Getting the RIDE menu back?

SeaGeo · Oct 19, 2022

It's not happening. Its not constant and the techs don't have default access anymore.

crashmtb · Oct 19, 2022

Christopher said:
I bet it authenticates against a server now rather than locally. I can't imagine them making the same mistake and simply changing the password.

Phoning home just to enter a service mode seems unlikely.

they probably just changed how it’s accessed.

usofrob · Oct 19, 2022

I've worked on an infotainment system for a different OEM and they had a unique code generated by the VIN. It was simple to do and prevents distributed brute force attacks like this. But maybe I shouldn't give Rivian any ideas, because I also think this should be generally accessible.

Christopher · Oct 19, 2022

Online authentication is not uncommon. For example, in order for Chevy to program my keypad they had to connect to GM to get the authentication to do so. This was why it took them all day to program it due to the *system being down". :facepalm:

They can also authenticate fully offline. RSA keys have been around for decades and I've used them in offline environments.

I can't imagine a single password that is being used by all their service centers that requires a firmware update to be changed. That's prone to being leaked just as it previously did. No CISO would approve that.

Nevertheless to our advantage, hopefully they simply changed it. Let's crowd source this. I'll start from the range 1-1000 and report back. :CWL:

crashmtb · Oct 19, 2022

Christopher said:
Online authentication is not uncommon. For example, in order for Chevy to program my keypad they had to connect to GM to get the authentication to do so. This was why it took them all day to program it due to the *system being down".

Keyfob/security programming is a different animal than accessing a service menu. The factory alarm system in my 20 year old Land Rover needs to be connected to dealer diagnostics for programming…which needs to be connected to the internet to function.

It’s probably a code connected to the vin in some fashion.

HimuraMOdo · Oct 19, 2022

usofrob said:
I've worked on an infotainment system for a different OEM and they had a unique code generated by the VIN. It was simple to do and prevents distributed brute force attacks like this. But maybe I shouldn't give Rivian any ideas, because I also think this should be generally accessible.

Yep. That's exactly what I'm afraid of.

Blueassassin · Oct 21, 2022

Dark-Fx said:
oh, I missed that. The truck definitely doesn't have the same power that low. Voltage drop is greater at a low state of charge and you're starting with less voltage overall too. Some vehicles will increase the amount of current available up to a point. No idea what Rivian's strategy is but it doesn't seem as punitive as Polestar's.

Tested it today starts limiting below 30% FYI.

Blueassassin · Oct 21, 2022

Getting the RIDE menu back?

Are you interested in helping brute forcing the RIDE passcode?

Yes

No

SeaGeo

Well-Known Member

crashmtb

Well-Known Member

usofrob

Well-Known Member

Christopher

Well-Known Member

crashmtb

Well-Known Member

HimuraMOdo

Well-Known Member

Blueassassin

Well-Known Member

Blueassassin

Well-Known Member

Similar threads