JPWhite
Well-known member
turbo2ltr said:
So each company got a unique one time email address?
Interesting experiment
Nissan shutting out third-party apps
- Thread starter Staque
- Start date
Help Support My Nissan Leaf Forum:
So each company got a unique one time email address?
Interesting experiment
turbo2ltr
Well-known member
Yes I always do this. It's easy to do with a catch-all address if you have your own domain. I even have a pretty much dedicated domain for it. For instance, this message board, I used [email protected]
jhm614
Well-known member
Ah, the joys of running your own mail server.... Was it their master the shift sweepstakes? I still get spam from that one. But I am assuming it was their marketing company that got infected and not Nissan.turbo2ltr said:
arnolddeleon
Well-known member
FWIW I had spam problems with email addresses that I gave Nissan. Where the breach happens is less clear since they passed the address around a lot. It's a little annoying since it is currently my top spam source (I will spam trap the address as soon as I'm relatively sure that I've changed all the places that Nissan shared it with). It's not unusual for marketing companies to be the ones that get breached. Really obvious when I get multiple addresses start receiving spam at the same time and I can see that they had a common mailing house.
arnold
arnold
arnolddeleon
Well-known member
drees said:
You can never be 100% sure. Some spammers do use "dictionaries" to guess at email addresses but in general it's not a good strategy because modern anti-spam systems will end up blocking sender. It's pretty clear today that best way to get email addresses to spam is to compromise databases and end user contact lists so it is unlikely they just guessed.
arnold
jhm614
Well-known member
I am also seeing lots of bizarre dictionary spam these days -- programmatically generated hex names, things like [email protected]. They usually come in 25 at a time.arnolddeleon said:
mirko
Well-known member
turbo2ltr said:
I do the same thing with a catch-all address. I haven't seen the spam from my Nissan email address yet. I could probably put together a list as long as yours of addresses for companies that have been used for spam.
That's why I include timestamp and other variables in the e-mail address for each site (probably have generated over thousands of addresses). Been doing it for over 10 years, and has helped me figure out when my data was compromised before the company itself knew. No way a dictionary attack is going to cover thatarnolddeleon said:
gsleaf
Well-known member
I came across this post about Tesla's car API. I'm guessing Nissan has many of the same technical issues to overcome.
http://programming.oreilly.com/2013/08/tesla-model-s-rest-api-authentication-flaws.html" onclick="window.open(this.href);return false;
http://programming.oreilly.com/2013/08/tesla-model-s-rest-api-authentication-flaws.html" onclick="window.open(this.href);return false;
baronvonshush
Well-known member
Has it started?
While I know that Nissan publicly backtracked on this after backlash from owners, I am starting to get reports of new users being unable to login to LEAF Link. Nissan's app does work for them.
I've started digging, and in the latest version of their iOS app (released last week), the North America service urls have changed slightly. The new urls seem to require some sort of custom authentication code in the HTTP headers. Based on my user reports, I suspect Nissan may be requiring new user accounts to use the new service urls. The old service urls still work for existing/old accounts (presumably because some people may never update their Nissan app, so Nissan didn't want to lock them out).
Is there anyone here who just created their Carwings account? Can you try any third party apps to see if they work for you?
I haven't had time to see if I can add the new HTTP headers to my app and fool Nissan's servers with the new service urls, but I hope I can get it working. That would really stink if the app becomes useless to all new owners...
While I know that Nissan publicly backtracked on this after backlash from owners, I am starting to get reports of new users being unable to login to LEAF Link. Nissan's app does work for them.
I've started digging, and in the latest version of their iOS app (released last week), the North America service urls have changed slightly. The new urls seem to require some sort of custom authentication code in the HTTP headers. Based on my user reports, I suspect Nissan may be requiring new user accounts to use the new service urls. The old service urls still work for existing/old accounts (presumably because some people may never update their Nissan app, so Nissan didn't want to lock them out).
Is there anyone here who just created their Carwings account? Can you try any third party apps to see if they work for you?
I haven't had time to see if I can add the new HTTP headers to my app and fool Nissan's servers with the new service urls, but I hope I can get it working. That would really stink if the app becomes useless to all new owners...
z0ner
Well-known member
baronvonshush said:
It seems to work perfectly fine for me. I'm on the newest iOS, 7.0.3.
SalisburySam
Well-known member
I too have LEAF Link v1.1.3 working well for me on my iPhone5s with iOSv7.0.3. I did notice that LEAF Link prompted me to log into CARWINGS again, odd but only had to do once. Reminder: for the login the CARWINGS ID is really the what CARWINGS calls the PIN, and the password is the password. The CARWINGS nickname isn't used for login.
palmermd
Well-known member
z0ner said:
SalisburySam said:
But this is not the open question. Are there any new Carwings users that are having difficulty, not new iOS versions.
baronvonshush said:I've started digging, and in the latest version of their iOS app (released last week), the North America service urls have changed slightly. The new urls seem to require some sort of custom authentication code in the HTTP headers. Based on my user reports, I suspect Nissan may be requiring new user accounts to use the new service urls. The old service urls still work for existing/old accounts (presumably because some people may never update their Nissan app, so Nissan didn't want to lock them out).
Is there anyone here who just created their Carwings account? Can you try any third party apps to see if they work for you?
I haven't had time to see if I can add the new HTTP headers to my app and fool Nissan's servers with the new service urls, but I hope I can get it working. That would really stink if the app becomes useless to all new owners...
Nubo
Well-known member
Had trouble once earlier this week, where Nissan claimed "invalid userid or password", though I knew they were both correct. Happened first on LEAF Link (since that's what I normally use), then I tried the Nissan app and got the same error. The next time I tried, I got logged on successfully and it's been working ok since (both apps). My account is about 2 years old, so not what you're looking for but thought it might be useful since it suggests there might have been a brief problem with their authentication.
KillaWhat
Well-known member
Nubo said:
Similar Experience.
I use GreenCharge, and it has been bulletproof for a year, and in the last 2 weeks it's been unable to communicate off and on, and is sending me garbage notifications.
It is not the GreenCharge App though.
