Supposedly the newest update fixes that, but I haven’t taken the time to test that out.
But WiFi is shocking my fragile on these wall connectors, I’ve had a lot of trouble keeping it connected to my home network over the years.
It creates a wifi access point in your garage that you cannot turn off:
TeslaWallConnector_<unique-id>
I would love to be able to hack any firmware to disable that.
I also read that a connected tesla car can force an over-the-air firmware update maybe through the charging cable or wifi, but I haven't verified that.
because it hasn't gone away after configuring the setup stuff (amps, etc)
An owner voluntarily downgrading firmware to gain control of your hardware IS NOT A HACK.
And if an adversary is doing this, then they have already breached yoir physical security.
In the UK, for example 10 million EVs all pulling 7kw would overwhelm the roughly 70GW potential of the grid. Even a million EVs charging at an inconvenient time could add a 7GW draw which is enough cause a problem.
Modern grids have batteries to manage instantaneous spikes of demand so there’d be a race.
Large ISP outages that affect millions of people are not uncommon on a decade by decade basis, and I suspect an uncomfortable number of UK EV chargers are in some way linked to eu-west-2.
[1] https://www.legislation.gov.uk/uksi/2021/1467/regulation/7/m...
Or just for the spirit of actually owning the shit you pay for.
I thought tesla even made a j1772 native wall connector.
Picturing someone rolling up to a charger outside of a large office building, 'plugging in', exploiting the charger via the communications, then using the charger to pivot inwards.
For example, if I am able to gain root access to a WiFi access point I own, even though the vendor has tried to prevent it, then yes, I would call it a hack. To me, it doesn't matter why or who is doing the steps.
In fact, I believe I have never before heard someone combine the meaning of the word to be related to the ownership of the device being hacked.
I suspect the number of people understanding the word in your way is a minority. Redefining terms doesn't help build mutual understanding: here we are taking a word some think has negative connotations and then remove the thing they think should be cool and ok, and then suggest that this is actually the real meaning of the word. Personally I don't think this is how words should be wielded.
Ownership implies authorization, and using the term "hacking" exclusively to refer to gaining unauthorized access to someone else's computer is a common usage that you must surely have encountered before.
Yep. The owner of the device can sue you.
You know what isn't vulnerable? A "dumb" offline charger. You know what doesn't make any money or turn the consumer into another product? A "dumb" offline charger.
If it were about physical security, the suggested fix would be to remove the communication from the port entirely.
Companies shouldn't get to make something simple and secure into something inherently insecure and then iterate security into it. Like drive by wire steering, or brakes. Nobody asked for these things and if you ask ANYONE who works on, builds, or actually enjoys cars the consensus is NOBODY wants it.
But there are enough sophomoric, pedestrian car owners out there who gawk at the senseless overdeployment of technology and think "this is so convinient" and don't see it as 1) regulatory barrier building and gatekeeping 2) enabling vendor lock in 3) overcoming right to repair legislation. So the knowledgeable and enthusiastic voices of reason who care about cars get drowned out by the hoard of pedestrian geeks who couldn't imagine operating a car without at least a 16 inch touchscreen.
In security, the best defense is not introducing a vulnerability at all. There is value in having less code. For example, if your PaaS doesn't collect user SSNs... then it can't lose SSNs in a breach.
The question here should not be "why is this not secure." The question should be "why does this even need to be secure in the first place?" We have a very simple task to do and we've complicated it so much we've introduced vulnerability that didn't exist previously.
Too many problems to count:
- High voltage and low voltage wiring should generally be kept separated for safety reasons. Light sockets could probably be moved to low-voltage-only to power just LED bulbs but this wouldn't work for wall outlets which need to be 120-240V. Plus I like having the option to install 120V halogen bulbs wherever color rendering really matters!
- We'd also have to "normalize" having a separate network just for IoT stuff that only communicated in/out of its own LAN boundary via an actually-secure gateway with generic open protocols. (Pipe dream without government enforced standards similar to or piggy-backing on building codes)
- (Most) electricians notoriously suck at understanding low-voltage wiring.
- Probably more that I'm too lazy to think about but these two are already show stoppers for the next 10-30 years.
You also never know when there could be another update and your region becomes one of those that has these restrictions.
While hacking is used to to refer to illicit activities, I do actually believe that the same activities can also be performed e.g. on your own devices, or with permission, and still be called hacking. So in my view, I do not believe legality is the defining term, but the actual things you do; oftentimes useful for illegal activities.
But I must assume there is a group of people who consider the term to be loaded with that exclusion, so I should take this into account.
However, to me "hacking your own devices" as a concept seems crystal clear, and is not a contradictory term.
> If it were about physical security, the suggested fix would be to remove the communication from the port entirely.
You can’t charge without negotiating charging rates. Communication is a requirement. Every EV does this. Heck, every cell phone does this.
> Like drive by wire steering, or brakes. Nobody asked for these things and if you ask ANYONE who works on, builds, or actually enjoys cars the consensus is NOBODY wants it.
Every hybrid and EV for the past 20 years has brake by wire. That’s how regenerative braking works.
Im thinking in an attack situation hackers might plan for say a 3am mass dump and pull on the grid by all cars that are charging overnight. This would definitely be possible by altering firmware, and would be bad enough to blow some local substations for sure.
I've had both setups and whether the full amperage charger is worth it or not depends on your use case. If you're just going to plug it in overnight, it doesn't matter. It's about an hour's difference for a top up. If you're going to wait for your car to charge and unplug it because you share the charger or have to run an extension over a public sidewalk, then the faster speed is worth it.
When we moved to a new house, we bought a Tesla wall charger, and it indeed charges at higher amps, but I don't know if the extra speed has necessarily been worth it since we primarily charge the car overnight.
I had the foolish idea of installing a Tesla charger at home to charge my Bolt. I’ve been unable to ever use it.
The wall charger works fine with Teslas. My car and adapter charge fine at Tesla superchargers.
But the home Tesla charger refuses to charge my Bolt. (Yes I disabled vehicle restrictions and tried all sorts of combinations of settings for weeks before giving up. Tesla support was useless of course)
Restriction or bug, same difference.
This is the one I use https://ev-lectron.com/products/lectron-tesla-to-j1772-adapt...
Just don't try to use that adapter on another NACS connector like the Mobile Connector, it'll get stuck and you'll have to do some magnet shenanigans to get it off (ask me how I know...)
NACS on Level 2 has the same number of pins, but speaks a different protocol than J1772, so just a normal "dumb" adapter won't work. You either need a Connector that can speak J1772, or a TeslaTap.
I guess I could see why you might want to restrict who can use your charger, but I really prefer the "dumb as bricks" version I currently have.
At least a few years ago, they would openly recommend it for non-Teslas.
I thought NACS brought some changes to Level 1 and 2 that aren't backwards compatible with J1772? I know there's an oddball voltage in there so you can put a NACS charger on a lamppost where J1772 would require a transformer; but I didn't think there were protocol issues too.
J1227 would require a transformer, but NACS doesn't.