote:
| More likely it's mining crypto.
| jjkaczor wrote:
| Heh... or mining coins... or these days, factoring
| LLM's...
| tmpX7dMeXU wrote:
| Simpler times.
| jxf wrote:
| Hidden as in it's not available normally, or hidden as in
| it's a paid feature?
| avree wrote:
| It was built, and then disabled, as Porsche wasn't
| comfortable with Google's policies around data collection
| from Android Auto. You can pretty easily figure out how
| to turn it back on.
| bri3d wrote:
| This has already been the case on European navigation systems
| (Audi and VW MMI/MIB) for many years now.
|
| VW Audi Group developed an entire infrastructure called SWaP
| (Software as a Product) and FEC (Feature Enable Codes) many
| years ago, and ever since, there has been a cottage industry
| in bypassing the system to enable features like CarPlay,
| Navigation, and Performance Monitor which are usually locked
| by software trim levels.
| no_wizard wrote:
| The only hack on cable style TV I remember is you could buy
| modified satellite authentication cards for DirectTV for a
| time - usually on eBay or similar sites - and they worked. No
| idea how long, I had an uncle that had one though, got all
| the premium channels etc.
|
| I doubt any of this works anymore though
| nobleach wrote:
| I worked for a cable company in the mid-90s. The amount of
| boxes that disappeared (and couldn't be located) was
| insane. The folks that procured them also used a "bullet
| blocker" (basically a resistor) to avoid the box being
| disabled.
|
| In the satellite realm, DishNetwork was always the easier
| service to hack. The FTA scene was completely overrun with
| folks buying 3rd party tuners. Once Dish switched to an
| encrypted signal, a few vendors (nFusion if I recall) even
| could rotate keys in a matter of hours to decrypt Dish's
| new encryption schemes. I doubt any of that works these
| days simply because there's no reason to push too hard for
| content that is likely available via easier means.
| bonestamp2 wrote:
| I remember being out for a beer run with a friend during
| these days. On the way there he pulls into a parking lot
| and stops in front of a nail salon. He said, "Come on" and
| I followed him into the nail salon. There were about 10
| women in there, not a guy in sight... he goes up to the
| desk and pushes a button that looks like a doorbell.
|
| One of the ladies doing the nails says, "He no work here no
| more, check dry cleaner across the street." We get back in
| the car and I'm like, "What was that all about?". "My
| DirecTV card got disabled and that's where I get it
| reprogrammed".
|
| We go across the street to the Dry Cleaners. There are
| three ladies in the lobby watching TV, and a guy behind the
| counter. He asks the man, "Is Ken here?" The man says,
| "I'll check" as he walks into the back. Now, the man was
| coming from the back when we came in, so I assume he
| already knows if Ken is there or not, but Ken probably only
| comes out if he recognizes my friend.
|
| Sure enough, Ken comes right out all smiles and they have a
| quick chat. My friend hands over his card and Ken says, "we
| had to get new equipment, it's now $100, ATM next door".
|
| Ken disappears for about 10 minutes and comes back. My
| friend gives him cash and away we went. About 4 months
| later, he had to get it reprogrammed again.
| tmpX7dMeXU wrote:
| That guy's name? Jimmy McGill.
| fragmede wrote:
| If you want a rabbit hole, start with Christopher Tarnovsky
| at Defcon https://www.wired.com/2008/05/tarnovsky/
| darkclouds wrote:
| The dragon cam.
|
| https://www.kustompcs.co.uk/components/interface-
| cards/tv-tu...
| mrguyorama wrote:
| Internal employee controls have gotten way more
| sophisticated, and cared about since it's one of the things
| you need to do for business focused information security.
| Prickle wrote:
| This is true, but if I remember correctly, Apple has a very
| similar issue with user locked devices.
|
| Employees have opened their own "stores", where they remove
| activation locks, or unlock iphones remotely for a small
| fee.
| rebolek wrote:
| Let me tell you what's wrong with this:
|
| Nothing.
| bonestamp2 wrote:
| Be careful though, some automakers are tracking software mods
| and voiding warranties. Example:
| https://www.motorbiscuit.com/beware-dodge-challenger-mods-
| do...
| Faaak wrote:
| I don't think how that could work with the Magnuson-Moss
| Warranty Act ?
| bonestamp2 wrote:
| Good point. There is an exception in that act that allows
| the warrantor to waive coverage if the damage was caused
| by the consumer, so I guess Dodge can do it because the
| software mod in that case is causing the vehicle to
| perform outside of its design envelope. The warranty only
| covers manufacturer defects, and forcing the vehicle to
| do something it's not intended to do is not a defect.
|
| So, I guess these Tesla hacks should be fine so long as
| they're only enabling things that the vehicle has been
| designed to do.
| awad wrote:
| Mod chips for consoles and mod chips for cars don't seem too
| dissimilar
| berniedurfee wrote:
| And gray market chips you could swap into your US Robotics
| Sportster modem for dual standard 56k baud compatibility!
| sleepybrett wrote:
| I had a friend that made a tidy sum in college by selling
| replacement chips for high end cars that overrode some
| governors built into the firmware.
| kotaKat wrote:
| They haven't managed to "unlock" the features yet. They've got
| root on the IC which "could" lead to unlocking them.[1]
|
| https://www.blackhat.com/us-23/briefings/schedule/index.html...
| mrkeen wrote:
| Something which might work in the future, being announced as
| something that works now? How appropriate!
| robotnikman wrote:
| Now lets do the the same for Mercedes and any other car
| manufacturer who starts to try this crap. Good to see stuff like
| this happening.
| Someone1234 wrote:
| While the exploit that allows them to run arbitrary code is
| unfixable, that doesn't mean Tesla couldn't update the vehicle to
| make accessing these features more difficult. For example, simply
| not delivering chunks of FSD to unauthorized vehicles server-
| side.
|
| I guess my point is: This will start an arms race. Eventually
| you'll need to pick between an on-network Tesla getting software
| updates from them, or an off-network Tesla with FSD and other
| things that unlocked can provide. Heated seats can likely be re-
| enabled electronically without software (i.e. splice in a
| switch).
|
| Personally, purely from a utilitarian perspective, I wouldn't
| choose to use FSD that wasn't getting continuous updates because
| it may not include road changes, state law changes, and frankly
| still has a lot of room for safety/reliability improvement. Maybe
| "Enhanced Autopilot" ($6K) just for lane change.
|
| PS - 9/10 of Tesla's recalls have been software updates. So you'd
| lose those with an off-network Tesla.
| count wrote:
| The arms race started the first time a Tesla shipped. They've
| had some serious security folks on the Tesla side since the
| early days.
| no_time wrote:
| That's very cool. Especially if this could compromise the desktop
| version of this tech as well. Extracting my own TPM keys could be
| useful if MS/GOOG decides to boil the frog even harder.
| ccosmin wrote:
| At least in France if you have a serious accident there's a
| technical examination of your car. If the insurance company finds
| out you tampered your car software (debridage) you're left
| without any coverage.
| advael wrote:
| Big fan of anything that harms the control companies have over
| computers they've sold people, especially in deadly weapons like
| cars. Excellent work
| somerandomqaguy wrote:
| Makes me wonder how Tesla's going to react to this. Can't imagine
| they're happy about this.
| johnl1479 wrote:
| I'm torn. On one hand, I absolutely think that a capability
| available in the vehicle/device when you purchased it should be
| available for you to use, and not behind a software lock (heated
| seats, etc). On the other hand, an "upgrade" or 100% new software
| delivered via OTA (self driving, etc) seems a little more like it
| should be a separate thing.
| Denvercoder9 wrote:
| > I absolutely think that a capability available in the
| vehicle/device when you purchased it should be available for
| you to use, and not behind a software lock (heated seats, etc).
|
| While I intuitively agree with you, I'm having a hard time
| arguing against the economic argument in favor it. Producing a
| single version of a product is generally cheaper than producing
| two different versions. Also offering a lower-margin, software-
| locked variant can (in certain conditions) make things cheaper
| for everyone, and it gives the consumer more choice: if you
| don't need or want the features of the premium model, you don't
| have to pay for it.
|
| For example, imagine a manufacturer that sells two versions of
| its product, a basic model that makes up 20% of sales which
| costs $1000 to manufacture, and a premium model that makes up
| 80% of sales and costs $1250 to manufacture; this gives an
| average cost of $1200/unit. If they can save $100 per unit by
| only manufacturing the premium version and software-locking it,
| that reduces the average cost of goods sold to $1150/unit. They
| can pass on half of the savings to the customer, and still come
| out $50/unit ahead.
| beiller wrote:
| Producing the extra weight of the seat heater requires extra
| fuel to burn. Now multiply that by the number of cars on the
| road. Will cost the customer a (small) amount extra in fuel
| costs for a part that is not being used. So there is an
| economic argument that ya, we can subsidize manufactures by
| taxing people more. Seems like a bad deal to me.
|
| Now lets talk about CO2 output of driving around extra dead
| weight. Makes it worse.
| Denvercoder9 wrote:
| The extra weight/fuel costs just shifts the price point
| where it's a good deal (as it makes the product slighly
| worse), it doesn't change anything fundamental to the
| argument.
|
| Or to put it in another perspective: carmakers have never
| optimized for weight at the cost of everything else (as
| otherwise we'd all be driving around in cars made from
| titanium or carbon fiber). What's the difference between
| putting in a heavier seat with a non-functional heater to
| reduce production costs, and using steel instead of
| aluminium to reduce production costs?
| Sebb767 wrote:
| > Now lets talk about CO2 output of driving around extra
| dead weight
|
| We're talking about a few grams of extra weight on an ICE
| vehicle over 1.5 tons, if not even an SUV over two tons. If
| you put a spare bottle of water in your car you'll most
| likely have similar dead weight.
|
| Now, I get where you're coming from, but the amount of dead
| weight this adds is so miniscule compared to the general
| overhead any modern vehicle carries that making this
| argument is borderline disingenuous.
| beiller wrote:
| I question it myself a bit but I think I will stick to my
| argument. Yes it is a small amount of weight, but from
| what I understand passenger cars contribute a lot (28%)
| to total greenhouse gas emissions. 290.8M cars on the
| road in USA alone. I will say a copper heating coil in a
| seat weighs 3 Lbs. 4,094 Lbs is the average weight of
| car. So we could save .1% of the weight of the car maybe?
| Over the lifetime of a vehicle couldn't it add up?
|
| Then we can add in the CO2 emission of manufacturing dead
| material to place in the car.
|
| To top it all off, no one wants this.
| kelnos wrote:
| You're probably right that the loss in gas mileage or EV
| range is pretty small, to the point of being statistical
| noise.
|
| But a few grams is definitely not correct. It's probably
| more on the order of 3-5lbs per seat.
|
| If we don't like the heated seat example, let's use power
| seats. Those are _much_ heavier than the equivalent seat
| with manual controls to adjust its position and angle.
| Granted, I don 't know of any car manufacturer gating
| power seats behind a software lock...
| ryandrake wrote:
| I think the usual "heated seats" example is a poor one,
| since it's so obviously an optional feature that not
| everyone would want to hack around.
|
| Let's say instead that BMW decided all their car models
| would be physically 4 seaters, but in order to be allowed
| to use the back two seats, you had to pay a large monthly
| "sedan fee". And if they caught you using the back seats
| without paying, they'd sue you. Would anyone accept this?
| Likely no. And the _reason_ you shouldn 't accept this is
| the same reason you shouldn't accept the "seat heat" fee.
| nichtverstehen wrote:
| No need to imagine. That's public transportation. You can
| physically enter a bus and sit there and get to places
| for free.
|
| But you're supposed to get a ticket. Or is it fair game
| to use public transport for free because you can?
| Denvercoder9 wrote:
| > Would anyone accept this? Likely no.
|
| I wouldn't be so sure, it's all about the price. There's
| plenty of people that don't have a need for the
| backseats, and at a certain discount on the purchase
| price it becomes worth it to have two unusable seats in
| the back of the car. Think about the extreme case, in
| which the car is free: there are certainly people that
| would take that deal.
| beiller wrote:
| Not sure what you're getting at, but the back seat
| example here has all the same issues I pointed out above.
| They actually would weigh even more than seat heaters. I
| only gave some examples above of why it's bad but there
| are many more off the top.
|
| Either way if I truly think I am right, then BMW, etc
| should just go ahead with this plan. It should be a money
| loser for them in the long run. But on second thought why
| burn all this CO2 just to prove a point. We should
| probably collectively put a stop to it sooner rather than
| later.
| ryandrake wrote:
| I agree with you 100%. Sometimes on HN we assume when
| someone replies to us they're disagreeing!
| beiller wrote:
| Haha yeah I wasn't quite sure from the response, so I
| just expanded on what I was saying before. I wonder if
| there is any examples of it being a good thing in any way
| shape or form.
| MetaWhirledPeas wrote:
| I wonder if you framed the question a different way if people
| would be more accepting of the arrangement.
|
| Option A: Buy our car for $50,000
|
| Option B: Buy our car for $40,000, but we'll software lock
| the "full self driving" feature
|
| It sounds bad if you frame it as the company withholding
| functionality. It sounds better if you frame it as the
| company offering a discount, given some software
| stipulations.
|
| This is really about paying for software. When you spend $400
| for Ableton Live you are "unlocking" new capabilities for
| your PC. When you buy the latest PC game you are "unlocking"
| new capabilities for your GPU.
|
| If you wanted to do all this yourself you are _technically_
| able to do so, _at great difficulty and expense_. You could
| develop your own software to operate your vehicle. (Not
| advisable.)
|
| I prefer to look at it as a value proposition, rather than a
| battle of ideals. If a car with _x, y, and z_ features
| disabled at a price of _a_ is attractive to you, then buy it.
| If not, don 't.
| fragmede wrote:
| That assumes consumers are entirely rational, totally
| informed beings. Except every economist knows that's not
| actually true. So you give the consumer option B to get
| them in the door, and then spring the cost of full self
| driving on them. Option B can even end up being more than
| option A. See also: buying a cellphone on contract, back in
| the day.
| kelnos wrote:
| It's not so simple, though.
|
| First, they absolutely will not pass the savings on to the
| customer. Prices are governed by what people will pay, not by
| what it costs to make the car. If they can make the cars for
| $100 cheaper, they will pocket the $100, unless market forces
| (like cheaper cars from other manufacturers) signal that they
| should lower their prices.
|
| Second, heated seats are heavier than non-heated seats.
| Customers who get software-locked heated seats and don't want
| the feature will get slightly worse gas mileage or EV range.
| So not only is the manufacturer potentially saving money
| building the car (savings they likely are not passing on to
| the customer), but they're pushing added operational costs
| onto the customer.
|
| I think it's fine (though somewhat shady[0]) for a company to
| use these sorts of software interlocks. But the product sold
| to the customer belongs to the customer. If they want to hack
| or mod it to disable that software interlock, the company
| should just have to live with that, and shouldn't be allowed
| to punish the customer in other ways (like refusing to
| provide software updates, refusing to do maintenance, making
| that maintenance more expensive, etc.).
|
| [0] Ultimately they can do whatever is legal. But customers
| don't like being nickel-and-dimed for things, and doing too
| much of this might cause customers to find alternatives. For
| example, I refuse to fly on super-low-cost airlines like
| Frontier and Spirit because I don't want a super-bare-bones
| experience where I have to pay extra for every little quality
| of life improvement. Flying is already not a particularly
| great experience, and I don't care to make it worse. It's
| Frontier & Spirit's prerogative to operate like that (and
| clearly enough customers are fine with it for these companies
| to be successful), but it's also my choice to spend my money
| elsewhere. But if the _only_ option was airlines like these
| (or car manufacturers who software-lock everything), that
| would really suck.
| mensetmanusman wrote:
| This analogy/mental model of what things are when you purchase
| them breaks down for software. It's less environmentally
| wasteful to build a single sku and unlock paid software
| features requiring teams of devs.
| RajT88 wrote:
| > paid software features requiring teams of devs.
|
| This makes it easy for me to make up my mind about. FSD is
| about far more than just the hardware - there's many teams of
| devs working on it.
|
| > heated seats
|
| There's little (no?) justification for software locking
| heated seats. Press the button, make the seats hot. This is
| just capitalist bullshit and we shouldn't put up with it.
| rootusrootus wrote:
| From the perspective of a customer, what is the difference
| between a heated seat that doesn't work because it doesn't
| exist, and one that is locked out by software? Assuming the
| customer isn't paying up front for that feature.
|
| Some people don't want to pay for heated seats. Turns out the
| manufacturer found it cheaper to just include the hardware
| anyway rather than differentiate on the production line. What's
| the big deal? The ability to change your mind and pay for the
| feature after purchase without getting an aftermarket seat
| heater seems like a nice bonus. Everyone wins.
| bastardoperator wrote:
| Some people don't want to pay for a 4th bedroom. Turns out
| the builder found it cheaper to just include the extra
| bedroom rather than differentiate on blueprints. What's the
| big deal? The ability to change your mind and increase your
| mortgage without having to deal with construction in the
| future seems like a nice bonus. Everyone wins.
|
| Cars are property. It would be absurd to think portions of my
| property are off limits to me. The best part about all of
| this, is that none of these car manufacturers are going to
| win, it's a rat race and plenty of people are going to buy
| the cheapest car and mod the car software. I actually love
| it. I also love how the people doing this have physical
| access to their property and nobody can stop them.
| rootusrootus wrote:
| Aside from the significant associated increase in
| maintenance costs on e.g. the roof that would come with
| such an option, I bet you the market would be fine with
| that. Stamp out houses that are all alike except some have
| less bedrooms enabled. Hell, offer the extra bedroom
| capacity as a rental option.
|
| If the customer only paid for 1 bedroom, they're going to
| save a lot of money. It's the extra maintenance costs of
| that roof and the associated space taken up by the
| structure that would make it a harder sell, otherwise
| dynamically growing living space would be very interesting.
| fluoridation wrote:
| >Some people don't want to pay for heated seats. Turns out
| the manufacturer found it cheaper to just include the
| hardware anyway rather than differentiate on the production
| line.
|
| If it's that cheap then it should just always be included,
| period. Otherwise it's just transparent greed. Why charge
| your customers extra for something that costs you literally
| nothing extra? Why not do the same for everything? The radio
| volume knob is software-locked and it's either at 100% or
| off, unless you pay extra to unlock it. The entertainment
| system will play ads continuously while the car is running
| unless you pay extra for the no-ads version. When you unlock
| the doors they will stay locked for five more minutes unless
| you pay extra for the Instant Unlock feature.
| rootusrootus wrote:
| > Why charge your customers extra for something that costs
| you literally nothing extra?
|
| Because that's not how business works, whether cars,
| computers, or any other widget. The cost of manufacturing
| is only tangentially related to the retail value.
|
| Your examples, while contrived, could easily work the same
| way. As long as the customer knows what they're buying, and
| there are other choices on the market, then we will find
| out pretty quickly how valuable a non-binary volume knob
| is.
|
| You may not want to know the answer to that one, if you pay
| much attention to airline ticket pricing and consumer
| behavior.
| LocalH wrote:
| Stop giving them ideas!
| eschneider wrote:
| It's boggles the mind that a car company would spend
| millions on styling and then do something like that to
| completely cheapen the experience. Of course, software
| companies do that sort of thing all the time. Just...ugh.
| LocalH wrote:
| $$$, that's why. $X isn't good enough for them, when they
| can find a way to get $X+Y
| eschneider wrote:
| Do they even get more money from stuff like that or do
| they lose customers because the UI now looks like ass?
| GuB-42 wrote:
| That's the entire point. They design a "luxury" car to be
| sold at a luxury price, with high margins. But by doing
| so, they go above budget for many potential customers.
|
| So they make a cheaper version, with lower margins, but
| they deliberately cheapen the experience so that those
| who can afford the "luxury" version don't buy the "cheap"
| version instead.
| fluoridation wrote:
| If you want to sell a cheaper version then actually
| _make_ that cheaper version. Don 't sell the exact same
| version with the switch locked in the off position by a
| logic puzzle and then sell the solution for an exorbitant
| price. Hell, make a single version and physically break
| the feature at the factory. Remove a critical component.
| _Anything_ but this bullshit.
| dragonwriter wrote:
| > Otherwise it's just transparent greed.
|
| Welcome to capitalism, it seems you are new here.
|
| > Why charge your customers extra for something that costs
| you literally nothing extra?
|
| Because (1) you can, and (2) it maximizes profit.
|
| > Why not do the same for everything?
|
| Because of estimates about what people will accept not
| having in the base model and what some will be willing yo
| pay extra for. Why do you think there would be some other
| principal at work here?
| globalise83 wrote:
| And that is how Ryanair was born...
| creata wrote:
| > From the perspective of a customer, what is the difference
| between a heated seat that doesn't work because it doesn't
| exist, and one that is locked out by software?
|
| In the former case, I didn't pay you money, so you didn't
| give me a good / service / whatever. That feels fair, because
| you need money to provide those things.
|
| In the latter case, I didn't pay you money, so you didn't
| _flip a switch_. That seems like a dick move.
|
| So I guess the difference is that in only one of these cases
| does it feel like the manufacturer is an asshole.
| MetaWhirledPeas wrote:
| > In the latter case, I didn't pay you money, so you didn't
| flip a switch.
|
| This is the case for _all software_. There is no physical
| exchange of goods, and nearly zero effort to distribute the
| bits.
| lanstin wrote:
| Which is why Stallman got pissed at the lack of source
| code and worked so hard to make source code always
| available. So that the economic limitations line up more
| closely with the physical limitations.
| ImPostingOnHN wrote:
| heated seats are hardware, not software, even if they
| interact with software
|
| a car is hardware, not software, even if it interacts
| with software
|
| the fact that the switch is implemented via software is
| irrelevant to the fact that hardware is more analagous,
| e.g. a printer you want to use off-brand cartridges in,
| or a cell phone you want to root
|
| I bought a kindle fire at a discount because it was ad-
| supported, then rooted it and removed all the
| adware+bloatware, and don't feel even a little bit bad,
| because all I was doing was using _my_ hardware as I saw
| fit
|
| sorry not sorry that this breaks amazon's business model
| (in reality it's so rare it doesn't), but my hardware, my
| property, my rules
| _factor wrote:
| The wasted economy on lugging around the extra weight for a
| useless seat heater.
| rootusrootus wrote:
| That's true. It happens, though, and has for years. My last
| car had a seat ventilation fan that was inoperable because
| the switch and corresponding electronics (some kind of PWM
| controller) to turn it on weren't installed. Seat
| ventilation wasn't offered on that model at all, but the
| seats were built with the fan. They didn't yank the fan out
| on principle, they just installed the seats as built.
| overnight5349 wrote:
| In reality, you're still paying for the hardware. Don't think
| for a second that these 'optional' features don't figure into
| the price.
|
| Sure, maybe they have a lower markup if you don't buy the
| license up front, but you still paid for it. These types of
| gimmicks are free money for the company pulling them.
| matwood wrote:
| Because of the way production lines work it can actually be
| cheaper to include it on every seat and unlock it with
| software.
| jjulius wrote:
| Cheaper to manufacture, yes, but the cost of the hardware
| is still included in what you pay for the software-locked
| car. You've paid for the hardware and you own it, even if
| it's software-locked. At that point, you're just being
| asked to fork over $1k or whatever the additional charge
| is for what essentially amounts to an "on/off" switch.
|
| Edit: Hell, to make it sound even more stupid, you're
| being asked to fork over $1k or whatever the additional
| charge is in order to change a bit from 0 to 1.
| filcuk wrote:
| That's no different to paying $1K for a CAD licence.
| People just need to come to terms with the fact that the
| line between HW and SW is becoming blurry.
|
| Obviously, I don't like up-paying for features I don't
| get to use. The price of the product must be the same,
| having benefited from mass production. With that being
| the case, I'm actually glad I have the option to save
| money now and upgrade later.
|
| The concept isn't a problem, it's companies taking
| advantage of it (and us).
| jjulius wrote:
| >The concept isn't a problem, it's companies taking
| advantage of it (and us).
|
| To borrow a phrase you used earlier, I truly don't
| believe that we need to come to terms with companies
| blurring this line and taking advantage of us.
| overnight5349 wrote:
| It's closer to using a CAD package and finding out you
| need to pay extra to save files.
|
| Which is a real thing that has actually happened.
|
| The functionality exists, the code already has been
| written, but it's disabled so as to extract more money.
|
| The arguments about cheaper manufacturing is pretty well
| pointless. If the cost of adding seat heaters is
| negligible, what justification is there for charging
| extra? You pay for the hardware either way. This is rent
| seeking and nothing more.
|
| This is a topic that's been beaten to death in the
| electronics industry for years. Oscilloscope
| manufacturers design and sell a 500MHz scope, but cripple
| it to 200MHz unless you pay 50% more. Or they put
| 16MSample of memory in and restrict you to 8 unless you
| pay $400 for an "upgrade". The cost of buying the lower
| model and upgrading it later is usually _much_ higher
| than just buying the high end model.
|
| In any case, it's not like manufacturers are selling the
| lower tier model at a loss. They're taking lower margins
| on the crippled hardware, yes, but then they charge you
| ridiculous prices that are orders of magnitude above the
| real cost of the additional hardware.
| matwood wrote:
| Cost != Value.
| Timon3 wrote:
| I'm paying $1K for a CAD license because I can't write a
| CAD program myself. I can easily change a 0 to a 1, why
| should I pay $1K (or however much) for a piece of
| software that does this?
| chefandy wrote:
| People are pushing back against the idea that you can't do
| whatever you want with a physical thing that you own. You
| _own_ the heating mechanism in the seats, you _own_ the
| hardware needed to turn them on, and you _own_ the computer
| which activates it. If Toyota sold me a car with heated seat
| mechanisms installed and no switch, they couldn 't stop me
| from installing my own switch. That you might not be able to
| do what you want with a physical object you own, in theory,
| makes this different.
| eschneider wrote:
| I'm wondering if there might be a reasonable market for
| aftermarket ECUs for some of these "software enabled"
| vehicles when they start showing up on the used market or
| coming off warranty...
| oatmeal1 wrote:
| The thing is, in the long run it doesn't matter whether you
| are legally allowed to install your own switch. The price
| manufacturers charge for a car will adjust based on whether
| they can get revenue from subscriptions or not. If they
| can't successfully charge subscriptions, base car prices
| will go up.
| [deleted]
| paxys wrote:
| I'm not torn at all. It's my car. I should be able to "hack" it
| as long as it doesn't involve illegal access to anyone's
| servers.
| rvnx wrote:
| The exact same way you should be able to install your own
| software on your iPhone
| zht wrote:
| your phone isn't a 3500 lb metal box of death on public
| roads with other cars, cyclists, and pedestrians
| omginternets wrote:
| We already have a system in place for this: civil
| liability and criminal culpability. If you hack your car
| negligently, you can be sued for negligence or charged
| with manslaughter.
| jabradoodle wrote:
| Same thing if you sell unsafe food, yet we have
| regulations, because it's preferable to not be killed in
| the first place.
| omginternets wrote:
| And because the impact is exponentially larger. Arguments
| for regulation prohibiting individuals from tinkering
| with their cars does no such thing, because those laws
| are not currently in place, and there is not an epidemic
| of runaway user-modified vehicles.
|
| On the other hand, such regulation would serve to prevent
| users from enjoying the property they purchased and to
| facilitate exploitative practices by manufacturers and
| retailers. It is all the more absurd given that existing
| law already provides mechanisms for deterrence and
| punishment, namely: the notion of negligence.
|
| I cannot stress how _terrible_ this idea is. This would
| severely degrade consumer rights and do virtually nothing
| to protect people.
| elwell wrote:
| Neither agreeing nor disagreeing with you, but it follows
| that you should also maintain this: "It should not be
| illegal to drink alcohol while you drive. If it affects
| your driving performance negatively, that, in isolation,
| is what should be penalized."
| vkou wrote:
| The road worthiness of your modded car is a question
| between you and the DMV, though. Once you start adding a
| fifth wheel to your Lada, it's not the manufacturer's
| responsibility.
|
| (Tesla's software killing people is also not their
| responsibility, because you're 'supposed' to use it in a
| way that nobody _actually_ uses it.)
| meindnoch wrote:
| It shouldn't be illegal to bypass the security of your own
| property. On the other hand, it shouldn't be illegal either
| for manufacturers to make security features that are
| impossible to bypass.
| paxys wrote:
| > it shouldn't be illegal either for manufacturers to
| make security features that are impossible to bypass
|
| No such thing as impossible to bypass, which is exactly
| why companies turn to the courts and police for
| enforcement instead.
| kelnos wrote:
| And that's the problem. Companies should just accept that
| hardware and software will never be perfect, and people
| bypassing imperfect security/revenue-enhancing features
| is just a risk and cost you have to accept when doing
| business.
|
| Instead, we have bullshit like the DMCA anti-
| circumvention provisions that companies pushed so they
| could get the government to legally enforce their crappy
| business models.
| alerighi wrote:
| In a sense it's something car manufacturers have made for
| years. Most of the time the difference from one model of a car
| and another with more power is the mapping on the engine
| control computer.
|
| Till this day it wasn't a problem since this was not really
| locked down, and despite the fact that is illegal, people did
| modify the car software to unlock more power quite easily.
|
| But... that "locking" of feature kind of made sense, since a
| car with less kW pays less taxes (at least in my country you
| pay more if the car is more powerful) so selling a locked down
| model was also an advantage for the user that wasn't interested
| in having more.
|
| Locking down heated seats... it's just a move against the user.
| Buying a car you payed for that seats, since they are there,
| why the manufacturer should ask you another fee to use for
| something you already payed? To me this shouldn't be possible.
| eschneider wrote:
| I've done a fair bit of work with engine ECUs and remapping
| for more power is almost never "free". It's not like
| manufactures are offering different power outputs strictly
| via software, though sometimes they'll make different
| _tradeoffs_ between power/drivability/reliability.
|
| I mean, it's easy to get 20% more power out of an engine if
| you don't care if it idles like a washing machine. And for
| some applications, that's just fine.
| sawjet wrote:
| >I mean, it's easy to get 20% more power out of an engine
| if you don't care if it idles like a washing machine
|
| Can you explain this? How does remapping an ecu make the
| idle different?
| jsight wrote:
| It gets a lot more ambiguous when the features being offered
| also come with increased risk of warrantly liability. I'm
| thinking of things like acceleration boost here rather than FSD
| and other driver assistance features.
|
| For FSD, part of the payment is for ongoing maintenance. It is
| likely that the countermeasure would be subscriptions, and they
| already seem to be progressing in that direction.
| yardie wrote:
| FSD is a little trickier. FSD hardware is installed in your
| car and is used for ADAS. FSD is completely different
| firmware and has to be downloaded from Tesla servers which
| will check to see if you paid for that service.
|
| It might be possible to subscribe to FSD, wait for it to
| download, then unsubscribe, and hack it to re-enable the
| firmware. But FSD is still beta and you'd be risking being
| exposed to get future updates.
| m463 wrote:
| I can see two different ways of looking at this
|
| If you enabled a seat heater, enabling hardware that the car
| already has installed, or hot-rodding the engine, I don't think
| it is that big a deal.
|
| But if you downloaded and installed software from tesla that
| didn't come with the car, or did something like enabling free
| supercharging, that would be more like theft of services.
|
| I expect if this becomes a thing, features will have to be
| downloaded after purchase.
| eschneider wrote:
| The flip side of that is when they disable features that were
| purchased when a car is purchased used.
| m463 wrote:
| I think the disabling features of a used car has some
| nuances.
|
| 1) If tesla took possession of the used car and then sold
| it to you, I think they can disable features.
|
| 2) If you sold your car to someone, and THEN tesla disabled
| features I am not ok with that.
|
| With case #1, I think it is like any used car. People flip
| cars. They can take a car, remove expensive rims or other
| options and sell the car without them. People also buy cars
| and part them out, selling each piece individually. This is
| ok because the flipper owns the car before selling it and
| they can do what they want.
| eschneider wrote:
| Case 2 definitely has happened.
| edude03 wrote:
| Here's a solid example - in 2016 all teslas came with
| free supercharging for life. In 2017 they changed it to
| be non transferable. If you buy the car directly from
| someone tesla won't know but there has been cases where
| they've found out (warranty repairs for example) where
| tesla then removed it.
|
| If the seller didn't tell the buyer, or the seller
| themselves didn't know - who's fault is that?
| chrisstanchak wrote:
| You can make the same argument that pirating software is ok
| eimrine wrote:
| In the world which disrespects FOSS for so much it is OK.
| Pirating books is 100% OK.
| masterofmisc wrote:
| Cory Doctrow recently wrote a good piece about it here. Cars
| are going down the renting model, not the ownership model and
| it sucks.
|
| https://pluralistic.net/2023/07/24/rent-to-pwn/
| kelnos wrote:
| I don't think there's any need to be "torn" on that; you can
| certainly hold different opinions for different nuances without
| conflict.
|
| Hardware features that are actually present in the product when
| purchased should be available for use. If manufacturers want to
| put those features behind a software lockout, I guess that's
| their prerogative, but they shouldn't be allowed to complain or
| punish the customer if they find a way to circumvent it.
|
| Charging for ongoing services that require the manufacturer to
| spend money to maintain infrastructure (like a remote engine
| start or remote lock/unlock) seems entirely fair, though.
|
| But as a big fat asterisk to that last statement, it pisses me
| off that I can't run my own server infra for that myself. I
| bought a Mercedes E-class a little over a year ago, and it
| included a free year of their online services. Fortunately
| continuing the subscription is pretty cheap (something like
| $150/year). But it's an all-or-nothing deal. I want to be able
| to do remote lock/unlock and engine start, but I don't want
| Mercedes tracking my location wherever I go, and I don't care
| about map updates (since I use Google Maps via Android Auto for
| navigation).
|
| I would much rather be able to spin up my own server to handle
| some of the remote capabilities, and not have the car talk to
| Mercedes' infra at all (except perhaps for software updates,
| which I would manually approve/accept).
|
| I get why car makers won't do this. Even if they didn't want a
| stranglehold over providing services, I'm sure they still
| wouldn't do it: it would require extra "advanced" settings in
| the car and in the app to allow the customer to set an
| alternate server backend. And customers will inevitably make
| security mistakes with their own server backend, which could
| create liability for the carmaker, or at least cause bad press,
| even if it shouldn't.
| alistairSH wrote:
| It's relatively clear to me...
|
| Features cost money, so I should pay for them. Wether that's
| via an option package (traditional) at order time OR via a
| software update (Tesla) after purchase doesn't matter.
|
| BUT! As long as that feature doesn't have recurring costs to
| the manufacturer (heated seats), it should be a one-time fee,
| and transfer with ownership.
|
| Something like self-driving, where there might be an active
| internet connection and server costs - I'm ok with a recurring
| subscription.
|
| Examples... BMW tried to charge a subscription to use Apple
| CarPlay. This should be a one-time fee (baked into model price,
| or a one-time software switch). Same for Toyota (I think) who
| tried to make remote-unlock a subscription (this was basic key
| fob unlock - no internet hosting/app maintenance involved).
| Also crappy move from them.
|
| Hacking otherwise reasonable software-locked features feels
| like theft to me. If you want the feature, pay for it. At
| minimum, I'd expect Tesla (or whoever) to void warranties on
| cars with these hacks applied (within the bounds of Magnuson-
| Moss Act in the US).
| Cagrosso wrote:
| If the feature is built in to the car from the factory and
| disabled via software so they can charge more then you are
| already paying for the parts and lugging around the added
| weight in the vehicle thus costing you more in fuel. Software
| locking a hardware feature that is integrated is an awful
| practice.
|
| Telsa chose to do this presumably to only have to buy a
| single seat configuration and streamline installs so they
| could hit production quotas.
| fragmede wrote:
| Right. Instead of manufacturing a 50, 80, and 100 kWh
| battery pack, and having to go through the whole process of
| getting certifications and everything for each size, they
| just make 100 kWh packs all day long, and then software
| limit them to 50. Which means, in the case of an emergency,
| the company can bestow extra range on lower-end vehicles,
| which they did for Hurricane Irma.
|
| https://www.theverge.com/2017/9/10/16283330/tesla-
| hurricane-...
| pkaye wrote:
| Does that imply there is not much of a manufacturing cost
| difference between 50 kWH and 100 kWH battery pack?
| doxick wrote:
| Great reply!
|
| It's either so close that you're overpaying for the
| 100kWH, or it's not very close in which case you're
| overpaying for the 50kWH.
|
| Either way: the 50kWH is hit: carrying dead weight on a
| smaller capacity. A not insignificant weight.
| wongarsu wrote:
| For many features it makes sense. Heated seats for example
| have trivial hardware costs. It's basically a couple
| resistive wires, plus the necessary controls. The process
| costs of manufacturing some cars with and some without
| heated seats likely far exceed the cost of the heated seats
| themselves, so it's cheaper to just put them in every car.
| But heated seats are a great upselling opportunity, people
| are willing to pay $200-400 for them, more if you bundle
| them in a package with other stuff the customer doesn't
| actually need but that creates a vague sense of value.
|
| The compromise that minimizes production costs and still
| allows that upsell is to put them in every car and disable
| them via software.
| myself248 wrote:
| Back in the day we used to just call those "standard
| features" and every car had them.
| robryan wrote:
| They could do that but would have to raise the base
| price. These addon features allows a cheaper entry point
| and price discrimination for those who are willing to pay
| more.
|
| Whether it ends up being wasteful is complicated, there
| are would be operating effeciencies in putting the same
| hardware into every car.
| Eisenstein wrote:
| Just because it is easier and cheaper for you to do
| something doesn't make it right to do it.
| kstrauser wrote:
| I'd be hard pressed to imagine a greater waste of
| resources than to include all possible hardware in all
| possible sold goods, with only some of the features
| enabled. That maximizes waste with only a portion of
| buyers able to use those things.
| kbos87 wrote:
| Ongoing costs aside, it's important to also recognize that
| there may have been massive up-front costs to develop
| something like self-driving before it generates revenue,
| which the manufacturer should have the right to
| recoup/monetize. If they choose to do that through a
| subscription, that feels like it's within their right.
| kstrauser wrote:
| As the end user, I couldn't care less about a
| manufacturer's costs. That's a them problem, not a me
| problem.
|
| I understand your point. I just don't care. They sold me a
| thing, and now it's mine.
| kbos87 wrote:
| That strikes me as a pretty dissonant argument on HN. If
| we play that out, no software creator would have a
| defensible way to monetize what they invested time,
| energy and money to create. Enforceable laws protecting
| IP are the difference between entire sectors of the
| economy existing vs. not being worth the effort.
| kelnos wrote:
| I don't think that's true at all, or what the person
| you're replying to is getting at.
|
| If you sell me a bunch of hardware, that hardware is now
| mine, and I should be able to do whatever I want with it.
| If you sell that hardware with a bunch of software on it,
| I should again be able to do anything I want with that
| software.
|
| That doesn't entitle me to updates of that software, or
| ongoing use of the company's cloud infrastructure. It's
| fine to require payment for that.
|
| IP laws just aren't particularly relevant to the
| discussion at hand. I don't think anyone is suggesting we
| should be able to legally "pirate" the software running
| on our devices.
| kstrauser wrote:
| You're exactly right.
| rstupek wrote:
| I agree in principle. Are you also absolving them of any
| warranty on the car once you begin modifying it?
| californical wrote:
| Only if your modifications directly cause the damage that
| would have been covered under warranty. That's actually
| been covered multiple times in US law and is fully your
| rights as a consumer, to maintain the warranty.
| kstrauser wrote:
| I strong disagree. I'm not talking about making
| unauthorized copies of the car. I'm just going with the
| principle that's as old as the whole concept of property:
| once I buy something, it's mine.
|
| If I own a shoe, I can paint it to look different or
| change its shoelaces. If I own a book, I can tear out the
| pages and rearrange them. If I own a TV, I can hook
| anything I want up to it. And if I own a car, I can
| modify it as I see fit. Those things are _mine_. If I no
| longer want them, I can sell them (barring a specific
| contract with the manufacturer, see
| https://en.wikipedia.org/wiki/First-sale_doctrine). And
| if a company wants me to pay them money while still
| retaining some kind of legal right to restrict how I use
| it, they can negotiate a discounted price for me to pay
| them.
|
| When I walk onto a car lot, I'm not saying "whoa, check
| out this IP!" The salesperson doesn't hype me up by
| saying "you could own _significant portions_ of this
| beauty today! " We don't sign a "purchase (most of it)
| contract". I don't pay "sales-but-all-rights-reserved"
| tax on it. The DMV lists me as the owner, not the IP
| licensee.
|
| If I had to choose whether to support _laws protecting
| IP_ versus _laws protecting ownership_ , I'll pick
| ownership 100% of the time.
| wizofaus wrote:
| But the carmarker is surely within _their_ rights to
| refuse to continue servicing your car, or declare that
| any attempt at modifying the electronics /software
| potentially makes it unroadworthy.
|
| Having said that, I don't entirely understand why Tesla
| don't keep the software unloaded from the vehicles until
| the user chooses to purchase the add-on features:
| compared to everything else the software does, that's not
| exactly a particularly difficult engineering challenge.
| kstrauser wrote:
| That would likely be highly illegal of them, per the
| Magnuson-Moss Warranty Act. Unless they could prove that
| the process of you enabling the confiscated features
| caused something else to break, they're still on the hook
| for it.
| californical wrote:
| Ok, here's a web software analogy.
|
| I run a news website. I charge $2 to view the news
| website. You paid to view to my news website, thanks!!
|
| Let's say you really prefer dark mode, but my news
| website is bright white. You install something like
| DarkReader, to make it inverted colors, so problem
| solved!
|
| But now I realize that this is a market that I could
| charge for. So I start charging $5 for "news site with
| dark mode".
|
| Should it be illegal for you to use dark reader to view
| my news website with your light-mode-only license?
|
| Technically I've shipped you the text and style for my
| website, which you are completely allowed to access and
| have paid for.. Then you've modified it for your own use
| after receiving the product. Is that wrong?
| kelnos wrote:
| Customers are not responsible for the company's business
| model.
|
| I'm fine paying for software. And I'm fine with a
| subscription model if I actually get new things
| periodically during my subscription.
|
| Put another way, if you sell me a static, unchanging piece
| of software (like a software update to enable heated
| seats), then that should be a one-time charge. If you sell
| me a self-driving package that gets regular updates over
| time, then I'm fine with a subscription.
|
| (Self-driving software is a bit of a grey area, though. I
| should probably have to pay for new features, like "now it
| can drive on some more roads where it would previously
| disengage and require a human to handle it". But I should
| not have to pay for an update that fixes safety issues with
| existing functionality.)
| [deleted]
| m463 wrote:
| > Hacking otherwise reasonable software-locked features feels
| like theft to me.
|
| I disagree, pretty strongly. There is a line. They sold you
| something in its entirety, including the seats with wires.
|
| I would agree with you if you had to download the control
| software from their servers.
|
| I would agree with you if you if the upgrade provided you
| physical wires to install, even if you had to install them.
|
| Related I think it would be fine to purchase the control
| software and/or heating wires from a third party that was not
| tesla and install it in your tesla car.
| Eisenstein wrote:
| How do you feel about software that has various 'pro'
| features that cost more but are unlocked with a key and
| don't require a separate download?
| djgigabits wrote:
| If you're purchasing the "not pro" version for a much
| cheaper cost, and it is a functional program (basic
| things like Save not locked behind the paywall), having
| different tiers of paid features is fine. You were able
| to pick to have the lower tier features, even if you end
| up downloading the same exact files.
|
| When it comes to hardware, if they've already installed
| the feature, they've already factored the cost of it into
| the purchase price. Your out the door cost includes that
| heated seat hardware, even if it's not a line item. And
| you don't have the option to have it removed for a
| discount (or get a lower car package). You only have the
| option to pay to use the thing that's already in your car
| or not to pay to use it.
| m463 wrote:
| I think the burden is on the software developer to figure
| out what they need to do legally. It might be
| inconvenient for them to require a separate download, and
| they'd have to make peace with it if they deliver the
| functionality in its entirety to you during the first
| sale.
| alistairSH wrote:
| Maybe it's not quite theft, but like I said, at minimum,
| I'd expect Tesla to refuse warranty repairs (hack the
| software to open Plaid mode, lose your drivetrain coverage,
| etc).
|
| Trying to think about it in terms of "normal" cars -
| unlocking Plaid is similar to reprogramming the ECU on an
| ICE to deliver more power.
| m463 wrote:
| I don't have any trouble with plaid - it is
| hardware/software with 3 motors and other hardware, plus
| control software.
|
| There is also law in place to refute what you said.
| Manufacturers can not deny warranty coverage if you
| jailbreak your phone or hot rod your car, and this is
| similar. (I believe they have the burden of proof if it
| seems you did the damage)
|
| https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warra
| nty...
| alistairSH wrote:
| Yes, I mentioned that law above. It doesn't protect
| consumer who modify their cars beyond original spec...
|
| If the manufacturer can show the change contributed to
| the failure, they can deny coverage. Vastly increasing
| the power output of the drivetrain would likely cause a
| voided warranty on the drivetrain.
|
| Unlocking heated seats wouldn't void the warranty on the
| drivetrain, but could void it on the seats and related
| electronics.
| xkcd1963 wrote:
| Heated seats is essentially a bool somewhere in the code
| implemented as artificial limitation.
|
| Self-Driving is much more complex and abides much more as an
| argument to your view.
| CapsAdmin wrote:
| But who gets to decide? Usually the more uneducated a
| person is of some particular product, the more they think a
| feature is "just a bool somewhere".
|
| (personally I'm very much on the side of giving people
| control of their own software and hardware)
| kelnos wrote:
| If the hardware for the feature is present and hooked up,
| and the software (if any) that's needed to run it is
| installed, then it is indeed "just a bool somewhere".
|
| If the hardware requires non-trivial software to enable
| the feature, and that software is not provided with the
| device, then it's fair to require additional payment to
| buy that software. But also no one should be able to
| prevent a third party from reverse engineering the
| hardware and writing their own software for it.
|
| I think "who gets to decide?" is a somewhat silly
| question. It's the same answer we'd accept for just about
| any situation: someone reasonably well-versed in the
| technology.
| johannes1234321 wrote:
| Even if it is a bool there is probably an extra factor:
| Liability in case there is an fire or other incident. Tesla
| probably on its side reduces it's cost as well, by only
| insuring (be it by having cash reserves or actual
| insurance) it's liability only for the cases where it is
| enabled.
|
| It's of course hard to prove as cause, but if there is a
| liability case it might become "interesting"
|
| Edit: Also relevant: even without incident, the disabled
| heated chairs may be broken. By not being enabled Tesla
| doesn't have to repair them under warranty as the aren't a
| feature. Thus they maybe can reduce quality in the
| production
| Libcat99 wrote:
| I'm somewhat torn too.
|
| IBM and I'm sure others have shipped enterprise hardware for
| years that was partially locked. You might get a machine with
| 16 cpus but you only paid for 8, for example, but you could
| license the rest as you grew. It seems a little similar and it
| was in no way underhanded, everyone knew what the deal was.
|
| However I'll echo what another poster said. I say Tesla should
| be free to sell whatever they want, but if the end user finds a
| way around it too bad.
| johnl1479 wrote:
| > However I'll echo what another poster said. I say Tesla
| should be free to sell whatever they want, but if the end
| user finds a way around it too bad.
|
| I think thats the stance I'm leaning towards as well. To
| quote another commenter[1]:
|
| > If a manufacturer wants to lock features behind a paywall,
| that is fine. However, they shouldn't be allowed to complain
| when consumers modify the thing they bought to get around
| that paywall. If Tesla really wants to make sure absolutely
| no one gets FSD or heated seats without paying, then they
| should make a point of only including the relevant hardware
| or software in the vehicle at the time of purchase.
|
| [1] https://news.ycombinator.com/item?id=36988514
| martin8412 wrote:
| AMD shipped CPUs for quite some time where if you were lucky
| you could unlock additional cores that had been disabled for
| various reasons
| adra wrote:
| These were likely sold down due to demand imbalance or more
| likely due to QA failures in the disabled cores. It's a lot
| cheaper to get some value from a defective chip than no
| money. So... by all means try to unlock more cores but
| don't start whining when your computer acts like Windows ME
| on a good day (only crashing a few dozen times a day! So
| stable!)
| NoMoreNicksLeft wrote:
| I'm of the opinion that these two things aren't comparable.
| True, IBM and others have locked extra capability through
| software... but they were only ever selling/renting to the
| corporate world, which presumably had enough in-house legal
| expertise to not be completely dicked over.
|
| To take that business practice, and then try to foist it on
| consumers who don't have $500/hour lawyers on retainer
| looking out for them is more than just morally questionable,
| it crosses a line into some sort of fraud/extortion-adjacent
| realm.
|
| If Tesla was really upset about this, it's a problem
| completely within their capacity to solve. Only send bugfixes
| OTA, require a service visit for new features. I'm betting
| that their software's such a trainwreck they wouldn't be able
| to compartmentalize it properly like that to save their own
| lives.
| prng2021 wrote:
| We're not talking about enterprise software here. I think
| people can understand the concept of paying for a seat
| heater and the like without a team of lawyers.
| gibolt wrote:
| What are you talking about... Tesla is one of only a
| handful of OEMs that can even issue OTA updates.
|
| Their cars from 2013 can _still_ get modern features OTA.
| Please explain how you classify that as a train wreck
| compared to software cobbled together from 100 vendors
| (none of whom specialize in software)
| martin8412 wrote:
| Have you perhaps considered that OTAs aren't a desirable
| feature in a safety critical system?
| FireBeyond wrote:
| > Please explain how you classify that as a train wreck
| compared to software cobbled together from 100 vendors
|
| Tesla gets plenty of software from other vendors. And
| doesn't always test it particularly well - there was a
| story here of a firmware vendor who had a test harness
| that took ~36h to verify. They shipped a bug fix to
| Tesla, told them it was available...
|
| ... four hours later, "Great, this is awesome, looks like
| we fixed the issue."
|
| ???
|
| "We just flashed one of the cars here and took it for a
| drive."
| huhtenberg wrote:
| > _I say Tesla should be free to sell whatever they want, but
| if the end user finds a way around it too bad._
|
| The same should go for DVDs, BluRays and streaming media and
| yet here we are looking at jail time for bypassing the DRM.
| semiquaver wrote:
| Would you mind providing a citation stating that someone
| has gone to jail in any country as a result of bypassing
| DRM for personal use on things they purchased? I am
| skeptical that this has ever occurred.
|
| Even in the US, which has quite draconian anti-
| circumvention law under the DMCA, the criminal penalties
| associated with this behavior only apply to those that
| violate the statute "willfully and for purposes of
| commercial advantage or private financial gain". A person
| who bought a DVD or blu ray and decrypted it for their own
| use would not be criminally liable.
|
| https://law.justia.com/codes/us/2021/title-17/chapter-12/se
| c...
|
| I'm not defending the law, which I disagree with, merely
| pointing out that "looking at jail time" for non commercial
| bypassing of purchased BluRay DRM is a stretch.
| [deleted]
| martin8412 wrote:
| That certainly depends on the country. Breaking DRM to
| access something you've paid for is perfectly legal here.
| mrguyorama wrote:
| "perfectly legal" largely hasn't stopped IP owners from
| finding ways to hassle people involved.
| huhtenberg wrote:
| Yeah, I am in a country like that. I was referring to the
| state of affairs States-side.
| kelnos wrote:
| I think the problem becomes when you figure out a way to
| unlock those extra CPUs without paying IBM, and then IBM sues
| you or terminates your contract with them entirely.
|
| People should not be constrained in doing whatever they want
| with the hardware they have bought.
| theluketaylor wrote:
| I don't mind hardware shipping locked and being an optional
| fee to unlock. I have paid for the rear heated seats in my
| model 3.
|
| What I'm vehemently opposed to is ongoing fees for things
| that don't have ongoing costs. BMW wants to charge monthly
| for seat heaters or carplay, but those things are not a
| service and don't have ongoing costs for BMW to provide. If
| anything creating an ongoing software lock creates an
| availability risk. If BMW's authorization service is
| unavailable do you lose heated seats?
|
| Several manufacturers are offering either monthly or one time
| costs for certain features. I'm less clear how I feel about
| that. Maybe quite valuable for someone who lives somewhere
| warm and only needs seat heat one month a year. It would take
| many years of paying for a single month to justify paying for
| the fully unlocked feature. I think I can live with optional
| monthly fees for things as long as you can always pay once
| and just have something that stays for her life of the car.
| why_at wrote:
| I usually lean towards consumer rights on this type of
| thing, and the idea of paying a subscription for something
| like heated seats is annoying to me.
|
| That said I am trying to play devil's advocate here. Other
| people have mentioned the analogy of locking out some CPUs
| on a die for a cheaper version of hardware, and I think
| that kind of applies here, at least for a one time payment.
|
| If I'm willing to accept that, is it so unreasonable that
| they could _rent_ this feature to me, even if it 's only a
| software switch? After all, the idea of renting physical
| property isn't very controversial.
|
| Again, I don't like the idea and would never want to rent
| the heated seats software switch, but I'm having a hard
| time justifying why it shouldn't be allowed.
| cameronh90 wrote:
| I would also add that those sorts of subscriptions
| shouldn't have a lock-in period, at least not more than a
| month.
|
| And auto-renew should require explicit opt-in. For most
| subscriptions I have, automatic renewal is desirable, but
| invariably I forget to cancel trials or one month subs of
| things I just wanted to test.
| nordsieck wrote:
| > What I'm vehemently opposed to is ongoing fees for things
| that don't have ongoing costs.
|
| IMO, the real issue is the price. There is pretty broad and
| well established equivalency between OPex and CAPex. The
| problem is that car companies are trying to charge OPex as
| if there was a 1 year depreciation schedule, when cars
| typically last for decades.
|
| I think that if BMW charged 1/240th[1] the cost to buy the
| option in order to rent it per month, very few people would
| complain. Especially if that price were locked in for the
| life of the car.
|
| ---
|
| 1. 20 * 12 = 240
| rebolek wrote:
| I don't understand the mental gymnastic here. They built
| car with heated seats. You paid for car with heated seats
| that are technically fully functional but you can't use
| them until you pay even more. No, doesn't make sense to me.
| nordsieck wrote:
| > I don't understand the mental gymnastic here. They
| built car with heated seats. You paid for car with heated
| seats that are technically fully functional but you can't
| use them until you pay even more. No, doesn't make sense
| to me.
|
| That's because you don't understand.
|
| The customer _didn 't_ pay for a car with heated seats.
| The manufacturer included them anyway, but disabled them
| in software.
|
| Presumably, a consumer could go to the dealership and pay
| for heated seats as an aftermarket add-on. Or they could
| pay to enable heated seats (software unlock) on a month-
| to-month basis.
| michaelt wrote:
| _> The customer didn 't pay for a car with heated seats._
|
| Well, when you buy a car your payment gives you ownership
| of the entire car.
|
| There may not be a written contract or specification
| explicitly saying that the valves in the tyres are
| included in the deal, but they're your property
| nonetheless (in the absence of obvious errors like the
| dealer letting you drive the wrong car off the lot)
|
| The customer paid for a car with heated seats present but
| inoperable. If the customer wants to modify their
| property, that's their business.
| nordsieck wrote:
| > Well, when you buy a car your payment gives you
| ownership of the entire car.
|
| Sure.
|
| > If the customer wants to modify their property, that's
| their business.
|
| If you were talking about a vacuum cleaner or something,
| I'd agree. But modern cars are "fly by wire". It is not,
| in fact, only the customer's business if they modify
| their car's software.
| Zak wrote:
| I think the problem here is that courts have allowed
| software vendors to use a legal trick to get around how
| owning things normally works. Software gets copied into
| memory to run, and courts have accepted the theory that
| making such a copy requires a license even though it's
| not a copy in the traditional sense (it can't be given to
| a third party so that they can also use it).
|
| A book is copyrighted too, but when I buy one, I can
| legally write in it, paste in pages of my own, cut out
| pages, etc.... I can even sell it after I've done that.
|
| I'm 95% certain the law should be changed to restore the
| _first sale_ concept to software, and even more certain
| when it comes to embedded software that 's necessary to
| use hardware owned by end-users.
| kelnos wrote:
| > _The customer didn 't pay for a car with heated seats.
| The manufacturer included them anyway, but disabled them
| in software._
|
| Sure they did. Maybe they didn't pay the _full price_ for
| those heated seats, but they definitely paid more for the
| car with them (but disabled) than for a car without them
| entirely.
|
| The carmaker is hoping that people will pay for the
| unlock in order to recoup their costs. But they're
| certainly not going to ship those heated seats in every
| car without inflating the cost of the base vehicle by
| some amount.
|
| Put another way, it might look like this:
|
| 1. Car without heated seats at all: $10,000
|
| 2. Car with heated seats, but locked: $10,100
|
| 3. Car with heated seats, unlocked: $10,500
|
| If the carmaker offered options 1 & 3, then customers
| would pay for what they want and get, and nothing more.
| If carmakers only offer option 2, then even customers who
| don't ever want heated seats will still pay some premium.
|
| The carmaker might estimate that only 50% of their
| customers will pay an unlock fee for a car sold to them.
| They want to still cover their costs and make a tidy
| profit, so they might charge more than the $400
| difference to unlock the feature. And that's if they're
| doing it in the non-shady way, and are charging a one-
| time fee. If they decide to charge a subscription, they
| might do something like charge $100/year for it, and then
| eventually they're just making pure profit for no added
| value.
|
| Also consider that the carmaker's own costs could be, on
| average, greater per car if they have to offer two
| different options 1 & 3. Offering only option 2
| (regardless of whether or not people are able to defeat
| the software lock) might be cheaper for them. I don't see
| why we need to subsidize their business decisions.
|
| But all of this is still kinda irrelevant: bottom line is
| that if you sell piece of hardware to a customer, that
| hardware now belongs to the customer, and you don't get
| to tell the customer what they can and can't do with it.
| ImPostingOnHN wrote:
| it reminds me of those hardware hacks to unlock
| processors [0]
|
| the upside is that by not having much difference between
| SKUs, and "locking" one SKU from becoming the other, the
| costs are lower, and manufacturers _might_ turn those
| savings into lower prices
|
| in both cases, as in cell phones, I believe like you
| still own the hardware, including everything in it,
| including software [1], so if you want to "unlock it",
| that's your right, as is smashing it, reflashing it, and
| having sex with it. If that makes for an unsustainable
| business model, nobody is entitled to their preferred
| business model being sustainable. Analogous examples here
| might be unofficial Keurig pods, or printer ink
| cartridges, which bypass manufacturer DRM intending to
| lock customers into an otherwise arguably unsustainable
| business model.
|
| sometimes, though, you have to fight for your rights,
| e.g. build/buy/download and use unofficial tools
|
| [0]: http://computer-
| communication.blogspot.com/2007/06/unlocking...
|
| [1]: this inclusion stems from my belief that, where
| possible, you have an absolute right to view every bit of
| data that happens across hardware you own, whether
| gadgetry or eyeballs, in any format you desire, as well
| as the right to remember what you've viewed, as well as
| the right to modify or prevent modification of any
| arbitrary bit on said hardware
| Aloha wrote:
| I feel different about extra cores on a CPU than I do about
| heated seats.
|
| The manufacturing price delta between an 8 core CPU and a
| 16 core, nowadays is functionally meaningless.
|
| The manufacturing cost between a car with heated seats and
| without headset seats is functioningaflly meaningful.
|
| The way I see it, for things like heated seats or CarPlay,
| I'm already paying for the base hardware cost (plus some
| margin) as part of the base price of the car, charging me
| for the upgrade is charging me a markup on what I already
| paid for. Making it a service is insult to injury.
| spookie wrote:
| I believe that the worst thing is the use of natural
| resources to produce those things without any function
| whatsoever. Assuming the majority of customers don't pay
| extra, it just makes it worse.
| theluketaylor wrote:
| > The manufacturing cost between a car with heated seats
| and without headset seats is functioningaflly meaningful
|
| I don't believe that is the case. BMW determined it was
| more expensive to have the supply chain, inventory, and
| manufacturing management to build both heated and non-
| heated versions of their seats. Rather than just make
| heated seats a standard feature they saw an opportunity
| to maintain and even expand their highest margin revenue
| stream: options.
| matwood wrote:
| > The manufacturing cost between a car with heated seats
| and without headset seats is functioningaflly meaningful.
|
| Citation needed. The way assembly lines and product mix
| work, it could be meaningfully less expensive to have all
| the hardware be identical with software unlocks.
| manuel_w wrote:
| Electrical wiring typically involves materials gained
| through mining, which is carbon dioxide intensive.
| thorncorona wrote:
| > The manufacturing price delta between an 8 core CPU and
| a 16 core, nowadays is functionally meaningless.
|
| Semi yields?
| shmatt wrote:
| >The manufacturing cost between a car with heated seats
| and without headset seats is functioningaflly meaningful.
|
| You could probably buy something that would heat your
| seat at home for under $4 on Temu. And that includes
| multiple middle companies and shipping across the ocean.
| It probably costs them pennies, where the upside is,
| _this_ owner doesn 't want heated seats, but a car can
| easily have 2-3 owners in its first 10 years. maybe the
| 2nd and 3rd owners will want the heated seats, worth the
| money it would take to install it
| Terr_ wrote:
| > What I'm vehemently opposed to is ongoing fees for things
| that don't have ongoing costs.
|
| Especially if that rent-seeking doesn't come with any kind
| of support for the "offering".
|
| If the heated-seats break for a "subscriber", will BMW
| repair them for no additional cost?
| foobiekr wrote:
| I've always been curious if the ongoing fees for BMW end up
| covering repairs if the hardware covering the function
| breaks. It would seem absolutely insane if not, yet I am
| pretty sure the answer is not.
| hparadiz wrote:
| My Honda has heated seats. I bought the car in Hawaii and
| brought it to Socal with me. I didn't care about heated
| seats when I got the car at all. It just came with my trim.
| It was nice having it when I went skiing but I would never
| remember to turn on a premium service for one ski trip and
| then turn it back off. For a premium car I'd resent it on
| my ride up the mountain. It would ruin the experience for
| me entirely just because of how much I'd overthink the cost
| value benefit in my head. It would seriously make me
| unreasonably upset. Hard pass on any car that charges
| monthly for it.
| asynchronous wrote:
| 100% agree about the ongoing features. Let me pay one time
| to own the software unlocks please.
| y7 wrote:
| I think the concept of "licensing" should not apply to
| something you own. If they want to rent you a CPU, fine, but
| then they should also bear the costs for when it breaks.
| bartchamdo wrote:
| Sun Microsystems did this in the early 2000's
| wahnfrieden wrote:
| Does that mean all feature-gating iOS App Store IAP should be
| unlocked for iPhone owners?
| ipaddr wrote:
| Of course.
| Keirmot wrote:
| Your argument is not the same as the parent.
|
| It would be the same if the volume rockers on the iPhone
| would only work if you have a paid subscription, or if you
| needed to pay extra to unlock 120fps while the device is
| capable but locked to 60fps because you're not giving Tim
| Cook more money.
| johnl1479 wrote:
| Not interested in having a whataboutism discussion. There is
| a clear distinction here of software vs hardware
| lockhouse wrote:
| Is there though?
|
| Even on game consoles, the "DLC" is often a couple meg
| download because the actual content is already built into
| the game.
|
| You could turn Windows NT 3.51 Workstation into Server by
| just changing a registry key!
|
| https://www.landley.net/history/mirror/ms/differences_nt.ht
| m...
| LocalH wrote:
| This is less true nowadays than it used to be, some games
| have quite a substantial amount of DLC of which no part
| is shipped with the base game. The Rock Band series comes
| to mind there, for one.
| lockhouse wrote:
| I see it all the time with RPGs still.
| pbhjpbhj wrote:
| I'm not sure 'MS charged $800 more for NT server when it
| was basically the same as NT', given how much they're
| known for unfair and fraudulent business practices, is
| the greatest argument.
|
| Expecting capitalism to be fair is probably where we're
| all going wrong here.
| lockhouse wrote:
| I'm not arguing whether or not it's fair, just that at
| this point this is a long standing industry practice
| going back decades.
| asdff wrote:
| That's kind of just how cars work in general even outside of
| software. I put in the oem fog lights in my old car. All I had
| to do was basically screw through a plastic bracket in the
| grill that was installed at the factory specifically for the
| lights, plug in the lights into one end of the harness that was
| already in the car, pop out the preinstalled plastic cap in the
| dash and pop back in the fog light switch after connecting it
| with the other end of this harness that's already there near
| the button, routed through the firewall for me. The fuse was
| even already there in the fuse box for the fogs.
|
| Basically everyone with this car is paying for 95% the actual
| hard work of what you need for the fog lights already. Very few
| owners end up going for the fog lights but everyone subsidizes
| their installation.
| thevania wrote:
| every time there is some HW hacking and its TU Berlin, only one
| man comes to mind prof. Seifert and his team:
| https://www.tu.berlin/sect/ueber-uns/team
|
| quite prolific
| helf wrote:
| [dead]
| amelius wrote:
| For now. They will plug the hole, just like Apple will stop any
| undocumented use of their GPU when it suits them. Why waste your
| time on these companies?
| filcuk wrote:
| Possibly because it's their job, it's interesting, educational,
| maybe there's a monetary reward, maybe the reward was the
| journey all along. The article mentions it can't be fixed by
| software update.
| dbg31415 wrote:
| Was the password, "XGonGiveIttToYa"?
| dxxvi wrote:
| > enable us to extract an otherwise vehicle-unique hardware-bound
| RSA key
|
| not ed25519? I know very little about these encryption thingies.
| The Internet recommends ed25519 over rsa.
| pbhjpbhj wrote:
| They haven't broken the encryption technique, they've bypassed
| it by extracting the key using weaknesses in the hardware-
| software. You have to redo the process for each physical device
| to extract the particular key in use in that device.
| PicassoCTs wrote:
| Now comes the funny part, were tesla tries to make the platform
| trusted and locked down, and then people start to flash there own
| firmware and solder chip-mods, cause there is nothing GNUnder the
| sun.
|
| Wouldn't be surprised if Tesla has a defeat-device buried
| somewhere that allows for remote permanent deactivation once
| parked in case of piracy
| autoexec wrote:
| using the hardware you own should never be considered "piracy"
| denysvitali wrote:
| They can anyways remotely ssh into any parked Tesla nowadays
| fragmede wrote:
| The real question is Tesla Supercharger capability. If you can't
| plug your car into that network, then you've lost a ton of value.
| But here's the thing. In order to disable supercharging, Tesla
| remotes into your vehicle to turn it off. It doesn't happen on
| the charger side, it happens on the vehicle. So if you have root
| on your Tesla, you can make sure you can always supercharge,
| which isn't mentioned anywhere else.
| eschneider wrote:
| Here's a question for the lawyers out there: if you notify
| Tesla that they're no longer authorized to access YOUR car, and
| they remote into it anyways, would that come under Computer
| Fraud and Abuse?
| xwdv wrote:
| You agreed to EULA.
| eschneider wrote:
| So one can never revoke access or change the access terms
| to one's own car/computer? That just seems wrong. I'm
| pretty sure Tesla can and does change access terms to their
| servers and charging networks.
| pbhjpbhj wrote:
| IANAL. It seems like it should probably be covered anyway,
| without the notification. Assumed consent would cover updates
| and improvements. No-one is consenting to their car being
| crippled, surely.
| eschneider wrote:
| It gets me wondering how well Teslas will function with
| zero connectivity w/ Tesla. I mean, if the company goes
| under or (more likely) they drop support for older models,
| do older cars get bricked and disabled like clients for a
| multiplayer game that's gone offline?
| dgunay wrote:
| I doubt they'll completely brick (the car can reboot
| itself mid-drive while still having
| throttle/brakes/steering) but I could see most/all
| infotainment features ceasing to function.
| Groxx wrote:
| Let's start calling them what they are:
|
| Freedom fighters.
|
| "Hacking" carries quite a lot of negative connotations in most
| realms. These are people making sure you are able to make full
| use of _your own stuff_. There shouldn 't be anything contentious
| about that.
| px43 wrote:
| "Freedom fighters" has a lot of negative connotations in many
| realms as well. It evokes images of rebels using violence to
| push some political agenda. Sometimes for worthy causes,
| sometimes less so.
|
| No, we're keeping the word "hacker".
| Groxx wrote:
| While I agree with that image problem (I couldn't come up
| with any that didn't have it, and at least this one is
| descriptive)... I feel pretty confident claiming that
| "hackers" carries clearer and more consistent negative
| connotations to the general public (definitely not HN
| though).
| zgluck wrote:
| I mean, we used to use the word "cracker" for this up until
| the late 90s. A hacker was someone who _created_ something
| cool.
| cobbal wrote:
| "A group of security researchers (aka hackers)" is an
| especially bad connection to be drawing for the general public.
| [deleted]
| LocalH wrote:
| Rent-seeking is the _true_ American way, it seems.
|
| Good on the hackers. Good on _everyone_ who helps to liberate us
| from the overreach of big business.
| umvi wrote:
| Is it rent seeking/overreach?
|
| I make a video game and charge $50 for it. Later I make a DLC
| and charge $25 for it.
|
| Is your claim that if I keep them as separate purchasable
| downloads, I'm not rent seeking?
|
| But if instead combine the game and dlc into a single
| executable (to simplify build and distribution) and put the dlc
| behind a software lock, somehow that is now rent
| seeking/overreach and I deserve to have hackers unlock it for
| everyone for free?
| [deleted]
| LocalH wrote:
| Even though that is not exactly the issue I refer to, I still
| say yes, that is my claim, from a moral perspective.
|
| If the content is on the disc or shipped as part of the files
| of the base game, then it should be accessible without
| additional purchase. Otherwise, you're undercharging for the
| original deliverable, and overcharging for the actual
| "downloadable content".
|
| Imagine this taken to the logical extreme. I sell you a
| printer. It comes with an amount of ink. However, I've
| decided that instead of allowing all of the ink to be used, I
| will limit the printer to only give you X number of pages per
| cartridge, regardless of actual ink content. _Buuuuut_ , you
| can also pay me $5 for the "ability" to use all of the ink in
| your cartridges instead of only part of it. Would it be wrong
| for hackers to unlock my printers to use all of the ink
| without having to pay a subscription fee?
| mbesto wrote:
| > I still say yes, that is my claim, from a moral
| perspective.
|
| I personally do not like services that exhibit rent-seeking
| behavior, but what, precisely, is IMMORAL about the
| practice?
| qeternity wrote:
| > Otherwise, you're undercharging for the original
| deliverable, and overcharging for the actual "downloadable
| content".
|
| This is called price discrimination and it's a great thing.
| You're talking about under/over charging but that's absurd:
| there is no such thing. People pay what something is worth
| to them.
|
| What you're advocating for creates actual economic
| inefficiencies: the people who don't want the DLC must
| either pay a higher price, or not make the purchase at all,
| and the people who would happily pay for the additional DLC
| now get a net cheaper price, despite a willingness to pay
| more.
| gruez wrote:
| > Even though that is not exactly the issue I refer to, I
| still say yes, that is my claim, from a moral perspective.
|
| And what's the "moral perspective" in question? Is it just
| "whatever benefits the consumer"?
| umvi wrote:
| Seems morally dubious. When you purchase software, it
| doesn't mean you automatically own the bytes and can do
| whatever you want with them. There are things call licenses
| that dictate what you are allowed to do, and you agree to
| the license when you decide to use the software. If you
| agree not to use the software for commercial purposes when
| you purchase it, you can't morally decide "my bytes my
| choice" and just to use it for commercial purposes anyway.
| Just because money has changed hands doesn't mean you now
| have free reign to do whatever you want with the bytes. If
| someone sells you linux for $1000, that doesn't mean you
| are allowed to make it closed source for further
| development because the GPL license you agreed to prevents
| you from doing so.
| kelnos wrote:
| I don't think I agree with your moral stance.
|
| If I buy a car, then, yes, "my hardware my choice".
| Software should be no different.
|
| I personally think end user license agreements are
| immoral. If you want to attach conditions to use, you
| should have to spend the time to work out a proper
| contract, executed by both parties, with consideration
| provided on both sides.
|
| But I still think that's weird. To use your "commercial
| use" example, if I buy a lawnmower, the company that
| sells it to me should not be able to dictate that I can
| only use it for personal use, on my own lawn. If I want
| to use it to mow my neighbors' lawns and charge them for
| it, they can't stop me.
|
| Copyright licenses like the GPL are interesting. I've
| released software under the GPL in the past (though these
| days I usually choose more permissive licenses like
| Apache or MIT). The GPL itself is essentially a hack that
| rides on our current awful copyright law in order to
| creatively subvert it. If our copyright laws were more
| reasonable and more aimed toward benefiting the public
| commons, we may not even have a need for the GPL; it's
| even possible that big parts of it would be unenforceable
| in a more reasonable copyright regime.
|
| Just a note on this:
|
| > _If you agree not to use the software for commercial
| purposes when you purchase it, you can 't morally decide
| "my bytes my choice" and just to use it for commercial
| purposes anyway_
|
| While this may be true under current law, there's nothing
| inherent in the universe that makes it this way. We as a
| society have decided that, legally, some things are out
| of bounds when it comes to contractual obligations. As an
| extreme example, you can't contractually sign yourself
| into slavery. No court (in the US and quite a few other
| places, at least) would consider that contract valid. The
| idea that you _can_ sign away your rights to use a piece
| of software commercially is not some absolute moral good.
| We could decide as a society that this sort of thing isn
| 't ok, and enshrine it into law.
| buildbot wrote:
| This is an amusing attempt at a defense if what Tesla is
| doing given that they are currently violating said GPL
| license for Linux...
| Cornbilly wrote:
| Yes. You've already distributed the binary to their machine
| and are using their resources to store it. In my view, it
| belongs to them and they should have full access.
| gruez wrote:
| By that logic, do you think that after someone has paid for
| 1 month of netflix, and downloaded their entire catalog to
| your phone for offline viewing, that all the videos
| "belongs to them and they should have full access"?
| aeyes wrote:
| No because Netflix is not a one time purchase, it allows
| to use the service for as long as you have an active
| subscription. Also you should know that the download
| function is limited to 100 titles.
|
| If the game had a base cost of 0 and a monthly price to
| play it it would be acceptable. Quake Live worked like
| this and I believe Game Pass.
| gruez wrote:
| >No because Netflix is not a one time purchase, it allows
| to use the service for as long as you have an active
| subscription
|
| Suppose netflix added a $10 upfront cost for
| subscriptions to combat people churning subscriptions or
| whatever. Would that make it justified to download all
| the shows they let you?
|
| >Also you should know that the download function is
| limited to 100 titles.
|
| I shouldn't know, because I don't subscribe to netflix
| :^)
| Cornbilly wrote:
| That would be a better comparison (with bundling a game
| and DLC into single binary) if Netflix insisted that you
| keep those files on disk past your subscription period.
| If they did that, yes. But since they don't, no.
| kelnos wrote:
| Yes, absolutely, if that were a feature the Netflix app
| allowed.
|
| Obviously it does not: your downloads expire after a
| certain amount of time, and if you cancel your
| subscription, you won't be able to get a key to decrypt
| the files.
|
| Companies are free to try to put restrictions on that
| sort of thing, but I think if customers are able to
| circumvent those restrictions (the DMCA anti-
| circumvention laws notwithstanding), the company should
| not get to complain about this.
| [deleted]
| kelnos wrote:
| I don't think you'd "deserve" to have hackers unlock it, but
| I also think that you should have no legal right to _prevent_
| people from unlocking it without your permission, and I don
| 't think it's unethical or immoral for anyone to do so. If
| you sell something to someone, and put it in their hands,
| they should have the right to do whatever they want with it.
|
| Presumably you've made the choice to bundle the base game and
| the DLC together like that in order to reduce your costs
| somehow, and I'm not responsible for your business model or
| logistical issues. If you're worried about people unlocking
| the DLC for free, don't put it in their hands without
| charging them for it.
|
| Either way, I think it's entirely reasonable to classify the
| concept of "charging extra at a later date for something
| you've already given the customer" as rent-seeking or
| overreach. Even more so if, instead of a one-time charge, you
| choose to charge a subscription for something that does not
| require any ongoing costs for you to provide.
| qup wrote:
| Rent keeps getting paid. It's not a one-time purchase of $25.
| gruez wrote:
| What about games with monthly membership fees like world of
| warcraft?
| kelnos wrote:
| That's fine, since there's an on-going cost to maintain
| the cloud infrastructure that the game needs to function.
| The company is well within its rights to say "if you stop
| paying us, you stop getting to use our cloud services".
|
| But if there was a single-player or LAN version of the
| game (I know that's not really possible with something
| like WoW, but for the sake of the argument...), then
| players should absolutely not have to pay an on-going
| subscription fee to play that way.
| martin8412 wrote:
| There's been plenty of WoW private servers throughout
| history hosted by people who had nothing to do with
| Blizzard.
| LesZedCB wrote:
| how is this even a question? this is _exactly_ what happened
| with Star Wars Battlefront II, and EA was once again
| absoutely crucified by the decision to have paid unlocks for
| content you technically _could_ grind for but was essentially
| unfeasible.
|
| the only difference between now and 2017 is people saw EA
| raking in the money anyway and have followed suit, so it's
| now more common. the outrage was proved toothless... cause
| star wars sells, and so does te$la.
| vz8 wrote:
| Cue the "You wouldn't download a car" memes.
| mensetmanusman wrote:
| https://youtu.be/52KR_eC8UFE
|
| I wonder which schools had the children watch this after the
| pledge of allegiance.
| x86x87 wrote:
| there: https://www.youtube.com/watch?v=ALZZx1xmAzg I fixed it
| for you
| pbhjpbhj wrote:
| That can't have been a thing?
| mensetmanusman wrote:
| There is a non zero chance this was played in a school...
| If it happened during first period, then, well...
| HWR_14 wrote:
| Good. People who buy things should own the things they buy.
| sowbug wrote:
| I enthusiastically endorse this sentiment until I remember I'm
| a software engineer whose career depends pretty fundamentally
| on copyright law.
|
| As an industry, we sell things that make hardware more useful.
| That's what software is. But the software we sell* comes with
| legal restrictions on what the buyer* can and can't do with it.
| Which means that we're restricting what our customers can do
| with the hardware that they own. And we do all that for money.
| *Substitute whatever you think the right terms are for these
| words (licensor, licensee, borrower, tenant, serf...)
|
| If we sold an app on a mobile-phone store, and a h4ck0rz came
| out with a crack that unlocked the premium features on it, we'd
| take measures to stifle it (patching the code, increasing the
| obfuscation, sending a complaint upstream of whoever was
| distributing it, etc.), and I don't think any of us would think
| we're bad guys for doing so. We're just trying to feed our
| families. And I doubt any of us would feel compassion for
| someone who said they paid for that phone, own its hardware,
| and can do whatever they want with it including run your paid
| software for free.
|
| Tesla's sin, if any, is that they sold us hardware that's
| designed to work only with their software. And "their" software
| could include software they licensed from your company, if you
| work in their software supply chain.
|
| Where is the right line between "my hardware, my rules" and "my
| software, my rules"?
| epups wrote:
| > Where is the right line between "my hardware, my rules" and
| "my software, my rules"?
|
| There's something obscene about unlocking existing physical
| features with more money, but there's also our mental model
| of what ownership means. Imagine you buy a new fridge, and it
| has an extra compartment that is installed, gets cooled but
| you have to pay to unlock. No one could ever verify that you
| didn't rip it open yourself. I don't think anyone would
| object either.
|
| The current monetization strategies for software favor the
| corporations. They can withhold service in case of no
| payment, and they are trying to do the same to hardware. I
| personally feel we should regulate this as soon as possible,
| otherwise things like right to repair will simply disappear.
| Ukv wrote:
| > But the software we sell* comes with legal restrictions on
| what the buyer* can and can't do with it. Which means that
| we're restricting what our customers can do with the hardware
| that they own.
|
| I'd say the software equivalent to right to repair would
| specifically be about restrictions against
| inspecting/decompiling/modifying the software running on your
| machine.
|
| While I also think copyright is flawed in general,
| restrictions against redistribution of the software seem like
| a separate matter - in the same way hardware right to repair
| doesn't mean you can set up a manufacturing line for new John
| Deere tractors to sell to others.
|
| > h4ck0rz came out with a crack that unlocked the premium
| features on it
|
| If someone grafts on useful features using only what you have
| already downloaded to my device, I think that's fair game.
| snypher wrote:
| This is probably not productive, but I think the response
| would be; I bought the software from you so it's mine now.
| spoiler wrote:
| Yeah these discussions always give me a bit of cognitive
| dissonance.
|
| On one hand, I like owning my software or content I
| purchased (talking about DRM)
|
| On the other, people expect most things to be a "live
| service" in terms of updates, which isn't sustainable if
| you only ever get paid a small onetime fee for your
| software. If you make the fee large, like Modo/Photoshop
| did, then it acts as a financial gatekeeper to your
| product. Even then, I feel like it creates wrong incentives
| for the product, so I'm not sure it's good either.
| autoexec wrote:
| > On the other, people expect most things to be a "live
| service" in terms of updates
|
| Do they? Most people I know don't want anything to update
| as long as it's working. They don't want new features.
| They don't want new UI changes. They'll dismiss/ignore
| prompts to update for as long as they possibly can. In
| very very rare cases people want "live service". They
| want their GPS to give them traffic information for
| example, but otherwise they don't want anything but bug
| fixes.
|
| Photoshop for example doesn't need to be constantly
| updated and a version of photoshop from 10-15 years ago
| would be just fine for the vast majority of people. The
| idea that software has to either be insanely expensive or
| a subscription is a false dichotomy.
| kentm wrote:
| Yeah, exactly this. _Companies_ want live services
| because they want to charge recurring fees. Customers
| want to buy and own software.
| TremendousJudge wrote:
| As a software engineer, I don't sell software, I'm paid to
| make it. I don't even own it afterwards. I hear some people
| are paid to develop open source software. I don't think my
| career depends "pretty fundamentally" con copyright law, as
| if the software I produce is otherwise worthless. Most people
| on the planet can't do the work I do, which means that
| somebody pays me for this work. Changing copyright law
| wouldn't change this fact -- at most it could affect my pay
| grade.
| kajecounterhack wrote:
| > Where is the right line between "my hardware, my rules" and
| "my software, my rules"?
|
| If someone roots their phone or car, which they own, despite
| the manufacturer's best efforts to prevent this, it should be
| legal because they are modifying a physical object they
| purchased. If they teach other people to root their devices,
| it should be legal the same way teaching lockpicking is legal
| if you're just lockpicking something you own.
|
| Nobody is asking manufacturers to stop trying to get in the
| way of people hacking their devices. Most people won't have
| the skills or desire to jailbreak anyway.
|
| But John Deere will sue farmers who try to fix their tractors
| themselves, Sony will sue you for jailbreaking your PS3, etc
| etc. That's wrong.
|
| Additionally, DRM generates physical waste by making it hard
| for people to fix things they bought. The right to repair is
| important.
|
| For software, illicit redistribution is covered by copyright
| law, no? But the same is true: if you own a copy of software
| and want to hack it (e.g. mod a game you bought) why should
| that be illegal, provided you were able to get around the
| game's built-in circumventions?
| lamontcg wrote:
| That isn't the only way to sell software, it is a relatively
| recent invention, I honestly wouldn't care if that went away.
| Zetice wrote:
| Okay great, but now the lowest cost of the car is an extra $10k
| because the manufacturing just got a lot more complicated as a
| result of not being able to build every car the same way.
| TheLoafOfBread wrote:
| That sounds like problem of a manufacturer not problem of a
| user.
| lowkeyoptimist wrote:
| Adding 10k to the cost of the lowest priced car is
| definitely a problem for both the user and the
| manufacturer.
| Zetice wrote:
| The price of the product being higher isn't a problem for
| the user?
| TheLoafOfBread wrote:
| Correct. That's a problem of a manufacturer for not
| having a competing product.
| Zetice wrote:
| Would be a nice story if it weren't for the inconvenient
| fact that Teslas are selling like crazy as they are.
|
| Sounds like it would be problem for the consumer, though
| clearly a solved one.
| martin8412 wrote:
| They can't even build two cars the same way everytime, I
| think we'll be okay.
| Zetice wrote:
| That's variance, not intentional.
| tadfisher wrote:
| Then customers have the choice to purchase a vehicle from a
| manufacturer with more scruples who is willing to sell those
| features without charging to "unlock" them.
| Zetice wrote:
| ...can you name one? Because every manufacturer does this.
| carstenhag wrote:
| But they don't own the license to use the software (Full Self
| Driving). I agree with you about the heated seats though.
| px43 wrote:
| The entire concept of "intellectual property" is an attempted
| theft of our own physical property, and I for one don't
| appreciate it. I understand that my values on this don't
| align with much of the rest of the legal systems of the
| world, but the absurdity of intellectual property is never
| more clear than when some far away company attempts to assert
| ownership over something that you use every day.
| blacksmith_tb wrote:
| Hmm, is the code already present? Would enabling it be
| putting unexpected load on Tesla's servers? If it's just a
| local feature (like the heated seats) that's shipped turned
| off, I'd say enabling it doesn't feel especially different to
| me (trusting it to drive you around of course is different).
| [deleted]
| tdiggity wrote:
| There is some real-time data being downloaded while
| navigating.
| https://twitter.com/greentheonly/status/1641450299285209088
| denlekke wrote:
| i dont have a settled opinion on software unlockable stuff.
| in general i think users should be able to hack it without
| repercussions. however, thinking about the concepts you
| present i had some hypotheticals. if tesla does all the
| self driving processing outside the car, it feels a little
| reasonable to pay them for their processing. but what if
| they just moved the heat seating processing out of the car
| (comparing the actual temperature to the desired
| temperature and modulating the power) ? that would seem
| unreasonable to me because the car is fully capable of
| doing it. So then what if tesla ships an intentionally
| terrible processor so that most data processing happens
| outside the car ? maybe it's reasonable again . ..
|
| no point to this, just thinking out loud
| rvnx wrote:
| Software lockable stuff sounds like in-app purchases.
| Should unlocking this content become legal ?
| judge2020 wrote:
| Self driving has an ongoing cost to Tesla for them to keep
| it updated and to improving upon its performance.
|
| It's only a subscription because it doesn't make financial
| sense to purchase it outright for $15k up-front (with a 6%
| interest rate, you'd need to own the car for 102 months to
| pay less than paying for the FSD subscription for those 102
| months, and it costs more per month in your loan than the
| subscription https://docs.google.com/spreadsheets/d/e/2PACX
| -1vSjfzhdfj0FU... )
| blacksmith_tb wrote:
| Sure, though that highlights why someone would be
| interested in unlocking it (even without updates going
| forward). Personally I think I'd want mission-critical sw
| to be as current as possible, I can see someone arguing
| they should be able to run what's already sitting there
| on the computer in their car.
| code_runner wrote:
| the software stack is different as far as I know. if you
| buy FSD and sign up for the beta program, you get a
| fairly massive software package downloaded. it is not
| instant and already on the device.
|
| of all the things to hate about elon, tesla, and this
| whole concept of locking down features in a car, FSD
| really isn't one of them, as its just a software issue
| and its a totally separate package that isn't core to the
| operational capability of the car's components.
| babypuncher wrote:
| Here's my attitude: The consumer should have complete control
| over any hardware and software in any product they buy.
|
| If a manufacturer wants to lock features behind a paywall,
| that is fine. However, they shouldn't be allowed to complain
| when consumers modify the thing they bought to get around
| that paywall. If Tesla _really_ wants to make sure absolutely
| no one gets FSD or heated seats without paying, then they
| should make a point of only including the relevant hardware
| or software in the vehicle at the time of purchase.
| denlekke wrote:
| in general you would think this is just a DRM race then
| between tesla and unlockers. however, with so many of
| tesla's features existing outside the car, tesla has a lot
| of leverage. a music cd or blu ray is generally finished
| content. a tesla is constantly getting software patches and
| most owners use the app which i'm sure is going through
| teslas servers
|
| is it reasonable for tesla to lock you out of the app or
| software updates if the software hash doesn't match what
| they provide ? would it be okay for them to void the
| warranty if you run software they didn't provide ?
| tadfisher wrote:
| > is it reasonable for tesla to lock you out of the app
| or software updates if the software hash doesn't match
| what they provide ?
|
| Of course, and I don't think anyone here is arguing
| against that.
|
| > would it be okay for them to void the warranty if you
| run software they didn't provide ?
|
| There are laws governing this exact thing (in the US it's
| the Magnuson-Moss Warranty Act), and in general Tesla
| would have to prove your unauthorized modification caused
| the failure which you're claiming under warranty.
| _trampeltier wrote:
| I think it was even a post here, because somebody had to
| fix something on his car, he don't even had the licence to
| use it.
| Spivak wrote:
| Yep, there would be issue at all if they sold the car and
| you install FSD with a download and a license key but if it
| comes with the car that's on you if/when the owner breaks
| the lock they own to access it.
|
| If you sell me a house with a safe in it and want to charge
| me for the code that's fine, but if get a welder to just
| break the door open you have no right to tell me no.
| MostlyStable wrote:
| I'm ok with charging subscription fees for services with
| ongoing costs (things like cell connectivity for remote
| monitoring or something), and I'm ok with charging one time
| fees for unlocking features that are already there, since it
| allows for price discrimination, cheaper and more efficient
| manufacturing, and better prices to the customer overall
| (potentially at least). But the flip side of that is
| that...if you put it on the car that the customer bought, and
| they figure out how to unlock it.....well good for them and
| sucks for you. This kind of thing _should_ 100% be legal (if
| it isn't already, and my understanding is that it is). If you
| want to _100% guarantee_ that they don't get a feature
| without paying for it, then I guess pony up for the more
| complicated manufacturing process where it isn't installed on
| some models.
|
| As for "they didn't pay for the license"....no....you gave it
| to them without asking them to sign a license agreement. They
| paid you money, and you gave them a product. How they use it
| is up to them.
| sokoloff wrote:
| > This kind of thing _should_ 100% be legal (if it isn't
| already, and my understanding is that it is).
|
| It may fall afoul of the (terribly written, but still law)
| Section 1201 of the DMCA, if it's arguable that the
| circumvention provides access to computer software (and I
| think it is arguable).
|
| I agree that this _should be legal_ , but I'm not nearly as
| convinced that it _is legal_ currently.
| RajT88 wrote:
| Agree with this. The DMCA makes stuff like this illegal.
|
| Recall that when CD copy protection was starting to be
| deployed, you could negate it with a black marker. The
| DMCA then made black markers illegal, because it bans
| "tools which may be used to circumvent copyright" as well
| as the "circumvention of copy protection measures". (Not
| that anyone tried to enforce it, but the letter of the
| law was pretty clear that black markers were then illegal
| to possess)
|
| The DMCA should be amended or revoked to make these
| shenanigans no longer enforceable.
| jrmg wrote:
| Black markers are/were very obviously not illegal. The
| law doesn't work like code, it's filtered by humans.
|
| No court would ever come to the conclusion that something
| as mundane as black markers are illegal to possess.
| RajT88 wrote:
| You almost understood the point.
|
| The DMCA is a problem because putting copy protection on
| (for example) heated seats is a similar level of
| silliness to outlawing black markers.
| belltaco wrote:
| > but the letter of the law was pretty clear that black
| markers were then illegal to possess
|
| That is wrong. It's legal to possess a hammer but illegal
| to bash someone on the head with one. It was legal to
| possess a black marker and arguably illegal to use it to
| circumvent copy protection.
| esotericimpl wrote:
| [dead]
| freejazz wrote:
| >"As for "they didn't pay for the license"....no....you
| gave it to them without asking them to sign a license
| agreement. They paid you money, and you gave them a
| product. How they use it is up to them."
|
| That's not true and it's most definitely not a valid legal
| position to take in defense
| toomuchtodo wrote:
| So contract law and copyright aren't a thing because people
| don't want it to be? You own the hardware (you can shuck
| the car, part it out, mod it), you don't own the code it
| runs. By all means, root the car and take the features you
| want, but don't be shocked when Tesla either a) nukes the
| features remotely or b) sues you. You are taking issue with
| an existing legal and contract law framework. No one is
| forcing you to buy a Tesla and be bound by agreements with
| them around their IP. Would you support a software company
| nuking someone's license to operate their software remotely
| if the customer defeated a license module they didn't pay
| for?
|
| (registered security researcher for my rooted Teslas)
| MostlyStable wrote:
| I'm not sure how contract law is relevant at all. As for
| copyright, they aren't copying or distributing it in any
| way. If you give me the code on it, I am allowed to
| execute it as I see fit. The only way I see copyright
| issues is if they weren't actually shipping the code and
| I had to pirate it and side load it. Which is a
| completely different issue than is being discussed.
|
| If you sell me a book, I'm not allowed to copy that book
| and sell those copies. I _am_ allowed to chop it up and
| and repaste my own copy however I see fit.
|
| If I'm wrong and current copyright law does not permit
| this kind of thing, then current copyright law is bad and
| should be changed.
| toomuchtodo wrote:
| I'm fully supportive of someone going to court and
| finding out what happens when they do this. It is far
| more valuable than wild speculation. Copyright law _is_
| bad and should be changed, but that is unlikely a winning
| defense in the course of a civil suit (or criminally, if
| prosecuted for DMCA violations, such as circumvention of
| digital mechanisms for access control per 17 U.S.C. SS
| 1201(a)(1)) [1] [2]. I am fairly confident (not an
| attorney, not your attorney) this applies to access to
| Tesla 's FSD digital work.
|
| [1] https://www.law.cornell.edu/uscode/text/17/1201 (17
| U.S. Code SS 1201 - Circumvention of copyright protection
| systems)
|
| [2] https://www.law.cornell.edu/definitions/uscode.php?wi
| dth=840... (circumvent a technological measure (3) As
| used in this subsection-- (A) to "circumvent a
| technological measure" means to descramble a scrambled
| work, to decrypt an encrypted work, or otherwise to
| avoid, bypass, remove, deactivate, or impair a
| technological measure, without the authority of the
| copyright owner; and (B) a technological measure
| "effectively controls access to a work" if the measure,
| in the ordinary course of its operation, requires the
| application of information, or a process or a treatment,
| with the authority of the copyright owner, to gain access
| to the work.)
| tadfisher wrote:
| Contract law is running afoul of the first-sale doctrine
| here. Tesla can not enforce many clauses in a potential
| contract or license via the legal system, so it's not as
| cut-and-dry as "you don't own the code".
|
| Copyright has zero application here unless you
| redistribute Tesla's code or binaries. Reverse-
| engineering is a legal practice (in US law, at least).
| toomuchtodo wrote:
| > Copyright has zero application here unless you
| redistribute Tesla's code or binaries. Reverse-
| engineering is a legal practice (in US law, at least).
|
| Reverse engineering to utilize software you didn't pay
| for and don't have a license or some other legal
| authority to use is unlikely to pass muster legally,
| versus for interoperability purposes.
|
| https://www.eff.org/issues/coders/reverse-engineering-faq
| (Control-F "What Exceptions Does DMCA Section 1201 Have
| To Allow Reverse Engineering?")
| hooverd wrote:
| Tesla can't sue you if you splice a switch into the seat
| heater relays! I don't know if that's a good idea. Or
| maybe they thought of that and they don't turn on unless
| there's some of key exchange.
| toomuchtodo wrote:
| That's BMW, not Tesla. Tesla only offers subscriptions
| for premium mobile network connectivity and FSD. A
| quality rocker switch would meet your needs for the BMW
| seat heater use case.
|
| https://www.theverge.com/2022/7/12/23204950/bmw-
| subscription...
|
| EDIT: I stand corrected. It appears there was a window of
| time where Tesla offered rear heated seats as an upgrade
| on a base trim standard range Model 3.
|
| https://electrek.co/2020/02/15/tesla-rear-heated-seats-
| model...
| Kirby64 wrote:
| The cheapest Tesla's offered a one time unlock for rear
| seat seat heaters. Not any different from bmw, except bmw
| also offered a subscription option (bmw also offered a
| lifetime unlock... at a much higher price).
| freejazz wrote:
| Using software without the license to is copyright
| infringement, full stop.
| rightbyte wrote:
| In what way? No copy was ever made.
| freejazz wrote:
| Using a copyrighted work without license is copyright
| infringement. Not sure how to make that clearer to you.
| 8note wrote:
| If I put a book a don't have a license to under a table
| leg to make it stop wobbling, it is not copyright
| infringement
| dragonwriter wrote:
| > Using a copyrighted work without license is copyright
| infringement
|
| Only for the kinds of "use" that involve the exclusive
| rights of the copyright owner ("use" generally does not),
| and even then not always, because there are exceptions to
| copyright.
| hooverd wrote:
| This just sounds like "you get all the downsides of
| ownership but we get all the upsides of a subscription
| model".
| [deleted]
| [deleted]
| semiquaver wrote:
| The article claims this is not patchable but it also says
| that the hackers have not yet unlocked FSD with this
| technique. I strongly suspect that the "unpatchable" part
| would not apply to any potential FSD unlock because of the
| large amount of server-side functionality involved for FSD.
| Server side components aren't going to be easily fooled by a
| car-local exploit.
|
| Knowing Tesla, even if they can't patch the vulnerability OTA
| I would be very concerned about their being able to _detect_
| the use of this bypass and remote-brick cars in response
| until the customer agrees to bring their car in for a
| hardware patch.
|
| Edit: a now-dead reply says there is no server side
| functionality whatsoever for FSD. I don't own a Tesla but
| find it very unlikely that FSD has not even usage telemetry
| in what are otherwise highly connected cars.
| esotericimpl wrote:
| [dead]
| wredue wrote:
| Haven't we already been through this type of shit with EA?
|
| Back in, I think it was bad company 2, EA delivered content
| on disk, but locked it behind a paywall. Then they got their
| wrists slapped for locking already available content behind a
| paywall.
|
| Softlocking hardware that exists in the car (heated seats)
| behind a paywall seems to be the exact same thing, and is not
| legal everywhere.
| shagie wrote:
| Does enabling FSD come with any liability / terms of service?
| If it is backdoor enabled and the vehicle crashes, what is
| Tesla's liability? If the OTA patches to the system are needed
| and the car is running the base, unupdated (buggy) build, what
| is Tesla's liability?
|
| Alternatively, if a vehicle is running software that hasn't
| gone through Tesla's subscription how much of the liability for
| any software problems will Tesla be able to transfer to the
| vehicle owner?
|
| Hypothetically, if Tesla were licensing 3rd party software and
| that license was based on installed uses and Tesla was
| reporting the subscriptions for FSD (rather than sales of the
| vehicle), what would enabling the software open up Tesla to?
| Would Tesla then be able to sue the person who unlocked it for
| the additional licensing costs they incurred?
| eldaisfish wrote:
| If something is opened or modified without manufacturer
| consent, there is no question of liability because there is
| none.
| joecool1029 wrote:
| Except history hasn't really played out that way. Less
| serious but Grand Theft Auto had a sex game added to one of
| their titles that wasn't supposed to be accessible by
| gamers. People figured out how to unlock it using a
| modified save file. This ended up in all sorts of legal
| liability to the company:
| https://en.wikipedia.org/wiki/Hot_Coffee_(minigame)
| something168581 wrote:
| Hot Coffee is and was an absurd case with absolutely no
| merit behind it.
|
| It only became a large issue because it was a social fad
| for politicians and mass-media to dogpile "evil gaming
| companies corrupting poor mindless children", and
| Rockstar in particular with the GTA series was one of the
| most popular targets of said social fad.
| shagie wrote:
| So if you're using unlocked a version of FSD that has been
| recalled and don't get an OTA update then any and all
| faults that may be traced back to FSD even if it was clear
| that this is a bug in the software (e.g. the reason for the
| recall) the vehicle owner has full liability?
|
| https://www.cnbc.com/2023/02/16/tesla-
| recalls-362758-vehicle...
| eldaisfish wrote:
| Software is a legal grey area as others pointed out. In
| your example, the vehicle owner modified the software
| version and used an unsupported one. The manufacturer
| cannot be liable when there is no legal contract.
|
| The problem here is that this is functionally similar to
| using an outdated version of photoshop but the
| consequences are vastly different.
| rvnx wrote:
| It never has been Tesla's responsibility if the FSD fails
| (whereas for Mercedes they take responsibility)
| olyjohn wrote:
| I'm not a Tesla fan, but Mercedes doesn't have a fleet
| anywhere near Tesla's. This is a well-run marketing
| campaign to try to get Tesla to also accept responsibility
| and bring prices up, IMO. Mercedes isn't really accepting
| liability for shit at this point, because they only have
| like one car with level 3 and it's a super top trim and
| there won't be very many people using it. Once they have a
| large amount of vehicles out there with this tech, then
| we'll see what they really accept responsibility for.
| code_runner wrote:
| I think the mercedes taking responsibility thing was at
| least partially clever marketing. there are really extreme
| limitations last I saw, which honestly is understandable.
| martin8412 wrote:
| The limitations are due to the legal framework Mercedes
| lives up to. The updated version only recently came out.
| code_runner wrote:
| I do think they are doing it more responsibly for sure.
| Just that given the limitations it's difficult to compare
| the offerings at this point
| judge2020 wrote:
| Did they ever figure that out?
|
| > There are few federal laws addressing automated driving.
| So, Mercedes Vice President of Automated Driving George
| Massing tells R&T, "we will probably have to deal with each
| individual state." But the company plans to accept legal
| liability for what the car does while Drive Pilot is
| engaged.
|
| As far as I can tell there still isn't some webpage where
| you can submit a claim to Mercedes-Benz for a failure of
| their self-driving tech...
|
| https://www.kbb.com/car-news/mercedes-well-be-liable-for-
| sel...
| rvnx wrote:
| In the opposite, Tesla sounds more like the type of
| company that would sue you if you claim autopilot brought
| you into a crash.
|
| Since they are technically right, as autopilot disengages
| before.
| prussian wrote:
| I want to add agreement to this, but to be more precise: people
| should own the things they buy and artificial (software ) means
| of locking people out of features shouldn't be allowed.
| shmatt wrote:
| If you opt out of the heated seat package when you purchase
| the car, that doesn't mean the manufacturer can't add that
| hardware in a disabled state. That also doesn't mean you own
| the heating feature after you opted out
|
| That's like asking Intel to fix a processor you overclocked
| [deleted]
| hooverd wrote:
| Nah, that's like asking Intel to enable two more cores on a
| two core processor made from a four core binned chip that
| they also sell four core processors based on. The only
| difference is software.
| jsheard wrote:
| Intel briefly did have a scheme where you could pay to
| unlock parts of the processor that were disabled for
| segmentation reasons:
| https://en.wikipedia.org/wiki/Intel_Upgrade_Service
|
| It was abandoned due to backlash but that didn't stop
| Intel from doing artificial segmentation, so instead of
| buying a chip with "3MB" of cache and being able to
| unlock it to 4MB later, now you buy a chip with "3MB" of
| cache and 1MB of dark silicon that's permanently lasered
| off at the factory. I get the objections, but the
| alternative isn't really an improvement.
| elmomle wrote:
| Here's an analogy: the year is 1950. I bought a car and a
| radio is built in. But I didn't pay the extra radio fee, so
| a wire is intentionally left out and the radio does not
| work. But the car is mine--I could choose to scrap it,
| radio hardware and all; I owe the company nothing, and I am
| the owner of a car with a nearly-functional radio. Then how
| could somebody object to my going in and fixing the radio,
| if it is my property to begin with?
| waterheater wrote:
| The answer is: the year is 1950, and property rights are
| respected.
|
| The year is 2023. The goal of Big Tech is the elimination
| of ownership and the rise of perpetual rental income.
| causi wrote:
| Then they should pay me rental fees in compensation for
| electricity I have to purchase to haul _their_ hardware
| around.
| nescioquid wrote:
| There are semantic games at play here, I suspect.
|
| The manufacturer sold the hardware configured in a certain
| state; the same device could have been configured
| differently depending on price. Once the device is sold,
| the new owner is a petty tyrant over the state of his own
| property.
|
| But if I don't own the heating "feature" (promise of a
| result), I don't care. I am pretty sure that the warranty
| indemnifies the company against the hardware actually being
| fit for said purpose and therefore will not guarantee a
| result anyway, so what do you "own" in the first place, if
| not the device itself?
|
| [edit: grammar, readability]
| HWR_14 wrote:
| The far better analogy for what Tesla is doing is "it's
| like Intel preventing you from overclocking your chip".
| Sure, you should not expect support for your hacked seat
| warmers.
| pizzaknife wrote:
| i came here to say this
| nvr219 wrote:
| If I paid them money and they gave me hardware (in this
| case a heated seat) then I can do what I want with it,
| sucks for them if they don't want me to. They can give me
| the non-heated seat. And yeah if I brick my car trying to
| jailbreak it that's on me, fine.
| hooverd wrote:
| IP has gone too far. We're seeing more and more instances of
| computers forced into perfectly good physical products for the
| express purpose of degrading their functionality unless a
| ransom is paid. Now instead of toggling a relay, you have to go
| through an entire software stack and license check to heat your
| seats.
| LesZedCB wrote:
| which toggles a relay.
| [deleted]
| grecy wrote:
| I've been thinking about this as a thought experiment lately.
|
| Let's say there's two versions of the car. Higher spec has
| heated seats, lower spec doesn't. Let's say it's a $1000 price
| difference.
|
| At what point below are you ticked off ?
|
| Level 1: The higher spec car has the physical seat heaters, all
| the wiring, all the plugs and all the software. The lower spec
| car has none of that.
|
| (I think this is how cars have always been sold, so it's
| "normal" and "acceptable" and nobody would complain - they paid
| $1000 less and got less features.)
|
| Level 2: The lower spec car has the physical seat heater inside
| the seat, but none of the wiring, plugs or software to make it
| function. (It was cheaper for them to just build the seats with
| the heater in there, so they did, but it will never "work")
|
| Level 3: The lower spec car has the physical seat heater inside
| the seat and some wiring, but the main loom doesn't have
| provision for the high current draw, so it can't work.
|
| Level 4: The lower spec car has the physical seat heater inside
| the seat, all the wiring, but none of the plugs to actually
| connect it.
|
| Level 5: The lower spec car has the physical seat heater inside
| the seat, all the wiring, all the plugs (so all the physical
| hardware is there), but the software to turn it on is not
| present / not licensed.
|
| (Note: If you got ticked off at level 5, it's pretty much like
| buying a brand new MacBook and being ticked off that it can
| theoretically run Final Cut Pro, but you have to pay to make it
| work. Surely you gotta pay for software ? )
| marcosdumay wrote:
| Level 6: The lower spec car has the physical seat heater, all
| the wiring, all plugged in, all the software, and a setting
| added (for extra production cost) that makes it not work and
| can't be changed by the car owner.
|
| We are talking about this one. The entire thread is about
| this one, and none of your options even passed through the
| conversation.
| code_runner wrote:
| FSD is more like example 5
| Kirby64 wrote:
| This is identical to 5, in my view. Its not licensed. Is
| anyone upset that if you download a version of software
| that has a "basic" and a "premium" version, but the premium
| costs more money, that you don't get the premium
| functionality? Just like you "can't change" whether you get
| premium functions if you don't pay for it, the same could
| be said for fsd or seat heaters.
| whatlol wrote:
| I disagree with the premise of locking someone out of
| something they physically own. You HAVE the seat heater
| in your car, the wiring works, you just aren't allowed to
| turn it on. I don't see this as the same as a basic vs
| premium version of a piece of software. The person owning
| the car owns the heater, the car, the wiring, they have
| to pay the miniscule extra cost of carrying that hardware
| around in their car. If Tesla offered to remove it at no
| cost if the car owner didn't want to pay the fee, I'd
| have no issue.
|
| Where do you draw the line?
|
| Next they'll be making you pay a fee to use low gears, or
| a power steering fee, a radio listening license, a
| Bluetooth permit, a reverse allowance, power window
| season pass, air condition authorization.
| HWR_14 wrote:
| None of the levels you mention (until Level 5) operate any
| differently from this feature. In any of those cases, if I
| replace the missing parts, I get my heated seats. I would be
| ticked off if Level 2 had physically integrated seat warmers
| had some protection people could not work around so they had
| to cut out and replace the seat warmers.
|
| Level 5, and this case, all I'm doing is adding the missing
| component. A flag or something.
| whelp_24 wrote:
| I mean honestly level 1 is frustrating when the cost is
| negligible or for safety. Plus it isn't like you can choose
| which features you get, and it is not like the seat costs
| 1000 dollars to heat. Somewhere between 3 and 4 should have
| legislation against it. (Also level 5 isn't like final cut
| pro not being installed, it's like Apple blocking port 22
| unless you pay for a special developer license)
| matwood wrote:
| Yeah, I don't get the outrage. People should be happy because
| it allows people to hack the software and get heated seats,
| assuming they are ok voiding any warranty.
| michael1999 wrote:
| Level 5 is exactly where it bugs me. Levels 1-4 are all
| concrete (if marginal) cost savings as compared to the full
| version. But your level 5 means someone spent _extra_ money
| and engineering time to make something _less_ functional.
|
| Boo. Hiss.
| [deleted]
| samstave wrote:
| I won all my groceries, but once I consume them, they still
| turn to shit.
|
| -
|
| I think we need to hold all EV companies "responsible for their
| shit"
|
| So, if you buy a tesla - only tesla should be responsible for
| recovery from every crash and and turn in.
|
| Thus the environmental impact due to the heavy metals and all
| the plastics made are sole responsible from a closed, boring
| lopp to hyper the link to the fact that all these materials
| were made by stars. X.
| samstave wrote:
| (my point was I PAy/taxxed/etc) for my X-crement...
|
| I think my logic is off WRT analogy, but I beleive you get
| the premise...
|
| Can we find a complete model of the impact of the matters
| which are being affected by the musks?
|
| (im not judging musk - I am judging actions... many of these
| actions suck. IIATAH?
| 1023bytes wrote:
| Doesn't seem like a good idea to actually do this, since the car
| phones home all the time. Tesla could blacklist you from
| supercharging etc.
| sirsinsalot wrote:
| There's a lot of missing the point in these threads about
| software locks.
|
| Building a car in a uniform way for economy of scale savings,
| fine.
|
| Having a software unlock for hardware you already have (but
| didn't pay for in the price). Fine.
|
| Using software to rent-seek on one time costs like heated seats.
| Not fine. Less fine too if the seat subscription can't carry to
| secondary market. This can he used to cripple secondary markets:
| sorry, the BMW account you have isn't linked to this VIN. Heated
| seats and android auto are disabled.
|
| Let's stop the third.
| sdfignaionio wrote:
| >Having a software unlock for hardware you already have (but
| didn't pay for in the price). Fine.
|
| Tolerable, perhaps, but pretty far from fine. It's pretty
| shocking to me that people in our society build things and then
| deliberately break them so they can make more money. Is this
| really the best system we can come up with?
|
| We have built a society where what is plainly crazy is
| rational.
| hot_gril wrote:
| > It's pretty shocking to me that people in our society build
| things and then deliberately break them so they can make more
| money. Is this really the best system we can come up with?
|
| All part of cost tradeoffs. Previously, they'd build the car
| with the ability to support all those add-ons even if the
| customer isn't getting them. Turns out it's cheaper not to do
| that.
| femto wrote:
| Being a tradeoff it works both ways. Customers get broken
| add-ons for free if it's cheaper to not pursue the
| customers that fix them.
| circuit10 wrote:
| I wish the solution was to just give everyone those
| features. Maybe it can't work like that but this feels very
| wasteful
| jimmyk2 wrote:
| I assume it's all to game the starting MSRP.
|
| Like the barebones Tesla 3 that existed on paper but was
| basically impossible to order. OE's know most people will
| spring for that creature comforts.
| circuit10 wrote:
| That reminds me of this video:
| https://youtu.be/cLGcGnGJvL0 where they say how one of
| the reasons laptops are getting harder to upgrade is
| probably so they can make you buy an expensive
| configuration and still advertise a low starting price
| hot_gril wrote:
| At least you can download heated seats later if you
| change your mind, unlike RAM.
| wingworks wrote:
| Kinda what the chip Intel (and others chip makers?) have been
| doing for years. Make the best next gen chip, then strip out
| parts to slow it down and sell cheaper ones. Not 1:1 the
| same, but pretty similar.
| hot_gril wrote:
| What's the difference between the second and the third?
| lajamerr wrote:
| Probably the same sentiment between DLC vs Expansions in
| gaming.
|
| But fundamentally no difference because you are getting a
| discounted price in exchange for the soft locked feature. So
| 2 and 3 are the same imo.
| hot_gril wrote:
| I'm not asking what's the fundamental difference, I just
| don't get what the two options are. Is #2 one-time purchase
| and #3 subscription?
| dr_orpheus wrote:
| Second is "I pay $50 once to unlock heated seats in my car
| forever. This car now has heated seats and anyone that I sell
| it to also gets heated seats"
|
| Third is "I pay $5/month for heated seats for the entire time
| I own the car. Anyone that I sell the car to would also have
| to pay $5/month for heated seats."
|
| Edit: The other version of the third option (your BMW account
| is not tied to this vin) is something like "I pay $50 once
| for heated seats in my car. If I sell it to someone, they
| also have to pay $50 to unlock the heated seats"
| hot_gril wrote:
| Third seems slightly better, cause at least the secondary
| buyer clearly knows it's $5/mo instead of having to make
| sure the one-time payment sticks.
| eganist wrote:
| In fairness, the second method should probably be
| implemented with an e-fuse. That way once it's paid,
| there's no taking it away.
| harry8 wrote:
| >Having a software unlock for hardware you already have (but
| didn't pay for in the price). Fine.
|
| Ok as long as /any/ end run around that garbage made by the
| car's /owner/ is specifically: legal, legitimate and not-
| warranty voiding.
|
| Because you know the step from there to not being able to
| repair the things you own without paying more to allow you to
| do so is nonexistent.
| nottorp wrote:
| Can they fix the power steering too then?
|
| Ref: https://arstechnica.com/cars/2023/08/steering-failures-
| are-t...
|
| Apparently it's a software problem.
| bigmofo wrote:
| I would have thought that EFF and FSF would be more active in
| trying to promote open source in automobiles for privacy,
| security and being able to repair and modify the vehicle. I would
| think that it would be rather mind blowing how much information
| is gathered by the new vehicles about oneself. I have enough
| money to buy any model of Tesla, but will not due to privacy,
| security and safety reasons. (I consider drive by wire braking
| and acceleration a safety issue. With a stick shift I can insert
| the clutch and know that the drive system can be disabled. I also
| consider that the software can be modified over the air forcibly
| by Tesla a safety issue because it could be used for nefarious
| purposes.)
| rossdavidh wrote:
| Sooner or later, some city is going to be held for ransom by a
| group that has disabled (or hijacked) all of the Teslas in it.
| "Give us a king's ransom or your roads will be clogged with
| immovable cars, and thus unusable, for weeks". Right now, there
| are not enough software-hijackable cars on the road for this to
| work, but that is changing. Once you have a critical mass of
| perhaps even just 5% of the cars, you can bring all traffic to
| a halt until your demands are met.
| balls187 wrote:
| Curious, why do that, and not say attack the power grid?
| Swenrekcah wrote:
| I do agree with the sentiment, but in this particular example
| if I were the local government I'd endure the pain for the
| 24-36 hours it'd take to get the inflicted vehicles gathered
| up and then simply ban them from driving until the
| manufacturer fixes the issue.
|
| If I didn't have the legal authority to do it I'd probably
| still do it and rather pay the damages than the ransom.
| jdjdjdhhd wrote:
| > I have enough money to buy any model of Tesla, but will not
| due to privacy,
|
| Which modern car do you think is not violating your privacy?
| bigmofo wrote:
| That would make for a good topic. Also, it is difficult to
| maintain older cars going when parts become harder to get.
| So, even if one does not want to buy a new car; at some point
| one might be forced to getting a newer car. I very much
| appreciate these hackers and hope that there will be a
| thriving and vibrant hacking community for new vehicles. I am
| personally not interesting in unlocking unpaid for features;
| but for privacy, security and safety reasons.
| catboybotnet wrote:
| It seems the thought that Teslas are not cars, but rather tablets
| with wheels is accurate.
| WeylandYutani wrote:
| You wouldn't download a car.
___________________________________________________________________
(page generated 2023-08-03 23:00 UTC)