Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacker May Have Discovered Plans For A Tesla P100D (jalopnik.com)

Posted by BeauHD on from the white-hat dept.

One computer wiz claims to have hacked into Tesla's firmware and discovered a reference to a juicier battery. Self-proclaimed white hat hacker, Jason Hughes, says he discovered a secret in Tesla's firmware 7.1, but he didn't want to tell the world outright what he discovered, so he made Tesla Motors Club forum-members work for it by obfuscating the secret with a hash. TheSHA256 hash, a one-way function, would either require forum members to guess and check to decrypt this code, or to look it up in a hash directory. Forum member LuckyLuke decrypted Hughes' hash and discovered its meaning: P100D. P100D is the nickname given to Tesla's upcoming 100-kWh battery pack that would give the Model S a range of 300 miles or more. In response to a fellow forum-member decrypting his secret code, Hughes responded on Twitter. On the forum, Hughes had some additional information to mention, saying: There have been references to the P100D in firmwares as early as 2 months ago. They finally added the badges to 2.13.77. I mucked it up a bit by adding a crappy background (it's a PNG with transparency in the firmware)... There are quite a few things that are in the firmware that I'm not prepared to share publicly. Just like the P100D has been in there for months with my lips mostly sealed. I don't want to spoil all of Tesla's surprises.

2 of 85 comments (clear)

  1. Sneaky Musk! by Lisandro · · Score: 4, Interesting

    Seems the guys' Tesla automagically downgraded its firmware after the discovery was made public. Musk's answer is priceless.

  2. Re:How do you decrypt a hash? by fnj · · Score: 3, Interesting

    Gah, never mind :( The article i linked lists a practical attack on SHA-1 (aka SHA160), not SHA-2. Still, it is basically the same algorithm with a larger key so it is a matter of time until someone breaks it too.

    You have to specify the subtype of SHA-2.

    SHA-1 has only 80 bits of effective security when its weakness is exploited. That's still up to 1.2 trillion trillion computational combinations.
    SHA-256 raises that to 128 bits, which is 281 trillion times more computational work.
    the SHA-512 subtype of SHA-2 raises that to 256 bits, which is 96 thousand trillion trillion trillion trillion times more computational work than SHA-1.

    You could put all the energy in the universe to work on "breaking" SHA-2 SHA-512 and I'm pretty sure you wouldn't get it done before the heat death of the universe. Sure, it's "only" a matter of degree, but the degree is so staggeringly large as to defy the imagination. We're not looking at either just a few years of tech advance, or just a few years of supercomputer time per crack here.

    P.S. - it is criminally, brain-dead stupid to use anything less than SHA-2 SHA-512 for anything new. It's not only trillions of trillions of times more secure than SHA-2 SHA-256, but it's actually FASTER to calculate, and only takes about twice as much time to calculate as the completely obsolete, broken MD5. It just makes me cry to see people still using MD5 and SHA-1 for file checksums when there is just no excuse for doing so.