Nissan LEAF / NissanConnect EV severe security vulnerability

[Stanton]

The notifications are still active on CarWings/NissanConnect. I got notification at 6:30 this morning my charge was complete.

Apparently Its just the mobile API they have shut down.

Finding the same thing...I depend on those text notifications every morning to know I'm "good to go".
What I also worry about is getting battery status when travelling (maybe only via web)?

As for the future of CW/NissanConnect, I think "reports of it's death are highly exaggerated". Current security issues notwithstanding, I fully expect a post-2G network solution to be made available before the end of this year. We've debated in many other threads how Nissan might do that (buy/lease/contract/etc.), but telematics is an important part of Nissan's strategy.

 

[DaveEV]

What I worried about is getting battery status (maybe only via web)?

Yep, as others have noted, only the mobile app and APIs have been disabled. You can still access your car through the website.

If they'd just skin the site to be mobile friendly, I suspect it would actually work better than the mobile app. At least the website logs on basically instantly - the mobile app (Android at least) takes 20 seconds just to log in so you can request status when then takes 45-60 seconds.

 

[Valdemar]

There used to be a mobile web portal version which rendered similar to the app, but seems no more, you just get the full web-site when accessed from a mobile phone. Sigh.

 

[JPWhite]

I thought Nissan had shutdown the Mobile app to close the door on the vulnerability. I read the following on a website called slashgear

"It's worth noting that while the NissanConnect EV app is no longer accessible, it's still possible to access the Leaf API using VIN numbers by way of a Canadian HTTP GET exploit that makes use of the same type of non-authenticated connection between remote users and vehicle systems. The company is also still operating its web portal for users who want to check on the status of their vehicles remotely.

There is currently no timeline from Nissan as to when the NissanConnect EV app will be back online."

http://www.slashgear.com/nissan-shuts-down-nissanconnect-ev-app-due-to-hacking-exploit-25429095/

If that website is correct then Nissan have inconvenienced their customers while simultaneously not protecting us. Hmmmmm maybe they get their security advice from the TSA, make them 'feel safe' by making life difficult for them.

 

[Nubo]

http://www.cbsnews.com/news/nissan-leaf-car-app-offline-after-hack-exposed/

"Nissan says it is planning to launch updated versions of its app for the Nissan Leaf electric car very soon, following reports that the app could leave vehicles vulnerable to hacking."

Nice! Maybe they can actually improve the app speed while they're at it. Taking 15 seconds for each operation feels like an eternity. Of course, it will probably take even longer and they'll claim 'security reasons'.

Since they warn that it could take "up to 5 minutes", consider yourself lucky I guess. :roll:

 

[DaveEV]

"It's worth noting that while the NissanConnect EV app is no longer accessible, it's still possible to access the Leaf API using VIN numbers by way of a Canadian HTTP GET exploit that makes use of the same type of non-authenticated connection between remote users and vehicle systems.

I have not been able to get either the Canadian or USA portal to trigger action on my USA car without having logged in first would love to know if it works for anyone else.

The refresh status button on the NNA site performs a GET request to this URL:

https://www.nissanusa.com/nowners/EV/statusRefresh?vin=<VIN>&_=1456525579688

The _ parameter appears to be a simple timestamp to prevent browser caching (who knows why this is a GET instead of a POST request).

The start charge button performs a GET to this URL:

https://www.nissanusa.com/nowners/EV/startCharge?vin=<VIN>&_=1456525977852

Returns "NG" if not plugged in and have a valid session. But doesn't work without it as far as I can tell.

Haven't tried the other API calls, yet.

 

[EvansvilleLeaf]

Temporarily I hope. Some kind of paranoia over hackability. This topic may be buried somewhere in threads on the EvConnect issues but not found on search.

http://www.usatoday.com/story/tech/news/2016/02/24/nissan-disables-app-hacked-electric-leaf-smart-phone-troy-hunt/80882756/

 

[cwerdna]

http://www.mynissanleaf.com/viewtopic.php?p=453927#p453927
http://www.mynissanleaf.com/viewtopic.php?p=453942#p453942

Also, yesterday or so, they finally put up the notice below at https://owners.nissanusa.com/nowners/ after you login

The NissanConnect EV app is currently unavailable. We apologize for any disappointment caused to our Nissan LEAF customers who have enjoyed the benefits of our mobile app. In the meantime, Nissan LEAF owners can still access features via the Nissan Owner Portal. We are looking forward to launching updated versions of our app very soon.

 

[paulcone]

If they'd just skin the site to be mobile friendly, I suspect it would actually work better than the mobile app. At least the website logs on basically instantly - the mobile app (Android at least) takes 20 seconds just to log in so you can request status when then takes 45-60 seconds.

I wish they'd just "skin" the site to make the site friendly on my laptop.

 

[Deleted member 13974]

Nice! Maybe they can actually improve the app speed while they're at it. Taking 15 seconds for each operation feels like an eternity. Of course, it will probably take even longer and they'll claim 'security reasons'.

Since they warn that it could take "up to 5 minutes", consider yourself lucky I guess. :roll:

Five minutes to get updated car status I could understand, given the tech used. But long delays just to accept every single UI interaction in an app is ridiculous.

 

[hotchip]

I think all level headed Nissan LEAF owners will want to give Troy a warm ‘round of applause.. I can just see the faces of thousands of chagrinned Hackers who have spent weeks trying to crack my VIN number to mischievously turn my climate control on, and now suddenly, thanks to Captain 'Troy' saving the world again, this great opportunity has passed.
What’s left for them all now? I can just see their desperation and disappointment as they have to go back to that boring old bread and butter hacking of stealing money from banks…
Meanwhile, waiting for Nissan to fix anything techie is about as satisfying as watching paint dry, but nowhere near as quick..

 

[JPWhite]

Just got a letter from Nissan today announcing the AT&T 2G service being turned down at the end of the year.

The letter goes onto explain that to continue service after 2016 owners of 2011-14 LEAF's will have to get their TCU updated. No price mentioned, but Nissan claim they will eat the lions share of the cost of the upgrade. This is better than I expected, glad to see they are willing to offer upgrades.

For some reason if you haven't switched from CarWings to EVConnect before June 30th you'll lose service then.

 

[dhanson865]

Just got a letter from Nissan today announcing the AT&T 2G service being turned down at the end of the year.

The letter goes onto explain that to continue service after 2016 owners of 2011-14 LEAF's will have to get their TCU updated. No price mentioned, but Nissan claim they will eat the lions share of the cost of the upgrade. This is better than I expected, glad to see they are willing to offer upgrades.

For some reason if you haven't switched from CarWings to EVConnect before June 30th you'll lose service then.

I could only hope that when they upgrade the TCU they'll get rid of the Press OK on every start prompt.

 

[DaveEV]

Five minutes to get updated car status I could understand, given the tech used. But long delays just to accept every single UI interaction in an app is ridiculous.

Yep, it's ridiculous that you can't simply queue up a "Start Charge" or a "Start Climate" control event in seconds and have it notify you when it succeeds or fails to perform the command.

I could only hope that when they upgrade the TCU they'll get rid of the Press OK on every start prompt.

I doubt it, but that would make it worth it!

 

[Templetong]

Just got a letter from Nissan today announcing the AT&T 2G service being turned down at the end of the year.

The letter goes onto explain that to continue service after 2016 owners of 2011-14 LEAF's will have to get their TCU updated. No price mentioned, but Nissan claim they will eat the lions share of the cost of the upgrade. This is better than I expected, glad to see they are willing to offer upgrades.

For some reason if you haven't switched from CarWings to EVConnect before June 30th you'll lose service then.

I just recieved my letter as well. However my letter explains all 2015 owners will get the TCU and installation at Nissan's expense. Not too bad depending on the new product.

 

[baumgrenze]

Just got a letter from Nissan today announcing the AT&T 2G service being turned down at the end of the year.

The letter goes onto explain that to continue service after 2016 owners of 2011-14 LEAF's will have to get their TCU updated. No price mentioned, but Nissan claim they will eat the lions share of the cost of the upgrade. This is better than I expected, glad to see they are willing to offer upgrades.

For some reason if you haven't switched from CarWings to EVConnect before June 30th you'll lose service then.

I could only hope that when they upgrade the TCU they'll get rid of the Press OK on every start prompt.

Thank you, dhanson865, for asking about the "Press OK" nag.

Since none of the 94 replies ask the related question, I will. When the 2G service dies, will the "Press OK on every start" nag also disappear? With no 'service' for me to approve it will clearly serve no purpose, right?

Many of the replies talk about deliberately disconnecting from CarWings/EVConnect but none talk about whether or not this disables the "Press OK" nag. Does it?

Correct me, but earlier threads seem to imply that it is there to provide 'security' for Nissan from a perceived legal threat. That kind of security they seem to have securely in hand.

I ask these questions because I took delivery of a 2012 Leaf in December 2011. I played with the CarWings data a few times when the Leaf was new, but as a retiree of many years, I have better things to do. I'd love for my console to be 'mine' from the time I turn the car on.

thanks

baumgrenze

 

[redLEAF]

Just got a letter from Nissan today announcing the AT&T 2G service being turned down at the end of the year.

The letter goes onto explain that to continue service after 2016 owners of 2011-14 LEAF's will have to get their TCU updated. No price mentioned, but Nissan claim they will eat the lions share of the cost of the upgrade. This is better than I expected, glad to see they are willing to offer upgrades.

For some reason if you haven't switched from CarWings to EVConnect before June 30th you'll lose service then.

I could only hope that when they upgrade the TCU they'll get rid of the Press OK on every start prompt.

Thank you, dhanson865, for asking about the "Press OK" nag.

Since none of the 94 replies ask the related question, I will. When the 2G service dies, will the "Press OK on every start" nag also disappear? With no 'service' for me to approve it will clearly serve no purpose, right?

Many of the replies talk about deliberately disconnecting from CarWings/EVConnect but none talk about whether or not this disables the "Press OK" nag. Does it?

Correct me, but earlier threads seem to imply that it is there to provide 'security' for Nissan from a perceived legal threat. That kind of security they seem to have securely in hand.

I ask these questions because I took delivery of a 2012 Leaf in December 2011. I played with the CarWings data a few times when the Leaf was new, but as a retiree of many years, I have better things to do. I'd love for my console to be 'mine' from the time I turn the car on.

thanks

baumgrenze

Its a good question but too soon to tell; I did see that the latest LEAF's (not sure exactly what year) now have just monthly 'Press OK' messages that pop-up instead of at every single start-up of the car; perhaps with the new telematics unit they'll include a proper software upgrade so if you opt for it; you would also basically have that which is found on the latest LEAF's -- price TBD

 

[TomT]

Nope, it is hard-coded in and will remain. It will be no different than now if you are outside of a service area...

Since none of the 94 replies ask the related question, I will. When the 2G service dies, will the "Press OK on every start" nag also disappear? With no 'service' for me to approve it will clearly serve no purpose, right?

 

[Stanton]

Nope, it is hard-coded in and will remain. It will be no different than now if you are outside of a service area...

Since none of the 94 replies ask the related question, I will. When the 2G service dies, will the "Press OK on every start" nag also disappear? With no 'service' for me to approve it will clearly serve no purpose, right?

Agreed: these are two different sub-systems. By the same token, we are unlikely to lose our "80%" charge option for the same reason we are unlikely to lose the "Press OK" requirement; both of these would require an update/re-write of the head unit, which is separate and apart from the telematics unit. Let's just hope that they make the modem update available before any of us actually lose 2G coverage. For that matter, let's hope they fix the API security issue sooner than later because I actually do use apps to check on my Leaf when traveling.

 

[dhanson865]

Nope, it is hard-coded in and will remain. It will be no different than now if you are outside of a service area...

Since none of the 94 replies ask the related question, I will. When the 2G service dies, will the "Press OK on every start" nag also disappear? With no 'service' for me to approve it will clearly serve no purpose, right?

Agreed: these are two different sub-systems. By the same token, we are unlikely to lose our "80%" charge option for the same reason we are unlikely to lose the "Press OK" requirement; both of these would require an update/re-write of the head unit, which is separate and apart from the telematics unit. Let's just hope that they make the modem update available before any of us actually lose 2G coverage. For that matter, let's hope they fix the API security issue sooner than later because I actually do use apps to check on my Leaf when traveling.

I'd pay $50 to lose the press OK, and I'd pay again to have a charge to 70% option instead of 80%, I'd pay even more if the change gave us more than 2 charge levels on the timer (50, 70, 90 or slider or a plus/minus even in 10% increments).

Silly me to hope that Nissan would have the fix for these issues already developed and take advantage of having all the cars come back in with people willing to pay for a telematics upgrade.

The atitude should be, hey they already have their wallets open, lets offer them another upgrade while they are there and primed.