car hacks

466 Articles

Jailbreaking Tesla Infotainment Systems

August 5, 2023 by 22 Comments

With newer cars being computers on wheels, some manufacturers are using software to put features behind a paywall or thwarting DIY repairs. Industrious hackers security researchers have taken it upon themselves to set these features free by hacking a Tesla infotainment system. (via Electrek)

The researchers from TU Berlin found that by using a voltage fault injection attack against the AMD Secure Processor (ASP) at the heart of current Tesla models, they could run arbitrary code on the infotainment system. The hack opens up the double-edged sword of an attacker gaining access to encrypted PII or a shadetree mechanic “extracting a TPM-protected attestation key Tesla uses to authenticate the car. This enables migrating a car’s identity to another car computer without Tesla’s help whatsoever, easing certain repairing efforts.” We can see this being handy for certain other unsanctioned hacks as well.

The attack is purported as being “unpatchable” and giving root access that survives reboots and updates of the system. Since AMD is a vendor to multiple vehicle companies, the question arises as to how widely applicable this hack is to other vehicles suffering from AaaS (Automotive as a Service).

Longing for a modern drivetrain with the simplicity of yesteryear? Read our Minimal Motoring Manifesto.

Get MOST Into Your Pi

August 3, 2023 by 15 Comments

When looking the modify a passenger vehicle, the Controller Area Network (CAN) bus is a pretty easy target. In modern vehicles it has access to most of the on-board systems — everything from the climate control to the instrument cluster and often even the throttle, braking, and steering systems. With as versatile as the CAN bus is, though, it’s not the right tool for every job. There’s also the Media Oriented Systems Transport (MOST) bus which is increasingly found in automotive systems to handle multimedia such as streaming music to the stereo. To access that system you’ll need to approach it slightly differently as [Rhys] demonstrates.

[Rhys] has been working on replacing the dated head unit in his Jaguar, and began by investigating the CAN bus. He got almost everything working with replacement hardware except the stereo, which is where the MOST bus comes into play. It provides a much higher bandwidth than the CAN bus can accommodate but with almost no documentation it was difficult to interact with at first. With the help of a Raspberry Pi and a lot of testing he is able to get the stereo working again with a much more modern-looking touchscreen for control. It is also able to do things like change CDs in the car’s CD player, gather song information from the CD to display on the panel, and can perform other functions of the infotainment center.

For more detailed information on the MOST bus, [Rhys] also maintains a website where he puts his discoveries and other information he finds about this system. Unfortunately car stereo systems in modern vehicles can get pretty complicated these days, but adapting car stereos in older vehicles to modern technology carries some interesting challenges as well.

Continue reading “Get MOST Into Your Pi”

a modern car dipped into a chemical bath for electrodeposition adding a phosphate layer

Watching Paint Dry For Over 100 Years

July 2, 2023 by 19 Comments

A Model T Ford customer could famously get their car “in any color he wants, so long as it’s black.” Thus begins [edconway]’s recounting of the incremental improvements in car paint and its surprising role in mass production, marketing, and longevity of automobiles.

In it, we learn that the aforementioned black paint from Ford had so much asphalt in it that black was the only color that would work. Not to go down a This Is Spinal Tap rabbit hole, but there were several kinds of black on those Model Ts. Over 30 of them were used for various purposes. The paints also dried in different ways. While the assembly only took 12 hours, the paint drying time took days, even weeks backing up production and begging for innovation. [edconway] then fast-forwards to an era of “conspicuous consumption and ‘planned obsolescence’” with DuPont’s invention of Duco that brought color to the world of automobiles.

edconway graph of paint drying time by year

See the article for the real story of advances in paint technology and drying time. Paint application technology has also steadily improved over the years, so we recommend diving in to get the century’s long story.

An open engine bay for a small car. The wheels are off so the hubs and brakes are visible to the side and the electric motor mounted on top of the vehicle's original engine block is in the center of the image.

A Different Approach To EV Conversions

June 28, 2023 by 53 Comments

While there are a lot of exciting electric vehicles finally coming to market, many of us feel nostalgic for the fossil cars of our youth. [Mihir Vardhan] restored his grandfather’s car with an unusual gas-to-EV conversion.

While this conversion starts in the usual fashion by pulling out the gas engine, [Vardhan] takes a different tack than most by not just bolting an electric motor up to the transmission. Instead, he and his crew removed the head and pistons from the petrol burner and bolted the electric motor to the top on an L-shaped bracket. Using the timing belt to transfer power to the crankshaft, there is no need to figure out additional motors for the A/C compressor or power steering pump, greatly simplifying implementation.

[Vardhan] did need to add a vacuum pump for the braking system and used a DC/DC converter to step down the 72V traction battery voltage to the 12V needed to charge the accessory battery. While it doesn’t exactly boast the performance of a Tesla, his bargain-basement conversion does yield a converted vehicle that can get around town for only around $3k US, even if it does mean your EV still needs oil changes. We think this could work even better on a vehicle with a timing chain instead of a belt, but it’s certainly an interesting way to go about the conversion process.

We’ve covered our fondness for EV conversions in the past for cars, motorcycles, and boats if you’d like to dig deeper. Have your own EV conversion you think we should cover? Send us a tip!

Continue reading “A Different Approach To EV Conversions”

An Unexpected Upset In EV Charging Standards

June 21, 2023 by 52 Comments

Last November, Tesla open-sourced parts of its charging infrastructure, not-so-humbly unveiling it as the North American Charging Standard (NACS). It’s finally taking off with a number of manufacturers signing on.

Companies launching “standards” based on their previously proprietary technology in opposition to an established alternative usually leads to standards proliferation. However, with recent announcements from Ford, GM, and Rivian that they would begin supporting NACS in their vehicles, it seems a new dominant standard is supplanting CCS (and the all-but-dead CHAdeMO) in North America.

As Tesla already has the most extensive charging network on the continent and has begun opening it up for other EVs, it makes sense that other marques would want to support NACS, if nothing else to satiate customer demand for a dead-simple charging experience. Dongles are annoying enough for plugging in an external monitor. Having to mess with one while handling high-power electrical connections is less than ideal, to say the least.

If you want to add NACS to your own EV project, the standard is here. We’ve discussed some of the different standards before as well as work toward wirelessly charging EVs (besides the inductive charger on the EV1). It certainly seems like the time to get in on the ground floor of an EV charging empire with an army of Charglas.

Using Sonar To Measure Traffic Speeds

June 19, 2023 by 21 Comments

One of the most common ways of measuring the speed of a vehicle is by using radar, which typically involves generating radio waves, directing them at a moving vehicle, and measuring the various ways that they return to the device. This is a tried-and-true method, but can be expensive and technically complex. [GeeDub] wanted an easier way of measuring vehicles passing by his home, so he switched to using sonar instead to measure speeds based on the sounds the cars generate themselves.

The method he is using is similar to passive sonar in submarines, which can locate objects underwater based on the sounds they produce. After a false start attempting to measure Doppler shift, he switched to time correlation using two microphones, essentially using stereo audio input to detect subtle differences in arrival times of various sounds to detect the positions of passing vehicles. Doing this fast enough and extrapolating the data gathered, speed information can be calculated. For the data gathering and calculation, [GeeDub] is using a Raspberry Pi to help keep costs down, and some further configuration of the microphones and their power supplies were also needed to ensure quality audio was gathered.

With the system in place in a window, it detected around 9,000 vehicles over a three-day period. The software generates a normal distribution of vehicle speeds for this time, with the distribution centered on around 35 MPH, slightly above the posted speed limit of 30. As long as there’s a clear line of sight to the road using this system it’s just as effective as some other passive systems we’ve seen to measure vehicle speed. Of course, active speed measurement systems are not out of the realm of possibility if you’re willing to spend a little more.

Hyundai Is Doomed: Porting The 1993 Classic To A Hyundai Head Unit

June 11, 2023 by 6 Comments

In the natural order of the world, porting DOOM to any newly unlocked computing system is an absolute given. This a rule which [greenluigi1] understands all too well, leading to presumably the first Hyundai to be equipped with this all-time classic on its infotainment system. This follows hot on the trail of re-hacking said infotainment system and a gaggle of basic apps being developed for and run on said head unit (being the part of the infotainment system on the front dashboard). Although it is a Linux-based system, this doesn’t mean that you can just recompile DOOM for it, mostly because of the rather proprietary system environment.

To make life easy, [greenluigi1] picked doomgeneric as the version to port. The main selling point of this project is that it only requires the developer to implement five functions to support a new platform, which then ‘just’ left figuring out how to do this on a head unit. Two of these (DG_SleepMs() and DG_GetTicksMS()) could be copied verbatim from the X11/xlib port, but the remaining three required a bit of sleuthing.

Where things go sideways is with keeping the head unit’s Helix window manager happy, and stick to the limited ways a GUI application can be launched, including the way arguments are passed. For the PoC, it was decided to just hardcode these arguments and only register the game with Helix using an .appconf configuration file. When it came to drawing pretty graphics on the screen, this was decidedly easier since the system uses Qt5 and thus offers the usual ways to draw to a QPixmap, which in this case maps to the framebuffer.

After a few playful sessions with the head unit’s watchdog timer, [greenluigi1] found himself staring at a blank screen, despite everything appearing to work. This turned out to be due to the alpha channel value of 0 that was being set by default, along with the need for an explicit refresh of the QPixmap. Up popped DOOM, which left just the implementation of the controls.

In order to start the game, you have to literally buckle up, and the steering wheel plus media control buttons are your inputs, which makes for a creative way to play, and perhaps wear some bald spots onto your tires if you’re not careful. If you’d like to give it a shot on your own ride, you can get the project files on GitHub.

Continue reading “Hyundai Is Doomed: Porting The 1993 Classic To A Hyundai Head Unit”