Consumer Reports Just Reversed its Stance on the Tesla Model 3

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,500
Last week Consumer Reports withheld its recommendation on the Tesla Model 3 after braking defects were found by CR testers. This didn't sit well with Elon Musk and he quickly contacted CR to tell them Tesla found the defect in the braking system and had fixed it with an over-the-air update. This resulted in CR giving the Model 3 its endorsement and Mr. Musk is now happy with this media outlet. Kind of funny when you think about it since he's been ranting about fake news lately.

The update has since been completed and shipped, and now Consumer Reports is both confirming that Tesla managed to improve the car’s braking distance by 20 feet and it says it’s giving the Model 3 its highly sought-after recommendation — even while it hopes Tesla will also do more to improve the car’s center-mounted touch controls, which its testers worry are difficult to use while driving.
 
I really want a Tesla but the price is too damn high. Also the waiting list is super long. Doesn't help that the other car manufacturers are making ugly small cars. I'm 6'4" you think I can fit in a leaf, or would want to? Also I like performance, and nobody else does it but Tesla.
 
That's all well and good that they fixed it but it kind of alarms me that they can make major changes to a major safety system like the brakes over the air.

That part, I don't know how I feel yet.

The whole point to having to plug into the OBD2 port to do anything to the PCM/ECU is like air-gapping a PC. The bad guy has to physically be on it to do anything. Being able to do something major over the air - whether on a PC or a car (and its much worse / dangerous of course on the car) - isn't something I'm sure I can accept yet.
 
That's all well and good that they fixed it but it kind of alarms me that they can make major changes to a major safety system like the brakes over the air.

That part, I don't know how I feel yet.

The whole point to having to plug into the OBD2 port to do anything to the PCM/ECU is like air-gapping a PC. The bad guy has to physically be on it to do anything. Being able to do something major over the air - whether on a PC or a car (and its much worse / dangerous of course on the car) - isn't something I'm sure I can accept yet.
I used to think that teslas that same 'macintosh protected by obscurity' benefit, but lately I see them quite a lot more during my commute. won't be long before someone decides they'll make a juicy target. Rich people tend to own them, what happens when they can be abducted along with their car and held for ransom?
 
That's all well and good that they fixed it but it kind of alarms me that they can make major changes to a major safety system like the brakes over the air.

That part, I don't know how I feel yet.

The whole point to having to plug into the OBD2 port to do anything to the PCM/ECU is like air-gapping a PC. The bad guy has to physically be on it to do anything. Being able to do something major over the air - whether on a PC or a car (and its much worse / dangerous of course on the car) - isn't something I'm sure I can accept yet.


I get what you are saying, I feel like they could get the best of both worlds with small hardware fix. What if they added an, "OK to Update" switch somewhere. When an update is available you get a message like "a new update is ready if you want it installed you can give permission by switching the switch in the glove box." Afterwards it says, "update successful please turn off the update switch." It would basically be like the write protect switch on SD cards.

I suppose a hostile party could spoof the message telling users to turn off write protection but there are ways they could guard against that. It could give you a code to check with your mobile app or something to verify it's legit.
 
The car they reviewed had a lot of problems in addition to the bad brakes. They still have a long way to go to become competitive.
 
I wonder how far the software can go the other way: how bad an OTA update could make the braking.
Could you essentially "cut the brake lines" via an OTA SW updated? Could one disgruntalled Tesla sysadmin do it to all Model 3s?

this.

we see how chryslers reacted to OTA attacks.

does this tesla system includs some kind of security or encryption that isn't tied in to the vehicle entertainment system?
 
That part, I don't know how I feel yet.


that.. i can understand. I love many of the things that tech has brought us. Do not care at all though for the way a great many companies have handled it though. with one data breach after another, coupled with constant insight into just how security is an after thought in many things, leaves one with no trust in tech.

i REALLY like the idea of teslas cars, but i am waiting for the other shoe to drop, to say, about them.
 
I got recommended for a position (not assembly or Solar roof bullshit) at Tesla this last week but given how the company is, I'm not too sure about the future. I had to ask my brother if it's worth the risk making the jump. Still not too confident about it.
 
Security is not the forte of automobile manufacturers.

Last summer we had 42 cars stolen in our neighborhood. All of the were done via a laptop and WiFi. They drove around sending out data sequences (police never said what the data was) and when a car flashed its lights they would come back later and steal it. Simply unlocking the door and using the remote engine start feature. Ta-da, it was gone.

Most were BMW's, but there were also Chevies and Dodge's in the mix.

Of course they fixed these exploits, but how many others are there lurking in the software of all these new cars? No thanks Tesla.
 
Security is not the forte of automobile manufacturers.

Last summer we had 42 cars stolen in our neighborhood. All of the were done via a laptop and WiFi. They drove around sending out data sequences (police never said what the data was) and when a car flashed its lights they would come back later and steal it. Simply unlocking the door and using the remote engine start feature. Ta-da, it was gone.

Most were BMW's, but there were also Chevies and Dodge's in the mix.

Of course they fixed these exploits, but how many others are there lurking in the software of all these new cars? No thanks Tesla.

If I were to trust any manufacturer to secure stuff like this in a car, it would be tesla. They build it from the ground up with this design in mind, unlike manufacturers just stupidly adding electronics to their cars with no security. The system calls home via Teslas WAN cards to pull the updates. It would be very difficult to intercept/manipulate that....
 
If I were to trust any manufacturer to secure stuff like this in a car, it would be tesla. They build it from the ground up with this design in mind, unlike manufacturers just stupidly adding electronics to their cars with no security. The system calls home via Teslas WAN cards to pull the updates. It would be very difficult to intercept/manipulate that....

Your choice, your opinion. We happen to be at opposite ends on this.

Here is something that is not an opinion. The only way to be fully secure is to only be able to change/control/update a car's electronics via a physical link only accessible with the owner's permission. The only thing to be concerned about then is if the update introduces a bug.
 
That's all well and good that they fixed it but it kind of alarms me that they can make major changes to a major safety system like the brakes over the air.

That part, I don't know how I feel yet.

Yeah, that's a little sketchy. On one hand it's nice they didn't have to do a recall and could just push a fix. On the other hand, it's a tad sketchy that the brakes are somewhat software controlled, given the fact they were about to adjust them with an OTA.

I get the drive-by-wire mentality (removes a lot of complexity/components), but some things should have mechanical backups - that being steering and braking. I'd hope the Tesla does. You can coast to a safe spot if you lose power, but you're royally f-ed if you lose steering/braking.
 
The only way to be fully secure is to only be able to change/control/update a car's electronics via a physical link only accessible with the owner's permission.
Problem is, the trend is towards removing an owner's control over updates. These days, more and more things connected to the Internet or a cellular network (PCs, cell phones, and so on) are being updated without giving the owner a choice.

It's for our own good, they tell us. And eventually, they'll probably get a law through Congress making it mandatory, the "WIre-Less Device and Child Access Protection (WILDCAP) Act of 202X." Because, think of the children!
 
Your choice, your opinion. We happen to be at opposite ends on this.

Here is something that is not an opinion. The only way to be fully secure is to only be able to change/control/update a car's electronics via a physical link only accessible with the owner's permission. The only thing to be concerned about then is if the update introduces a bug.


I'ts not a fact if it's wrong. Just requiring physical access does not make it secure.... If someone gains access to your car, it's just as vulnerable as what you fear from the teslas OTA updates. But you mentioned 'with the owners permission'... How do you propose the car validates/checks that before allowing the update? How do you prevent someone from updating the car if you don't approve?

The method of updating is the least of the worries here. Teslas pull the updates from the server over a VPN tunnel. That is FAR more secure than flashing via OBDII which requires no authentication, and nothing more than physical access to the car.
 
I'ts not a fact if it's wrong. Just requiring physical access does not make it secure.... If someone gains access to your car, it's just as vulnerable as what you fear from the teslas OTA updates. But you mentioned 'with the owners permission'... How do you propose the car validates/checks that before allowing the update? How do you prevent someone from updating the car if you don't approve?

The method of updating is the least of the worries here. Teslas pull the updates from the server over a VPN tunnel. That is FAR more secure than flashing via OBDII which requires no authentication, and nothing more than physical access to the car.

Owner's permission: The owner unlocks the port with his/her key.

EDIT: Removed a snarky remark. Not feeling snarky today.
 
Don't get me wrong, I like Tesla and their forward thinking but the security issue is what it is. They should have stuck to making expensive, top end cars only. Their tech costs way too much to be done at the 30K pricepoint they are trying to hit.

The main complaint I've read on the web has been with fit and finish - i.e. trying to build a high tech car that should cost $$$$ for only $ money.

As for the car-security hacking BSmith - I saw a video (tv or youtube, can't remember), where they used a range enhancer to steal cars. The newer cars that had the keyless entry, are / were often parked near the owners house and they simply boosted the signal from the remote sitting in the house until it registered as being closer than it actually was and opened the door and allowed the car to start. Most cars won't turn off once started, so you could drive it away and not have any issue until you needed to turn it off and restart it again away from the key.

They said the only way around it (at the time) was to put aluminum foil around your keyless entry remote or pop it in a faraday cage / freezer / similar.
 
article said:
it hopes Tesla will also do more to improve the car’s center-mounted touch controls, which its testers worry are difficult to use while driving

I agree with this part. I had a Model 3 reservation I made before they unveiled the final design. I canceled in part because of the interior. I want tactile buttons and controls that I can feel without taking my eyes off of the road. I also want proper cockpit style instrument panels behind the wheel.

These two are non-negotiable requirements for me, so no Model 3.

I just want a car that is in every way like a car I could buy 10 years ago, except that the power train is all electric with a 200+ mile range. I don't want any of this autopilot, touch screen or voice command nonsense. Give me a car. I like cars.

(The fact that there will likely no longer be a state or federal tax credit when the AWD models come out, and this drives the price beyond what I am willing to pay also factored in)
 
Yep, don't have to drive to a dealership to get this fixed, by contract they must be included if you're a legacy maker, so their hands are tied by an outdated pre-internet model.

The Bolt may be an exception to this limitation so there's progress coming industry-wide to keep up, one hopes.

https://www.consumerreports.org/car-safety/tesla-says-it-will-issue-fix-for-model-3-brakes/

“If Tesla can update the brakes over the air, we will retest our Model 3,” Fisher says. “It would be an industry first if they could improve brake performance remotely.”

Musk said big media, I don't think consumer report would be considered such a thing as they're an independent outlet that doesn't advertise and buys products on their own budget. Though they did indeed butt heads before I recall.
 
Last edited:
Yep, don't have to drive to a dealership to get this fixed, by contract they must be included. The Bolt may be an exception to this limitation so there's progress coming industry-wide to keep up, one hopes.

https://www.consumerreports.org/car-safety/tesla-says-it-will-issue-fix-for-model-3-brakes/



Must said big media, I don't think consumer report would be considered such a thing as they're an independent outlet buying products on their own dime, though they did butt heads before I recall.


I just wonder how much validation and testing of the software they were able to do in just one week.

IMHO, when they change the software they are changing the design, and the car should go through another full barrage of safety testing.

I find this Agile approach to vehicle software very worrisome. Agile software methodologies may work well when you want to beta test low risk irrelevant phone app on your customer base, but when you are dealing with something as important as the braking subsystem of a car... :eek:

There should be no other option than strict NASA style waterfall software design. Agile simply has no place in medical/safety type software. It just can't. People who say Agile methodologies are appropriate for this need to be shit canned out of the industry.
 
I just wonder how much validation and testing of the software they were able to do in just one week.

IMHO, when they change the software they are changing the design, and the car should go through another full barrage of safety testing.

I find this Agile approach to vehicle software very worrisome. Agile software methodologies may work well when you want to beta test low risk irrelevant phone app on your customer base, but when you are dealing with something as important as the braking subsystem of a car... :eek:

There should be no other option than strict NASA style waterfall software design. Agile simply has no place in medical/safety type software. It just can't. People who say Agile methodologies are appropriate for this need to be shit canned out of the industry.

Hard to say, complexity of the problem/solution is not exactly known here. Maybe it was as simple as the timing of the anti-lock mechanism just got tightened, who knows.

By comparison we have 4.8 million Fiat/Chrysler vehicles on the road that are recalled last week because the cruise control sometimes can't be shut off. I'm sure they wish they could just fix that over the air for everyone's safety, but they'll need to work on their old dealership contracts first.

http://www.bbc.com/news/business-44257702

In time I bet this new approach will become more common, if a simple remote software fix can make a car safer then why not offer it asap rather than clog up the dealerships?
 
Last edited:
Owner's permission: The owner unlocks the port with his/her key.

EDIT: Removed a snarky remark. Not feeling snarky today.

Locks are VERY easy to bypass, so that is still not anymore secure than teslas method of deploying updates. There needs to be access control/authentication required to push the update, regardless of the method it's being pushed.

And just so you're aware, I'm also against having this kind of shit remote shit attached to the driving functionality of most cars. Jeep showed just how easily that can be abused when you don't put any effort into securing that. If my RS had that crap included, I would not have bought it. I don't trust the big car manufacturers to put enough effort/money/though into security. Tesla is much more heavily based around software/development, so if I were going to trust a manufacturer with that kind of access it would be them. But people buying a telsa now what they are getting, and can choose not to if they don't like how updates are deployed. All manufacturers will be following, so if you hate OTA updates, your only option going forward is going to be buying older used cars.
 
All manufacturers will be following, so if you hate OTA updates, your only option going forward is going to be buying older used cars.
Or get a big tinfoil hat for your car. No radio waves = no OTA update.

More seriously, you could disconnect or Faraday-cage the OTA antennas, once you found them.
 
I could see a range extender woring for keyless systems which do no use a passive FOB, but I was under the i
Locks are VERY easy to bypass, so that is still not anymore secure than teslas method of deploying updates. There needs to be access control/authentication required to push the update, regardless of the method it's being pushed.

And just so you're aware, I'm also against having this kind of shit remote shit attached to the driving functionality of most cars. Jeep showed just how easily that can be abused when you don't put any effort into securing that. If my RS had that crap included, I would not have bought it. I don't trust the big car manufacturers to put enough effort/money/though into security. Tesla is much more heavily based around software/development, so if I were going to trust a manufacturer with that kind of access it would be them. But people buying a telsa now what they are getting, and can choose not to if they don't like how updates are deployed. All manufacturers will be following, so if you hate OTA updates, your only option going forward is going to be buying older used cars.

At least locks require a physical presence, which is enough of a hinderance to put off any hacker.

You are correct though. It will become the stanard. Yes, I am building a custom 60's model car and already have a 65 Cobra. The Wife is also getting a custom 60's model car. Then again, I can build and modify those old cars to make them safe and reliable to drive. My pride and joy is a full frame stealth insertion into a 60's unibody car, complete with side door beams, rollover supports and so on. I have stayed away from air bags though. I do have fun playing with finite element analysis. Welding and banging out steel is fun too!
 
Hard to say, complexity of the problem/solution is not exactly known here. Maybe it was as simple as the timing of the anti-lock mechanism just got tightened, who knows.

If this was a simple problem chances are they didn't do enough validation up front. I tend to agree with the recent Ars article on this. I think they are using their easily update-able system as a reason cut cut corners on validation on the back end. I'm happy with over the air updates, but i want them to be properly tested. They may be doing a lot of their validation with a HIL type system, but I've seen too many times that field/vehicle testing can shake out issues not seen at the bench/HIL.

You can apply Agile concepts to automotive software, but I also agree that you need tight process with strict validation so rushed updates don't F up something else.

I'm going to note my opinion is very skewed as i've been working in on/off road vehicle hardware for over a decade.
 
Back
Top