Powerwall Network Activity
Vložit
- čas přidán 6. 08. 2024
- Looking at the network activity of the Tesla Powerwall. Also a bit of an insight as to how the fault finding and resolution process of that company operates.
curl -k -O -c cookies.txt -X POST powerwall/api/login/Basic -H "Content-Type: application/json" -d "{\"username\": \"customer\",\"email\": \"your.login@mail.address\",\"password\": \"PASSWORD\"}"
curl -k -O -b cookies.txt powerwall/api/meters/aggregates - Věda a technologie
Tesla probably wants to monitor its equipment and see if there is any way to improve the gear in future. I largely agree with you, the systems can be improved and I think Elon wold be open to improvements. Elon is a single minded kind of guy who powers ahead with all the amazing stuff he is doing with cars, space X, Star-link, robots. If it wasn't for him dragging us all into the 21st century, we'd be stuck in the mire of bureaucracy getting nowhere at the speed of light. Human history needs Elon types every now and then, to take society forwards. Look at governments and bureaucracy around the world, we have never been in a worst situation! Look at NASA, once was achieving a lot , now stagnating. Look at OPTUS, QANTAS all top heavy orgs with people on MASSIVE salary packages ad they have forgotten what they are supposed to be doing for Australians. Your videos are very interesting.
"Tesla probably wants to monitor its equipment". Whose equipment?
Battery
@@TallPaulTech
FFS
@@TallPaulTechwhoosh... right over his head
Yep
Great packet analysis and API poking. Please keep doing these type of videos.
😂 Spot on folder name for the *.pem files !!!
Thanks for these videos. Love the no bullshit approach.
Looking forward to a teardown / inspection of the old powerwall computer ;)
They took that with them.
@@TallPaulTech oh ok, then I misunderstood that part. I thought the device you showed was the computer from the powerwall.
No, it's the power meter from the previous unit.
I'm glad we have smart folk out there that can figure out how to make most of this stuff offline. I've never been a fan of things 'dialing home'... since that assumes that the internet is perfect, the company will always exist, there won't be things that break....
Also I love the folder you have for us. I saw your message about local cultures and censorship a while back and definitely don't want you to stop being yourself.
Oh, the CZcams me is only half of me. For the full uncensored version, you'll have to be at the yearly meetup.
@@TallPaulTech Might be a bit of a distance problem with that ;)
Just found your channel and your videos are so educational and entertaining. Please keep up the amazing work!
Hey Paul,
I wanted to point out the x509-Extension: Basic Constraints: CA-FALSE doesn't mean that there's no Certificate Authority present its just there to prevent this certificate to be used for signing other NEW certificates. That way you can prevent a hacker (who maybe received a real Certificate for 1 specific purpose) from just creating new certificates in a certificate chain that will be valid when going up the chain. The Extension CA-TRUE is only present in Root-CA or intermiediate CA's that actually sign new certificates.
Correct me if i'm wrong :)
The unknown-issuer error youre getting is like just that the cert-chain cannot be completed. So it seems that other certificates like the root ca are missing on the device. I don't know how much that error changes if the certificates in the chain are just expired. There could be any other explainaiton to that just as the OS removing invalid certificates for some storage.
Yeah you're right, I realised later. I just whipped up that video mainly to point out the validity period of what it used to be to what it is now.
I REALLY enjoyed the whole tesla network activity saga. Great analysis and great insight into how some bigcorps network managment can be. Thx
Only one more to go on the weekend, then I'll be done with the shit and back to normal videos.
I enjoy this style, great video
Great video, nice find!
Love your videos!
Of course you know that it is data they are after, Tesla like all the others use the data in the creation of their products and sell the rights to the metadata. I almost think that Tesla would give their cars away if you agreed to keep a cellular contract open just for the real world driving data mining that they do.
I like your videos, the videography, the scripting and the edits are spot on. Even though you are one crusty, salty, angry at the world guy you do know your stuff...The networking and language knowledge you have is impressive.. thanks for the videos.
Damn, you're onto me. Is it coming through that strongly?!
2/10 conspiracy theory
Tesla would benefit the competiton if they would sell their user data. You even mention the importance of that data yourself.
Tesla isn't selling user data.
You should take a look at Rich Rebuilds. He has very much the same opinion on Tesla as you do and documented his experience of owning a Tesla for years that he self-serviced and worked on.
He rebuilt the vehicle after a flood and went through a series of buying other flooded Tesla’s to try and salvage the parts for his own one because they wouldn’t give him the access he needed to buy those parts himself.
He’s a major advocate for right to repair.
Of course I've heard of him. Who hasn't? Yes, he and many others have the same opinion of me. He has a much bigger audience too.
thanks Paul great episode and insight
That's one of the reasons Smart Home devices are confusing people in general. It's like "remote switches" and everything else, though technically possible, due to "corporate isolation" policies is being presented in a way which eventually ends up with poor security and unnecessarily complex systems.
It's hard for users, hard for companies to develop and extremely hard to integrate things.
HA community is doing great job but we all know it's not how it's supposed to be for equipment and services side.
So, we get interesting and affordable Amazon devices which mostly don't work right with amazon's alexa app. Designed in a very wrong way... All because some manager thought tha such a device should be used to "sell more amazon goods". "The guy/team" simply has no clue how to approach new IOT era and how to expand services. They prefer supporting what they already have.
Sadly.
Thnx for the vid. Great one.
Am in awe of your wireshark/etc capabilities, esp placing the pi4 as your router and accessing it to do all the linux magic. Have you ever considered making an image of that pi4 available for general use [with instructions as to how to customize it for individual use of course]. I could ..almost.. do this, but you have already done it for NAT/IPv6/DHCP/vlan/etc/etc. Easy to make an image available and post it on sourceforge. I have don it for my own projject.
Love to see a mitm session of this..
the basic constraints CA:FALSE means that this cert cannot be used as a CA, not that there _is no_ ca.
Ah okay
I keep trying to tell people that I'm just some cunt with a camera and a youtube account, but for some reason they keep coming here!
Well, that particular cunt has dug his head way too deep into shit to not understand it, hence knows more than the other cunts that didn't eat that much shit yet ;)
Actually the reason why the replace a complete component instead of just updating it, is that sometimes they have hardware with newer revisions.
Also training service desk personal how they can update an obsolete firmware is far more costly that just replace the damn thing. The fact that the left the comm device with you tells me that it is of an older generation. Normally they just give the client a new box, take the old one with them, back at the depot they check if they can revive the old box and they can service it to another customer...
It is the same with ISP modems/routers. Once the issue is not covered by an agent script, they just replace your box, because that is much cheaper and often you get newer hardware and often have better/faster WiFi even if those AP can handle just 3 or 4 devices anyway. I have a fiber connection and running my own hardware (UDM) and I just asked my provider for the PPPoE credentials, but if I don't get it to work, they don't provide any support unless I connect their router box, which I think is fair...
I have no idea what you are saying 60% of the time but I enjoy the content.
It's a good 40% though, right? :)
Thankyou always big brother is watching :-)
Hey off topic, but I wanted to make use of a spare raspi, and test out a SIEM..., wazuh. Have you played with this? I have an 8gb pi4. Do you recommend a different SIEM tool for the raspi?
Cheers Paul👍
Elon has the power walls running Twitter bots now I see. 😂
I was going to post something like "just run up a CA in your DNS and point that getcert URL to it" - But then I realised that it's the modern era, I bet this stupidly unsecure device needs security updates at some point :( So far i've resisted everything that needs an internet connection but I know my resistance is futile in the end.
Come on man, don't settle for this as the new way of life!
the powerwall hostname probably works via mDNS
7:12 hmm window text
Out of interest... Apart from the outbound telemetry, is there anything that is exploitable on these batteries interfaces?... Getting solar on Tuesday, decided its probably time to actually start isolating my devices...😅
Interesting video! How are you performing the package capture? i know that you are using wireshark but are you running ws on your router? Would like to do analyse the activity of my robot vaccume..
Is that like a vacuum? I run tcpdump on the router, and pipe it to wireshark locally.
@@TallPaulTech yes sorry, I meant Robot Vacuum. Thanks!
What happens if you disable internet acces for it but continue to get HA to get data
It goes fine... that's what I was doing for a long time. It was only when it fucked up for some reason that I had to (try to) put it back online. That was a few years ago now. As I've said in previous videos though, if it has no internet connection for 24 hours, it reboots, unless it's off-grid.
@@TallPaulTechHow does it know that it’s off grid? Purely based on certain power feeds…or that is a setting made by the guys installing the device? Sounds like something we should be able to change. Even when not off grid I may be without internet and wouldn’t want the power wall to reset daily..
Well it's connected with the grid, so if the grid vanishes, it knows.
@@TallPaulTech Does it still reboot if it's getting the am-i-online file from your local network? Also, does aluminium foil work as a crappy faraday cage for the cellular modem?
I'm currently in the same situation you were with the TEG not talking to Tesla because a previous owner didn't bother connecting it to the internet. But can I get an engineer to come and replace it? No chance, they only want to do full installations.
Do you think there's any chance I could manually update the cert via SSH if someone were kind enough to provide me one? I don't know if anyone ever figured out the creds.
I'd say you're fucked then... welcome to Tesla crap, and the way of the future.
@@TallPaulTech Indeed. I can't get Tesla Support to say those words, though I keep trying! Thanks for the vid, great stuff
Stuff that need a network connection to work, I don't want. 😉
-That includes software, especially software you need to enter a code for every third month in order to use it.
I had games that I needed to enter a code for every time I installed them, the companies that sold the games no longer exist, so I'm stuck with a bunch of games I can't play. 😥
Sonic The Hedgehog still works without a login :)
Yeah like what would happen to your $100.000 Car if the company goes bankrupt? Can't drive it because it can't connect to the services? F that. We're on the way to such. What if Steam closes, who actually still has access to his or her games? Consumer Laws are made wayyy to slow, regarding how fast innovation and technologie changes.
🤣@@TallPaulTech - Otherwise just play an open-source version. 😉
-Sadly software piracy made it necessary for companies like AmbrosiaSW to put codes on Deimos Rising and Escape Velocity Nova (two of my favorite games) - it's still possible for me to install those even though they require codes, because I can set the date back 20 years and use my original install codes.
@@PascalxSome - On the other hand, if the police can just tell a drunk-driver's car to stop, then a lot of lives could be saved.
-But I'm still against any kind of control of things I own (so ... I use no Microsoft products in my home).
Sometimes I really miss...
"R: Tape loading error" ...
@@PascalxSome Nothing happens to your car when the manufacturer goes bankrupt.
How come you can still use your phone or your computer when they are not connected to the services?
If Steam closes, your game library is screwed and you have to renew it somehow if you want to. I think this would be a gigantic business opportunity and someone would have quickly got you covered.
We have to do this with media from time to time and things unfortunately get lost. Not every LP ever recorded made it to MP3. Not every camera tape made it onto a solid state drive.
For anyone a bit concerned about the directory Paul uses, note that it's possible to use C U Next Tuesday as a term of endearment here in Australia.
However, given the littany of stupid comments I sometimes get on my own videos, you never know....
Is some cunt having a sook?
Tesla: move fast and do do things the most expensive way possible
And over complicate things to try and be cool
8:24 You sleeping on `jq`?
Yeah I thought about it, but couldn't be fucked. I just wanted to show something.
@@TallPaulTech that tracks
Why are you dressed like "Miami Vice"? ... Just saying... Once again... Great video.....
Haha, that show actually popped into my head when I was driving down the Gold Coast today :)
The 80s were my childhood days while during the 90s I was in my teen years. Best two decades of my life!
Sell this Tesla high tech crap and go with 48v LiFePO4 server rack batteries and hybrid all in one inverter. Its cheaper too. But then you will not have rant topics to make internet videos for.
I shill sunsynk hybrid inverters , battle tested in that failed state south Africa where powercuts are a daily occurrence.
🤣🤣🤣 /foryoutubecunts$ had me rolling.
Well, you know what they're like.... cunts.