Nissan Leaf HVAC-Hack Vulnerability Disclosed

GWBasic writes: Some of Nissan's Leaf cars can be easily hacked, allowing their heating and air-conditioning systems to be hijacked, according to [Troy Hunt,] a prominent security researcher. .... Mr Hunt said the root of the problem was that the firm's NissanConnect app needed only a car's vehicle identification number (VIN) to take control. That means that pranksters could pretty easily run down a Leaf's battery via Nissan's app just by cycling through VIN numbers, which, the article points out, typically vary only in the last few digits for same-region Leafs, and for an electric car that's a big deal -- you can't just get a quick jump and be on your way. For now, Hunt says, the only thing owners can do is disable the remote-control feature completely.

Jesus christ

I've been driving for nearly 30 years and I have yet to come up with a reason why my car needs to be on the internet. Or my DVD player. Or TV. Or refrigerator. Or light bulbs. They all seem to work just fine in standalone mode.

Re:Jesus christ

But.... but..... but.... Da Tezla is inn0v8ive bvecause it can update teh soffwarezzzz!!!11!!!!!

That makes you an ape and a republican for not finding virtue in everything EV.

Re:Jesus christ

[Alumoi]

If it ain't broken don't fix it.
"Improvement" for the sake of it it's not improvement, just more bling.

Re:Jesus christ

[gstoddart]

When you see weekly stories about horses getting hacked via a smartphone app with trivial security, do let us know.

If these connected cars have security as bad as this, it's pretty pathetic, if not bordering on criminally incompetent.

The problem is every idiot rushes to the market to say "ZOMG ... teh app", and what they produce is complete and utter crap.

Re:Jesus christ

[Altizar]

If it ain’t broke, it doesn’t have enough features.

Re:Jesus christ

[ShanghaiBill]

They all seem to work just fine with a horse.

There are some advantages to using horses. For instance cars are only now getting autopilot, but centuries ago, if you travelled a regular route, say from the market to your farm, you could loosen the reins, and take a snooze in the back of the wagon, and depend on your horse to know the way home.

Re:Jesus christ

[fluffernutter]

You know I kind of hate comments like that. There are many very obvious reasons why an internal combustion engine is better than a horse drawn carriage; power, ease of care, etc. I tend to agree with OP, I don't see any terribly obvious functional advantages that being 'internet connected' presents for most things. What I do see are risks and disadvantages. Let's call a spade a spade here, a lot of changes in technology we see today seem to be a solution in search of a problem.

Re:Jesus christ

[JackieBrown]

I've been driving for nearly 30 years and I have yet to come up with a reason why my car needs to be on the internet. Or my DVD player. Or TV. Or refrigerator. Or light bulbs. They all seem to work just fine in standalone mode.

My local public utility company is pushing all of its customers to a digital thermostat. The energy savings and the perks are very nice.

When I leave for work (or go to bed) my water heater turns itself off and the thermostat gets set to a temperature closer to outside . I have them set to kick back on about an hour before I leave work. I set the temperature to be colder than usual when I go to sleep because its easier for me to fall sleep when it's cold. Around midnight, the temperature goes back up. Around 4, the water heater turns on.

Additionally, if I get out early or have a guest go to my house, I can set the temperature to be comfortable for them - and have it so that they can even enjoy hot water.

Re:Jesus christ

[Adriax]

Riders wish they had bumper to bumper warranty for horses. Sure the thing is 3d printed, but the design schematics are impossible to read and the quality control on the materials needed for construction can sometimes be sub-par.
As for security patches, only an idiot lets their horse's anti-virus defense go out of date.

On the topic of external combustion engines. You must be doing it wrong then. https://www.youtube.com/watch?...

Re:Jesus christ

[Alumoi]

Do you work in marketing, by any chance?

Re:Jesus christ

Digital thermostats have been around for DECADES. It's reassuring to see your utility company keeping up with the times.

And as for guests being too fat and fucking lazy to turn the stat up when they walk in the door... well... can't help you there. It's the American way of life. "I need a robot to get the Cheetos because I'm a fat ass and can't get off the sofa!"

Re:Jesus christ

[Dutch+Gun]

Keep in mind that the advantages of first-generation internal combustion engines were far less obvious, being large, expensive, noisy, under-powered, and unreliable. We tend to take the reliability of modern engines for granted and of course have the advantage of hind-sight, but even just thirty years ago, cars needed a LOT more maintenance and were FAR less reliable than today. We're witnessing a lot of teething pain with a new technology as companies get to grips with how to properly use it. Remember that the internet was just a big experiment just twenty years ago which no one really knew how to capitalize on - it seems sort of ridiculous today. A lot of silly things were tried (remember CueCat?), and the ones that weren't feasible disappeared over time.

Most of this IoT nonsense is just that - nonsense that will disappear over time. You're correct in that many of these things are a "solution in search of a problem", but that's how a lot of product R&D is. You don't really know exactly what will stick and what will fade into obscurity until you give it a try. Yes, I'm also highly doubtful that much of this IoT craze will result in much good, but you can almost assuredly bet that someone will figure out at least a couple of killer applications for it, and in another decade, we'll all be taking the existence of those products or features for granted. It's just a little annoying right now because of the ridiculous type it's getting in the tech world - along with 3D printing, I suppose.

My irritation is that security is STILL something that's routinely ignored. It's not 1999, when we don't still really understand the implications of networked security, or have perfectly functioning standards and examples of how to do with right.

Re:Jesus christ

[AmiMoJo]

I own a Leaf. The remote control faculty is awesome. In the winter my car is nice and warm when I come out of work. Being an EV with limited range it's useful to be able to monitor charging remotely on occasion.

It should be possible to do this securely. We provide loads of services securely over the Internet. It's annoying but I remember when Windows didn't even have a firewall enabled by default, and somehow we survived and improved. No need to be a Luddite.

For now I disabled the service and rely on timers for the pre-heating.

Re:Jesus christ

[h4ck7h3p14n37]

I'm guessing that the OP's electric company grants credits to customers for allowing the utility to adjust their fridge/thermostat/etc. during periods of high usage.

Re:Jesus christ

[Trogre]

Name one legitimate use case for remote start on an electric car.

Re:Jesus christ

[dpidcoe]

You don't really know exactly what will stick and what will fade into obscurity until you give it a try.

That's kind of true, but you seem to be treating it like some sort of mystical unknowable thing. It's generally pretty easy to tell the winners and losers beforehand when it comes to these kinds of things, at least as far as things that are supposed to serve a functional purpose. Using your CueCat example, did anyone other than advertisers, marketers, and the development team behind it actually think that CueCat would take off? Short of some really specialized applications (e.g. reading a printed medium with embedded sources) it seems marginally useless, even considering the rest of the technology at the time. A 1d barcode scanner would be more than capable of doing the same thing without being proprietary, and would have been able to use any existing scanners.

Re:Jesus christ

[JackieBrown]

It's the American way of life. "I need a robot to get the Cheetos because I'm a fat ass and can't get off the sofa!"

The same can be said about the TV remote. Or automatic transmissions.

Re:Jesus christ

[Dutch+Gun]

Well, I gave a pretty ridiculous example with CueCat. Yeah, it was obvious to most people right from the start that it was a lame-o gimmick. Most of the DotCom 1.0 bubble companies has almost NO idea how they were going to monetize their product or services, and so were doomed to fail almost from the start unless they became ridiculously popular (e.g. Twitter).

But not everything is so easy to predict. I distinctly remember thinking cameras on cellphones were ridiculous and gimmicky, and probably wouldn't last. Also, would anyone really have predicted the demise of traditional expert-curated encyclopedias in favor of an online version that *anyone* could actually edit? I certainly wouldn't have. Wikipedia is a killer app for the web which we didn't even know we wanted. Or for programmers, perhaps Stack Overflow.

It's fair to say that MOST of the IoT attempts are going to be lame and probably fail, because that happens with just about everything - including biological evolution. But a few things will find success. If it was so easy to pick winners and losers, you wouldn't see these Silicon Valley millionaires and billionaires being created because they happened to create something cool that no one else either thought of or could bring to market. And picking stocks to invest in would be a hell of a lot easier.

Re:Jesus christ

[Syberz]

I've been driving for nearly 30 years and I have yet to come up with a reason why my car needs to be on the internet. Or my DVD player. Or TV. Or refrigerator. Or light bulbs. They all seem to work just fine in standalone mode.

Well, the TV and DVD kind of make sense with the advent of streaming video services.

Everything else though... yeah... that seems pretty dumb until you realize that there were probably lots of folks who didn't see the point of wiring electricity in everyone's homes, they'd been living without electricity just fine for years, who needed that?

So yeah, internet on your light bulbs is pretty much just a novelty now, but in a few years we might get some interesting innovations out of it.

Re:Jesus christ

[amiga3D]

You must be an engineer.

Summary in Error

Let me Google that for you:

http://www.mattcastruccinissan.com/blog/how-to-jumpstart-a-nissan-leaf/

You can jump a Nissan Leaf if you want.

At this point...

[QuietLagoon]

... for such an egregious lapse in security to be present in a vehicle, it should be criminal.

.
It appears that is the only way the car manufacturers will sit up and pay attention to the need for security in their vehicles.

Re:At this point...

[bobbied]

Oh, I don't know.. I think civil courts could be effective to motivate them. No need to make it a crime persay, just let customer's sue.

Re:At this point...

[Outtascope]

In terms of harm and danger to the public this right up there with breaking into a car that doesn't have any fucking doors and leaving the headlights on overnight. There, FTFY.

Say it isn't so ...

[gstoddart]

You mean an app used utterly lame security and used something readily available?

Well, I'm totally shocked.

No, wait, the other one where I pretty much expect all of this crap to be broken by design.

Almost without fail, if you can control it from your smartphone, chances are good that someone else can.

No thanks.

Re:Should have used APPS, not HVAC!

[clockley(571021718)]

App's can't keep me cool.

Cycle through VINs?

[fizzup]

You mean cycle through the one single VIN stencilled into the windscreen of your mortal enemy's Nissan Leaf, right? I think even the most inept developer of all time should be able to write an algorithm that's better than O(n)...

Re:Cycle through VINs?

[msauve]

But it's secure! Someone told them that best practice was to implement 2 part security, something they know, and something they have. They have the car, and they know the VIN.

Re:Cycle through VINs?

[fizzup]

You win. That's way funnier than mine.

Remote Start / HVAC Runtime Anyone?

[GTRacer]

How is this any different than a regular ICE car having remote start? Those have been pitched as "get the car warmed up inside and out before stepping outside!" deals for ages now.

That's a perfectly accepted use case now. The problem is the app/IoT side. Currently, it uses your keyfob to "authenticate" the request.

Re:Remote Start / HVAC Runtime Anyone?

[gstoddart]

Currently, it uses your keyfob to "authenticate" the request.

LOL, years ago, a friend decided he wanted a remote starter in his Accord.

No word of a lie, the only way the dealer could figure out how to do it was to take one of his physical keys (with some chip thingy) and wire it in under the hood somewhere, and they couldn't get him a replacement, because the chip thingy was expensive and intended to not be counterfeited.

I remember thinking, "if your dealer can't find a better way to do that, why are they advertising this?".

It struck me as one of the worst solutions imaginable, and I always wondered if since the key was now hard-wired into the ignition somewhere, it wouldn't be easier to hotwire it since they'd essentially defeated the security the key was meant to provide. The car now pretty much always said "yes" to the whole "is chip present" thing.

Using the VIN, which is stamped on the windshield and all over the car ... that strikes me as being on par with the same level of ineptitude.

No authentication at all except a number printed on the outside of the car and which varies according to known values? Someone has no business writing such things.

Re:Remote Start / HVAC Runtime Anyone?

[Nuitari+The+Wiz]

This is over the Internet (car has an EDGE connection) and does not require a line of sight.

Thankfully, its a pure electric car. If it turns on its just an inconvenience. If this was on a gas car, it could kill people with carbon monoxide poisoning.

Re:Remote Start / HVAC Runtime Anyone?

[I4ko]

There hasn't been a single person in the EMEAASPAK world killed by carbon monoxide poisoning, and our cars don't catch fire and obliterate in 30 seconds every time we crash, nor our homes tumble down because a fire has started, you just clean it out, put a new coat of paint and move on. Perhaps it is the American way of building stuff that is wrong and everyone is in the scare? Heck, even most of the eastern seaboard uses real bricks and mortar.

Re:Remote Start / HVAC Runtime Anyone?

[Shoten]

How is this any different than a regular ICE car having remote start? Those have been pitched as "get the car warmed up inside and out before stepping outside!" deals for ages now.

That's a perfectly accepted use case now. The problem is the app/IoT side. Currently, it uses your keyfob to "authenticate" the request.

You raise an awesome question, and I'll answer it.

One, in the regular car example you describe, the attacker needs two things: to be able to spoof the keyfob, and physical proximity. The first hasn't always been trivial, but it's still got a lot of challenges. The second keeps the attack from scaling; you can't sit in one place at one time and simultaneously mess with tons and tons of cars. This attack is far, far easier to accomplish (you just need to know the network range in question and only have to iterate VINs, which for all their length really isn't all that hard) and scales like a motherfucker.

But two...and here's what's really fucked up...is that if you manage to spoof the keyfob, then you can start the car remotely, open the trunk, and lock/unlock the doors...and that's it. That's all you can do. But this..in TFA, they talk about how the attack doesn't work if the car is moving. That means one very important thing...that the hardware that provides this functionality is tied into the car's main CAN bus, and communicates directly with the ECU. That also means it speaks to pretty much everything else, as well. Given that there was obviously no real rigor around security, how much do we want to bet that this web-like interface with poor authentication is also vulnerable to worse attacks...that it would be possible to even execute code on the car, potentially? On a system that's tied into things like engine management, or ABS devices...very scary. You can't even imagine that kind of thing by spoofing a keyfob.

Re:Remote Start / HVAC Runtime Anyone?

[drinkypoo]

I remember thinking, "if your dealer can't find a better way to do that, why are they advertising this?".

Probably because they are lame. A lot of dealers have installed a lot of non-approved crap on a lot of cars over the years, and then been responsible for maintaining it themselves, which they often do not know how to do. Anyway, some cars are meant to have remote start. A company called Fortin makes immo bypass systems, which are a lot slicker than putting the immo chip into the car like a dumbass.

Re:Remote Start / HVAC Runtime Anyone?

[Lehk228]

the chip key is supposed to go in a heavy duty lockbox that only connects it to the engine when the remote system is activated with the secure remote fob.

Re:Remote Start / HVAC Runtime Anyone?

[mjwx]

How is this any different than a regular ICE car having remote start? Those have been pitched as "get the car warmed up inside and out before stepping outside!" deals for ages now.

That's a perfectly accepted use case now. The problem is the app/IoT side. Currently, it uses your keyfob to "authenticate" the request.

This.

Also, the HVAC should not be able to access anything but the HVAC system and the physical controls should override any remote settings. But that's just crazy talk.

Re:Remote Start / HVAC Runtime Anyone?

[cbiltcliffe]

There hasn't been a single person in the EMEAASPAK world killed by carbon monoxide poisoning, and our cars don't catch fire and obliterate in 30 seconds every time we crash, nor our homes tumble down because a fire has started, you just clean it out, put a new coat of paint and move on. Perhaps it is the American way of building stuff that is wrong and everyone is in the scare? Heck, even most of the eastern seaboard uses real bricks and mortar.

Wow. So, a Japanese car manufacturer screws something up, it's discovered by an Australian security researcher, and somehow you still manage to find a way to turn it into an "Americans can't build anything for shit" rant.
Not only that, but all your examples of how American designs fail miserably are completely wrong. I can't remember when was the last time I've seen a car set on fire in a crash, but the only one I remember off the top of my head was a VW. Actually, that one technically didn't crash. It just spontaneously combusted.
America has some of the best house building codes in the world, since California sees lots of earthquakes. Sure, the same standards aren't required in Maine, but that's OK, because it's thousands of miles away. I haven't seen a house tumble down because a fire started. I've seen them tumble down because a fire turned into an inferno, but a house anywhere in the world would do the same.
Stop being such a stuck up snob.

Re:Tiny non-problem discovered

[cayenne8]

Why would you have a remote control feature on a car enabled at ALL?

as a LEAF owner

[Kevoco]

this does not bug me, much - the Nissan EV apps's remote HVAC feature is nice for warming up the car in the morning while it is still attached to the home charger. You can heat the interior without impacting the traction battery. Little known fact: heating a LEAF that's been parked outside in freezing weather has a greater impact on the battery (driving range) than cooling the same vehicle in the summer.

Re:as a LEAF owner

[fluffernutter]

Just out of interest, how cold does it get where you are? I've been hearing a lot about the leaf, but it can get down to -31F where I am. When smart cars first came out, a bunch of people got them but I don't see too many in the winter any more. The last one I saw, the driver had to bundle up and drive with both windows open so that the windshield didn't completely frost up.

Re:as a LEAF owner

[Nuitari+The+Wiz]

I regularly use the LEAF in -25C weather and its fine. The heater does put quite a bit of drain on the battery, but the distances I do are manageable.
I also regularly use the remote HVAC feature on battery, too bad the Nissan app is a buggy UX nightmare.

Re:as a LEAF owner

For non-extreme cold, using just the steering wheel and seat heaters saves a LOT of range. The window defrosters are a huge range hit.

Re:as a LEAF owner

[misnohmer]

Well, it doesn't bug you much now, maybe because you haven't thought through the implications. However, next time you end up having to tow your LEAF because while you were parked away from home some script kiddie drained your traction battery as a prank, you may change your mind. If it happens often enough, I bet it would start bugging you to a point where you would disable the feature (at least you have that option).

Re:Tiny non-problem discovered

[Outtascope]

Yep. It's completely a non-problem when I go out to my car after work and it won't run. Oh, wait, your were trolling, right? Right? Maybe you didn't have time to put forth a more compelling argument because you are too busy adding security to an app that has access to certain controls on my car, though I can't possible see why any rational person in the world would have expected that SOME form of authentication/authorization would be included in a product that I paid money for. After all, I usually invite the neighborhood kids to come turn on the air conditioning and heated seats in my car whenever they get the urge. 'Cause, why wouldn't I, right? Such a non-problem.

Help me understand something here...

[twotacocombo]

So they've created a feature that allows you to remotely run the heater or a/c indefinitely while nobody is occupying the vehicle? Seems to me that one of the first things done when designing this would to implement a timer and/or an occupancy sensor. Preheating/cooling the interior on a cold/hot day is great, and sometimes you just want to run into a store with your dogs in the back without leaving the engine on, but both of these scenarios should be rather brief in duration. Allowing the system to discharge the battery to the point of leaving you stranded is just piss poor design. Security flaw aside, I see no good argument for allowing your car to be used as an unattended fridge or oven for extended periods of time.

Re:Help me understand something here...

[tlhIngan]

So they've created a feature that allows you to remotely run the heater or a/c indefinitely while nobody is occupying the vehicle? Seems to me that one of the first things done when designing this would to implement a timer and/or an occupancy sensor. Preheating/cooling the interior on a cold/hot day is great, and sometimes you just want to run into a store with your dogs in the back without leaving the engine on, but both of these scenarios should be rather brief in duration. Allowing the system to discharge the battery to the point of leaving you stranded is just piss poor design. Security flaw aside, I see no good argument for allowing your car to be used as an unattended fridge or oven for extended periods of time.

Not only that, but simply disallowing pre-heat or pre-cool while not attached to a charger is pretty dumb. I mean, the whole point of pre-heat and pre-cool is to run the HVAC while you're on the charger so you're not consuming valuable miles to do so - you're plugged in, so coming into a pre-heated or pre-cooled car is pretty nice. But if you're away from the charger, that option should be disabled or attached to a very short timer (good for once use - requires cycling the "ignition" switch to reset).

Re:Help me understand something here...

The Leaf's remotely triggered climate control stops running 20 minutes after it reaches the preset target temperature (configured in the car only, not over the internet). But the evil hacker in this scenario is telling the car to restart climate control every 20 minutes, defeating that protection against simple user error. The car won't run the battery down below some limit (I don't recall exactly how low) even then, so you can't actually damage the battery by running it down to zero this way, but you can run it down low enough that the owner won't be able to drive more than a few miles on what remains.

Re:Help me understand something here...

[bobbied]

Except that the all EV's don't have onboard engines, I'm with you on this. Seems like a serious oversight to allow the AC/Heat to run for extended periods when the vehicle is not plugged in or occupied. Even your everyday laptop can tell the difference between "plugged in" and "on Battery" while monitoring battery percentages to decide what appropriate operating parameters are why can't a battery operated car? Why can it not say, "Hey, it's been 10 min and nobody is in the vehicle and I'm not plugged in, I'm going to turn off that energy sucking environmental controls." or "Hey, I'm plugged in, the battery is full, I'll leave the environmental control system running.."

Re:Help me understand something here...

[AaronW]

My Tesla model S has a similar feature and I use it frequently in the winter to warm up my car in the parking lot before I leave the building. It means I don't have to wait for the windows to defog and the car's warm by the time I head out. I can also monitor the temperature and wait until the car is warm before heading out to it. If I do nothing then after a while it shuts itself off.

In my case there's no place to plug in at work, but that's not an issue since I have plenty of range. Tesla also has a history of taking security seriously.

Re:Help me understand something here...

[runningduck]

You might also want to pre-cool the car before you leave work even if you are not currently plugged in. It is a simple decision of how much battery capacity are you willing to sped to hop into a comfortable car.

Re:Tiny non-problem discovered

[beelsebob]

Because it's really convenient to be able to start the air conditioning remotely, so that the car is already cool when you get in it. This is especially important with electric cars, where the power to cool the car down initially will then be drawn from the grid, not the battery.

Re:Tiny non-problem discovered

[JackieBrown]

I have seen those and can understand its appeal. Especially if it's limited against moving the car out of park.

Picture yourself on a 20 degree day starting your car by remote and having the heat start while you sit in your warm living room enjoying your first cup of coffee.

Re:Tiny non-problem discovered

[bobbied]

Why would you have a remote control feature on a car enabled at ALL?

If Google is successful, it will soon also support the command "go pick up the pizza I ordered."

How? Sit in the parking lot flashing lights and honking horn until somebody notices and drops the pie in the driver's seat?

Some conveniences should be avoided for now

[davidwr]

the only thing owners can do is disable the remote-control feature completely.

In other news, thieves discovered a way to break into garages using drive-by attacks (this happened in the 1980s or 1990s). The only thing owners could do was to disable the remote-control feature completely (or replace it with a different one).

Yes, there are a few environments where you need to be able to turn the heat or AC on before you get into the car. Alaska and Phoenix, Arizona, I'm looking at you. But for everyone else, the risk (upper bound on the probability of a high-cost hack is still too high) outweighs the convenience.

Re:Some conveniences should be avoided for now

[sjames]

And Minnesota and Wisconsin and Florida and Georgia and Texas and Maine, Illinois, etc, etc.

Re:Some conveniences should be avoided for now

[I4ko]

For Phoenix, Arizona you need only a quality set of driving gloves. Professions drivers and people with Bentleys still use them. Better to just class up.

Re:OMG, someone just turned on my heater!!!

[bobbied]

Your Goose is cooked man... The heat is on!

At least until the battery dies...

All this talk

[Marginal+Coward]

All this talk about hijacking a car's HVAC system puts me into a cold sweat.

Re:Tiny non-problem discovered

[beelsebob]

Assuming you have the thing plugged in.

Which, given that these types of cars are pretty much exclusively commuter vehicles, and many workplaces provide plugs these days is pretty likely.

Generally, they're either sat at work, or at home, usually plugged in.

That's the big advantage of an electric car, no range anxiety, unlike with a petrol car. You never have to think about filling it up with petrol, because it just gets plugged in every time you stop.

Re:Tiny non-problem discovered

[Aaden42]

Your silly is my nice convenience. Open the windows from my office on a hot sunny day. Car isn't a million degrees by the time I get out there. Forget to close my windows and it starts raining? Close them remotely, and I stay dry.

Leaf HVAC is the same thing, and is actually more important for an electric, assuming you're plugged in. You can start the heat or A/C when you're parked, still plugged in. The car gets up or down to your desired temperature while still running on the grid instead of draining your battery. Not having to ride around in a cold/hot car is just a nice perk.

Of course there should be a secret to go with the known value of the VIN. VIN is readable in the windshield, so if you want to get back at someone who's parked like an ass, just start his A/C & kill his battery...

Re:Tiny non-problem discovered

[idontgno]

Ah, Nissan didn't take long to put their damage-controlls online.

Thanks for sharing the company's PR perspective with us, AC. But how 'bout we actually discuss the real facts and the real effects, hmm?

Slashdot moderators... I am disappoint.

Re:Tiny non-problem discovered

[Ralph+Wiggam]

I own a Leaf in the desert southwest. Being able to turn on the AC from your phone is fantastic. The difference between getting into an 80 degree car and a 120 degree car is pretty huge.

AT&T 2G Sunset

[certsoft]

Nissan Leafs use AT&T 2G modems to connect to the server, so do Ford's Focus Electric and Energi PHEVs. AT&T 2G dies at the end of 2016 so I guess the problem will solve itself eventually.

Re:Tiny non-problem discovered

[mjwx]

Why would you have a remote control feature on a car enabled at ALL?

For people who live in properly hot or cold areas, being able to heat or cool your car down to a sensible temprature before getting in is a godsend. Especially if you live in a humid area and need to demist your windows when it gets as low as 16 degrees C.

Also see this informative picture.

I used to drive a manual with a metal gear stick knob, I have the H-pattern permanently burned into my palm as a result.

Re:Tiny non-problem discovered

[cayenne8]

...and many workplaces provide plugs these days is pretty likely.

Wow..I have yet to see ANY charging stations anywhere in the city, much less at a parking lot where people work.

I would guess they're pretty much only prevalent out west in CA and the like and maybe in some of the North East states?

Troy Hunt

[mjwx]

Some of Nissan's Leaf cars can be easily hacked, allowing their heating and air-conditioning systems to be hijacked, according to [Troy Hunt,] a prominent security researcher

It was actually Troy's brother, Mike who discovered the vulnerability.

Re:Tiny non-problem discovered

[Lehk228]

The difference between getting into an 80 degree car and a 120 degree car is pretty huge.

I am never moving to the southwest.

Re:Tiny non-problem discovered

[birukun]

Well because ......... Internet of Shit

https://twitter.com/internetof...

Re:Should have used APPS, not HVAC!

[ChunderDownunder]

I preferred the pizza analogist.

Re: Tiny non-problem discovered

[nsuccorso]

You're assuming the pizza restaurant is staffed. Instead, the pizza is assembled and cooked by a robotic system. Your self-driving car communicates directly with the pizza restaurant main AI, informing it when it arrives, at which point a robotic arm puts the pizza in the car. Meanwhile, sentry guns fire rubber bullets at the hoards of permanently unemployed and desperate humans attempting to loot the pizza restaurant and turn your car to scrap. During all of this, you lounge casually around your living room in the fortified neighborhood you call home, secure in the certainty that what differentiates you from the ravenous hordes is that they are stupid and lazy.

Re:Tiny non-problem discovered

[beelsebob]

120F cars are not uncommon, even in not the south west. A car sat out on a 75F will be 120F inside in about an hour. On a 100F day it'll be 150F inside in the same time.

Re:Tiny non-problem discovered

[goose-incarnated]

That's the big advantage of an electric car, no range anxiety, unlike with a petrol car.

No one gets range anxiety when they can fill up anywhere on their route in less than five minutes.

(Is this one of those things where you think that if enough people repeat it enough it will become true? Those approaches hardly ever work).

Re:Tiny non-problem discovered

[amiga3D]

I've never seen a plug anywhere for electric cars to charge up. I've heard some employers out in California provide them and maybe a few other places but even there I hear complaints about not enough charging ports. Does your employer have a port for every single electric car?

Re:Tiny non-problem discovered

[amiga3D]

The best part is really you're not turning the car on, just the heater. I can't wait until the range gets up to around 300 miles and charging stations become normal. Until then I'll just keep dreaming.