Their infotaiment uses a customized Debian distro. On a Model S you could easily get a shell into it, because they used a freaking SSH with a password-based authentication over Ethernet to connect from the instrument cluster to the computer in the central console.
This is a gist created 1 hour ago. No proof of the attack vector. What's the point of posting a private key?
Also, so what if they used Debian? Linux is used on everything. Debian has multiple licenses, it also has BSD3 and others to choose from: https://www.debian.org/legal/licenses/
In case anybody wants it. I can do a more detailed writeup about hacking into my Tesla, but I'm not particularly interested in that. In short, I bought an Tesla instrument cluster on eBay and dumped the NAND chips from it.
They use plenty of GPL software there, including the Linux kernel itself.
Ok, you seem to be implying that just the use of GPL software necessitates the open sourcing of anything you build on it or with it. If that were the case, then all of AWS would be open sourced and all of the server backends built on Ubuntu clusters would have to be open sourced.
As far as I understand, its only "derivative" works that must be open sourced. Not merely building a software program or hardware device on top of a Debian OS. Tesla's control console is hardly a derivative work.
Eh, if they were being compliant and merely building modules ontop of and called by BusyBox, they could get away with Mere Aggregation [0]*, but from a little looking around it looks like they were called out years ago for distributing modified BusyBox binaries without acknowledgement [1] and promised to work with the Software Conservancy to get in compliance. [2]
*but I would argue (a judge would be the only one to say with certainty) that Tesla does not provide an infotainment application "alongside" a linux host to run it on, they deliver a single product to the end user of which Debian/BusyBox/whatever is a significant constituent.
(P.S. to cyberax: if you can demonstrate that Tesla is still shipping modified binaries as in [1] I think it would make a worthwhile update to the saga.)
You could sniff the password with a man-in-the-middle attack, if you knew the host key of the instrument cluster. Here's one from my previous Model S: https://gist.github.com/Cyberax/ad9866ab4306d43957dc480db573...