[HN Gopher] Hackers manage to unlock Tesla software-locked features ___________________________________________________________________ Hackers manage to unlock Tesla software-locked features Author : 1970-01-01 Score : 595 points Date : 2023-08-03 16:44 UTC (6 hours ago) (HTM) web link (electrek.co) (TXT) w3m dump (electrek.co) | rkagerer wrote: | Seeing this gives me the same warm, fuzzy feeling I had when I | jailbroke my first iPhone to gain features that were impossible | otherwise. | | I wonder if Tesla will start using physical one-shot fuse bits | buried deep in hard-to-access components (eg. hardwire a heater | control relay open in the final programming step at the factory) | to make these type of attacks more difficult. Of course that | would preclude up-selling the feature later. | frankus wrote: | I think it's all about the possibility to later upsell. I don't | think the economics work out where it's cheaper to install | something like a seat heater in every car and permanently | disable for price discrimination purposes (the way you might | for e.g. a CPU). | | My brain can kind of rationalize this as "it makes the up-front | price lower, and you can add features to your car without even | visiting a dealer", but my heart definitely recoils at the idea | of paying for something like that already in my possession. | mrkeen wrote: | "Full Self-Driving ... will soon allow the car to steer on its | own". April 6 2023 [1] | | I think the hackers should have waited. | | [1] https://www.digitaltrends.com/cars/is-tesla-full-self- | drivin... | gcanyon wrote: | Because what could _possibly_ go wrong hacking a hunk of metal | that transports you at lethal speeds... | waterheater wrote: | Everyone accepts a certain risk simply by driving, and we all | have relative risk tolerance. Point in case: I knew of a | 20-year-old driver who owned a nice, safe vehicle but was too | afraid to drive on an interstate highway because they were | afraid. That's not a "hunk of metal" issue but a risk-comfort | "issue," which really is relative. | | Regardless, your point highlights the eternal fight between | liberty and "safety and security." A society which tolerates | little risk seeks to minimize liberty and maximize safety and | security. A society which tolerates much risk seeks to maximize | liberty and minimize safety and security. | | To use cars as the prime example: why am I required to purchase | a vehicle equipped with airbags [1]? They're expensive, bulky, | decrease fuel economy, and may cause harm to a passenger if it | improperly inflates. By owning a vehicle, I assume sole | responsibility for the correct and proper operation of it as | well as the physical well-being of any passengers. Frankly, I | should be able to purchase a vehicle equipped without airbags | to decrease the overall purchase price, thereby allowing me to | use that money on other things. | | The same argument doesn't apply to certain things like ABS, | which I argue should be regulated because poor braking affects | people both inside and outside the car. Airbags, on the other | hand, only apply to people inside the car. By carrying any | passenger in the vehicle, the owner assumes legal | responsibility for their safe carriage. | | [1] https://www.history.com/this-day-in-history/federal- | legislat... | kelnos wrote: | I think it makes more sense if you frame it that the | manufacturer is required to sell cars with airbags. We don't, | as a society, want people to have to make a choice between | safety and cost in that particular situation, so we mandate | that the manufacturer can't even sell without them. | | Beyond that, if we assume airbags, on average, decrease | injuries and deaths, then society also has an interest in | helping to ensure that. Heavily injured and dead people put | more of a strain on our health care system, and the costs for | that are not solely borne by the person who gets injured or | dies. | | Certainly there's room for disagreement on whether or not all | that is worth the added per-individual cost, the regulatory | cost, etc. But let's remember that there are many things | that, on first glance, seem to only affect an individual, but | actually ripple out and affect others as well. | fwip wrote: | > why am I required to purchase a vehicle equipped with | airbags? | | The same reason that you can't sell food that's sweetened | with lead. You can add lead to your own food if you want, | just like you can drive a car without airbags. | waterheater wrote: | Yes, keep lead out of food. The comparison is not accurate | because the risk-reward profiles of lead-in-food and | airbags-in-cars are misaligned. Food is consumed under all | circumstances, whereas airbags are only employed during an | emergency situation. | | You're also right that I can drive a car without airbags, | but the point is that you can't buy a new car without | airbags. | iramiller wrote: | This line of reasoning is what is used to justify lock-in and | anti-right to repair legislation. Following this reasoning you | shouldn't be allowed to change a flat tire on your car as it | could be improperly tightened and fly off at speed. | | Technical constraints to lock out owners/users only serve to | enforce a manufacturer's feudalistic rent seeking and revenue | extraction policies. | | In the overall scope of driving a personal automobile cellphone | use or even adjusting the car entertainment system are far more | common causes of accidents and death and yet these are not | locked away via technical controls despite being very easy to | accomplish. | gedy wrote: | As someone who made and drives a rat rod, it's basically the | same situation? If the car fails due to my physical hacking, | it's on me. Should be same for software. | EspressoGPT wrote: | In other news: If you intercept the boot process of a system and | open a root shell there, you can access the system. | londons_explore wrote: | There are already third party garages offering to unlock various | things for less than Tesla wants (or upgrades Tesla simply | doesn't sell). | | They tend to involve a gizmo intercepting can messages though. | The gizmo is usually keyed to the serial number of the car so you | can't clone/move/resell them. | ajsnigrutin wrote: | This should be "hacked" by the regulator and not by the hackers. | If they sold you a car with heated seats (so if the hardware is | there), the heated seats should be available for the consumer to | use. | abandonliberty wrote: | So people should not have the option of paying less of paying | less for less features? Everyone must pay for features that | only a subset of customers use? | | You make a common argument that's deceptively anti-consumer. | | Yes, this can be abused - but that's a different argument. | hot_gril wrote: | I'd be happy paying less for less features. Or paying less | and then hacking the features in. It's kinda like ad- | supported YouTube, pretty nice for me cause I just ad-block. | ajsnigrutin wrote: | If they sell you a car with heated seats, you should have | heated seats. They already sold you the heated seats, you | already have the heated seats, and they just want more money | for something they already got money for, and you already | have. | TobyTheDog123 wrote: | >So people should not have the option of paying less of | paying less for less features? | | They should, it's called buying a different car without those | features installed. | | >Everyone must pay for features that only a subset of | customers use? | | You are already paying for those features upfront as part of | buying the car - there is no recurring expense to the | manufacturer. If you do not want or are unable to pay for | those features, you buy a different car without them | installed. | | What you're arguing for is for everyone to have to pay | another monthly subscription, and conflating "paying more for | a car" with "paying monthly for non-consumable resources for | a car". | notpushkin wrote: | I think this can then be "hacked" back by not selling you car, | but instead renting it for something like $1/yr + the price of | the car as a contract setup price. Personally, this is not the | world I would like to live in. | sushid wrote: | How do you feel about CPU/GPU/RAM binning? | j_walter wrote: | Will be interesting to see how they did it. Using low cost off | the shelf parts means nothing if you have to dismantle the entire | car and solder to the tiniest of points. I still remember the | first Xbox mod...30+ wires attached to the smallest of points on | the motherboard. | kklisura wrote: | > Generally, these exploits are shared with Tesla, and it helps | the automaker secure its systems. | | We need to bring back hackers/crackers of the old and NOT share | exploits with these companies. | system2 wrote: | I won't be buying any car with software locked features. | slowmovintarget wrote: | The 21st century equivalent of yanking the governor chip out of | the Grand National? Well, OK, not quite. | | https://www.thedrive.com/cars-101/39941/what-is-a-buick-gran... | sakopov wrote: | Am I the only one who thinks it's incredibly irresponsible to | disclose this without going through proper channels first? They | claim this hack unlocks a host of other features. Seems like a | great way to get a bunch of people messing with their cars which | could lead to all kinds of catastrophic consequences. | kerkeslager wrote: | No, fuck that. Tesla is locking people out of their own cars' | features. Being allowed to mess with your own car is one of the | privileges of owning a car. | sangnoir wrote: | > Seems like a great way to get a bunch of people messing with | their cars which could lead to all kinds of catastrophic | consequences | | People have always been able to do this with a wrench since | before the invention of cars. | sakopov wrote: | I don't think anyone's taking a soldering iron to their on- | board computer in a standard ICE vehicle. The fact that tesla | has vehicle control code running on it (beyond your typical | lane assist) makes this infinitely worse. Or am I missing | something? I get that people disagree with these features | being locked down and I agree. My point is this isn't like | changing a cold air intake in your ICE car. This can have you | go into a fucking wall at high speeds. | 1970-01-01 wrote: | >I don't think anyone's taking a soldering iron to their | on-board computer in a standard ICE vehicle. | | This is a multi-million dollar industry in the USA. | sangnoir wrote: | There's no reason to limit the components people can tinker | with to electronics! Everyone is free to (attempt to) | replace their brake fluid - or repair the brakes - which | can cause disaster at high speeds if not done correctly. | I'm yet to hear anyone asking for access to vehicular | hydraulics to be locked down in order to protect people | from themselves. | denysvitali wrote: | The part they're messing with it's "just" the infotainment | system. The autopilot system and a lot of other things are | "protected" by a gateway. | | You'd still need Tesla's signing key to rewrite the | Autopilot software or mess up some more important | components. | | Now, the CID is still coordinating some parts of it - but | AFAIK the car works also without that, to the point that | you can simply reboot the infotainment system without | losing control of the vehicle / Autopilot | ngneer wrote: | Game theory at play. Tesla and its customers are adversaries, | vying for the same dollars. Tesla implementing these security | measures directly translates to being able to charge more for | services. Same as John Deere and many others. This is a minmax | problem. How to pay the least to cause the other actor to pay the | most. If the feature costs $15K and breaking security costs $15K | then it is effective security. Obviously not the case here. | logifail wrote: | > Game theory at play. Tesla and its customers are adversaries, | vying for the same dollars | | Umm, I think this is more like "airlines vs passengers" when | passengers read about "hidden city ticketing" in a travel blog, | think it sounds cool yet haven't properly understand it, yet | decide to go to town on it anyway.[0] | | Since most providers are entirely at liberty to tell a customer | they're no longer welcome, as a customer you have to be really | really sure you want to own up to the provider as being an | adversary, since you might end up needing another provider. For | ever. | | (Full disclosure: have been looking for, booking, and flying on | less-than-entirely-legitimate airfares for a looong time. Have | occasionally broken out in a cold sweat at an airport in some | far-flung country on a dodgy itinerary when I think I've been | rumbled...) | | [0] https://www.insider.com/skiplagging-american-airlines- | banned... | dktoao wrote: | Fascinating article, didn't know skip lagging was a thing or | that it is illegal. It definitely shouldn't be, just seems to | be government protecting entrenched corporate interests at | the cost of the populace. aka par for the course. | whelp_24 wrote: | Skip lagging isn't illegal, iirc a recent court case | reaffirmed that. Airlines don't like it though so they may | cancel you. | logifail wrote: | So if you buy a Tesla and the T&Cs prohibit you from | hacking it/modding it, then you decide to hack away at it | anyway, what happens if Tesla were to brick the online | features of your vehicle and/or completely cancel you as | a customer? | whelp_24 wrote: | I mean the whole point is that Telsa should not be able | to brick the car you purchased because you changed | something in your car. Why does a car come with | conditions? | | Granted I may not be in the demographic for a telsa, i | wouldn't ever want my car connected to the internet. | mrguyorama wrote: | In america the current legal standard is that you go and | get fucked. You do not have a right to something you have | purchased anymore as long as the seller puts enough magic | fine print together. | logifail wrote: | > Fascinating article, didn't know skip lagging was a thing | or that it is illegal | | It's not illegal, but it is against the airline's T&Cs ... | which you have to agree to when you purchase a ticket. | liendolucas wrote: | > Software-locked features that need to be activated by the owner | paying or subscribing to a service are becoming increasingly | popular in the auto industry. | | Sorry, WHAT? People should absolutely boycott companies that try | to squeeze bucks in this miserable way. | pkaye wrote: | BMW has plans for locking features behind subscriptions like | seat heaters, heated steering wheels, recording from your car's | camera, etc. | | https://www.theverge.com/2022/7/12/23204950/bmw-subscription... | hot_gril wrote: | My friend bought a new BMW, and the seat heater subscription | is already a thing on it. | lambersley wrote: | This isn't new. Automakers following software companies' | subscription model | | https://www.foxnews.com/tech/automakers-bmw-gm-mercedes-char... | oatmeal1 wrote: | People overreact to this. If this didn't exist, they would just | manufacture cars the old way where multiple version of the same | car are produced at high and low prices. I have seen no | evidence provided this actually increases the total price of a | high feature car. This might actually lower the average price | paid because of the economies of scale achieved by making fewer | different versions of the same car. Resale value can increase | as well, since the person buying your car can get the features | they want, even if you didn't originally purchase those | features. | circuit10 wrote: | In an ideal world we could just give everyone those features | if they didn't cost any extra to add instead of creating an | artificial pricing structure to get more money out of people. | Maybe it can't work that way but making people's lives worse | just to punish them for paying less in order to incentivise | them to pay more, rather than as compensation to the company | for doing more work, seems wrong | liendolucas wrote: | I'm not overreacting to this. I'm absolutely tired to learn | that subscriptions are being pushed everywhere. Having to pay | for something that is already in a vehicle is insulting to | me. Car manufacturers should sell cars, not subscriptions of | ANY kind. What's going to be tomorrow? Will I have to | subscribe to a service to actually let my speakers emit sound | despite that I have payed for them? Ridiculous today, a | business tomorrow. | ryathal wrote: | You better be ok with building your own car then, because every | major player is adding subscriptions for various features. | Remote start and remote lock/unlock are the most common, along | with satellite radio. | liendolucas wrote: | The way I see it is that you're supposed to own the car and | every feature you paid for it. | stjo wrote: | I could give companies a pass for features that require | continuous maintenance from them, like remote unlock | (properly secured servers). But there was a car company | that tried to sell you your own seat warmers, which | definitely crosses my barrier. | ulamel wrote: | big tech is trying to erase this concept from the consumer | mind. Assuming someone tried to do everything legally (not | pirating) when was the last time anyone "owned" anything. | Music, Movies, TV shows, Software, you don't own any of it | you are simply paying for server space. | liendolucas wrote: | You couldn't have stated that more clearly. Is a | disgrace. We're basically headed to rent features of all | kinds. It's terrible. | forgetfreeman wrote: | I am very ok with building my own car if it comes to that. | It's the cretins willing to actually go along with bullshit | like this that are the problem. | eganist wrote: | if everyone is doing it, it's time for the law to step in. | hot_gril wrote: | Or having an older car. Personally this concept doesn't | bother me; I'd just not pay for the features. Many old cars | have features locked behind buying the physical button to | activate them. Hackers find their ways around that, and now | it's becoming harder to hack. Fine, whatever. But I just | don't trust the crappy software they increasingly put into | new cars, so I'm riding out my old one for now. | kramerger wrote: | Wait a minute... heated seats are software locked on Teslas? | | WTF guys? | yardie wrote: | As are the footwell lights, fog lights, and premium audio. | | Heated front/rear seats have been standard equipment since 2020 | I believe. | jh00ker wrote: | Premium audio isn't a software-disabled feature. You can buy | a wiring harness on Amazon to enable the disabled, yet | installed, speakers: https://amzn.to/3rVBrel | ggreer wrote: | That's not true. The fog lights and premium audio both | require hardware retrofits. | yardie wrote: | From what I understand the foglight is there but disabled | from computer. The aftermarket lights bypass this lock | completely by tapping into the main light cluster harness. | ggreer wrote: | Before November of 2021, the cheapest Model 3 had heated front | seats, and the rear heated seats could be unlocked for $300 | (later reduced to $200).[1] | | In November of 2021, they made heated seats standard. I think | the only software unlocks available for current vehicles are | acceleration boost, enhanced autopilot, and FSD. | | 1. https://www.tesla.com/support/upgrades#tesla- | accordion-123-w... | DistractionRect wrote: | I kinda get it. Rather than maintaining a supply of multiple | parts which complicates your supply chain and install/repair | procedures, Tesla is making cars nearly 100% identical | physically and differentiating in software. | LesZedCB wrote: | so make them all cost the same then.....? | yreg wrote: | No. I don't need the rear heated seats. | [deleted] | Night_Thastus wrote: | The supply and install problem clearly isn't that hard, auto | makers have been doing it for many decades at this point. | | Plus, it seems backwards from a business standpoint. You | _always_ have the cost of installing the hardware, but now | you only get a % of users who agree to pay for the additional | cost? The only way to "fix" that is to artificially raise | the price of the product so effectively everyone is paying, | which means now you're double-dipping from the people who | _do_ want it. | | It's just crap. If I buy a physical device (not renting) then | I own it and should be able to use its full capabilities. The | only thing that should cost more is anything that has ongoing | cost to the manufacturer if I use it. | kelnos wrote: | From the perspective of the manufacturer, having fewer | model variations and factory/assembly configurations may | end up saving more money overall. | | They may also believe that there is a large-enough group of | people who would decide not to get heated seats installed | at purchase time, but would later regret that and wish they | had it. The manufacturer might make more on "install | hardware unconditionally and charge a fee for zero work | later" than "install hardware later on demand". | | The true cost of things to the manufacturer often depends | on more than just the cost of that item and the direct | labor cost to install it. | | But I absolutely agree that we should applaud people who | get around these sorts of software lockouts. If the company | is going to give you a piece of hardware, it should be fair | game for you to figure out how to get the most use out of | it. | gruez wrote: | >The only way to "fix" that is to artificially raise the | price of the product so effectively everyone is paying | | You know what's better than "artificially raising the price | of the product" so you can pay for the heated car seats or | whatever? Raising the price of the product, and not | installing the car seat in the first place and keeping the | extra money for yourself. The idea that carmakers can pass | the cost of software locked (ie. non-functional) parts to | consumers makes zero sense. | bhauer wrote: | > _The supply and install problem clearly isn 't that hard, | auto makers have been doing it for many decades at this | point._ | | Are you referring to the legacy auto manufacturers that | still can't make EVs profitably in 2023? Perhaps Ford with | its negative 58.9% EBIT margin on their EV division [1]? | | Of course you can "solve" a more complex supply-chain and | multiple vehicle configurations. It just costs more money. | And therefore reduces your profit margin. If you do too | much problem-solving of this type, your margin might end up | negative. Not every EV manufacturer can subsidize their EV | business with a high-margin ICE business. | | [1] https://media.ford.com/content/fordmedia/fna/us/en/news | /2023... | Night_Thastus wrote: | Installing heated seats or these common add-on features | has nothing to do with EVs vs ICEs. It's not specific to | either, or harder/easier for either. | Workaccount2 wrote: | And getting the suckers who pay up to cover the cost for all | vehicles having it. | gruez wrote: | Isn't that fully borne by the manufacturer? Suppose you're | the manufacturer of a car that costs $30k to make and sells | for $50k. You're posed with the question of whether to add | a non-functional part that costs $5k. If you add the part | and don't raise the price, then you're eating a $5k loss. | If you add the part and raise the price by $5k, you don't | eat the loss, but it also means you could have charged $55k | for the car. No rational consumer is going to be like "I | would have paid $50k for this car, but now that it contains | $5k of non-functional component, I'm willing to pay $5k | more for it now!". | Bissness wrote: | Ah yes, "full" self driving | oittaa wrote: | It's getting pretty good. | https://www.youtube.com/watch?v=75A9g4HsQiU | redundantly wrote: | The video being sped up makes it feel dishonest. Would have | been nice to have a regular recording. | [deleted] | spikels wrote: | Omar post raw versions of all his FSD videos. There's a | link in the YouTube description. Here's the one for this | drive: | | https://www.youtube.com/watch?v=oFYspCLoLTY | | Frankly the sped up versions are more useful for | understanding the technology because most driving is | boring, even for a self-driving system. But it is good to | be able to go to the raw version if needed. | internetter wrote: | This video seemed to have pretty good performance actually, | but I've seen articles where the car just gets stuck, makes | unsafe maneuvers or just violates laws and this guy (whole | mars catalogue) defends it. Watching prior videos shows it | fail to yield to stop lights, stop in the middle of | intersections or just total incompetence about highway | etiquette (such as the highly watched SF -> LA video (in this | video the whole highway is dubious, also violations at 1:18, | 1:24, 1:30, maybe 17:24, probably others I missed... 3 in the | span of 15 seconds)). I'm not at the point where I trust this | thing. | jchw wrote: | > Software-locked features that need to be activated by the owner | paying or subscribing to a service are becoming increasingly | popular in the auto industry. | | Popular is the wrong word. Common, maybe. But popular? | dathos wrote: | From the point of view of the auto industry I would say popular | is the right word. | jchw wrote: | Call me pedantic but I think using the word popular without | qualifying it any further really begs for you to interpret it | more generally, even in this context. Prevalent or common are | better terms here in my opinion, since they regard the status | quo rather than opinions. | retrocryptid wrote: | [flagged] | tamimio wrote: | Who cares about upvotes/downvotes.. and I agree, Tesla is just | meme hype, and for that reason I will never buy "smart" car | that spies on me and my family, while these videos are shared | as a joke among Tesla employees. | retrocryptid wrote: | But it also has the great benefit that the data it collects | doesn't belong to you. It belongs to tesla. | froggertoaster wrote: | Care to elaborate? | retrocryptid wrote: | Let's say you have a Tesla, but you didn't buy the "full" | self driving package. You sell your Tesla to a third-party. | Tesla (of course) resets the system to disable "full" self | driving, but you have the tool to activate it so you turn it | on for the new owner. Presumably you received money in | exchange for the vehicle, as is traditional in our culture. | You take some of that money and buy a 1958 Dodge D100 pickup | truck and the Hayes Manual so you know where the spark plugs | go. You use the remainder of the money to purchase a mix of | mutual funds, Ford Motors stock, artwork by mediocre, yet | somehow popular modern artists and maybe a crate of 2018 red | wine. | | In 10 years you still have the D100, though you have spent | more money on spark plugs and air filters than you would have | imagined possible. The Hayes manual is covered with grease | stains so it is no longer re-sellable. The Ford Motors stock | has (of course) tanked, but it allows you to justifiably rant | on internet message boards. The artwork has appreciated and | you recently sold it to a European collector for a profit. | The red wine would have appreciated in value, but by this | time you've drunk all of it. | fredoliveira wrote: | Care to elaborate without this much analogy? I suspect | you're trying to say the value of a Tesla ain't going to be | there in 10 years, but I'm not quite sure that's true. | retrocryptid wrote: | Step 1. Unlock the "full" self driving feature you did | not purchase. | | Step 2. Sell your tesla. | | Step 3. Unlock the "full" self driving feature for the | new owner. | | Step 4. Take the money the new owner gave you and use it | to purchase another vehicle. | | Step 5. Profit | | In this sequence of events, the value of the tesla in 10 | years is of no consequence to you because you do not own | it. | dang wrote: | " _Eschew flamebait. Avoid generic tangents._ " | | https://news.ycombinator.com/newsguidelines.html | retrocryptid wrote: | Sure. If you don't believe that the resale value of Teslas | are a point of legitimate conversation, this is nothing but | flame-bait. But I think there are some here who believe that | the fundaments of capitalism are legitimate subjects of | conversation. But I get it, I touched on Tesla / Elon. We're | not supposed to profane the holy Elon with our lowly speech | or deny the sacrament of the Tesla Motor Car. | dang wrote: | We don't care about any of that; we just care about HN | discussions being fresh and interesting vs. tedious and | boring. Generic flamewar tangents are the latter, | especially when they're re-repeated as often as this one | has, so please don't take threads in those directions. | | If you have a substantive point to make about resale value, | or something like that, that's totally fine, as long as you | do it in a way that isn't flamefodder/snark/name-calling. | | https://news.ycombinator.com/newsguidelines.html | eimrine wrote: | Can electric car be not a computer-powered car? | okanat wrote: | You cannot get rid of the entire computerization because of the | battery management. Also having some smarts for different | terrain conditions generally enable some efficiencies. The hard | truth is energy in Lithium ions will never be as energy dense | as breaking a hydrocarbon bond. So electrification will always | need some computers unlike the efficiencies we can gain from | changing the mechanical design of the engine (which can also | and did improve with computers). | | However as many industries the car companies try to keep the | infinite growth premise alive by entirely computerizing all | parts and close off any innovation with patents. Just like ICs, | in the future nobody will own their car and those who want that | will need hundreds of billions to burn to create companies that | has no chance of competition. | vessenes wrote: | Pretty sophisticated attack vector: low voltage attack on AMD | secure execution environment during boot. I wonder how many tries | you need to get whatever bits you need in the right place. Also, | I imagine you only need to cut 12V wires to do this, but I admire | the willingness to get in there direct on these systems. I'd be a | little nervous to make those cuts personally. | | Buried in the article is the claim that this will let them pull | the RSA private key the car owns out for other uses -- while this | is likely to remain a very niche attack vector, that's got to be | really bad news for someone in vehicle security at Tesla. On the | other hand, post jailbreak you could anonymize your location on | Tesla's servers, which would be nice. | brewtide wrote: | Semi related question I suppose. Do the Teslas simply use GPS | for their location information? If so, couldn't one spoof the | GPS using a hackRF or similar? | comboy wrote: | I have no idea about Tesla specifically but normally you'd | also you cell and wifi information (in their case probably | also information from other teslas around) and additionally | you have accelerometer and the whole "self-driving" computer | to estimate where the car is and where it's going. It's also | a known attack vector and likely covered because GPS signal | is really weak so it's easy for somebody outside the car to | try to make a mess. | ballenf wrote: | Targeted by the FCC seems worse than violating a Tesla | clickwrap agreement. | myself248 wrote: | Only an idiot would let their GPS spoofer onto the air. You | unplug the antenna cables from the receiver and pipe the | spoof signal in there. | FirmwareBurner wrote: | _> that's got to be really bad news for someone in vehicle | security at Tesla._ | | It says in the article: " _Generally, these exploits are shared | with Tesla, and it helps the automaker secure its systems. "_ | | So it's only a matter of time till Tesla patches it. | capableweb wrote: | More relevant quotes from the article: | | > The group of hackers claims that their "Tesla Jailbreak" is | "unpatchable" and allows to run "arbitrary software on the | infotainment." | | And the full quote of what you put: | | > Electrek's Take | | > Generally, these exploits are shared with Tesla, and it | helps the automaker secure its systems. | | > In this case, the hackers said that despite the exploit, | they believe Tesla's security is better than other | automakers. | | Doesn't seem like the security researchers actually shared | the exploit with Tesla, at least as far as I understand. | kelnos wrote: | The information in this article alone is likely enough for | some Tesla engineers to sit down and figure out the exploit | themselves. | | And if this research group wants to enable regular people | to "jailbreak" their cars, they have to publish their full | methodology anyway. | vorticalbox wrote: | That's likely because it's a hardware issue, nothing really | for tesla to do. | bumby wrote: | Apologize for my ignorance, but isn't it up to Tesla to | define what hardware they want to integrate? Or is there | no design alternative? | Knee_Pain wrote: | But how much time until the hardware is changed? And all | the current models? | avrionov wrote: | What they meant is that it is not possible to fix it | without replacing the hardware. | bumby wrote: | I see. But replacing the hardware would still be very | much in the purview of "Tesla's problem" if you think | they are a car manufacturer. | pitched wrote: | Changing hardware would mean a recall and this doesn't | seem to warrant it. | denysvitali wrote: | Although this seems unpatchable without an HW upgrade | samstave wrote: | On the black-hat-flip-side ; This is exactly what a Black Hat | would want to say - preventing from Tesla stating that they | "aint got shit" from the hackers... | | So hackers can claim they called tesla, and tesla can ignore | it and we no wiser | klysm wrote: | I don't understand how you can defend against low voltage | attacks like this. | weebull wrote: | Make sure all security critical state is initialised to known | values at reset, then have very tight tolerances on your | power watchdog to initiate reset. | | However, that doesn't make for a stable system when powered | from batteries. | jsheard wrote: | The Xbox 360 was broken by voltage glitching, and Microsoft | successfully prevented it from happening again with the Xbox | One: https://www.youtube.com/watch?v=U7VwtOrwceo | | In short, there's now a hardware watchdog which reboots the | system if anything weird happens to the | clocks/temps/voltages, and they carefully structured their | boot ROM (the only code they can't patch later) to ensure | that even if you somehow manage to sneak one glitch past the | watchdog, no single branch condition being inverted will lead | to a compromised state. | ddalex wrote: | > you could anonymize your location on Tesla's servers | | I already anonymise my location on Tesla's servers by simply | not owning a Tesla | 93po wrote: | Cool | coolspot wrote: | Your car is filmed and recognized by other teslas. | closewith wrote: | That can't be legal? Not in the EU, anyway. | bonestamp2 wrote: | Which part? Lots of German cars use cameras to recognize | cars for various safety and convenience features. | ballenf wrote: | Are you saying dash cams are illegal broadly there? | closewith wrote: | Dash cams are much more tightly regulated in the EU than | elsewhere (you become a Data Processor and have all the | responsibilities that comes with that). | | Private ANPR in public spaces is unlawful in I think | every EU state? | Ylpertnodi wrote: | Fucking hell, here we go again: "Dash cams are much more | tightly regulated in _some parts of_ the EU than | elsewhere. " | | It depends on the eu country of which there are | several...including an ex-eu country. | | How it comes accross: One of the things i hate about | America is that in new york all the californian building | restrictions and zoning are killing free speech. | closewith wrote: | With respect, the GDPR is a Regulation and this applies | uniformly across the bloc. Enforcement varies, obviously. | | TBH your comment comes off as very condescending and ill- | informed. | mahathu wrote: | Preach it brother | liber8 wrote: | Coming from an American perspective (where, when you are | in public, you have basically no expectation of privacy), | this seems insane. | | Does this mean that if I'm filming a vlog at Brandenburg | Gate (which inevitably includes video of other people in | the background enjoying the area), I'm in violation of | privacy laws? | | Does that mean if I take a video selfie of me and my | family members (which, again, includes images of others | in the background, and which is automatically uploaded to | icloud) I'm a data processor and am in violation of | privacy laws? | | I assume there is some line here, but I can't think of | the logic separating a person's dashcam from my examples? | monksy wrote: | There are differences between private photographs and | commerical products. | | Vlog/youtube would be considered to be potentially | commerical .. so you would probably be responsible fore | GDPR and likeness recording. (The onious is on you to | blur) | | Video selfie/photograph personal/non shared use - you're | free do this | | https://allaboutberlin.com/guides/photography-laws- | germany | | I am not a lawyer, nor is this legal advice. | closewith wrote: | As other have pointed out, the rules on photography vary | from country to country within the bloc. However, the | rules governing data protection and the processing of | personal data (including photos) come from the GDPR, and | very basically say that any processing of personal data | requires a valid legal basis. | | There is an exception for personal use - the household | exemption - but as soon as you cross the line into | commercial operations or certain activities such as | publishing, creating databases, etc, you lose the benefit | of that exception. | | That doesn't mean you can't continue, just that you now | need a legal basis and need to follow the rules (inform | data subjects, allow the right to be forgotten, etc). | | So in general, dashcams are fine (unless a local law | prohibits them) as you have a legitimate interest in | recording your driving in case of an accident. Creating a | facial recognition or ANPR database with the same footage | would be unlawful, however. | ukd1 wrote: | Why is A[LN]PR unlawful for private citizens to perform | on their own footage? (e.g. using | https://www.openalpr.com) | closewith wrote: | It's unlawful as it means you lose the household | exemption, and so need a legal basis for the processing. | You also need to inform others of the data collection in | advance, the purpose for which the data is collected, and | the contact details of the data controller. | | Private ANPR-equipped vehicles are rare (and outright | illegal in some EU states), but when you see them they'll | have large decals with the above information on all | sides. | | Facial recognition is considered biometric data, which is | special category data under the GDPR and forbidden to | process except in very strict circumstances. Apart from | law enforcement/government, it is more or less impossible | to lawfully process biometric data with informed consent | from the data subject. The household exemption does not | apply. | avar wrote: | The European perspective is broadly to have the "freedom | _from_ ", whereas the American one is the "freedom _to_ | ". | | You've got the freedom _to_ aquire an arsenal, I don 't, | but I prefer the freedom _from_ other people gunning down | my kids, which by extension limits the narrow personal | freedoms of myself and others. | | Likewise, the American perspective is to draw a hard line | on "in public", the European one is more nuanced. | | Yes, you can film your vlog without fear, but a random | pedestrian in Berlin also has the freedom from being | associated with your public vlog. | | Therefore you have a responsibility to either get their | permission to broadcast it, or to anonymize them. | | A useful way to think about it is to shift your view from | "can I do X?" to "will I bother anyone else by doing X?". | codedokode wrote: | > Does this mean that if I'm filming a vlog at | Brandenburg Gate (which inevitably includes video of | other people in the background enjoying the area), | | I don't know about the law in Germany but I think it is | very impolite in any country. You should ask people's | permission before putting them online. On Japanese TV | they blur out faces of people passing by for example when | filming an interview in the street. | klausa wrote: | Broadly speaking the line is: someone in the background, | appearing briefly: fine. | | Taking photos of specific people in public without their | consent: not fine. | littlestymaar wrote: | > Does this mean that if I'm filing a vlog at Brandenburg | Gate (which inevitably includes video of other people in | the background enjoying the area), I'm in violation of | privacy laws? | | No (at least not in France, which also has pretty | stringent privacy policy so I think it's still a relevant | answer) you can film people or cars in public streets but | you cannot do any kind of data processing on the things | you film (you can't keep a database with the license | plates you have on your personal videos for instance). | | In short the line is: pictures and films by themselves | are OK [1], but doing anything with the personal info you | get from those video is forbidden. | | [1]: (under conditions, you must not cause harm in the | process: for instance no "happy slapping" videos) | anamexis wrote: | In Germany, dash cams specifically are a bit of a gray | area, but for example CCTV of any public areas is | generally illegal. | | https://europe.autonews.com/automakers/tesla-warns-its- | camer... | someplaceguy wrote: | I think EU countries are supposed to be using the same | legal privacy framework, although the exact way the laws | are phrased and interpreted might differ from country to | country. | | I believe in Spain, generally speaking, it is legal to | record your interactions with someone when you are in | public. | | But I think many people are not aware that this is legal, | including some police officers, because privacy laws are | perceived to be quite strict. | | Similarly, I think dashcams are actually legal, even | though most police probably think they are not. | | I think these recordings can even be used in court cases, | and in fact in many cases it's probably the reason why | they are legal, otherwise it would be hard to see a | legitimate purpose that would override the privacy | drawbacks. | | However, there are restrictions. Indiscriminate recording | (i.e. CCTV) of public areas is illegal, as in Germany. | This is also true for the entrances of personal homes: | you are only allowed to have CCTV outside if it's | pointing directly at your door, not the street in general | (and you must post a sign). | | An obvious restriction is that I think you are not | allowed to publish a recording without either anonymizing | the people in them or getting their permission. | | An interesting restriction that comes to mind is that a | few years ago, there was a court case of a man who was | caught filming children on a school playground while | positioned outside the school, which at the time it was | presumed to be for sexual purposes, I think because of | the way he was doing the recording (big lenses, I think?) | and because he didn't have a legitimate motive for doing | that (like being the parent of one of the children, or | filming a documentary, etc). | | He was sentenced and received a large fine, but I think | the legal reasoning was that children on a school | playground are expected to have a legal right to privacy, | even though it's a public school. So the judge considered | it the legal equivalent of filming someone in their | private home from outside. | | I'm very happy for cases like these where common sense | prevails over legal / ideological dogma (even though I'm | also aware of the dangers it can pose when laws aren't | interpreted to the letter). | someplaceguy wrote: | > you are only allowed to have CCTV outside if it's | pointing directly at your door, not the street in general | (and you must post a sign). | | I forgot to mention that I highly disagree with this | restriction. | | It's really, really bad for home and personal security: | pointing the CCTV at your door does absolutely nothing | when a robber / kidnapper enters your house while wearing | a ski mask. | | However, pointing the camera outside could much more | easily catch them in the days previous to the crime while | they were staking the house (obviously it's not very | feasible to stake a house wearing a ski mask). | | Or at least, it would deter them much more heavily and | possibly prevent a not-insignificant proportion of | kidnapping cases, since most of them seem to occur in | people's own homes, which seems to be the easiest choice. | | I am similarly an extremely big critic of self-defense | laws in European countries, which basically leave you | completely defenseless in your own home even if you or | your family are being kidnapped, due to the huge | asymmetric advantage that an attacker has over you. | | Or at the very least, you risk going to jail for many | years if anything goes wrong. | chemmail wrote: | Not to worry, chinese made cams broadcast everything for | everyone on the internet to see. Nothing closed circuit | about that! | bigbillheck wrote: | I don't think they're all that concerned about the law. | [deleted] | painted-now wrote: | That's why I only hang out in the metaverse and don't leave | my home anymore. Umm, ... | brador wrote: | >Your car is filmed and recognized by other teslas. - | coolspot | | Is this true? | xavdid wrote: | - filmed: definitely - recorded: not sure (probably | not long term) - recognized: unlikely | mtlmtlmtlmtl wrote: | Recorded, definitely based on the fact that Tesla | employees were sharing various "funny" clips from these | cams among themselves. | | https://www.reuters.com/technology/tesla-workers-shared- | sens... | WeylandYutani wrote: | I thought the Chinese were being paranoid about Tesla but | really anything from the US can be used to spy on your | military bases. | nonrandomstring wrote: | Teslas, Roombas and Rings... | | https://cybershow.uk/episodes.php?id=12 | bonestamp2 wrote: | Tesla owners can use the cameras as "dashcams" and save | the recordings. Here's an example from r/dashcam: https:/ | /www.reddit.com/r/Dashcam/comments/15ezdjd/tesla_dash... | thefounder wrote: | Just like on social media/chat apps | jcuenod wrote: | That's why I also rotate license plates and repaint my car | twice a year. | culi wrote: | you're joking, but there's a whole genre of "adversarial | fashion"[0][1] dedicated to making clothing that spams | these sort of public data recognition services. Hoodies | with license plates, face masks with weird facial | features, etc. Often optimized against actual neural | networks too | | [0] https://adversarialfashion.com/ | | [1] https://www.capable.design/ | syx wrote: | That's really cool, I wonder effective these designs | really are! This reminds me of a font that came out 10 | years ago ZXX [1] that was presumably designed to hide | from OCRs. | | [1] https://www.businessinsider.com/zxx-fonts-that- | google-cant-r... | JohnBooty wrote: | This is awesome, and thanks for posting this. I had no | idea. | pests wrote: | Gait detection renders any of this obsolute sadly. | berniedurfee wrote: | Something something silly walks | [deleted] | zapdrive wrote: | I also change my facial hair style 4 times a year. Will | start getting plastic surgery twice a year starting next | year. | 867-5309 wrote: | sounds like a slippery slope to voluntary hip surgery for | gait correction | cool_dude85 wrote: | I always wondered if this could be beat by putting a | pebble in your shoe or something. | fleshdaddy wrote: | It's been a long time since I read it but I think that's | exactly how it was beat in Cory Doctorow's novel Little | Brother. | silisili wrote: | Not sure if it's changed now, but just wearing flip flops | used to defeat gait recognition... | mcbuilder wrote: | I just inked an adversarial CV tattoo onto my face, | worked great until that image leaked into the training | data. | zapdrive wrote: | Should have tattooed a QR code that auto downloads a | malware that bricks A100s. | wongarsu wrote: | Against face recognition you could use CV dazzle makeup | [1] to look less like a face. However I wouldn't | recommend using that approach for your vehicle | | 1 https://dangerousminds.net/comments/foil_facebooks_faci | al_re... | fho wrote: | I think that's actually quite common on new car models. | The dazzle paint job makes it harder for the press to see | the shape. | | E.g.: https://www.bmw.com/en/automotive-life/prototype- | cars.html | zapdrive wrote: | I don't want my car "harder to see" going at 100 miles | down the highway. | myself248 wrote: | Oh no, it's super easy to see, just harder to tell if | it's a coupe or a sedan or whatever. New lines in the | body panels get drowned out by the pattern, etc. | ukd1 wrote: | I always wondered if this still worked with a IR/UV | camera too...? | rascul wrote: | I vaguely recall reading (probably in the book All | Corvettes Are Red) that the C5 Corvette was driven around | with Camaro body panels to fool the media. | vondur wrote: | I wonder how the face painting antics of Death Metal | bands would hold up to face recognition software? | Accacin wrote: | Sorry for being pedantic, but it's usually Black Metal | bands that wear the face paint that you're thinking of :) | jancsika wrote: | That's why I wear an rpi connected to four lcd's on my | face that display randomly chosen beard tiles. | | It's also why I started Our Lady of the Anonymity Pool | where we gather for music and fellowship, and to recharge | and distribute beard screens to our congregants and | visitors. | alinaval wrote: | Phillip K Dick imagined a "scramble suit" that did just | that in a Scanner Darkly, continuously randomizing the | users facial features. | knodi123 wrote: | That's why my license plate is shaped like 3 different | light bulbs, and is hidden in a grid of light bulb shaped | objects. | zoky wrote: | Oh hey, I just did your license plate as a CAPTCHA! | [deleted] | EMCymatics wrote: | Yeah, how much do you trust Musk and company? | gumby wrote: | This is a plausible attack vector, parallel to the profiles | Facebook, Linkedin et al maintain for people who don't have | accounts. | [deleted] | ModernMech wrote: | I drive a firetruck, so I'm invisible to Teslas. | cozzyd wrote: | fortunately I only own a bike...though maybe this makes me | ineligible for some Illinois class action lawsuit... | steelframe wrote: | That's why I cycle everywhere. With my phone switched off | and stowed in a Faraday bag. | moffkalast wrote: | Ah, but where's the challenge in that? | bastardoperator wrote: | Definitely sophisticated, but something console hackers have | been doing for quite some time now including the boot flow. I'm | wondering if a Tesla vehicle/computer is more sophisticated | than say a PS5? | suction wrote: | [dead] | bushbaba wrote: | Isn't this a huge risk to AMD's confidential compute offering. | It's a major security flaw. | kccqzy wrote: | I have reviewed the threat model carefully before. AMD never | claims that their confidential compute offering is immune to | attacks involving physical access. I assume what you mean by | confidential compute is technology like AMD SEV SNP? Those | are very different in that they allow you to run a trusted | virtual machine on an untrusted hypervisor. This attack is | completely different; it's akin to breaking Secure Boot on a | PC. | judge2020 wrote: | Anonymizing your location - until you put in route and your car | asks for traffic information from teslas servers. | d4l3k wrote: | If the map can't talk to Tesla it'll use Google maps | directly. I usually don't allow connections to Tesla on my | rooted Model 3 | zoover2020 wrote: | Hoe did you root yours? Did you lose out on any | functionality? | d4l3k wrote: | There's some functionality loss but it's mostly been | mitigated. I have a custom app I wrote since I can't use | the stock app. | | The one feature I miss is that there's no voice commands | since that requires Tesla's servers but at the same time | I also haven't been bothered enough to plug in a custom | backend | lrem wrote: | _wait_ | | So the company that goes "we don't need physical buttons | since we have voice commands" also goes "you don't need | those in underground parkings"?! | majikandy wrote: | It's ok, the voice commands are barely understood anyway. | At least in the UK they aren't. Gets it drastically wrong | and messes up your navigation destination, because you | asked it to open the glovebox "navigating to Columbia" | adamgamble wrote: | I also would like to subscribe to your newsletter. | d4l3k wrote: | I've got a blog if you're interested haha | https://fn.lc/post/ | | I've been hacking on my car and creating my own self | driving models | | Code is at https://github.com/d4l3k/torchdrive | seanthemon wrote: | Very cool, am going to eat this up. FYI some of your | images won't load for me, shoots me a 502 here | https://fn.lc/post/diy-self-driving/ | d4l3k wrote: | Not sure why they aren't loading, seem to be fine now | | They're also at | https://github.com/d4l3k/fn.lc/tree/master/static%2Fdiy- | self... | acer589 wrote: | Is that legal? | malwrar wrote: | How does this work with their charging network? Are you | still able to use their chargers, or are you stuck with | home charging & third parties? | wholinator2 wrote: | Oh no, don't give them ideas. It'll become the HP instant | ink of car charging | d4l3k wrote: | Supercharger auth is between the car and the charger and | doesn't require an internet connection. I get billed the | normal way via my Tesla account since the VIN is | registered | striking wrote: | > I wonder how many tries you need to get whatever bits you | need in the right place. | | For the Xbox 360, the "Reset Glitch Hack" (which worked | similarly) would just try over and over again until it got it | right. A computer is happy to try tens or hundreds of times on | your behalf. | jsheard wrote: | However the next Xbox added active countermeasures against | glitching attacks which force a reboot if the clocks, | temperatures or voltages go outside of reasonable bounds, and | that's never been defeated. Glitching attacks can be very | powerful, but they have a limited shelf life if the hardware | manufacturer cares to prevent them. | | https://www.youtube.com/watch?v=U7VwtOrwceo | striking wrote: | Definitely. Not arguing that this can't be fixed, but | rather outlining how a similar successful attack was made | more reproducible. | closewith wrote: | Can you not turn off vehicle tracking? | speedgoose wrote: | Since a few weeks you get a classic consent screen for | various categories of tracking. At least in Norway. You can | turn everything off but I think some data is still sent to | your phone through the Tesla servers. And I assume it's not | end 2 end encrypted. | mgiampapa wrote: | Just like we used to have cable box guys willing to sell you an | unlocked box for premium channels, we are eventually going to | have feature unlock guys that you go do and for a small fee | perform some slightly more technical hack to enable features | that are already there. | technothrasher wrote: | This market already exists for things like enabling | Navigation on VW/Audi cars. People were offering to enable | the hidden Android Auto support on my Porsche Macan for $600, | which I almost went for until I found the scripts and | instructions to do it myself. | mgiampapa wrote: | I did the same on a Mazda CX5 a few years back, but it was | a software only hack to get root first. I suspect the | actual physical hardware modification line is the one that | most users are going to be unwilling to cross unless they | are in the "Download a Car" crowd. | littlestymaar wrote: | > I suspect the actual physical hardware modification | line is the one that most users are going to be unwilling | to cross unless they are in the "Download a Car" crowd. | | Idk, hardware modification of the first _Playstation_ | that allowed to play ripped games became mainstream very | quickly in my country (France) and you could even go to | some shops that sold Playstations to get it done. It only | stopped when it was made openly illegal. | | "I paid for this shit, I do what I want with it" is a | very powerful sentiment (and a legitimate one actually: | corporation adding "Digital Right Management" system to | deprive people from their property right is dystopian as | hell). | acer589 wrote: | Okay, but in that PlayStation example you DIDN'T pay for | the games, but still decided to 'do what you want'. How | is that legitimate but attempting to prevent it not? | harshalizee wrote: | Doesn't the Mazda CX-5s all ship with Android Auto and | Apple Carplay by default? | BonoboIO wrote: | $600 is not cheap. What model year do you have? Does | Porsche not provide an update or possibility to upgrade. | fragmede wrote: | If you're in the market for a recent Porsche, which go | for let's say ~$100k, $600 _is_ cheap to you. Cheaper | than the time you 'd spend on doing it yourself really, | but doing it yourself is half the fun. | mrguyorama wrote: | If $600 is something you have to think about, you should | never own a Porsche. | | If you can't afford to maintain an expensive car, you | can't afford to purchase an expensive car. | robterrell wrote: | This is how I got CarPlay on the used BMW I bought. Gave | some guy in Thailand my VIN and $60, he sent me firmware to | install, and now I drive around with working CarPlay and | the vague notion that I've maybe been p0wned in ways I | don't fully understand. | nobleach wrote: | Wait, CarPlay is a "premium" feature on a BMW? | greenthrow wrote: | On older models. Current models come with it. | knodi123 wrote: | When your car idles, it's contributing to his | Folding@Home account rank | TedDoesntTalk wrote: | More likely it's mining crypto. | jjkaczor wrote: | Heh... or mining coins... or these days, factoring | LLM's... | tmpX7dMeXU wrote: | Simpler times. | jxf wrote: | Hidden as in it's not available normally, or hidden as in | it's a paid feature? | avree wrote: | It was built, and then disabled, as Porsche wasn't | comfortable with Google's policies around data collection | from Android Auto. You can pretty easily figure out how | to turn it back on. | bri3d wrote: | This has already been the case on European navigation systems | (Audi and VW MMI/MIB) for many years now. | | VW Audi Group developed an entire infrastructure called SWaP | (Software as a Product) and FEC (Feature Enable Codes) many | years ago, and ever since, there has been a cottage industry | in bypassing the system to enable features like CarPlay, | Navigation, and Performance Monitor which are usually locked | by software trim levels. | no_wizard wrote: | The only hack on cable style TV I remember is you could buy | modified satellite authentication cards for DirectTV for a | time - usually on eBay or similar sites - and they worked. No | idea how long, I had an uncle that had one though, got all | the premium channels etc. | | I doubt any of this works anymore though | nobleach wrote: | I worked for a cable company in the mid-90s. The amount of | boxes that disappeared (and couldn't be located) was | insane. The folks that procured them also used a "bullet | blocker" (basically a resistor) to avoid the box being | disabled. | | In the satellite realm, DishNetwork was always the easier | service to hack. The FTA scene was completely overrun with | folks buying 3rd party tuners. Once Dish switched to an | encrypted signal, a few vendors (nFusion if I recall) even | could rotate keys in a matter of hours to decrypt Dish's | new encryption schemes. I doubt any of that works these | days simply because there's no reason to push too hard for | content that is likely available via easier means. | bonestamp2 wrote: | I remember being out for a beer run with a friend during | these days. On the way there he pulls into a parking lot | and stops in front of a nail salon. He said, "Come on" and | I followed him into the nail salon. There were about 10 | women in there, not a guy in sight... he goes up to the | desk and pushes a button that looks like a doorbell. | | One of the ladies doing the nails says, "He no work here no | more, check dry cleaner across the street." We get back in | the car and I'm like, "What was that all about?". "My | DirecTV card got disabled and that's where I get it | reprogrammed". | | We go across the street to the Dry Cleaners. There are | three ladies in the lobby watching TV, and a guy behind the | counter. He asks the man, "Is Ken here?" The man says, | "I'll check" as he walks into the back. Now, the man was | coming from the back when we came in, so I assume he | already knows if Ken is there or not, but Ken probably only | comes out if he recognizes my friend. | | Sure enough, Ken comes right out all smiles and they have a | quick chat. My friend hands over his card and Ken says, "we | had to get new equipment, it's now $100, ATM next door". | | Ken disappears for about 10 minutes and comes back. My | friend gives him cash and away we went. About 4 months | later, he had to get it reprogrammed again. | tmpX7dMeXU wrote: | That guy's name? Jimmy McGill. | fragmede wrote: | If you want a rabbit hole, start with Christopher Tarnovsky | at Defcon https://www.wired.com/2008/05/tarnovsky/ | darkclouds wrote: | The dragon cam. | | https://www.kustompcs.co.uk/components/interface- | cards/tv-tu... | mrguyorama wrote: | Internal employee controls have gotten way more | sophisticated, and cared about since it's one of the things | you need to do for business focused information security. | Prickle wrote: | This is true, but if I remember correctly, Apple has a very | similar issue with user locked devices. | | Employees have opened their own "stores", where they remove | activation locks, or unlock iphones remotely for a small | fee. | rebolek wrote: | Let me tell you what's wrong with this: | | Nothing. | bonestamp2 wrote: | Be careful though, some automakers are tracking software mods | and voiding warranties. Example: | https://www.motorbiscuit.com/beware-dodge-challenger-mods- | do... | Faaak wrote: | I don't think how that could work with the Magnuson-Moss | Warranty Act ? | bonestamp2 wrote: | Good point. There is an exception in that act that allows | the warrantor to waive coverage if the damage was caused | by the consumer, so I guess Dodge can do it because the | software mod in that case is causing the vehicle to | perform outside of its design envelope. The warranty only | covers manufacturer defects, and forcing the vehicle to | do something it's not intended to do is not a defect. | | So, I guess these Tesla hacks should be fine so long as | they're only enabling things that the vehicle has been | designed to do. | awad wrote: | Mod chips for consoles and mod chips for cars don't seem too | dissimilar | berniedurfee wrote: | And gray market chips you could swap into your US Robotics | Sportster modem for dual standard 56k baud compatibility! | sleepybrett wrote: | I had a friend that made a tidy sum in college by selling | replacement chips for high end cars that overrode some | governors built into the firmware. | kotaKat wrote: | They haven't managed to "unlock" the features yet. They've got | root on the IC which "could" lead to unlocking them.[1] | | https://www.blackhat.com/us-23/briefings/schedule/index.html... | mrkeen wrote: | Something which might work in the future, being announced as | something that works now? How appropriate! | robotnikman wrote: | Now lets do the the same for Mercedes and any other car | manufacturer who starts to try this crap. Good to see stuff like | this happening. | Someone1234 wrote: | While the exploit that allows them to run arbitrary code is | unfixable, that doesn't mean Tesla couldn't update the vehicle to | make accessing these features more difficult. For example, simply | not delivering chunks of FSD to unauthorized vehicles server- | side. | | I guess my point is: This will start an arms race. Eventually | you'll need to pick between an on-network Tesla getting software | updates from them, or an off-network Tesla with FSD and other | things that unlocked can provide. Heated seats can likely be re- | enabled electronically without software (i.e. splice in a | switch). | | Personally, purely from a utilitarian perspective, I wouldn't | choose to use FSD that wasn't getting continuous updates because | it may not include road changes, state law changes, and frankly | still has a lot of room for safety/reliability improvement. Maybe | "Enhanced Autopilot" ($6K) just for lane change. | | PS - 9/10 of Tesla's recalls have been software updates. So you'd | lose those with an off-network Tesla. | count wrote: | The arms race started the first time a Tesla shipped. They've | had some serious security folks on the Tesla side since the | early days. | no_time wrote: | That's very cool. Especially if this could compromise the desktop | version of this tech as well. Extracting my own TPM keys could be | useful if MS/GOOG decides to boil the frog even harder. | ccosmin wrote: | At least in France if you have a serious accident there's a | technical examination of your car. If the insurance company finds | out you tampered your car software (debridage) you're left | without any coverage. | advael wrote: | Big fan of anything that harms the control companies have over | computers they've sold people, especially in deadly weapons like | cars. Excellent work | somerandomqaguy wrote: | Makes me wonder how Tesla's going to react to this. Can't imagine | they're happy about this. | johnl1479 wrote: | I'm torn. On one hand, I absolutely think that a capability | available in the vehicle/device when you purchased it should be | available for you to use, and not behind a software lock (heated | seats, etc). On the other hand, an "upgrade" or 100% new software | delivered via OTA (self driving, etc) seems a little more like it | should be a separate thing. | Denvercoder9 wrote: | > I absolutely think that a capability available in the | vehicle/device when you purchased it should be available for | you to use, and not behind a software lock (heated seats, etc). | | While I intuitively agree with you, I'm having a hard time | arguing against the economic argument in favor it. Producing a | single version of a product is generally cheaper than producing | two different versions. Also offering a lower-margin, software- | locked variant can (in certain conditions) make things cheaper | for everyone, and it gives the consumer more choice: if you | don't need or want the features of the premium model, you don't | have to pay for it. | | For example, imagine a manufacturer that sells two versions of | its product, a basic model that makes up 20% of sales which | costs $1000 to manufacture, and a premium model that makes up | 80% of sales and costs $1250 to manufacture; this gives an | average cost of $1200/unit. If they can save $100 per unit by | only manufacturing the premium version and software-locking it, | that reduces the average cost of goods sold to $1150/unit. They | can pass on half of the savings to the customer, and still come | out $50/unit ahead. | beiller wrote: | Producing the extra weight of the seat heater requires extra | fuel to burn. Now multiply that by the number of cars on the | road. Will cost the customer a (small) amount extra in fuel | costs for a part that is not being used. So there is an | economic argument that ya, we can subsidize manufactures by | taxing people more. Seems like a bad deal to me. | | Now lets talk about CO2 output of driving around extra dead | weight. Makes it worse. | Denvercoder9 wrote: | The extra weight/fuel costs just shifts the price point | where it's a good deal (as it makes the product slighly | worse), it doesn't change anything fundamental to the | argument. | | Or to put it in another perspective: carmakers have never | optimized for weight at the cost of everything else (as | otherwise we'd all be driving around in cars made from | titanium or carbon fiber). What's the difference between | putting in a heavier seat with a non-functional heater to | reduce production costs, and using steel instead of | aluminium to reduce production costs? | Sebb767 wrote: | > Now lets talk about CO2 output of driving around extra | dead weight | | We're talking about a few grams of extra weight on an ICE | vehicle over 1.5 tons, if not even an SUV over two tons. If | you put a spare bottle of water in your car you'll most | likely have similar dead weight. | | Now, I get where you're coming from, but the amount of dead | weight this adds is so miniscule compared to the general | overhead any modern vehicle carries that making this | argument is borderline disingenuous. | beiller wrote: | I question it myself a bit but I think I will stick to my | argument. Yes it is a small amount of weight, but from | what I understand passenger cars contribute a lot (28%) | to total greenhouse gas emissions. 290.8M cars on the | road in USA alone. I will say a copper heating coil in a | seat weighs 3 Lbs. 4,094 Lbs is the average weight of | car. So we could save .1% of the weight of the car maybe? | Over the lifetime of a vehicle couldn't it add up? | | Then we can add in the CO2 emission of manufacturing dead | material to place in the car. | | To top it all off, no one wants this. | kelnos wrote: | You're probably right that the loss in gas mileage or EV | range is pretty small, to the point of being statistical | noise. | | But a few grams is definitely not correct. It's probably | more on the order of 3-5lbs per seat. | | If we don't like the heated seat example, let's use power | seats. Those are _much_ heavier than the equivalent seat | with manual controls to adjust its position and angle. | Granted, I don 't know of any car manufacturer gating | power seats behind a software lock... | ryandrake wrote: | I think the usual "heated seats" example is a poor one, | since it's so obviously an optional feature that not | everyone would want to hack around. | | Let's say instead that BMW decided all their car models | would be physically 4 seaters, but in order to be allowed | to use the back two seats, you had to pay a large monthly | "sedan fee". And if they caught you using the back seats | without paying, they'd sue you. Would anyone accept this? | Likely no. And the _reason_ you shouldn 't accept this is | the same reason you shouldn't accept the "seat heat" fee. | nichtverstehen wrote: | No need to imagine. That's public transportation. You can | physically enter a bus and sit there and get to places | for free. | | But you're supposed to get a ticket. Or is it fair game | to use public transport for free because you can? | Denvercoder9 wrote: | > Would anyone accept this? Likely no. | | I wouldn't be so sure, it's all about the price. There's | plenty of people that don't have a need for the | backseats, and at a certain discount on the purchase | price it becomes worth it to have two unusable seats in | the back of the car. Think about the extreme case, in | which the car is free: there are certainly people that | would take that deal. | beiller wrote: | Not sure what you're getting at, but the back seat | example here has all the same issues I pointed out above. | They actually would weigh even more than seat heaters. I | only gave some examples above of why it's bad but there | are many more off the top. | | Either way if I truly think I am right, then BMW, etc | should just go ahead with this plan. It should be a money | loser for them in the long run. But on second thought why | burn all this CO2 just to prove a point. We should | probably collectively put a stop to it sooner rather than | later. | ryandrake wrote: | I agree with you 100%. Sometimes on HN we assume when | someone replies to us they're disagreeing! | beiller wrote: | Haha yeah I wasn't quite sure from the response, so I | just expanded on what I was saying before. I wonder if | there is any examples of it being a good thing in any way | shape or form. | MetaWhirledPeas wrote: | I wonder if you framed the question a different way if people | would be more accepting of the arrangement. | | Option A: Buy our car for $50,000 | | Option B: Buy our car for $40,000, but we'll software lock | the "full self driving" feature | | It sounds bad if you frame it as the company withholding | functionality. It sounds better if you frame it as the | company offering a discount, given some software | stipulations. | | This is really about paying for software. When you spend $400 | for Ableton Live you are "unlocking" new capabilities for | your PC. When you buy the latest PC game you are "unlocking" | new capabilities for your GPU. | | If you wanted to do all this yourself you are _technically_ | able to do so, _at great difficulty and expense_. You could | develop your own software to operate your vehicle. (Not | advisable.) | | I prefer to look at it as a value proposition, rather than a | battle of ideals. If a car with _x, y, and z_ features | disabled at a price of _a_ is attractive to you, then buy it. | If not, don 't. | fragmede wrote: | That assumes consumers are entirely rational, totally | informed beings. Except every economist knows that's not | actually true. So you give the consumer option B to get | them in the door, and then spring the cost of full self | driving on them. Option B can even end up being more than | option A. See also: buying a cellphone on contract, back in | the day. | kelnos wrote: | It's not so simple, though. | | First, they absolutely will not pass the savings on to the | customer. Prices are governed by what people will pay, not by | what it costs to make the car. If they can make the cars for | $100 cheaper, they will pocket the $100, unless market forces | (like cheaper cars from other manufacturers) signal that they | should lower their prices. | | Second, heated seats are heavier than non-heated seats. | Customers who get software-locked heated seats and don't want | the feature will get slightly worse gas mileage or EV range. | So not only is the manufacturer potentially saving money | building the car (savings they likely are not passing on to | the customer), but they're pushing added operational costs | onto the customer. | | I think it's fine (though somewhat shady[0]) for a company to | use these sorts of software interlocks. But the product sold | to the customer belongs to the customer. If they want to hack | or mod it to disable that software interlock, the company | should just have to live with that, and shouldn't be allowed | to punish the customer in other ways (like refusing to | provide software updates, refusing to do maintenance, making | that maintenance more expensive, etc.). | | [0] Ultimately they can do whatever is legal. But customers | don't like being nickel-and-dimed for things, and doing too | much of this might cause customers to find alternatives. For | example, I refuse to fly on super-low-cost airlines like | Frontier and Spirit because I don't want a super-bare-bones | experience where I have to pay extra for every little quality | of life improvement. Flying is already not a particularly | great experience, and I don't care to make it worse. It's | Frontier & Spirit's prerogative to operate like that (and | clearly enough customers are fine with it for these companies | to be successful), but it's also my choice to spend my money | elsewhere. But if the _only_ option was airlines like these | (or car manufacturers who software-lock everything), that | would really suck. | mensetmanusman wrote: | This analogy/mental model of what things are when you purchase | them breaks down for software. It's less environmentally | wasteful to build a single sku and unlock paid software | features requiring teams of devs. | RajT88 wrote: | > paid software features requiring teams of devs. | | This makes it easy for me to make up my mind about. FSD is | about far more than just the hardware - there's many teams of | devs working on it. | | > heated seats | | There's little (no?) justification for software locking | heated seats. Press the button, make the seats hot. This is | just capitalist bullshit and we shouldn't put up with it. | rootusrootus wrote: | From the perspective of a customer, what is the difference | between a heated seat that doesn't work because it doesn't | exist, and one that is locked out by software? Assuming the | customer isn't paying up front for that feature. | | Some people don't want to pay for heated seats. Turns out the | manufacturer found it cheaper to just include the hardware | anyway rather than differentiate on the production line. What's | the big deal? The ability to change your mind and pay for the | feature after purchase without getting an aftermarket seat | heater seems like a nice bonus. Everyone wins. | bastardoperator wrote: | Some people don't want to pay for a 4th bedroom. Turns out | the builder found it cheaper to just include the extra | bedroom rather than differentiate on blueprints. What's the | big deal? The ability to change your mind and increase your | mortgage without having to deal with construction in the | future seems like a nice bonus. Everyone wins. | | Cars are property. It would be absurd to think portions of my | property are off limits to me. The best part about all of | this, is that none of these car manufacturers are going to | win, it's a rat race and plenty of people are going to buy | the cheapest car and mod the car software. I actually love | it. I also love how the people doing this have physical | access to their property and nobody can stop them. | rootusrootus wrote: | Aside from the significant associated increase in | maintenance costs on e.g. the roof that would come with | such an option, I bet you the market would be fine with | that. Stamp out houses that are all alike except some have | less bedrooms enabled. Hell, offer the extra bedroom | capacity as a rental option. | | If the customer only paid for 1 bedroom, they're going to | save a lot of money. It's the extra maintenance costs of | that roof and the associated space taken up by the | structure that would make it a harder sell, otherwise | dynamically growing living space would be very interesting. | fluoridation wrote: | >Some people don't want to pay for heated seats. Turns out | the manufacturer found it cheaper to just include the | hardware anyway rather than differentiate on the production | line. | | If it's that cheap then it should just always be included, | period. Otherwise it's just transparent greed. Why charge | your customers extra for something that costs you literally | nothing extra? Why not do the same for everything? The radio | volume knob is software-locked and it's either at 100% or | off, unless you pay extra to unlock it. The entertainment | system will play ads continuously while the car is running | unless you pay extra for the no-ads version. When you unlock | the doors they will stay locked for five more minutes unless | you pay extra for the Instant Unlock feature. | rootusrootus wrote: | > Why charge your customers extra for something that costs | you literally nothing extra? | | Because that's not how business works, whether cars, | computers, or any other widget. The cost of manufacturing | is only tangentially related to the retail value. | | Your examples, while contrived, could easily work the same | way. As long as the customer knows what they're buying, and | there are other choices on the market, then we will find | out pretty quickly how valuable a non-binary volume knob | is. | | You may not want to know the answer to that one, if you pay | much attention to airline ticket pricing and consumer | behavior. | LocalH wrote: | Stop giving them ideas! | eschneider wrote: | It's boggles the mind that a car company would spend | millions on styling and then do something like that to | completely cheapen the experience. Of course, software | companies do that sort of thing all the time. Just...ugh. | LocalH wrote: | $$$, that's why. $X isn't good enough for them, when they | can find a way to get $X+Y | eschneider wrote: | Do they even get more money from stuff like that or do | they lose customers because the UI now looks like ass? | GuB-42 wrote: | That's the entire point. They design a "luxury" car to be | sold at a luxury price, with high margins. But by doing | so, they go above budget for many potential customers. | | So they make a cheaper version, with lower margins, but | they deliberately cheapen the experience so that those | who can afford the "luxury" version don't buy the "cheap" | version instead. | fluoridation wrote: | If you want to sell a cheaper version then actually | _make_ that cheaper version. Don 't sell the exact same | version with the switch locked in the off position by a | logic puzzle and then sell the solution for an exorbitant | price. Hell, make a single version and physically break | the feature at the factory. Remove a critical component. | _Anything_ but this bullshit. | dragonwriter wrote: | > Otherwise it's just transparent greed. | | Welcome to capitalism, it seems you are new here. | | > Why charge your customers extra for something that costs | you literally nothing extra? | | Because (1) you can, and (2) it maximizes profit. | | > Why not do the same for everything? | | Because of estimates about what people will accept not | having in the base model and what some will be willing yo | pay extra for. Why do you think there would be some other | principal at work here? | globalise83 wrote: | And that is how Ryanair was born... | creata wrote: | > From the perspective of a customer, what is the difference | between a heated seat that doesn't work because it doesn't | exist, and one that is locked out by software? | | In the former case, I didn't pay you money, so you didn't | give me a good / service / whatever. That feels fair, because | you need money to provide those things. | | In the latter case, I didn't pay you money, so you didn't | _flip a switch_. That seems like a dick move. | | So I guess the difference is that in only one of these cases | does it feel like the manufacturer is an asshole. | MetaWhirledPeas wrote: | > In the latter case, I didn't pay you money, so you didn't | flip a switch. | | This is the case for _all software_. There is no physical | exchange of goods, and nearly zero effort to distribute the | bits. | lanstin wrote: | Which is why Stallman got pissed at the lack of source | code and worked so hard to make source code always | available. So that the economic limitations line up more | closely with the physical limitations. | ImPostingOnHN wrote: | heated seats are hardware, not software, even if they | interact with software | | a car is hardware, not software, even if it interacts | with software | | the fact that the switch is implemented via software is | irrelevant to the fact that hardware is more analagous, | e.g. a printer you want to use off-brand cartridges in, | or a cell phone you want to root | | I bought a kindle fire at a discount because it was ad- | supported, then rooted it and removed all the | adware+bloatware, and don't feel even a little bit bad, | because all I was doing was using _my_ hardware as I saw | fit | | sorry not sorry that this breaks amazon's business model | (in reality it's so rare it doesn't), but my hardware, my | property, my rules | _factor wrote: | The wasted economy on lugging around the extra weight for a | useless seat heater. | rootusrootus wrote: | That's true. It happens, though, and has for years. My last | car had a seat ventilation fan that was inoperable because | the switch and corresponding electronics (some kind of PWM | controller) to turn it on weren't installed. Seat | ventilation wasn't offered on that model at all, but the | seats were built with the fan. They didn't yank the fan out | on principle, they just installed the seats as built. | overnight5349 wrote: | In reality, you're still paying for the hardware. Don't think | for a second that these 'optional' features don't figure into | the price. | | Sure, maybe they have a lower markup if you don't buy the | license up front, but you still paid for it. These types of | gimmicks are free money for the company pulling them. | matwood wrote: | Because of the way production lines work it can actually be | cheaper to include it on every seat and unlock it with | software. | jjulius wrote: | Cheaper to manufacture, yes, but the cost of the hardware | is still included in what you pay for the software-locked | car. You've paid for the hardware and you own it, even if | it's software-locked. At that point, you're just being | asked to fork over $1k or whatever the additional charge | is for what essentially amounts to an "on/off" switch. | | Edit: Hell, to make it sound even more stupid, you're | being asked to fork over $1k or whatever the additional | charge is in order to change a bit from 0 to 1. | filcuk wrote: | That's no different to paying $1K for a CAD licence. | People just need to come to terms with the fact that the | line between HW and SW is becoming blurry. | | Obviously, I don't like up-paying for features I don't | get to use. The price of the product must be the same, | having benefited from mass production. With that being | the case, I'm actually glad I have the option to save | money now and upgrade later. | | The concept isn't a problem, it's companies taking | advantage of it (and us). | jjulius wrote: | >The concept isn't a problem, it's companies taking | advantage of it (and us). | | To borrow a phrase you used earlier, I truly don't | believe that we need to come to terms with companies | blurring this line and taking advantage of us. | overnight5349 wrote: | It's closer to using a CAD package and finding out you | need to pay extra to save files. | | Which is a real thing that has actually happened. | | The functionality exists, the code already has been | written, but it's disabled so as to extract more money. | | The arguments about cheaper manufacturing is pretty well | pointless. If the cost of adding seat heaters is | negligible, what justification is there for charging | extra? You pay for the hardware either way. This is rent | seeking and nothing more. | | This is a topic that's been beaten to death in the | electronics industry for years. Oscilloscope | manufacturers design and sell a 500MHz scope, but cripple | it to 200MHz unless you pay 50% more. Or they put | 16MSample of memory in and restrict you to 8 unless you | pay $400 for an "upgrade". The cost of buying the lower | model and upgrading it later is usually _much_ higher | than just buying the high end model. | | In any case, it's not like manufacturers are selling the | lower tier model at a loss. They're taking lower margins | on the crippled hardware, yes, but then they charge you | ridiculous prices that are orders of magnitude above the | real cost of the additional hardware. | matwood wrote: | Cost != Value. | Timon3 wrote: | I'm paying $1K for a CAD license because I can't write a | CAD program myself. I can easily change a 0 to a 1, why | should I pay $1K (or however much) for a piece of | software that does this? | chefandy wrote: | People are pushing back against the idea that you can't do | whatever you want with a physical thing that you own. You | _own_ the heating mechanism in the seats, you _own_ the | hardware needed to turn them on, and you _own_ the computer | which activates it. If Toyota sold me a car with heated seat | mechanisms installed and no switch, they couldn 't stop me | from installing my own switch. That you might not be able to | do what you want with a physical object you own, in theory, | makes this different. | eschneider wrote: | I'm wondering if there might be a reasonable market for | aftermarket ECUs for some of these "software enabled" | vehicles when they start showing up on the used market or | coming off warranty... | oatmeal1 wrote: | The thing is, in the long run it doesn't matter whether you | are legally allowed to install your own switch. The price | manufacturers charge for a car will adjust based on whether | they can get revenue from subscriptions or not. If they | can't successfully charge subscriptions, base car prices | will go up. | [deleted] | paxys wrote: | I'm not torn at all. It's my car. I should be able to "hack" it | as long as it doesn't involve illegal access to anyone's | servers. | rvnx wrote: | The exact same way you should be able to install your own | software on your iPhone | zht wrote: | your phone isn't a 3500 lb metal box of death on public | roads with other cars, cyclists, and pedestrians | omginternets wrote: | We already have a system in place for this: civil | liability and criminal culpability. If you hack your car | negligently, you can be sued for negligence or charged | with manslaughter. | jabradoodle wrote: | Same thing if you sell unsafe food, yet we have | regulations, because it's preferable to not be killed in | the first place. | omginternets wrote: | And because the impact is exponentially larger. Arguments | for regulation prohibiting individuals from tinkering | with their cars does no such thing, because those laws | are not currently in place, and there is not an epidemic | of runaway user-modified vehicles. | | On the other hand, such regulation would serve to prevent | users from enjoying the property they purchased and to | facilitate exploitative practices by manufacturers and | retailers. It is all the more absurd given that existing | law already provides mechanisms for deterrence and | punishment, namely: the notion of negligence. | | I cannot stress how _terrible_ this idea is. This would | severely degrade consumer rights and do virtually nothing | to protect people. | elwell wrote: | Neither agreeing nor disagreeing with you, but it follows | that you should also maintain this: "It should not be | illegal to drink alcohol while you drive. If it affects | your driving performance negatively, that, in isolation, | is what should be penalized." | vkou wrote: | The road worthiness of your modded car is a question | between you and the DMV, though. Once you start adding a | fifth wheel to your Lada, it's not the manufacturer's | responsibility. | | (Tesla's software killing people is also not their | responsibility, because you're 'supposed' to use it in a | way that nobody _actually_ uses it.) | meindnoch wrote: | It shouldn't be illegal to bypass the security of your own | property. On the other hand, it shouldn't be illegal either | for manufacturers to make security features that are | impossible to bypass. | paxys wrote: | > it shouldn't be illegal either for manufacturers to | make security features that are impossible to bypass | | No such thing as impossible to bypass, which is exactly | why companies turn to the courts and police for | enforcement instead. | kelnos wrote: | And that's the problem. Companies should just accept that | hardware and software will never be perfect, and people | bypassing imperfect security/revenue-enhancing features | is just a risk and cost you have to accept when doing | business. | | Instead, we have bullshit like the DMCA anti- | circumvention provisions that companies pushed so they | could get the government to legally enforce their crappy | business models. | alerighi wrote: | In a sense it's something car manufacturers have made for | years. Most of the time the difference from one model of a car | and another with more power is the mapping on the engine | control computer. | | Till this day it wasn't a problem since this was not really | locked down, and despite the fact that is illegal, people did | modify the car software to unlock more power quite easily. | | But... that "locking" of feature kind of made sense, since a | car with less kW pays less taxes (at least in my country you | pay more if the car is more powerful) so selling a locked down | model was also an advantage for the user that wasn't interested | in having more. | | Locking down heated seats... it's just a move against the user. | Buying a car you payed for that seats, since they are there, | why the manufacturer should ask you another fee to use for | something you already payed? To me this shouldn't be possible. | eschneider wrote: | I've done a fair bit of work with engine ECUs and remapping | for more power is almost never "free". It's not like | manufactures are offering different power outputs strictly | via software, though sometimes they'll make different | _tradeoffs_ between power/drivability/reliability. | | I mean, it's easy to get 20% more power out of an engine if | you don't care if it idles like a washing machine. And for | some applications, that's just fine. | sawjet wrote: | >I mean, it's easy to get 20% more power out of an engine | if you don't care if it idles like a washing machine | | Can you explain this? How does remapping an ecu make the | idle different? | jsight wrote: | It gets a lot more ambiguous when the features being offered | also come with increased risk of warrantly liability. I'm | thinking of things like acceleration boost here rather than FSD | and other driver assistance features. | | For FSD, part of the payment is for ongoing maintenance. It is | likely that the countermeasure would be subscriptions, and they | already seem to be progressing in that direction. | yardie wrote: | FSD is a little trickier. FSD hardware is installed in your | car and is used for ADAS. FSD is completely different | firmware and has to be downloaded from Tesla servers which | will check to see if you paid for that service. | | It might be possible to subscribe to FSD, wait for it to | download, then unsubscribe, and hack it to re-enable the | firmware. But FSD is still beta and you'd be risking being | exposed to get future updates. | m463 wrote: | I can see two different ways of looking at this | | If you enabled a seat heater, enabling hardware that the car | already has installed, or hot-rodding the engine, I don't think | it is that big a deal. | | But if you downloaded and installed software from tesla that | didn't come with the car, or did something like enabling free | supercharging, that would be more like theft of services. | | I expect if this becomes a thing, features will have to be | downloaded after purchase. | eschneider wrote: | The flip side of that is when they disable features that were | purchased when a car is purchased used. | m463 wrote: | I think the disabling features of a used car has some | nuances. | | 1) If tesla took possession of the used car and then sold | it to you, I think they can disable features. | | 2) If you sold your car to someone, and THEN tesla disabled | features I am not ok with that. | | With case #1, I think it is like any used car. People flip | cars. They can take a car, remove expensive rims or other | options and sell the car without them. People also buy cars | and part them out, selling each piece individually. This is | ok because the flipper owns the car before selling it and | they can do what they want. | eschneider wrote: | Case 2 definitely has happened. | edude03 wrote: | Here's a solid example - in 2016 all teslas came with | free supercharging for life. In 2017 they changed it to | be non transferable. If you buy the car directly from | someone tesla won't know but there has been cases where | they've found out (warranty repairs for example) where | tesla then removed it. | | If the seller didn't tell the buyer, or the seller | themselves didn't know - who's fault is that? | chrisstanchak wrote: | You can make the same argument that pirating software is ok | eimrine wrote: | In the world which disrespects FOSS for so much it is OK. | Pirating books is 100% OK. | masterofmisc wrote: | Cory Doctrow recently wrote a good piece about it here. Cars | are going down the renting model, not the ownership model and | it sucks. | | https://pluralistic.net/2023/07/24/rent-to-pwn/ | kelnos wrote: | I don't think there's any need to be "torn" on that; you can | certainly hold different opinions for different nuances without | conflict. | | Hardware features that are actually present in the product when | purchased should be available for use. If manufacturers want to | put those features behind a software lockout, I guess that's | their prerogative, but they shouldn't be allowed to complain or | punish the customer if they find a way to circumvent it. | | Charging for ongoing services that require the manufacturer to | spend money to maintain infrastructure (like a remote engine | start or remote lock/unlock) seems entirely fair, though. | | But as a big fat asterisk to that last statement, it pisses me | off that I can't run my own server infra for that myself. I | bought a Mercedes E-class a little over a year ago, and it | included a free year of their online services. Fortunately | continuing the subscription is pretty cheap (something like | $150/year). But it's an all-or-nothing deal. I want to be able | to do remote lock/unlock and engine start, but I don't want | Mercedes tracking my location wherever I go, and I don't care | about map updates (since I use Google Maps via Android Auto for | navigation). | | I would much rather be able to spin up my own server to handle | some of the remote capabilities, and not have the car talk to | Mercedes' infra at all (except perhaps for software updates, | which I would manually approve/accept). | | I get why car makers won't do this. Even if they didn't want a | stranglehold over providing services, I'm sure they still | wouldn't do it: it would require extra "advanced" settings in | the car and in the app to allow the customer to set an | alternate server backend. And customers will inevitably make | security mistakes with their own server backend, which could | create liability for the carmaker, or at least cause bad press, | even if it shouldn't. | alistairSH wrote: | It's relatively clear to me... | | Features cost money, so I should pay for them. Wether that's | via an option package (traditional) at order time OR via a | software update (Tesla) after purchase doesn't matter. | | BUT! As long as that feature doesn't have recurring costs to | the manufacturer (heated seats), it should be a one-time fee, | and transfer with ownership. | | Something like self-driving, where there might be an active | internet connection and server costs - I'm ok with a recurring | subscription. | | Examples... BMW tried to charge a subscription to use Apple | CarPlay. This should be a one-time fee (baked into model price, | or a one-time software switch). Same for Toyota (I think) who | tried to make remote-unlock a subscription (this was basic key | fob unlock - no internet hosting/app maintenance involved). | Also crappy move from them. | | Hacking otherwise reasonable software-locked features feels | like theft to me. If you want the feature, pay for it. At | minimum, I'd expect Tesla (or whoever) to void warranties on | cars with these hacks applied (within the bounds of Magnuson- | Moss Act in the US). | Cagrosso wrote: | If the feature is built in to the car from the factory and | disabled via software so they can charge more then you are | already paying for the parts and lugging around the added | weight in the vehicle thus costing you more in fuel. Software | locking a hardware feature that is integrated is an awful | practice. | | Telsa chose to do this presumably to only have to buy a | single seat configuration and streamline installs so they | could hit production quotas. | fragmede wrote: | Right. Instead of manufacturing a 50, 80, and 100 kWh | battery pack, and having to go through the whole process of | getting certifications and everything for each size, they | just make 100 kWh packs all day long, and then software | limit them to 50. Which means, in the case of an emergency, | the company can bestow extra range on lower-end vehicles, | which they did for Hurricane Irma. | | https://www.theverge.com/2017/9/10/16283330/tesla- | hurricane-... | pkaye wrote: | Does that imply there is not much of a manufacturing cost | difference between 50 kWH and 100 kWH battery pack? | doxick wrote: | Great reply! | | It's either so close that you're overpaying for the | 100kWH, or it's not very close in which case you're | overpaying for the 50kWH. | | Either way: the 50kWH is hit: carrying dead weight on a | smaller capacity. A not insignificant weight. | wongarsu wrote: | For many features it makes sense. Heated seats for example | have trivial hardware costs. It's basically a couple | resistive wires, plus the necessary controls. The process | costs of manufacturing some cars with and some without | heated seats likely far exceed the cost of the heated seats | themselves, so it's cheaper to just put them in every car. | But heated seats are a great upselling opportunity, people | are willing to pay $200-400 for them, more if you bundle | them in a package with other stuff the customer doesn't | actually need but that creates a vague sense of value. | | The compromise that minimizes production costs and still | allows that upsell is to put them in every car and disable | them via software. | myself248 wrote: | Back in the day we used to just call those "standard | features" and every car had them. | robryan wrote: | They could do that but would have to raise the base | price. These addon features allows a cheaper entry point | and price discrimination for those who are willing to pay | more. | | Whether it ends up being wasteful is complicated, there | are would be operating effeciencies in putting the same | hardware into every car. | Eisenstein wrote: | Just because it is easier and cheaper for you to do | something doesn't make it right to do it. | kstrauser wrote: | I'd be hard pressed to imagine a greater waste of | resources than to include all possible hardware in all | possible sold goods, with only some of the features | enabled. That maximizes waste with only a portion of | buyers able to use those things. | kbos87 wrote: | Ongoing costs aside, it's important to also recognize that | there may have been massive up-front costs to develop | something like self-driving before it generates revenue, | which the manufacturer should have the right to | recoup/monetize. If they choose to do that through a | subscription, that feels like it's within their right. | kstrauser wrote: | As the end user, I couldn't care less about a | manufacturer's costs. That's a them problem, not a me | problem. | | I understand your point. I just don't care. They sold me a | thing, and now it's mine. | kbos87 wrote: | That strikes me as a pretty dissonant argument on HN. If | we play that out, no software creator would have a | defensible way to monetize what they invested time, | energy and money to create. Enforceable laws protecting | IP are the difference between entire sectors of the | economy existing vs. not being worth the effort. | kelnos wrote: | I don't think that's true at all, or what the person | you're replying to is getting at. | | If you sell me a bunch of hardware, that hardware is now | mine, and I should be able to do whatever I want with it. | If you sell that hardware with a bunch of software on it, | I should again be able to do anything I want with that | software. | | That doesn't entitle me to updates of that software, or | ongoing use of the company's cloud infrastructure. It's | fine to require payment for that. | | IP laws just aren't particularly relevant to the | discussion at hand. I don't think anyone is suggesting we | should be able to legally "pirate" the software running | on our devices. | kstrauser wrote: | You're exactly right. | rstupek wrote: | I agree in principle. Are you also absolving them of any | warranty on the car once you begin modifying it? | californical wrote: | Only if your modifications directly cause the damage that | would have been covered under warranty. That's actually | been covered multiple times in US law and is fully your | rights as a consumer, to maintain the warranty. | kstrauser wrote: | I strong disagree. I'm not talking about making | unauthorized copies of the car. I'm just going with the | principle that's as old as the whole concept of property: | once I buy something, it's mine. | | If I own a shoe, I can paint it to look different or | change its shoelaces. If I own a book, I can tear out the | pages and rearrange them. If I own a TV, I can hook | anything I want up to it. And if I own a car, I can | modify it as I see fit. Those things are _mine_. If I no | longer want them, I can sell them (barring a specific | contract with the manufacturer, see | https://en.wikipedia.org/wiki/First-sale_doctrine). And | if a company wants me to pay them money while still | retaining some kind of legal right to restrict how I use | it, they can negotiate a discounted price for me to pay | them. | | When I walk onto a car lot, I'm not saying "whoa, check | out this IP!" The salesperson doesn't hype me up by | saying "you could own _significant portions_ of this | beauty today! " We don't sign a "purchase (most of it) | contract". I don't pay "sales-but-all-rights-reserved" | tax on it. The DMV lists me as the owner, not the IP | licensee. | | If I had to choose whether to support _laws protecting | IP_ versus _laws protecting ownership_ , I'll pick | ownership 100% of the time. | wizofaus wrote: | But the carmarker is surely within _their_ rights to | refuse to continue servicing your car, or declare that | any attempt at modifying the electronics /software | potentially makes it unroadworthy. | | Having said that, I don't entirely understand why Tesla | don't keep the software unloaded from the vehicles until | the user chooses to purchase the add-on features: | compared to everything else the software does, that's not | exactly a particularly difficult engineering challenge. | kstrauser wrote: | That would likely be highly illegal of them, per the | Magnuson-Moss Warranty Act. Unless they could prove that | the process of you enabling the confiscated features | caused something else to break, they're still on the hook | for it. | californical wrote: | Ok, here's a web software analogy. | | I run a news website. I charge $2 to view the news | website. You paid to view to my news website, thanks!! | | Let's say you really prefer dark mode, but my news | website is bright white. You install something like | DarkReader, to make it inverted colors, so problem | solved! | | But now I realize that this is a market that I could | charge for. So I start charging $5 for "news site with | dark mode". | | Should it be illegal for you to use dark reader to view | my news website with your light-mode-only license? | | Technically I've shipped you the text and style for my | website, which you are completely allowed to access and | have paid for.. Then you've modified it for your own use | after receiving the product. Is that wrong? | kelnos wrote: | Customers are not responsible for the company's business | model. | | I'm fine paying for software. And I'm fine with a | subscription model if I actually get new things | periodically during my subscription. | | Put another way, if you sell me a static, unchanging piece | of software (like a software update to enable heated | seats), then that should be a one-time charge. If you sell | me a self-driving package that gets regular updates over | time, then I'm fine with a subscription. | | (Self-driving software is a bit of a grey area, though. I | should probably have to pay for new features, like "now it | can drive on some more roads where it would previously | disengage and require a human to handle it". But I should | not have to pay for an update that fixes safety issues with | existing functionality.) | [deleted] | m463 wrote: | > Hacking otherwise reasonable software-locked features feels | like theft to me. | | I disagree, pretty strongly. There is a line. They sold you | something in its entirety, including the seats with wires. | | I would agree with you if you had to download the control | software from their servers. | | I would agree with you if you if the upgrade provided you | physical wires to install, even if you had to install them. | | Related I think it would be fine to purchase the control | software and/or heating wires from a third party that was not | tesla and install it in your tesla car. | Eisenstein wrote: | How do you feel about software that has various 'pro' | features that cost more but are unlocked with a key and | don't require a separate download? | djgigabits wrote: | If you're purchasing the "not pro" version for a much | cheaper cost, and it is a functional program (basic | things like Save not locked behind the paywall), having | different tiers of paid features is fine. You were able | to pick to have the lower tier features, even if you end | up downloading the same exact files. | | When it comes to hardware, if they've already installed | the feature, they've already factored the cost of it into | the purchase price. Your out the door cost includes that | heated seat hardware, even if it's not a line item. And | you don't have the option to have it removed for a | discount (or get a lower car package). You only have the | option to pay to use the thing that's already in your car | or not to pay to use it. | m463 wrote: | I think the burden is on the software developer to figure | out what they need to do legally. It might be | inconvenient for them to require a separate download, and | they'd have to make peace with it if they deliver the | functionality in its entirety to you during the first | sale. | alistairSH wrote: | Maybe it's not quite theft, but like I said, at minimum, | I'd expect Tesla to refuse warranty repairs (hack the | software to open Plaid mode, lose your drivetrain coverage, | etc). | | Trying to think about it in terms of "normal" cars - | unlocking Plaid is similar to reprogramming the ECU on an | ICE to deliver more power. | m463 wrote: | I don't have any trouble with plaid - it is | hardware/software with 3 motors and other hardware, plus | control software. | | There is also law in place to refute what you said. | Manufacturers can not deny warranty coverage if you | jailbreak your phone or hot rod your car, and this is | similar. (I believe they have the burden of proof if it | seems you did the damage) | | https://en.wikipedia.org/wiki/Magnuson%E2%80%93Moss_Warra | nty... | alistairSH wrote: | Yes, I mentioned that law above. It doesn't protect | consumer who modify their cars beyond original spec... | | If the manufacturer can show the change contributed to | the failure, they can deny coverage. Vastly increasing | the power output of the drivetrain would likely cause a | voided warranty on the drivetrain. | | Unlocking heated seats wouldn't void the warranty on the | drivetrain, but could void it on the seats and related | electronics. | xkcd1963 wrote: | Heated seats is essentially a bool somewhere in the code | implemented as artificial limitation. | | Self-Driving is much more complex and abides much more as an | argument to your view. | CapsAdmin wrote: | But who gets to decide? Usually the more uneducated a | person is of some particular product, the more they think a | feature is "just a bool somewhere". | | (personally I'm very much on the side of giving people | control of their own software and hardware) | kelnos wrote: | If the hardware for the feature is present and hooked up, | and the software (if any) that's needed to run it is | installed, then it is indeed "just a bool somewhere". | | If the hardware requires non-trivial software to enable | the feature, and that software is not provided with the | device, then it's fair to require additional payment to | buy that software. But also no one should be able to | prevent a third party from reverse engineering the | hardware and writing their own software for it. | | I think "who gets to decide?" is a somewhat silly | question. It's the same answer we'd accept for just about | any situation: someone reasonably well-versed in the | technology. | johannes1234321 wrote: | Even if it is a bool there is probably an extra factor: | Liability in case there is an fire or other incident. Tesla | probably on its side reduces it's cost as well, by only | insuring (be it by having cash reserves or actual | insurance) it's liability only for the cases where it is | enabled. | | It's of course hard to prove as cause, but if there is a | liability case it might become "interesting" | | Edit: Also relevant: even without incident, the disabled | heated chairs may be broken. By not being enabled Tesla | doesn't have to repair them under warranty as the aren't a | feature. Thus they maybe can reduce quality in the | production | Libcat99 wrote: | I'm somewhat torn too. | | IBM and I'm sure others have shipped enterprise hardware for | years that was partially locked. You might get a machine with | 16 cpus but you only paid for 8, for example, but you could | license the rest as you grew. It seems a little similar and it | was in no way underhanded, everyone knew what the deal was. | | However I'll echo what another poster said. I say Tesla should | be free to sell whatever they want, but if the end user finds a | way around it too bad. | johnl1479 wrote: | > However I'll echo what another poster said. I say Tesla | should be free to sell whatever they want, but if the end | user finds a way around it too bad. | | I think thats the stance I'm leaning towards as well. To | quote another commenter[1]: | | > If a manufacturer wants to lock features behind a paywall, | that is fine. However, they shouldn't be allowed to complain | when consumers modify the thing they bought to get around | that paywall. If Tesla really wants to make sure absolutely | no one gets FSD or heated seats without paying, then they | should make a point of only including the relevant hardware | or software in the vehicle at the time of purchase. | | [1] https://news.ycombinator.com/item?id=36988514 | martin8412 wrote: | AMD shipped CPUs for quite some time where if you were lucky | you could unlock additional cores that had been disabled for | various reasons | adra wrote: | These were likely sold down due to demand imbalance or more | likely due to QA failures in the disabled cores. It's a lot | cheaper to get some value from a defective chip than no | money. So... by all means try to unlock more cores but | don't start whining when your computer acts like Windows ME | on a good day (only crashing a few dozen times a day! So | stable!) | NoMoreNicksLeft wrote: | I'm of the opinion that these two things aren't comparable. | True, IBM and others have locked extra capability through | software... but they were only ever selling/renting to the | corporate world, which presumably had enough in-house legal | expertise to not be completely dicked over. | | To take that business practice, and then try to foist it on | consumers who don't have $500/hour lawyers on retainer | looking out for them is more than just morally questionable, | it crosses a line into some sort of fraud/extortion-adjacent | realm. | | If Tesla was really upset about this, it's a problem | completely within their capacity to solve. Only send bugfixes | OTA, require a service visit for new features. I'm betting | that their software's such a trainwreck they wouldn't be able | to compartmentalize it properly like that to save their own | lives. | prng2021 wrote: | We're not talking about enterprise software here. I think | people can understand the concept of paying for a seat | heater and the like without a team of lawyers. | gibolt wrote: | What are you talking about... Tesla is one of only a | handful of OEMs that can even issue OTA updates. | | Their cars from 2013 can _still_ get modern features OTA. | Please explain how you classify that as a train wreck | compared to software cobbled together from 100 vendors | (none of whom specialize in software) | martin8412 wrote: | Have you perhaps considered that OTAs aren't a desirable | feature in a safety critical system? | FireBeyond wrote: | > Please explain how you classify that as a train wreck | compared to software cobbled together from 100 vendors | | Tesla gets plenty of software from other vendors. And | doesn't always test it particularly well - there was a | story here of a firmware vendor who had a test harness | that took ~36h to verify. They shipped a bug fix to | Tesla, told them it was available... | | ... four hours later, "Great, this is awesome, looks like | we fixed the issue." | | ??? | | "We just flashed one of the cars here and took it for a | drive." | huhtenberg wrote: | > _I say Tesla should be free to sell whatever they want, but | if the end user finds a way around it too bad._ | | The same should go for DVDs, BluRays and streaming media and | yet here we are looking at jail time for bypassing the DRM. | semiquaver wrote: | Would you mind providing a citation stating that someone | has gone to jail in any country as a result of bypassing | DRM for personal use on things they purchased? I am | skeptical that this has ever occurred. | | Even in the US, which has quite draconian anti- | circumvention law under the DMCA, the criminal penalties | associated with this behavior only apply to those that | violate the statute "willfully and for purposes of | commercial advantage or private financial gain". A person | who bought a DVD or blu ray and decrypted it for their own | use would not be criminally liable. | | https://law.justia.com/codes/us/2021/title-17/chapter-12/se | c... | | I'm not defending the law, which I disagree with, merely | pointing out that "looking at jail time" for non commercial | bypassing of purchased BluRay DRM is a stretch. | [deleted] | martin8412 wrote: | That certainly depends on the country. Breaking DRM to | access something you've paid for is perfectly legal here. | mrguyorama wrote: | "perfectly legal" largely hasn't stopped IP owners from | finding ways to hassle people involved. | huhtenberg wrote: | Yeah, I am in a country like that. I was referring to the | state of affairs States-side. | kelnos wrote: | I think the problem becomes when you figure out a way to | unlock those extra CPUs without paying IBM, and then IBM sues | you or terminates your contract with them entirely. | | People should not be constrained in doing whatever they want | with the hardware they have bought. | theluketaylor wrote: | I don't mind hardware shipping locked and being an optional | fee to unlock. I have paid for the rear heated seats in my | model 3. | | What I'm vehemently opposed to is ongoing fees for things | that don't have ongoing costs. BMW wants to charge monthly | for seat heaters or carplay, but those things are not a | service and don't have ongoing costs for BMW to provide. If | anything creating an ongoing software lock creates an | availability risk. If BMW's authorization service is | unavailable do you lose heated seats? | | Several manufacturers are offering either monthly or one time | costs for certain features. I'm less clear how I feel about | that. Maybe quite valuable for someone who lives somewhere | warm and only needs seat heat one month a year. It would take | many years of paying for a single month to justify paying for | the fully unlocked feature. I think I can live with optional | monthly fees for things as long as you can always pay once | and just have something that stays for her life of the car. | why_at wrote: | I usually lean towards consumer rights on this type of | thing, and the idea of paying a subscription for something | like heated seats is annoying to me. | | That said I am trying to play devil's advocate here. Other | people have mentioned the analogy of locking out some CPUs | on a die for a cheaper version of hardware, and I think | that kind of applies here, at least for a one time payment. | | If I'm willing to accept that, is it so unreasonable that | they could _rent_ this feature to me, even if it 's only a | software switch? After all, the idea of renting physical | property isn't very controversial. | | Again, I don't like the idea and would never want to rent | the heated seats software switch, but I'm having a hard | time justifying why it shouldn't be allowed. | cameronh90 wrote: | I would also add that those sorts of subscriptions | shouldn't have a lock-in period, at least not more than a | month. | | And auto-renew should require explicit opt-in. For most | subscriptions I have, automatic renewal is desirable, but | invariably I forget to cancel trials or one month subs of | things I just wanted to test. | nordsieck wrote: | > What I'm vehemently opposed to is ongoing fees for things | that don't have ongoing costs. | | IMO, the real issue is the price. There is pretty broad and | well established equivalency between OPex and CAPex. The | problem is that car companies are trying to charge OPex as | if there was a 1 year depreciation schedule, when cars | typically last for decades. | | I think that if BMW charged 1/240th[1] the cost to buy the | option in order to rent it per month, very few people would | complain. Especially if that price were locked in for the | life of the car. | | --- | | 1. 20 * 12 = 240 | rebolek wrote: | I don't understand the mental gymnastic here. They built | car with heated seats. You paid for car with heated seats | that are technically fully functional but you can't use | them until you pay even more. No, doesn't make sense to me. | nordsieck wrote: | > I don't understand the mental gymnastic here. They | built car with heated seats. You paid for car with heated | seats that are technically fully functional but you can't | use them until you pay even more. No, doesn't make sense | to me. | | That's because you don't understand. | | The customer _didn 't_ pay for a car with heated seats. | The manufacturer included them anyway, but disabled them | in software. | | Presumably, a consumer could go to the dealership and pay | for heated seats as an aftermarket add-on. Or they could | pay to enable heated seats (software unlock) on a month- | to-month basis. | michaelt wrote: | _> The customer didn 't pay for a car with heated seats._ | | Well, when you buy a car your payment gives you ownership | of the entire car. | | There may not be a written contract or specification | explicitly saying that the valves in the tyres are | included in the deal, but they're your property | nonetheless (in the absence of obvious errors like the | dealer letting you drive the wrong car off the lot) | | The customer paid for a car with heated seats present but | inoperable. If the customer wants to modify their | property, that's their business. | nordsieck wrote: | > Well, when you buy a car your payment gives you | ownership of the entire car. | | Sure. | | > If the customer wants to modify their property, that's | their business. | | If you were talking about a vacuum cleaner or something, | I'd agree. But modern cars are "fly by wire". It is not, | in fact, only the customer's business if they modify | their car's software. | Zak wrote: | I think the problem here is that courts have allowed | software vendors to use a legal trick to get around how | owning things normally works. Software gets copied into | memory to run, and courts have accepted the theory that | making such a copy requires a license even though it's | not a copy in the traditional sense (it can't be given to | a third party so that they can also use it). | | A book is copyrighted too, but when I buy one, I can | legally write in it, paste in pages of my own, cut out | pages, etc.... I can even sell it after I've done that. | | I'm 95% certain the law should be changed to restore the | _first sale_ concept to software, and even more certain | when it comes to embedded software that 's necessary to | use hardware owned by end-users. | kelnos wrote: | > _The customer didn 't pay for a car with heated seats. | The manufacturer included them anyway, but disabled them | in software._ | | Sure they did. Maybe they didn't pay the _full price_ for | those heated seats, but they definitely paid more for the | car with them (but disabled) than for a car without them | entirely. | | The carmaker is hoping that people will pay for the | unlock in order to recoup their costs. But they're | certainly not going to ship those heated seats in every | car without inflating the cost of the base vehicle by | some amount. | | Put another way, it might look like this: | | 1. Car without heated seats at all: $10,000 | | 2. Car with heated seats, but locked: $10,100 | | 3. Car with heated seats, unlocked: $10,500 | | If the carmaker offered options 1 & 3, then customers | would pay for what they want and get, and nothing more. | If carmakers only offer option 2, then even customers who | don't ever want heated seats will still pay some premium. | | The carmaker might estimate that only 50% of their | customers will pay an unlock fee for a car sold to them. | They want to still cover their costs and make a tidy | profit, so they might charge more than the $400 | difference to unlock the feature. And that's if they're | doing it in the non-shady way, and are charging a one- | time fee. If they decide to charge a subscription, they | might do something like charge $100/year for it, and then | eventually they're just making pure profit for no added | value. | | Also consider that the carmaker's own costs could be, on | average, greater per car if they have to offer two | different options 1 & 3. Offering only option 2 | (regardless of whether or not people are able to defeat | the software lock) might be cheaper for them. I don't see | why we need to subsidize their business decisions. | | But all of this is still kinda irrelevant: bottom line is | that if you sell piece of hardware to a customer, that | hardware now belongs to the customer, and you don't get | to tell the customer what they can and can't do with it. | ImPostingOnHN wrote: | it reminds me of those hardware hacks to unlock | processors [0] | | the upside is that by not having much difference between | SKUs, and "locking" one SKU from becoming the other, the | costs are lower, and manufacturers _might_ turn those | savings into lower prices | | in both cases, as in cell phones, I believe like you | still own the hardware, including everything in it, | including software [1], so if you want to "unlock it", | that's your right, as is smashing it, reflashing it, and | having sex with it. If that makes for an unsustainable | business model, nobody is entitled to their preferred | business model being sustainable. Analogous examples here | might be unofficial Keurig pods, or printer ink | cartridges, which bypass manufacturer DRM intending to | lock customers into an otherwise arguably unsustainable | business model. | | sometimes, though, you have to fight for your rights, | e.g. build/buy/download and use unofficial tools | | [0]: http://computer- | communication.blogspot.com/2007/06/unlocking... | | [1]: this inclusion stems from my belief that, where | possible, you have an absolute right to view every bit of | data that happens across hardware you own, whether | gadgetry or eyeballs, in any format you desire, as well | as the right to remember what you've viewed, as well as | the right to modify or prevent modification of any | arbitrary bit on said hardware | Aloha wrote: | I feel different about extra cores on a CPU than I do about | heated seats. | | The manufacturing price delta between an 8 core CPU and a | 16 core, nowadays is functionally meaningless. | | The manufacturing cost between a car with heated seats and | without headset seats is functioningaflly meaningful. | | The way I see it, for things like heated seats or CarPlay, | I'm already paying for the base hardware cost (plus some | margin) as part of the base price of the car, charging me | for the upgrade is charging me a markup on what I already | paid for. Making it a service is insult to injury. | spookie wrote: | I believe that the worst thing is the use of natural | resources to produce those things without any function | whatsoever. Assuming the majority of customers don't pay | extra, it just makes it worse. | theluketaylor wrote: | > The manufacturing cost between a car with heated seats | and without headset seats is functioningaflly meaningful | | I don't believe that is the case. BMW determined it was | more expensive to have the supply chain, inventory, and | manufacturing management to build both heated and non- | heated versions of their seats. Rather than just make | heated seats a standard feature they saw an opportunity | to maintain and even expand their highest margin revenue | stream: options. | matwood wrote: | > The manufacturing cost between a car with heated seats | and without headset seats is functioningaflly meaningful. | | Citation needed. The way assembly lines and product mix | work, it could be meaningfully less expensive to have all | the hardware be identical with software unlocks. | manuel_w wrote: | Electrical wiring typically involves materials gained | through mining, which is carbon dioxide intensive. | thorncorona wrote: | > The manufacturing price delta between an 8 core CPU and | a 16 core, nowadays is functionally meaningless. | | Semi yields? | shmatt wrote: | >The manufacturing cost between a car with heated seats | and without headset seats is functioningaflly meaningful. | | You could probably buy something that would heat your | seat at home for under $4 on Temu. And that includes | multiple middle companies and shipping across the ocean. | It probably costs them pennies, where the upside is, | _this_ owner doesn 't want heated seats, but a car can | easily have 2-3 owners in its first 10 years. maybe the | 2nd and 3rd owners will want the heated seats, worth the | money it would take to install it | Terr_ wrote: | > What I'm vehemently opposed to is ongoing fees for things | that don't have ongoing costs. | | Especially if that rent-seeking doesn't come with any kind | of support for the "offering". | | If the heated-seats break for a "subscriber", will BMW | repair them for no additional cost? | foobiekr wrote: | I've always been curious if the ongoing fees for BMW end up | covering repairs if the hardware covering the function | breaks. It would seem absolutely insane if not, yet I am | pretty sure the answer is not. | hparadiz wrote: | My Honda has heated seats. I bought the car in Hawaii and | brought it to Socal with me. I didn't care about heated | seats when I got the car at all. It just came with my trim. | It was nice having it when I went skiing but I would never | remember to turn on a premium service for one ski trip and | then turn it back off. For a premium car I'd resent it on | my ride up the mountain. It would ruin the experience for | me entirely just because of how much I'd overthink the cost | value benefit in my head. It would seriously make me | unreasonably upset. Hard pass on any car that charges | monthly for it. | asynchronous wrote: | 100% agree about the ongoing features. Let me pay one time | to own the software unlocks please. | y7 wrote: | I think the concept of "licensing" should not apply to | something you own. If they want to rent you a CPU, fine, but | then they should also bear the costs for when it breaks. | bartchamdo wrote: | Sun Microsystems did this in the early 2000's | wahnfrieden wrote: | Does that mean all feature-gating iOS App Store IAP should be | unlocked for iPhone owners? | ipaddr wrote: | Of course. | Keirmot wrote: | Your argument is not the same as the parent. | | It would be the same if the volume rockers on the iPhone | would only work if you have a paid subscription, or if you | needed to pay extra to unlock 120fps while the device is | capable but locked to 60fps because you're not giving Tim | Cook more money. | johnl1479 wrote: | Not interested in having a whataboutism discussion. There is | a clear distinction here of software vs hardware | lockhouse wrote: | Is there though? | | Even on game consoles, the "DLC" is often a couple meg | download because the actual content is already built into | the game. | | You could turn Windows NT 3.51 Workstation into Server by | just changing a registry key! | | https://www.landley.net/history/mirror/ms/differences_nt.ht | m... | LocalH wrote: | This is less true nowadays than it used to be, some games | have quite a substantial amount of DLC of which no part | is shipped with the base game. The Rock Band series comes | to mind there, for one. | lockhouse wrote: | I see it all the time with RPGs still. | pbhjpbhj wrote: | I'm not sure 'MS charged $800 more for NT server when it | was basically the same as NT', given how much they're | known for unfair and fraudulent business practices, is | the greatest argument. | | Expecting capitalism to be fair is probably where we're | all going wrong here. | lockhouse wrote: | I'm not arguing whether or not it's fair, just that at | this point this is a long standing industry practice | going back decades. | asdff wrote: | That's kind of just how cars work in general even outside of | software. I put in the oem fog lights in my old car. All I had | to do was basically screw through a plastic bracket in the | grill that was installed at the factory specifically for the | lights, plug in the lights into one end of the harness that was | already in the car, pop out the preinstalled plastic cap in the | dash and pop back in the fog light switch after connecting it | with the other end of this harness that's already there near | the button, routed through the firewall for me. The fuse was | even already there in the fuse box for the fogs. | | Basically everyone with this car is paying for 95% the actual | hard work of what you need for the fog lights already. Very few | owners end up going for the fog lights but everyone subsidizes | their installation. | thevania wrote: | every time there is some HW hacking and its TU Berlin, only one | man comes to mind prof. Seifert and his team: | https://www.tu.berlin/sect/ueber-uns/team | | quite prolific | helf wrote: | [dead] | amelius wrote: | For now. They will plug the hole, just like Apple will stop any | undocumented use of their GPU when it suits them. Why waste your | time on these companies? | filcuk wrote: | Possibly because it's their job, it's interesting, educational, | maybe there's a monetary reward, maybe the reward was the | journey all along. The article mentions it can't be fixed by | software update. | dbg31415 wrote: | Was the password, "XGonGiveIttToYa"? | dxxvi wrote: | > enable us to extract an otherwise vehicle-unique hardware-bound | RSA key | | not ed25519? I know very little about these encryption thingies. | The Internet recommends ed25519 over rsa. | pbhjpbhj wrote: | They haven't broken the encryption technique, they've bypassed | it by extracting the key using weaknesses in the hardware- | software. You have to redo the process for each physical device | to extract the particular key in use in that device. | PicassoCTs wrote: | Now comes the funny part, were tesla tries to make the platform | trusted and locked down, and then people start to flash there own | firmware and solder chip-mods, cause there is nothing GNUnder the | sun. | | Wouldn't be surprised if Tesla has a defeat-device buried | somewhere that allows for remote permanent deactivation once | parked in case of piracy | autoexec wrote: | using the hardware you own should never be considered "piracy" | denysvitali wrote: | They can anyways remotely ssh into any parked Tesla nowadays | fragmede wrote: | The real question is Tesla Supercharger capability. If you can't | plug your car into that network, then you've lost a ton of value. | But here's the thing. In order to disable supercharging, Tesla | remotes into your vehicle to turn it off. It doesn't happen on | the charger side, it happens on the vehicle. So if you have root | on your Tesla, you can make sure you can always supercharge, | which isn't mentioned anywhere else. | eschneider wrote: | Here's a question for the lawyers out there: if you notify | Tesla that they're no longer authorized to access YOUR car, and | they remote into it anyways, would that come under Computer | Fraud and Abuse? | xwdv wrote: | You agreed to EULA. | eschneider wrote: | So one can never revoke access or change the access terms | to one's own car/computer? That just seems wrong. I'm | pretty sure Tesla can and does change access terms to their | servers and charging networks. | pbhjpbhj wrote: | IANAL. It seems like it should probably be covered anyway, | without the notification. Assumed consent would cover updates | and improvements. No-one is consenting to their car being | crippled, surely. | eschneider wrote: | It gets me wondering how well Teslas will function with | zero connectivity w/ Tesla. I mean, if the company goes | under or (more likely) they drop support for older models, | do older cars get bricked and disabled like clients for a | multiplayer game that's gone offline? | dgunay wrote: | I doubt they'll completely brick (the car can reboot | itself mid-drive while still having | throttle/brakes/steering) but I could see most/all | infotainment features ceasing to function. | Groxx wrote: | Let's start calling them what they are: | | Freedom fighters. | | "Hacking" carries quite a lot of negative connotations in most | realms. These are people making sure you are able to make full | use of _your own stuff_. There shouldn 't be anything contentious | about that. | px43 wrote: | "Freedom fighters" has a lot of negative connotations in many | realms as well. It evokes images of rebels using violence to | push some political agenda. Sometimes for worthy causes, | sometimes less so. | | No, we're keeping the word "hacker". | Groxx wrote: | While I agree with that image problem (I couldn't come up | with any that didn't have it, and at least this one is | descriptive)... I feel pretty confident claiming that | "hackers" carries clearer and more consistent negative | connotations to the general public (definitely not HN | though). | zgluck wrote: | I mean, we used to use the word "cracker" for this up until | the late 90s. A hacker was someone who _created_ something | cool. | cobbal wrote: | "A group of security researchers (aka hackers)" is an | especially bad connection to be drawing for the general public. | [deleted] | LocalH wrote: | Rent-seeking is the _true_ American way, it seems. | | Good on the hackers. Good on _everyone_ who helps to liberate us | from the overreach of big business. | umvi wrote: | Is it rent seeking/overreach? | | I make a video game and charge $50 for it. Later I make a DLC | and charge $25 for it. | | Is your claim that if I keep them as separate purchasable | downloads, I'm not rent seeking? | | But if instead combine the game and dlc into a single | executable (to simplify build and distribution) and put the dlc | behind a software lock, somehow that is now rent | seeking/overreach and I deserve to have hackers unlock it for | everyone for free? | [deleted] | LocalH wrote: | Even though that is not exactly the issue I refer to, I still | say yes, that is my claim, from a moral perspective. | | If the content is on the disc or shipped as part of the files | of the base game, then it should be accessible without | additional purchase. Otherwise, you're undercharging for the | original deliverable, and overcharging for the actual | "downloadable content". | | Imagine this taken to the logical extreme. I sell you a | printer. It comes with an amount of ink. However, I've | decided that instead of allowing all of the ink to be used, I | will limit the printer to only give you X number of pages per | cartridge, regardless of actual ink content. _Buuuuut_ , you | can also pay me $5 for the "ability" to use all of the ink in | your cartridges instead of only part of it. Would it be wrong | for hackers to unlock my printers to use all of the ink | without having to pay a subscription fee? | mbesto wrote: | > I still say yes, that is my claim, from a moral | perspective. | | I personally do not like services that exhibit rent-seeking | behavior, but what, precisely, is IMMORAL about the | practice? | qeternity wrote: | > Otherwise, you're undercharging for the original | deliverable, and overcharging for the actual "downloadable | content". | | This is called price discrimination and it's a great thing. | You're talking about under/over charging but that's absurd: | there is no such thing. People pay what something is worth | to them. | | What you're advocating for creates actual economic | inefficiencies: the people who don't want the DLC must | either pay a higher price, or not make the purchase at all, | and the people who would happily pay for the additional DLC | now get a net cheaper price, despite a willingness to pay | more. | gruez wrote: | > Even though that is not exactly the issue I refer to, I | still say yes, that is my claim, from a moral perspective. | | And what's the "moral perspective" in question? Is it just | "whatever benefits the consumer"? | umvi wrote: | Seems morally dubious. When you purchase software, it | doesn't mean you automatically own the bytes and can do | whatever you want with them. There are things call licenses | that dictate what you are allowed to do, and you agree to | the license when you decide to use the software. If you | agree not to use the software for commercial purposes when | you purchase it, you can't morally decide "my bytes my | choice" and just to use it for commercial purposes anyway. | Just because money has changed hands doesn't mean you now | have free reign to do whatever you want with the bytes. If | someone sells you linux for $1000, that doesn't mean you | are allowed to make it closed source for further | development because the GPL license you agreed to prevents | you from doing so. | kelnos wrote: | I don't think I agree with your moral stance. | | If I buy a car, then, yes, "my hardware my choice". | Software should be no different. | | I personally think end user license agreements are | immoral. If you want to attach conditions to use, you | should have to spend the time to work out a proper | contract, executed by both parties, with consideration | provided on both sides. | | But I still think that's weird. To use your "commercial | use" example, if I buy a lawnmower, the company that | sells it to me should not be able to dictate that I can | only use it for personal use, on my own lawn. If I want | to use it to mow my neighbors' lawns and charge them for | it, they can't stop me. | | Copyright licenses like the GPL are interesting. I've | released software under the GPL in the past (though these | days I usually choose more permissive licenses like | Apache or MIT). The GPL itself is essentially a hack that | rides on our current awful copyright law in order to | creatively subvert it. If our copyright laws were more | reasonable and more aimed toward benefiting the public | commons, we may not even have a need for the GPL; it's | even possible that big parts of it would be unenforceable | in a more reasonable copyright regime. | | Just a note on this: | | > _If you agree not to use the software for commercial | purposes when you purchase it, you can 't morally decide | "my bytes my choice" and just to use it for commercial | purposes anyway_ | | While this may be true under current law, there's nothing | inherent in the universe that makes it this way. We as a | society have decided that, legally, some things are out | of bounds when it comes to contractual obligations. As an | extreme example, you can't contractually sign yourself | into slavery. No court (in the US and quite a few other | places, at least) would consider that contract valid. The | idea that you _can_ sign away your rights to use a piece | of software commercially is not some absolute moral good. | We could decide as a society that this sort of thing isn | 't ok, and enshrine it into law. | buildbot wrote: | This is an amusing attempt at a defense if what Tesla is | doing given that they are currently violating said GPL | license for Linux... | Cornbilly wrote: | Yes. You've already distributed the binary to their machine | and are using their resources to store it. In my view, it | belongs to them and they should have full access. | gruez wrote: | By that logic, do you think that after someone has paid for | 1 month of netflix, and downloaded their entire catalog to | your phone for offline viewing, that all the videos | "belongs to them and they should have full access"? | aeyes wrote: | No because Netflix is not a one time purchase, it allows | to use the service for as long as you have an active | subscription. Also you should know that the download | function is limited to 100 titles. | | If the game had a base cost of 0 and a monthly price to | play it it would be acceptable. Quake Live worked like | this and I believe Game Pass. | gruez wrote: | >No because Netflix is not a one time purchase, it allows | to use the service for as long as you have an active | subscription | | Suppose netflix added a $10 upfront cost for | subscriptions to combat people churning subscriptions or | whatever. Would that make it justified to download all | the shows they let you? | | >Also you should know that the download function is | limited to 100 titles. | | I shouldn't know, because I don't subscribe to netflix | :^) | Cornbilly wrote: | That would be a better comparison (with bundling a game | and DLC into single binary) if Netflix insisted that you | keep those files on disk past your subscription period. | If they did that, yes. But since they don't, no. | kelnos wrote: | Yes, absolutely, if that were a feature the Netflix app | allowed. | | Obviously it does not: your downloads expire after a | certain amount of time, and if you cancel your | subscription, you won't be able to get a key to decrypt | the files. | | Companies are free to try to put restrictions on that | sort of thing, but I think if customers are able to | circumvent those restrictions (the DMCA anti- | circumvention laws notwithstanding), the company should | not get to complain about this. | [deleted] | kelnos wrote: | I don't think you'd "deserve" to have hackers unlock it, but | I also think that you should have no legal right to _prevent_ | people from unlocking it without your permission, and I don | 't think it's unethical or immoral for anyone to do so. If | you sell something to someone, and put it in their hands, | they should have the right to do whatever they want with it. | | Presumably you've made the choice to bundle the base game and | the DLC together like that in order to reduce your costs | somehow, and I'm not responsible for your business model or | logistical issues. If you're worried about people unlocking | the DLC for free, don't put it in their hands without | charging them for it. | | Either way, I think it's entirely reasonable to classify the | concept of "charging extra at a later date for something | you've already given the customer" as rent-seeking or | overreach. Even more so if, instead of a one-time charge, you | choose to charge a subscription for something that does not | require any ongoing costs for you to provide. | qup wrote: | Rent keeps getting paid. It's not a one-time purchase of $25. | gruez wrote: | What about games with monthly membership fees like world of | warcraft? | kelnos wrote: | That's fine, since there's an on-going cost to maintain | the cloud infrastructure that the game needs to function. | The company is well within its rights to say "if you stop | paying us, you stop getting to use our cloud services". | | But if there was a single-player or LAN version of the | game (I know that's not really possible with something | like WoW, but for the sake of the argument...), then | players should absolutely not have to pay an on-going | subscription fee to play that way. | martin8412 wrote: | There's been plenty of WoW private servers throughout | history hosted by people who had nothing to do with | Blizzard. | LesZedCB wrote: | how is this even a question? this is _exactly_ what happened | with Star Wars Battlefront II, and EA was once again | absoutely crucified by the decision to have paid unlocks for | content you technically _could_ grind for but was essentially | unfeasible. | | the only difference between now and 2017 is people saw EA | raking in the money anyway and have followed suit, so it's | now more common. the outrage was proved toothless... cause | star wars sells, and so does te$la. | vz8 wrote: | Cue the "You wouldn't download a car" memes. | mensetmanusman wrote: | https://youtu.be/52KR_eC8UFE | | I wonder which schools had the children watch this after the | pledge of allegiance. | x86x87 wrote: | there: https://www.youtube.com/watch?v=ALZZx1xmAzg I fixed it | for you | pbhjpbhj wrote: | That can't have been a thing? | mensetmanusman wrote: | There is a non zero chance this was played in a school... | If it happened during first period, then, well... | HWR_14 wrote: | Good. People who buy things should own the things they buy. | sowbug wrote: | I enthusiastically endorse this sentiment until I remember I'm | a software engineer whose career depends pretty fundamentally | on copyright law. | | As an industry, we sell things that make hardware more useful. | That's what software is. But the software we sell* comes with | legal restrictions on what the buyer* can and can't do with it. | Which means that we're restricting what our customers can do | with the hardware that they own. And we do all that for money. | *Substitute whatever you think the right terms are for these | words (licensor, licensee, borrower, tenant, serf...) | | If we sold an app on a mobile-phone store, and a h4ck0rz came | out with a crack that unlocked the premium features on it, we'd | take measures to stifle it (patching the code, increasing the | obfuscation, sending a complaint upstream of whoever was | distributing it, etc.), and I don't think any of us would think | we're bad guys for doing so. We're just trying to feed our | families. And I doubt any of us would feel compassion for | someone who said they paid for that phone, own its hardware, | and can do whatever they want with it including run your paid | software for free. | | Tesla's sin, if any, is that they sold us hardware that's | designed to work only with their software. And "their" software | could include software they licensed from your company, if you | work in their software supply chain. | | Where is the right line between "my hardware, my rules" and "my | software, my rules"? | epups wrote: | > Where is the right line between "my hardware, my rules" and | "my software, my rules"? | | There's something obscene about unlocking existing physical | features with more money, but there's also our mental model | of what ownership means. Imagine you buy a new fridge, and it | has an extra compartment that is installed, gets cooled but | you have to pay to unlock. No one could ever verify that you | didn't rip it open yourself. I don't think anyone would | object either. | | The current monetization strategies for software favor the | corporations. They can withhold service in case of no | payment, and they are trying to do the same to hardware. I | personally feel we should regulate this as soon as possible, | otherwise things like right to repair will simply disappear. | Ukv wrote: | > But the software we sell* comes with legal restrictions on | what the buyer* can and can't do with it. Which means that | we're restricting what our customers can do with the hardware | that they own. | | I'd say the software equivalent to right to repair would | specifically be about restrictions against | inspecting/decompiling/modifying the software running on your | machine. | | While I also think copyright is flawed in general, | restrictions against redistribution of the software seem like | a separate matter - in the same way hardware right to repair | doesn't mean you can set up a manufacturing line for new John | Deere tractors to sell to others. | | > h4ck0rz came out with a crack that unlocked the premium | features on it | | If someone grafts on useful features using only what you have | already downloaded to my device, I think that's fair game. | snypher wrote: | This is probably not productive, but I think the response | would be; I bought the software from you so it's mine now. | spoiler wrote: | Yeah these discussions always give me a bit of cognitive | dissonance. | | On one hand, I like owning my software or content I | purchased (talking about DRM) | | On the other, people expect most things to be a "live | service" in terms of updates, which isn't sustainable if | you only ever get paid a small onetime fee for your | software. If you make the fee large, like Modo/Photoshop | did, then it acts as a financial gatekeeper to your | product. Even then, I feel like it creates wrong incentives | for the product, so I'm not sure it's good either. | autoexec wrote: | > On the other, people expect most things to be a "live | service" in terms of updates | | Do they? Most people I know don't want anything to update | as long as it's working. They don't want new features. | They don't want new UI changes. They'll dismiss/ignore | prompts to update for as long as they possibly can. In | very very rare cases people want "live service". They | want their GPS to give them traffic information for | example, but otherwise they don't want anything but bug | fixes. | | Photoshop for example doesn't need to be constantly | updated and a version of photoshop from 10-15 years ago | would be just fine for the vast majority of people. The | idea that software has to either be insanely expensive or | a subscription is a false dichotomy. | kentm wrote: | Yeah, exactly this. _Companies_ want live services | because they want to charge recurring fees. Customers | want to buy and own software. | TremendousJudge wrote: | As a software engineer, I don't sell software, I'm paid to | make it. I don't even own it afterwards. I hear some people | are paid to develop open source software. I don't think my | career depends "pretty fundamentally" con copyright law, as | if the software I produce is otherwise worthless. Most people | on the planet can't do the work I do, which means that | somebody pays me for this work. Changing copyright law | wouldn't change this fact -- at most it could affect my pay | grade. | kajecounterhack wrote: | > Where is the right line between "my hardware, my rules" and | "my software, my rules"? | | If someone roots their phone or car, which they own, despite | the manufacturer's best efforts to prevent this, it should be | legal because they are modifying a physical object they | purchased. If they teach other people to root their devices, | it should be legal the same way teaching lockpicking is legal | if you're just lockpicking something you own. | | Nobody is asking manufacturers to stop trying to get in the | way of people hacking their devices. Most people won't have | the skills or desire to jailbreak anyway. | | But John Deere will sue farmers who try to fix their tractors | themselves, Sony will sue you for jailbreaking your PS3, etc | etc. That's wrong. | | Additionally, DRM generates physical waste by making it hard | for people to fix things they bought. The right to repair is | important. | | For software, illicit redistribution is covered by copyright | law, no? But the same is true: if you own a copy of software | and want to hack it (e.g. mod a game you bought) why should | that be illegal, provided you were able to get around the | game's built-in circumventions? | lamontcg wrote: | That isn't the only way to sell software, it is a relatively | recent invention, I honestly wouldn't care if that went away. | Zetice wrote: | Okay great, but now the lowest cost of the car is an extra $10k | because the manufacturing just got a lot more complicated as a | result of not being able to build every car the same way. | TheLoafOfBread wrote: | That sounds like problem of a manufacturer not problem of a | user. | lowkeyoptimist wrote: | Adding 10k to the cost of the lowest priced car is | definitely a problem for both the user and the | manufacturer. | Zetice wrote: | The price of the product being higher isn't a problem for | the user? | TheLoafOfBread wrote: | Correct. That's a problem of a manufacturer for not | having a competing product. | Zetice wrote: | Would be a nice story if it weren't for the inconvenient | fact that Teslas are selling like crazy as they are. | | Sounds like it would be problem for the consumer, though | clearly a solved one. | martin8412 wrote: | They can't even build two cars the same way everytime, I | think we'll be okay. | Zetice wrote: | That's variance, not intentional. | tadfisher wrote: | Then customers have the choice to purchase a vehicle from a | manufacturer with more scruples who is willing to sell those | features without charging to "unlock" them. | Zetice wrote: | ...can you name one? Because every manufacturer does this. | carstenhag wrote: | But they don't own the license to use the software (Full Self | Driving). I agree with you about the heated seats though. | px43 wrote: | The entire concept of "intellectual property" is an attempted | theft of our own physical property, and I for one don't | appreciate it. I understand that my values on this don't | align with much of the rest of the legal systems of the | world, but the absurdity of intellectual property is never | more clear than when some far away company attempts to assert | ownership over something that you use every day. | blacksmith_tb wrote: | Hmm, is the code already present? Would enabling it be | putting unexpected load on Tesla's servers? If it's just a | local feature (like the heated seats) that's shipped turned | off, I'd say enabling it doesn't feel especially different to | me (trusting it to drive you around of course is different). | [deleted] | tdiggity wrote: | There is some real-time data being downloaded while | navigating. | https://twitter.com/greentheonly/status/1641450299285209088 | denlekke wrote: | i dont have a settled opinion on software unlockable stuff. | in general i think users should be able to hack it without | repercussions. however, thinking about the concepts you | present i had some hypotheticals. if tesla does all the | self driving processing outside the car, it feels a little | reasonable to pay them for their processing. but what if | they just moved the heat seating processing out of the car | (comparing the actual temperature to the desired | temperature and modulating the power) ? that would seem | unreasonable to me because the car is fully capable of | doing it. So then what if tesla ships an intentionally | terrible processor so that most data processing happens | outside the car ? maybe it's reasonable again . .. | | no point to this, just thinking out loud | rvnx wrote: | Software lockable stuff sounds like in-app purchases. | Should unlocking this content become legal ? | judge2020 wrote: | Self driving has an ongoing cost to Tesla for them to keep | it updated and to improving upon its performance. | | It's only a subscription because it doesn't make financial | sense to purchase it outright for $15k up-front (with a 6% | interest rate, you'd need to own the car for 102 months to | pay less than paying for the FSD subscription for those 102 | months, and it costs more per month in your loan than the | subscription https://docs.google.com/spreadsheets/d/e/2PACX | -1vSjfzhdfj0FU... ) | blacksmith_tb wrote: | Sure, though that highlights why someone would be | interested in unlocking it (even without updates going | forward). Personally I think I'd want mission-critical sw | to be as current as possible, I can see someone arguing | they should be able to run what's already sitting there | on the computer in their car. | code_runner wrote: | the software stack is different as far as I know. if you | buy FSD and sign up for the beta program, you get a | fairly massive software package downloaded. it is not | instant and already on the device. | | of all the things to hate about elon, tesla, and this | whole concept of locking down features in a car, FSD | really isn't one of them, as its just a software issue | and its a totally separate package that isn't core to the | operational capability of the car's components. | babypuncher wrote: | Here's my attitude: The consumer should have complete control | over any hardware and software in any product they buy. | | If a manufacturer wants to lock features behind a paywall, | that is fine. However, they shouldn't be allowed to complain | when consumers modify the thing they bought to get around | that paywall. If Tesla _really_ wants to make sure absolutely | no one gets FSD or heated seats without paying, then they | should make a point of only including the relevant hardware | or software in the vehicle at the time of purchase. | denlekke wrote: | in general you would think this is just a DRM race then | between tesla and unlockers. however, with so many of | tesla's features existing outside the car, tesla has a lot | of leverage. a music cd or blu ray is generally finished | content. a tesla is constantly getting software patches and | most owners use the app which i'm sure is going through | teslas servers | | is it reasonable for tesla to lock you out of the app or | software updates if the software hash doesn't match what | they provide ? would it be okay for them to void the | warranty if you run software they didn't provide ? | tadfisher wrote: | > is it reasonable for tesla to lock you out of the app | or software updates if the software hash doesn't match | what they provide ? | | Of course, and I don't think anyone here is arguing | against that. | | > would it be okay for them to void the warranty if you | run software they didn't provide ? | | There are laws governing this exact thing (in the US it's | the Magnuson-Moss Warranty Act), and in general Tesla | would have to prove your unauthorized modification caused | the failure which you're claiming under warranty. | _trampeltier wrote: | I think it was even a post here, because somebody had to | fix something on his car, he don't even had the licence to | use it. | Spivak wrote: | Yep, there would be issue at all if they sold the car and | you install FSD with a download and a license key but if it | comes with the car that's on you if/when the owner breaks | the lock they own to access it. | | If you sell me a house with a safe in it and want to charge | me for the code that's fine, but if get a welder to just | break the door open you have no right to tell me no. | MostlyStable wrote: | I'm ok with charging subscription fees for services with | ongoing costs (things like cell connectivity for remote | monitoring or something), and I'm ok with charging one time | fees for unlocking features that are already there, since it | allows for price discrimination, cheaper and more efficient | manufacturing, and better prices to the customer overall | (potentially at least). But the flip side of that is | that...if you put it on the car that the customer bought, and | they figure out how to unlock it.....well good for them and | sucks for you. This kind of thing _should_ 100% be legal (if | it isn't already, and my understanding is that it is). If you | want to _100% guarantee_ that they don't get a feature | without paying for it, then I guess pony up for the more | complicated manufacturing process where it isn't installed on | some models. | | As for "they didn't pay for the license"....no....you gave it | to them without asking them to sign a license agreement. They | paid you money, and you gave them a product. How they use it | is up to them. | sokoloff wrote: | > This kind of thing _should_ 100% be legal (if it isn't | already, and my understanding is that it is). | | It may fall afoul of the (terribly written, but still law) | Section 1201 of the DMCA, if it's arguable that the | circumvention provides access to computer software (and I | think it is arguable). | | I agree that this _should be legal_ , but I'm not nearly as | convinced that it _is legal_ currently. | RajT88 wrote: | Agree with this. The DMCA makes stuff like this illegal. | | Recall that when CD copy protection was starting to be | deployed, you could negate it with a black marker. The | DMCA then made black markers illegal, because it bans | "tools which may be used to circumvent copyright" as well | as the "circumvention of copy protection measures". (Not | that anyone tried to enforce it, but the letter of the | law was pretty clear that black markers were then illegal | to possess) | | The DMCA should be amended or revoked to make these | shenanigans no longer enforceable. | jrmg wrote: | Black markers are/were very obviously not illegal. The | law doesn't work like code, it's filtered by humans. | | No court would ever come to the conclusion that something | as mundane as black markers are illegal to possess. | RajT88 wrote: | You almost understood the point. | | The DMCA is a problem because putting copy protection on | (for example) heated seats is a similar level of | silliness to outlawing black markers. | belltaco wrote: | > but the letter of the law was pretty clear that black | markers were then illegal to possess | | That is wrong. It's legal to possess a hammer but illegal | to bash someone on the head with one. It was legal to | possess a black marker and arguably illegal to use it to | circumvent copy protection. | esotericimpl wrote: | [dead] | freejazz wrote: | >"As for "they didn't pay for the license"....no....you | gave it to them without asking them to sign a license | agreement. They paid you money, and you gave them a | product. How they use it is up to them." | | That's not true and it's most definitely not a valid legal | position to take in defense | toomuchtodo wrote: | So contract law and copyright aren't a thing because people | don't want it to be? You own the hardware (you can shuck | the car, part it out, mod it), you don't own the code it | runs. By all means, root the car and take the features you | want, but don't be shocked when Tesla either a) nukes the | features remotely or b) sues you. You are taking issue with | an existing legal and contract law framework. No one is | forcing you to buy a Tesla and be bound by agreements with | them around their IP. Would you support a software company | nuking someone's license to operate their software remotely | if the customer defeated a license module they didn't pay | for? | | (registered security researcher for my rooted Teslas) | MostlyStable wrote: | I'm not sure how contract law is relevant at all. As for | copyright, they aren't copying or distributing it in any | way. If you give me the code on it, I am allowed to | execute it as I see fit. The only way I see copyright | issues is if they weren't actually shipping the code and | I had to pirate it and side load it. Which is a | completely different issue than is being discussed. | | If you sell me a book, I'm not allowed to copy that book | and sell those copies. I _am_ allowed to chop it up and | and repaste my own copy however I see fit. | | If I'm wrong and current copyright law does not permit | this kind of thing, then current copyright law is bad and | should be changed. | toomuchtodo wrote: | I'm fully supportive of someone going to court and | finding out what happens when they do this. It is far | more valuable than wild speculation. Copyright law _is_ | bad and should be changed, but that is unlikely a winning | defense in the course of a civil suit (or criminally, if | prosecuted for DMCA violations, such as circumvention of | digital mechanisms for access control per 17 U.S.C. SS | 1201(a)(1)) [1] [2]. I am fairly confident (not an | attorney, not your attorney) this applies to access to | Tesla 's FSD digital work. | | [1] https://www.law.cornell.edu/uscode/text/17/1201 (17 | U.S. Code SS 1201 - Circumvention of copyright protection | systems) | | [2] https://www.law.cornell.edu/definitions/uscode.php?wi | dth=840... (circumvent a technological measure (3) As | used in this subsection-- (A) to "circumvent a | technological measure" means to descramble a scrambled | work, to decrypt an encrypted work, or otherwise to | avoid, bypass, remove, deactivate, or impair a | technological measure, without the authority of the | copyright owner; and (B) a technological measure | "effectively controls access to a work" if the measure, | in the ordinary course of its operation, requires the | application of information, or a process or a treatment, | with the authority of the copyright owner, to gain access | to the work.) | tadfisher wrote: | Contract law is running afoul of the first-sale doctrine | here. Tesla can not enforce many clauses in a potential | contract or license via the legal system, so it's not as | cut-and-dry as "you don't own the code". | | Copyright has zero application here unless you | redistribute Tesla's code or binaries. Reverse- | engineering is a legal practice (in US law, at least). | toomuchtodo wrote: | > Copyright has zero application here unless you | redistribute Tesla's code or binaries. Reverse- | engineering is a legal practice (in US law, at least). | | Reverse engineering to utilize software you didn't pay | for and don't have a license or some other legal | authority to use is unlikely to pass muster legally, | versus for interoperability purposes. | | https://www.eff.org/issues/coders/reverse-engineering-faq | (Control-F "What Exceptions Does DMCA Section 1201 Have | To Allow Reverse Engineering?") | hooverd wrote: | Tesla can't sue you if you splice a switch into the seat | heater relays! I don't know if that's a good idea. Or | maybe they thought of that and they don't turn on unless | there's some of key exchange. | toomuchtodo wrote: | That's BMW, not Tesla. Tesla only offers subscriptions | for premium mobile network connectivity and FSD. A | quality rocker switch would meet your needs for the BMW | seat heater use case. | | https://www.theverge.com/2022/7/12/23204950/bmw- | subscription... | | EDIT: I stand corrected. It appears there was a window of | time where Tesla offered rear heated seats as an upgrade | on a base trim standard range Model 3. | | https://electrek.co/2020/02/15/tesla-rear-heated-seats- | model... | Kirby64 wrote: | The cheapest Tesla's offered a one time unlock for rear | seat seat heaters. Not any different from bmw, except bmw | also offered a subscription option (bmw also offered a | lifetime unlock... at a much higher price). | freejazz wrote: | Using software without the license to is copyright | infringement, full stop. | rightbyte wrote: | In what way? No copy was ever made. | freejazz wrote: | Using a copyrighted work without license is copyright | infringement. Not sure how to make that clearer to you. | 8note wrote: | If I put a book a don't have a license to under a table | leg to make it stop wobbling, it is not copyright | infringement | dragonwriter wrote: | > Using a copyrighted work without license is copyright | infringement | | Only for the kinds of "use" that involve the exclusive | rights of the copyright owner ("use" generally does not), | and even then not always, because there are exceptions to | copyright. | hooverd wrote: | This just sounds like "you get all the downsides of | ownership but we get all the upsides of a subscription | model". | [deleted] | [deleted] | semiquaver wrote: | The article claims this is not patchable but it also says | that the hackers have not yet unlocked FSD with this | technique. I strongly suspect that the "unpatchable" part | would not apply to any potential FSD unlock because of the | large amount of server-side functionality involved for FSD. | Server side components aren't going to be easily fooled by a | car-local exploit. | | Knowing Tesla, even if they can't patch the vulnerability OTA | I would be very concerned about their being able to _detect_ | the use of this bypass and remote-brick cars in response | until the customer agrees to bring their car in for a | hardware patch. | | Edit: a now-dead reply says there is no server side | functionality whatsoever for FSD. I don't own a Tesla but | find it very unlikely that FSD has not even usage telemetry | in what are otherwise highly connected cars. | esotericimpl wrote: | [dead] | wredue wrote: | Haven't we already been through this type of shit with EA? | | Back in, I think it was bad company 2, EA delivered content | on disk, but locked it behind a paywall. Then they got their | wrists slapped for locking already available content behind a | paywall. | | Softlocking hardware that exists in the car (heated seats) | behind a paywall seems to be the exact same thing, and is not | legal everywhere. | shagie wrote: | Does enabling FSD come with any liability / terms of service? | If it is backdoor enabled and the vehicle crashes, what is | Tesla's liability? If the OTA patches to the system are needed | and the car is running the base, unupdated (buggy) build, what | is Tesla's liability? | | Alternatively, if a vehicle is running software that hasn't | gone through Tesla's subscription how much of the liability for | any software problems will Tesla be able to transfer to the | vehicle owner? | | Hypothetically, if Tesla were licensing 3rd party software and | that license was based on installed uses and Tesla was | reporting the subscriptions for FSD (rather than sales of the | vehicle), what would enabling the software open up Tesla to? | Would Tesla then be able to sue the person who unlocked it for | the additional licensing costs they incurred? | eldaisfish wrote: | If something is opened or modified without manufacturer | consent, there is no question of liability because there is | none. | joecool1029 wrote: | Except history hasn't really played out that way. Less | serious but Grand Theft Auto had a sex game added to one of | their titles that wasn't supposed to be accessible by | gamers. People figured out how to unlock it using a | modified save file. This ended up in all sorts of legal | liability to the company: | https://en.wikipedia.org/wiki/Hot_Coffee_(minigame) | something168581 wrote: | Hot Coffee is and was an absurd case with absolutely no | merit behind it. | | It only became a large issue because it was a social fad | for politicians and mass-media to dogpile "evil gaming | companies corrupting poor mindless children", and | Rockstar in particular with the GTA series was one of the | most popular targets of said social fad. | shagie wrote: | So if you're using unlocked a version of FSD that has been | recalled and don't get an OTA update then any and all | faults that may be traced back to FSD even if it was clear | that this is a bug in the software (e.g. the reason for the | recall) the vehicle owner has full liability? | | https://www.cnbc.com/2023/02/16/tesla- | recalls-362758-vehicle... | eldaisfish wrote: | Software is a legal grey area as others pointed out. In | your example, the vehicle owner modified the software | version and used an unsupported one. The manufacturer | cannot be liable when there is no legal contract. | | The problem here is that this is functionally similar to | using an outdated version of photoshop but the | consequences are vastly different. | rvnx wrote: | It never has been Tesla's responsibility if the FSD fails | (whereas for Mercedes they take responsibility) | olyjohn wrote: | I'm not a Tesla fan, but Mercedes doesn't have a fleet | anywhere near Tesla's. This is a well-run marketing | campaign to try to get Tesla to also accept responsibility | and bring prices up, IMO. Mercedes isn't really accepting | liability for shit at this point, because they only have | like one car with level 3 and it's a super top trim and | there won't be very many people using it. Once they have a | large amount of vehicles out there with this tech, then | we'll see what they really accept responsibility for. | code_runner wrote: | I think the mercedes taking responsibility thing was at | least partially clever marketing. there are really extreme | limitations last I saw, which honestly is understandable. | martin8412 wrote: | The limitations are due to the legal framework Mercedes | lives up to. The updated version only recently came out. | code_runner wrote: | I do think they are doing it more responsibly for sure. | Just that given the limitations it's difficult to compare | the offerings at this point | judge2020 wrote: | Did they ever figure that out? | | > There are few federal laws addressing automated driving. | So, Mercedes Vice President of Automated Driving George | Massing tells R&T, "we will probably have to deal with each | individual state." But the company plans to accept legal | liability for what the car does while Drive Pilot is | engaged. | | As far as I can tell there still isn't some webpage where | you can submit a claim to Mercedes-Benz for a failure of | their self-driving tech... | | https://www.kbb.com/car-news/mercedes-well-be-liable-for- | sel... | rvnx wrote: | In the opposite, Tesla sounds more like the type of | company that would sue you if you claim autopilot brought | you into a crash. | | Since they are technically right, as autopilot disengages | before. | prussian wrote: | I want to add agreement to this, but to be more precise: people | should own the things they buy and artificial (software ) means | of locking people out of features shouldn't be allowed. | shmatt wrote: | If you opt out of the heated seat package when you purchase | the car, that doesn't mean the manufacturer can't add that | hardware in a disabled state. That also doesn't mean you own | the heating feature after you opted out | | That's like asking Intel to fix a processor you overclocked | [deleted] | hooverd wrote: | Nah, that's like asking Intel to enable two more cores on a | two core processor made from a four core binned chip that | they also sell four core processors based on. The only | difference is software. | jsheard wrote: | Intel briefly did have a scheme where you could pay to | unlock parts of the processor that were disabled for | segmentation reasons: | https://en.wikipedia.org/wiki/Intel_Upgrade_Service | | It was abandoned due to backlash but that didn't stop | Intel from doing artificial segmentation, so instead of | buying a chip with "3MB" of cache and being able to | unlock it to 4MB later, now you buy a chip with "3MB" of | cache and 1MB of dark silicon that's permanently lasered | off at the factory. I get the objections, but the | alternative isn't really an improvement. | elmomle wrote: | Here's an analogy: the year is 1950. I bought a car and a | radio is built in. But I didn't pay the extra radio fee, so | a wire is intentionally left out and the radio does not | work. But the car is mine--I could choose to scrap it, | radio hardware and all; I owe the company nothing, and I am | the owner of a car with a nearly-functional radio. Then how | could somebody object to my going in and fixing the radio, | if it is my property to begin with? | waterheater wrote: | The answer is: the year is 1950, and property rights are | respected. | | The year is 2023. The goal of Big Tech is the elimination | of ownership and the rise of perpetual rental income. | causi wrote: | Then they should pay me rental fees in compensation for | electricity I have to purchase to haul _their_ hardware | around. | nescioquid wrote: | There are semantic games at play here, I suspect. | | The manufacturer sold the hardware configured in a certain | state; the same device could have been configured | differently depending on price. Once the device is sold, | the new owner is a petty tyrant over the state of his own | property. | | But if I don't own the heating "feature" (promise of a | result), I don't care. I am pretty sure that the warranty | indemnifies the company against the hardware actually being | fit for said purpose and therefore will not guarantee a | result anyway, so what do you "own" in the first place, if | not the device itself? | | [edit: grammar, readability] | HWR_14 wrote: | The far better analogy for what Tesla is doing is "it's | like Intel preventing you from overclocking your chip". | Sure, you should not expect support for your hacked seat | warmers. | pizzaknife wrote: | i came here to say this | nvr219 wrote: | If I paid them money and they gave me hardware (in this | case a heated seat) then I can do what I want with it, | sucks for them if they don't want me to. They can give me | the non-heated seat. And yeah if I brick my car trying to | jailbreak it that's on me, fine. | hooverd wrote: | IP has gone too far. We're seeing more and more instances of | computers forced into perfectly good physical products for the | express purpose of degrading their functionality unless a | ransom is paid. Now instead of toggling a relay, you have to go | through an entire software stack and license check to heat your | seats. | LesZedCB wrote: | which toggles a relay. | [deleted] | grecy wrote: | I've been thinking about this as a thought experiment lately. | | Let's say there's two versions of the car. Higher spec has | heated seats, lower spec doesn't. Let's say it's a $1000 price | difference. | | At what point below are you ticked off ? | | Level 1: The higher spec car has the physical seat heaters, all | the wiring, all the plugs and all the software. The lower spec | car has none of that. | | (I think this is how cars have always been sold, so it's | "normal" and "acceptable" and nobody would complain - they paid | $1000 less and got less features.) | | Level 2: The lower spec car has the physical seat heater inside | the seat, but none of the wiring, plugs or software to make it | function. (It was cheaper for them to just build the seats with | the heater in there, so they did, but it will never "work") | | Level 3: The lower spec car has the physical seat heater inside | the seat and some wiring, but the main loom doesn't have | provision for the high current draw, so it can't work. | | Level 4: The lower spec car has the physical seat heater inside | the seat, all the wiring, but none of the plugs to actually | connect it. | | Level 5: The lower spec car has the physical seat heater inside | the seat, all the wiring, all the plugs (so all the physical | hardware is there), but the software to turn it on is not | present / not licensed. | | (Note: If you got ticked off at level 5, it's pretty much like | buying a brand new MacBook and being ticked off that it can | theoretically run Final Cut Pro, but you have to pay to make it | work. Surely you gotta pay for software ? ) | marcosdumay wrote: | Level 6: The lower spec car has the physical seat heater, all | the wiring, all plugged in, all the software, and a setting | added (for extra production cost) that makes it not work and | can't be changed by the car owner. | | We are talking about this one. The entire thread is about | this one, and none of your options even passed through the | conversation. | code_runner wrote: | FSD is more like example 5 | Kirby64 wrote: | This is identical to 5, in my view. Its not licensed. Is | anyone upset that if you download a version of software | that has a "basic" and a "premium" version, but the premium | costs more money, that you don't get the premium | functionality? Just like you "can't change" whether you get | premium functions if you don't pay for it, the same could | be said for fsd or seat heaters. | whatlol wrote: | I disagree with the premise of locking someone out of | something they physically own. You HAVE the seat heater | in your car, the wiring works, you just aren't allowed to | turn it on. I don't see this as the same as a basic vs | premium version of a piece of software. The person owning | the car owns the heater, the car, the wiring, they have | to pay the miniscule extra cost of carrying that hardware | around in their car. If Tesla offered to remove it at no | cost if the car owner didn't want to pay the fee, I'd | have no issue. | | Where do you draw the line? | | Next they'll be making you pay a fee to use low gears, or | a power steering fee, a radio listening license, a | Bluetooth permit, a reverse allowance, power window | season pass, air condition authorization. | HWR_14 wrote: | None of the levels you mention (until Level 5) operate any | differently from this feature. In any of those cases, if I | replace the missing parts, I get my heated seats. I would be | ticked off if Level 2 had physically integrated seat warmers | had some protection people could not work around so they had | to cut out and replace the seat warmers. | | Level 5, and this case, all I'm doing is adding the missing | component. A flag or something. | whelp_24 wrote: | I mean honestly level 1 is frustrating when the cost is | negligible or for safety. Plus it isn't like you can choose | which features you get, and it is not like the seat costs | 1000 dollars to heat. Somewhere between 3 and 4 should have | legislation against it. (Also level 5 isn't like final cut | pro not being installed, it's like Apple blocking port 22 | unless you pay for a special developer license) | matwood wrote: | Yeah, I don't get the outrage. People should be happy because | it allows people to hack the software and get heated seats, | assuming they are ok voiding any warranty. | michael1999 wrote: | Level 5 is exactly where it bugs me. Levels 1-4 are all | concrete (if marginal) cost savings as compared to the full | version. But your level 5 means someone spent _extra_ money | and engineering time to make something _less_ functional. | | Boo. Hiss. | [deleted] | samstave wrote: | I won all my groceries, but once I consume them, they still | turn to shit. | | - | | I think we need to hold all EV companies "responsible for their | shit" | | So, if you buy a tesla - only tesla should be responsible for | recovery from every crash and and turn in. | | Thus the environmental impact due to the heavy metals and all | the plastics made are sole responsible from a closed, boring | lopp to hyper the link to the fact that all these materials | were made by stars. X. | samstave wrote: | (my point was I PAy/taxxed/etc) for my X-crement... | | I think my logic is off WRT analogy, but I beleive you get | the premise... | | Can we find a complete model of the impact of the matters | which are being affected by the musks? | | (im not judging musk - I am judging actions... many of these | actions suck. IIATAH? | 1023bytes wrote: | Doesn't seem like a good idea to actually do this, since the car | phones home all the time. Tesla could blacklist you from | supercharging etc. | sirsinsalot wrote: | There's a lot of missing the point in these threads about | software locks. | | Building a car in a uniform way for economy of scale savings, | fine. | | Having a software unlock for hardware you already have (but | didn't pay for in the price). Fine. | | Using software to rent-seek on one time costs like heated seats. | Not fine. Less fine too if the seat subscription can't carry to | secondary market. This can he used to cripple secondary markets: | sorry, the BMW account you have isn't linked to this VIN. Heated | seats and android auto are disabled. | | Let's stop the third. | sdfignaionio wrote: | >Having a software unlock for hardware you already have (but | didn't pay for in the price). Fine. | | Tolerable, perhaps, but pretty far from fine. It's pretty | shocking to me that people in our society build things and then | deliberately break them so they can make more money. Is this | really the best system we can come up with? | | We have built a society where what is plainly crazy is | rational. | hot_gril wrote: | > It's pretty shocking to me that people in our society build | things and then deliberately break them so they can make more | money. Is this really the best system we can come up with? | | All part of cost tradeoffs. Previously, they'd build the car | with the ability to support all those add-ons even if the | customer isn't getting them. Turns out it's cheaper not to do | that. | femto wrote: | Being a tradeoff it works both ways. Customers get broken | add-ons for free if it's cheaper to not pursue the | customers that fix them. | circuit10 wrote: | I wish the solution was to just give everyone those | features. Maybe it can't work like that but this feels very | wasteful | jimmyk2 wrote: | I assume it's all to game the starting MSRP. | | Like the barebones Tesla 3 that existed on paper but was | basically impossible to order. OE's know most people will | spring for that creature comforts. | circuit10 wrote: | That reminds me of this video: | https://youtu.be/cLGcGnGJvL0 where they say how one of | the reasons laptops are getting harder to upgrade is | probably so they can make you buy an expensive | configuration and still advertise a low starting price | hot_gril wrote: | At least you can download heated seats later if you | change your mind, unlike RAM. | wingworks wrote: | Kinda what the chip Intel (and others chip makers?) have been | doing for years. Make the best next gen chip, then strip out | parts to slow it down and sell cheaper ones. Not 1:1 the | same, but pretty similar. | hot_gril wrote: | What's the difference between the second and the third? | lajamerr wrote: | Probably the same sentiment between DLC vs Expansions in | gaming. | | But fundamentally no difference because you are getting a | discounted price in exchange for the soft locked feature. So | 2 and 3 are the same imo. | hot_gril wrote: | I'm not asking what's the fundamental difference, I just | don't get what the two options are. Is #2 one-time purchase | and #3 subscription? | dr_orpheus wrote: | Second is "I pay $50 once to unlock heated seats in my car | forever. This car now has heated seats and anyone that I sell | it to also gets heated seats" | | Third is "I pay $5/month for heated seats for the entire time | I own the car. Anyone that I sell the car to would also have | to pay $5/month for heated seats." | | Edit: The other version of the third option (your BMW account | is not tied to this vin) is something like "I pay $50 once | for heated seats in my car. If I sell it to someone, they | also have to pay $50 to unlock the heated seats" | hot_gril wrote: | Third seems slightly better, cause at least the secondary | buyer clearly knows it's $5/mo instead of having to make | sure the one-time payment sticks. | eganist wrote: | In fairness, the second method should probably be | implemented with an e-fuse. That way once it's paid, | there's no taking it away. | harry8 wrote: | >Having a software unlock for hardware you already have (but | didn't pay for in the price). Fine. | | Ok as long as /any/ end run around that garbage made by the | car's /owner/ is specifically: legal, legitimate and not- | warranty voiding. | | Because you know the step from there to not being able to | repair the things you own without paying more to allow you to | do so is nonexistent. | nottorp wrote: | Can they fix the power steering too then? | | Ref: https://arstechnica.com/cars/2023/08/steering-failures- | are-t... | | Apparently it's a software problem. | bigmofo wrote: | I would have thought that EFF and FSF would be more active in | trying to promote open source in automobiles for privacy, | security and being able to repair and modify the vehicle. I would | think that it would be rather mind blowing how much information | is gathered by the new vehicles about oneself. I have enough | money to buy any model of Tesla, but will not due to privacy, | security and safety reasons. (I consider drive by wire braking | and acceleration a safety issue. With a stick shift I can insert | the clutch and know that the drive system can be disabled. I also | consider that the software can be modified over the air forcibly | by Tesla a safety issue because it could be used for nefarious | purposes.) | rossdavidh wrote: | Sooner or later, some city is going to be held for ransom by a | group that has disabled (or hijacked) all of the Teslas in it. | "Give us a king's ransom or your roads will be clogged with | immovable cars, and thus unusable, for weeks". Right now, there | are not enough software-hijackable cars on the road for this to | work, but that is changing. Once you have a critical mass of | perhaps even just 5% of the cars, you can bring all traffic to | a halt until your demands are met. | balls187 wrote: | Curious, why do that, and not say attack the power grid? | Swenrekcah wrote: | I do agree with the sentiment, but in this particular example | if I were the local government I'd endure the pain for the | 24-36 hours it'd take to get the inflicted vehicles gathered | up and then simply ban them from driving until the | manufacturer fixes the issue. | | If I didn't have the legal authority to do it I'd probably | still do it and rather pay the damages than the ransom. | jdjdjdhhd wrote: | > I have enough money to buy any model of Tesla, but will not | due to privacy, | | Which modern car do you think is not violating your privacy? | bigmofo wrote: | That would make for a good topic. Also, it is difficult to | maintain older cars going when parts become harder to get. | So, even if one does not want to buy a new car; at some point | one might be forced to getting a newer car. I very much | appreciate these hackers and hope that there will be a | thriving and vibrant hacking community for new vehicles. I am | personally not interesting in unlocking unpaid for features; | but for privacy, security and safety reasons. | catboybotnet wrote: | It seems the thought that Teslas are not cars, but rather tablets | with wheels is accurate. | WeylandYutani wrote: | You wouldn't download a car. ___________________________________________________________________ (page generated 2023-08-03 23:00 UTC)