Hacker May Have Discovered Plans For A Tesla P100D

One computer wiz claims to have hacked into Tesla's firmware and discovered a reference to a juicier battery. Self-proclaimed white hat hacker, Jason Hughes, says he discovered a secret in Tesla's firmware 7.1, but he didn't want to tell the world outright what he discovered, so he made Tesla Motors Club forum-members work for it by obfuscating the secret with a hash. TheSHA256 hash, a one-way function, would either require forum members to guess and check to decrypt this code, or to look it up in a hash directory. Forum member LuckyLuke decrypted Hughes' hash and discovered its meaning: P100D. P100D is the nickname given to Tesla's upcoming 100-kWh battery pack that would give the Model S a range of 300 miles or more. In response to a fellow forum-member decrypting his secret code, Hughes responded on Twitter. On the forum, Hughes had some additional information to mention, saying: There have been references to the P100D in firmwares as early as 2 months ago. They finally added the badges to 2.13.77. I mucked it up a bit by adding a crappy background (it's a PNG with transparency in the firmware)... There are quite a few things that are in the firmware that I'm not prepared to share publicly. Just like the P100D has been in there for months with my lips mostly sealed. I don't want to spoil all of Tesla's surprises.

Good Grief

[Frosty+Piss]

He's being awfully "cagey" about it considering he gave most of it away anything. Sounds like an attention seeker.

Re:Good Grief

Agreed; this is the gayest (obligatory not that it's a bad thing) whodunit I've seen in quite a while.

Re:Good Grief

[barbariccow]

How I read this story (written from author's perspective):

HEY GUYS, GUESS WHAT??

I can predict the future. But I'm so cool I'm not gonna tell you how I did it or what I found. Anyway here's a sha256sum: "e81de80d870d171ede549b4d212bcfe88c58dd0fdcc4f243a0426a48078cfe25" crack it and you'll learn something amazing about the future!

Re: Good Grief

Or he's advertising for private bidders

Re:Good Grief

[cas2000]

most likely he'll turn out to be some marketing scumbag trying to dress up a rather ordinary press release with some bullshit about "hacking" and sup3r-s3kr3t codez!!! that need to be decrypted.

Re:Good Grief

So Jason Hughes is really John McAfee?

two questions

[Quirkz]

1. Are you actually white hat if you're spilling secrets that aren't yours to tell?

2. What the heck is a P100D? Couldn't that be squeezed somewhere in the paragraph?

Re:two questions

[TheCarp]

Based on the title I duduce it is a battery.

I guess 100 must be the weight of it in stone. Why the weight of it? Beats the fuck out of me, seems like a stupid designation; but, with no other reference, not even what the name of other batteries is, I just have to make assumptions.

What we do know is its a battery and its "juicier" what we don't know is if its apple or orange. Knowing tesla, they probably went with grape right?

Re:two questions

[fonos]

1. Are you actually white hat if you're spilling secrets that aren't yours to tell?

He looked at the firmware that was installed in a car the he (I presume) owned, and published his findings. If you want to keep something like this a secret don't distribute this "secret" in a firmware update that every single Tesla owner receives.

Re: two questions

[Type44Q]

...if you're spilling secrets that aren't yours to tell?

I'd love to hear WTF that even means.

Re:two questions

[MindStalker]

There currently are 3 models of Tesla.
P70 with a 70kWh battery and P90 with a 90kWh battery, and P90D with dual motors.

Re: two questions

[Type44Q]

I guess 100 must be the weight of it in stone

i wonder if this'll be the one that's available with the "Totally Fucking Insane Speed" option...

Re:two questions

[Quirkz]

Okay, that makes more sense. Firmware already released to a car is essentially public. I guess I missed that, and was thinking it was private data.

Re:two questions

[BeauHD]

Edit: "P100D is the nickname given to Tesla's upcoming 100-kWh battery pack that would give the Model S a range of 300 miles or more."

Cheers!

Re:two questions

[Impy+the+Impiuos+Imp]

So you are saying we have no clue what a 100D is?

Re:two questions

It's a penis size estimator.

Re:two questions

[MobileTatsu-NJG]

It's a hundred D-batteries. Duh!

Re: two questions

[MouseR]

It's going to be called "plaid"

https://www.youtube.com/watch?...

Re:two questions

There currently are 3 models of Tesla.
P70 with a 70kWh battery and P90 with a 90kWh battery, and P90D with dual motors.

You are incorrect. There is no P (performance) option for the 70, and there is a D (dual motor) option for it. Also, there isn't a single motor option for the 90. The actual list for the Model S are 70, 70D, 90D and P90D.

Their website doesn't give any options for the Model X yet.

Re:two questions

[Firethorn]

I guess 100 must be the weight of it in stone.

Why guess, it's in the article & summary? It's in line with the way that Tesla does model numbers.
The base is a number. The number is the kWh of the battery. So a "70" is a 70 kWh battery, '85' is 85kWh, 90, etc...
If it's a performance model, a "P" is prepended. so a P85 would be a Performance edition with an 85kWh battery.
Then there's the drive train. If it's all wheel drive, a "D" is appended. So a 70D is a 70kWh battery connected to a 4 wheel drive chassis.

Today, the options are - 70, 70D, 90D, P90D. I listed the 85kWh model because it was before Tesla started transitioning to nearly exclusively all wheel drive models.
Given that a 85D could be nursed over 300 miles rather easily, and that a 90D is 270 miles EPA, an extra 10 kWh would give you a realistic range very, very close to 300 miles, maybe even over 300 if you don't drive like an idiot in a P100D.

Re:two questions

[AaronW]

There is no P70 or P90. The "P" series are the performance cars. There is only a P90D. There is a S70 and S90 and S90D, however.

I drive a P85 which is no longer made, the performance version of the 85KWh model.

Re:two questions

[Quirkz]

Thanks. You're new here; I should give you some slack. But I've been a copy editor, so I can't give anyone slack. Paradox? Regardless, that's an informative edit, and helps quite a bit. Nice to see the new folks listening.

Re:two questions

[Quirkz]

It's a hundred D-batteries. Duh!

Well, that covers the 100D, but you left the P out. Given your sig, I don't think I want to know what that stands for.

Re:two questions

[AmiMoJo]

More over, the old 85kWh battery was rated for 300 miles range so a 100kWh battery will be rated higher than that. Realistic driving range will likely be around 300 miles at motorway speeds.

The D is for dual motors, which is the highest performance version.

Re:two questions

[Frosty+Piss]

Whoooooooooosh...

Re:two questions

P100D is the successor of the popular P90X workout

Re:two questions

[cellocgw]

Dunno... that old "DRM" thing might make it illegal to do so much as run

%strings tesla_firmware.exe

Re:two questions

It's right in the summary, genius:
100-kWh battery pack that would give the Model S a range of 300 miles or more

Sneaky Musk!

[Lisandro]

Seems the guys' Tesla automagically downgraded its firmware after the discovery was made public. Musk's answer is priceless.

"Hacker" Sounds Like a Dickhead

See subject.

"Hacker LucklyLuke"

"We don’t know how he did it, but forum member LuckyLuke decrypted Hughes’ hash and discovered its meaning: P100D."

https://crackstation.net/

so?

Tried to give a shit - even read TFA - can't give a shit. Laaaaaaaaaaame.

Re:so?

If that were true, you wouldn't have posted.

An unprompted "Hey everyone, I don't care about this!" is always a lie.

Re:so?

Try Ex-Lax or better still Senna Tea. Then you'll give at least 2 shits.

Where to get the firmware

Is there a site to download the firmware and manually update, or is this a "connect your car to your home wifi" type situation?

Re:Where to get the firmware

The Tesla mothership pushes it to the car via a vpn over wifi or the built-in cellular.

Don't care.

That "hacker" sounds like a fucktard too.

personally

i think it should be illegal to publish info obtained illegally but that's just me.

Re:personally

[Lisandro]

i think it should be illegal to publish info obtained illegally but that's just me.

Is it illegal to reverse-engineer a firmware downloaded via WiFi?

Re:personally

[KGIII]

Given the DMCA, quite probably.

Re:personally

[Grishnakh]

It's not illegal to hack into a device that you own, idiot.

Re:personally

It is illegal to publish things for which you own neither the copyright for, or permission (either explicit or via an exemption) to though.

Re:personally

[Grishnakh]

The 5-letter sequence "P100D" is not copyrightable.

Re:personally

[msauve]

"strings firmware.bin" is now considered reverse-engineering?

Re:personally

[MrLogic17]

Courts have consistently rules that reverse engineering is legal & protected.

Re:personally

You could say that about literally anything

How do you decrypt a hash?

[Nutria]

Aren't they -- by design -- one-way?

Re:How do you decrypt a hash?

[Lisandro]

Typically you just brute-force them. SHA256 is a special case because, just like MD5, is effectively broken: you can decrypt them with significantly less operations than the brute force approach would require.

Re:How do you decrypt a hash?

Good job confusing SHA1 with SHA256....

SHA256 is still quite secure, SHA1 is not.

Re:How do you decrypt a hash?

[Lisandro]

Gah, never mind :( The article i linked lists a practical attack on SHA-1 (aka SHA160), not SHA-2. Still, it is basically the same algorithm with a larger key so it is a matter of time until someone breaks it too.

Re: How do you decrypt a hash?

[casings]

That is not decrypting though. Encryption and hashing are different things. Hashing functions are many to one whereas encryption functions are one-to-one. So, due to the pigeon hole principle, there will be multiple inputs that correspond to any hash. They just found the most likely input. This means you cannot decrypt a hash. The same is not true for encryption which is why the cipher can be decrypted. So to repeat: You can discover a correct input by brute forcing hashes, but that isn't decryption since multiple inputs can correspond to a hash unlike encryption where the relationship is 1:1.

Re:How do you decrypt a hash?

While they share some similarity, SHA-2 and SHA-1 are still pretty different. The vulnerabilities that makes attacks against SHA-1 feasible are not present in SHA-2. Calling them 'basically the same algorithm with a larger key' is definitely not correct.

Re: How do you decrypt a hash?

[Lisandro]

Agreed, but "decrypting" is the common term used for breaking hashes - you only need one input generating the hash value you're after.

It is also interesting how most hash algorithms are built around block cipher primitives.

Re:How do you decrypt a hash?

[fnj]

Gah, never mind :( The article i linked lists a practical attack on SHA-1 (aka SHA160), not SHA-2. Still, it is basically the same algorithm with a larger key so it is a matter of time until someone breaks it too.

You have to specify the subtype of SHA-2.

SHA-1 has only 80 bits of effective security when its weakness is exploited. That's still up to 1.2 trillion trillion computational combinations.
SHA-256 raises that to 128 bits, which is 281 trillion times more computational work.
the SHA-512 subtype of SHA-2 raises that to 256 bits, which is 96 thousand trillion trillion trillion trillion times more computational work than SHA-1.

You could put all the energy in the universe to work on "breaking" SHA-2 SHA-512 and I'm pretty sure you wouldn't get it done before the heat death of the universe. Sure, it's "only" a matter of degree, but the degree is so staggeringly large as to defy the imagination. We're not looking at either just a few years of tech advance, or just a few years of supercomputer time per crack here.

P.S. - it is criminally, brain-dead stupid to use anything less than SHA-2 SHA-512 for anything new. It's not only trillions of trillions of times more secure than SHA-2 SHA-256, but it's actually FASTER to calculate, and only takes about twice as much time to calculate as the completely obsolete, broken MD5. It just makes me cry to see people still using MD5 and SHA-1 for file checksums when there is just no excuse for doing so.

Re:How do you decrypt a hash?

[GuB-42]

No it is not, and for this particular attack (preimage) neither MD5 nor any of the SHA are broken.
What you linked is a unpractical collision attack on SHA-1 (not SHA256). Collision attacks are much weaker. And no actual collision have been published on the standard SHA-1 (but we may be close) and AFAIK, the full SHA256 is still completely safe.

Re:How do you decrypt a hash?

[davros74]

There are lots of reasons for not doing so. Lack of support for SHA-2 is one of them. Given the myriads of different OSes and platforms I have run filechecks on, MD5 is always available, and usually SHA-1. Only on recent Linux machines do I have sha256sum and sha512sum, but that doesn't do me much good if someone is using an old Solaris machine and only has access to MD5.

Also, I am not transferring files over the public Internet, so MD5/SHA1 is reasonably fine on a private internal only network. I would agree that files obtained over the public Internet should use SHA-256/512, but that doesn't make the older ones completely useless. I find SHA-1 the most useful for file checksums internally where I work, because then my checksums also match all the checksums used by Subversion.

Not a secret

[110010001000]

The next Tesla S is model name P100D. The Tesla S P100D.

Re: fp

I pour one out for my home every Denzel Day.

Tesla's Range won't be suitable

[thegarbz]

Dammit I won't consider an electric car until it can do at least 100 miles one one charge!

What? Oh okay.

Dammit I won't consider an electric car until it can do at least 200 miles one one charge!

What? Really? 200miles? Already. No I definitely did not say 100 miles previously. Okay.

Dammit I won't consider an electric car until it can do at least 300 miles on one charge! AND I reserve my right to change my view with every new breakthrough in the electric car market!

Re:Tesla's Range won't be suitable

I believe the record for a model S is 550 miles on one charge. The average speed was about 20 mph and the driver took local weather conditions into account to get a tail wind in all directions.

Re:Tesla's Range won't be suitable

313mile in 2009 https://www.teslamotors.com/en_AU/blog/tesla-roadster-travels-313-miles-single-charge
423mile in 2012 https://www.teslamotors.com/en_AU/customer-stories/world-record-father-son-drive
450miles in 2015 http://www.autoblog.com/2015/08/25/theres-a-new-tesla-model-s-long-distance-record-452-8-miles/
550miles later in 2015 http://www.autoblog.com/2015/09/16/tesla-model-s-500-miles-on-one-charge/

Re:Tesla's Range won't be suitable

That's nothing. I can get a Tesla to go forever.

All I need is 100 billion dollars to invent broadcast power.

Re:Tesla's Range won't be suitable

Gut the car, add a bermuda rig, pick a blustery day.

Re:Tesla's Range won't be suitable

This isn't the issue. I rarely drive my ICE car more than 200-250 miles between fill ups. The issue is that it takes only 5 minutes to refill my ICE car fuel tank. I've been over the Grapevine on I-5 and see the Tesla guys getting their free charge before they head over. I can fill my car AND EAT A NICE LUNCH and when I come back out the Tesla boys are still waiting for their charge to finish. Bottom line I am not leaving my car alone to charge at that place, I am not walking to eat lunch, I am not standing in the 100F temps, or the freezing rain, or the snow. /shrug I want a 15 min recharge to 80% like Porsche promises with Mission E. And even then I am likely to buy a Macan instead for the near future.

Re:Tesla's Range won't be suitable

It takes 30 minutes to recharge at a Supercharger station after 3 hours of driving. That's enough time to grab a bite to eat, go to the restroom, and get back in your car for 3 more hours of driving to the next station.

Re:Tesla's Range won't be suitable

[thegarbz]

I never drive more than 10miles but I won't ever buy a car that can't fly me to the moon if I ever so desire! It's just not acceptable.

Re:Tesla's Range won't be suitable

[MMC+Monster]

You're supposed to leave the Tesla at the supercharger plugged in and go get a bite to eat or use the restrooms. That's why they put the superchargers near eateries and bathrooms instead of a barren stretch of the highway.

And, of course, you're also supposed to charge up at home so you always leave the house with a 90% (~235 mile on the 85kwh battery) charge.

Who gives a fuck

This company would not be around today if not for a hand out from Barry Obama.

Re:Who gives a fuck

[stephows]

From Wikipedia:

In June 2009 Tesla was approved to receive US$465 million in interest-bearing loans from the United States Department of Energy. The funding, part of the US$8 billion Advanced Technology Vehicles Manufacturing Loan Program, supports engineering and production of the Model S sedan, as well as the development of commercial powertrain technology.[49] The low-interest loans are not related to the "bailout" funds that GM and Chrysler received, nor are they related to the 2009 economic stimulus package. The loan program was created in 2007 during the George W. Bush administration.[50] Tesla repaid the loan in May 2013. Tesla was the first car company to have fully repaid the government, while Ford, Nissan and Fisker had not.

So, Tesla took a loan from the government and paid it back. Whereas Ford, Nissan and Fisker took loans and have not paid them back yet. And GM and Chrysler took bailout packages and did not fully repay them. Oh, how evil of Tesla to pay back when others didn't !!!

Re:Who gives a fuck

A government hand out is a government hand out. Doesn't matter if they pay it back or not.

Re:Who gives a fuck

[haruchai]

"Doesn't matter if they pay it back or not" - You must work on Wall St.

Published software should have been free software.

[jbn-o]

People ought to own the cars they buy including the software in the cars. The published software should have been published as free software in the first place. Stop making excuses against customers stuck with proprietary software. It was Tesla's choice to put that information into the software, but there are more important issues than future products at stake here: It's only a matter of time until we learn of more ripoffs ala VW's recent gaming the environmental reviews. The thing that ties these issues together is that proprietary software makes it all of a piece.

The wrong approach.

[Diac]

I have no idea why they are making electric cars. What they need to do is make an electric van and an electric truck.

When a new fuel source comes out you target industry first rather than domestic, it happened with petrol and diesel. Commercial has the money to buy your vans and trucks rather than a select group of rich people, they have the resources to make a demand for charging stations at fixed points around the locations they need usually large population centers.

After they have laid down the infrastructure it much easier to then start making and selling domestic vehicles as well as the infrastructure to power them is now common place due to the demand from industry.

Re: The wrong approach.

You know that is not true, cars were a rich guys toy initially. Similar to the model S currently. I think they are on the right path.

Re:The wrong approach.

[Jeremi]

I have no idea why they are making electric cars. What they need to do is make an electric van and an electric truck.

Agreed. Also, Serena Williams should stop wasting her time playing tennis. What she really needs to do is take up golf, she'd be much more successful at that. I know this because I am an expert on these things.

Re:Published software should have been free softwa

[Gojira+Shipi-Taro]

"The published software should have been published as free software in the first place."

That's a wonderful fantasy world you live in. What color is the sky?

Drum roll...

[TheRealHocusLocus]

Found in battery firmware!... Tesla's new battery will be called

>>> NSAKEY <<<

1980 called...

[MrLogic17]

"One computer wiz claims..."

Wait - I thought we stopped using that term back in the 80's.
Can we stop calling everyone who searches for strings in a ROM a "computer wiz"? Please?

The "white hat" who just hacked a propiratory FW.

And released his finds damaging the company owning the software. White hat has gotten a new meaing I gather.

Trolling much

[m76]

"I don't want to give away the secret outright, I'd rather make a stupid game, where people have to work for it, and troll about how there is much more where that came from"

Just another troll, ban him, sue him, and fry his ass.

insider trading?

Would it be considered insider training if this guy used his knowledge gleaned from hacking firmware to invest in the stock market accordingly to these "supposed" secrets?

So fucking what!

GE bought up a handful of battery patents that are claimed to be up to 500kW and self charge over time. The old guy that invented it died thinking his inventions went to bettering man-kind. GE locked it up and won't be letting anyone touch (or know about it) for a long time. Probably until oil runs out.

So... Some hacker checked the firmware with a hex editor and found a reference to a battery... Whoopie fucking do.