Hacker News new | past | comments | ask | show | jobs | submit login

Docs are here: http://docs.timdorr.apiary.io/

This was discovered via the Android app in particular: https://play.google.com/store/apps/details?id=com.teslamotor...

I did some sniffing on the traffic, which is SSL encrypted, but luckily it's pretty easy to install your own CA in Android 4.1+.

They have both a Rails app and a nodejs server. The nodejs server is for live streaming car location and driving metrics. I haven't gotten that documented yet (but I'm accepting pull requests!), but some people have already been making use of it: http://www.teslamotorsclub.com/showthread.php/13410-Model-S-...

One guy already has his Model S tweeting: https://twitter.com/pureamps




Re:tweeting model s. Who would have thought that Knight Rider's Kit would be so into social networking?


I love Tesla, and the Model S seems great, but having a rails app server on my luxury car seems capricious.

How does it get updated? An attacker can at least unlock the doors or drain the battery (lights & HVAC control), and possibly it is an entry point for something much worse (unlocking & starting, or disabling controls while enroute). Is this a major security flaw or am I just spreading FUD?


It doesn't have a rails server on the car. The car communicates to Teslas datacenter, which is where the Rails servers are. You then query the API by querying the datacenter.


I certainly hope the engineers their are staying on top of the recent deluge of Rails patches. Tesla's database has a huge amount of private data; mostly containing information about rich and influential people. A black hat could undoubtedly profit by tracking people and correlating their location to affairs/secret business meetings/etc.


According to Elon Musk, it only sends data if you explicitly enable it.


I'd just like to add that they enabled it by default for cars they lend to media outlets for reviews after the Top Gun thing. Some people in the other thread were freaking out about how much Tesla knows about your car but a regular customer can just opt out.


I think you meant "Top Gear". ;)


Cool, that feels a lot better.


If I had a Model S, I'd write a BlackBerry 10 app using this. Kudos to you for this work!


And it looks like someone did it!

http://appworld.blackberry.com/webstore/content/23977878/?co...


Thanks for this awesome work ;)




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: