http://content.efilive.com/documents/Controller%20Authorization.pdf
Will this be automated at some point?

Possibly not, all tuners are in the same boat.

Hmm this sucks, but it's just another hurdle to overcome to tune.

I get that the controller sends its Seed when being asked to read, then we can retrieve that and send it off, have a matching Key generated, import the Key, then read as per normal. I'm a little fuzzy on how the Authorization code dealer can generate an Authorization code based on the Seed sent? If they can generate a code, is there a reason the end-consumer cannot? I'm more curious than anything else! :D

Hmm this sucks, but it's just another hurdle to overcome to tune.
Yes it does, but it wasn't our choice. But at least you can still program them (for now) unlike the 2017+ T87A TCM, that looks like it is closed off, done and dusted.


I get that the controller sends its Seed when being asked to read, then we can retrieve that and send it off, have a matching Key generated, import the Key, then read as per normal. I'm a little fuzzy on how the Authorization code dealer can generate an Authorization code based on the Seed sent? If they can generate a code, is there a reason the end-consumer cannot? I'm more curious than anything else! :D
Because it is our own internal system we use that has been trusted to one other person, I know people are probably thinking 'oh just a money grab', no trust me it is not that, we wish we never had to do this too. It has consumed over a month of programming and testing to this point and still requires manual intervention, we too have better things to be doing than workarounds. :)
The game has changed somewhat for 2017+, but we just need to accept that, be grateful we can still actually flash these controllers without pulling them apart (eg, Euro tuning) and continue on.

Cheers,
Ross

So who is this other person that you trusted?


Sent from my iPhone using Tapatalk

Their details are in the document. I won't post it here because spam bots trawl for Email addresses on forums.

Yes it does, but it wasn't our choice. But at least you can still program them (for now) unlike the 2017+ T87A TCM, that looks like it is closed off, done and dusted.


Because it is our own internal system we use that has been trusted to one other person, I know people are probably thinking 'oh just a money grab', no trust me it is not that, we wish we never had to do this too. It has consumed over a month of programming and testing to this point and still requires manual intervention, we too have better things to be doing than workarounds. :)
The game has changed somewhat for 2017+, but we just need to accept that, be grateful we can still actually flash these controllers without pulling them apart (eg, Euro tuning) and continue on.

Cheers,
Ross

Thanks for the explanation Ross, makes sense to me. And the T87A can't be read (or programmed)?! :( Not good to hear, I'm sure we'll run into issues reprogramming ECMs and the TCM needs to be tweaked as well but it cant be.

And yes, fortunately we haven't had to resort to pulling them apart (yet).

Yes it does, but it wasn't our choice.

Because it is our own internal system we use that has been trusted to one other person, I know people are probably thinking 'oh just a money grab', no trust me it is not that, we wish we never had to do this too. It has consumed over a month of programming and testing to this point and still requires manual intervention, we too have better things to be doing than workarounds. :)


Cheers,
Ross
Will new V8 units, when purchased, still be able to flash 2 controllers, in other words if you bought a V8 unit and go to tune a 2107 that requires the auth-code and seed will it be included in the purchase price, or is additional cost still needed?

And the T87A can't be read (or programmed)?!
It can't be read, programming has a very nasty digital signature system in place. They've gone away from the traditional programming methods to something more like what Bosch do.


Will new V8 units, when purchased, still be able to flash 2 controllers, in other words if you bought a V8 unit and go to tune a 2107 that requires the auth-code and seed will it be included in the purchase price, or is additional cost still needed?
You will still be able to flash two controllers with the one VIN license, no change there. But the auth-code is an additional cost to the licenses, however as I mentioned above the T87A cannot be programmed at this stage so it isn't like you will need two Auth-Codes per vehicle.

Is it known yet or not if the newer Duramax will keep the current T87 or get this new masterpiece from GM ??

Tony I expect it will get the newer T87A too, it has been rolled out over every other 2017 model and the Duramax is probably the one GM would be most concerned about.

Well that sucks...... :(.

We knew this day would come at some point though and I don't see it getting better, worse if anything.
VW cheating emissions, people driving Jeeps in to a ditch using a phone...now that is a wake up call for any vehicle manufacturer to increase security.

This is about government not manufacturer security. There are too many tree hugging liberals here is the USA.


Sent from my iPhone using Tapatalk

Hard to know because the European cars have been like this for many years, most of those the ECM needs to be pulled apart to tune.

I would almost bet anything that we alter or customize our vehicles here more than anywhere. There is such a trend with the liberals here to save the world and anything that becomes part if their agenda seems to become too drive how people are suppose to live here. No way I can believe it all on GM for the changes. Regulation everywhere here! Hopefully it will change for the better in the upcoming years.


Sent from my iPhone using Tapatalk

It can't be read, programming has a very nasty digital signature system in place. They've gone away from the traditional programming methods to something more like what Bosch do.


You will still be able to flash two controllers with the one VIN license, no change there. But the auth-code is an additional cost to the licenses, however as I mentioned above the T87A cannot be programmed at this stage so it isn't like you will need two Auth-Codes per vehicle.

Crap. Simply crap. With the digital signature, is it almost impossible to have a modified file flashed back in because the checksums/hashes wont match so the TCM will simply not accept the flash? I imagine the processing power required to actually generate new signatures that work with the factory one would be difficult.

We knew this day would come at some point though and I don't see it getting better, worse if anything.
VW cheating emissions, people driving Jeeps in to a ditch using a phone...now that is a wake up call for any vehicle manufacturer to increase security.
Sad, but true!

Hard to know because the European cars have been like this for many years, most of those the ECM needs to be pulled apart to tune.
Hmm

I would almost bet anything that we alter or customize our vehicles here more than anywhere. There is such a trend with the liberals here to save the world and anything that becomes part if their agenda seems to become too drive how people are suppose to live here. No way I can believe it all on GM for the changes. Regulation everywhere here! Hopefully it will change for the better in the upcoming years.


Sent from my iPhone using Tapatalk
There are some pretty bad-ass vehicles in Australia and New Zealand. They may have us beat.

Crap. Simply crap. With the digital signature, is it almost impossible to have a modified file flashed back in because the checksums/hashes wont match so the TCM will simply not accept the flash? I imagine the processing power required to actually generate new signatures that work with the factory one would be difficult.
Correct and because it is not something that is checked when the trans is in normal running mode (only when being flashed) they can make it as complex as they want because if it takes 30 seconds to verify the digital signature so what.


Sad, but true!
And this came in to my head...

https://cdn.meme.am/instances/250x250/61683186.jpg


There are some pretty bad-ass vehicles in Australia and New Zealand. They may have us beat.
There used to be, in a years time our GM vehicles will only be Korean or Opel's. Probably great cars but not the RWD V8's Aussies tend to love.

Cheers,
Ross

So I'm confused here and know absolutely nothing about the actual flashing of the vehicle.

How are people getting the keys if it's such a tight encryption? I have no idea what format it uses, but it can't be anything serious if people are getting them in the span of a day. Or is it more complicated than that?

The topic has drifted somewhat Snipesy, we are talking about the new T87A TCM GM released on 2017 models that uses very large digital signatures to verify the flash contents, that is not something they've done before.

This is about government not manufacturer security. There are too many tree hugging liberals here is the USA.


Sent from my iPhone using Tapatalk

Its mostly to protect against terrorist/hacking, and consumer safety/security. If you cant wrap your head around that, and think its purely singly because of the "liberal tree huggers", then thats your problem and you need an education on cyber security and over-the-air wireless attacks. Modern vehicles have both cell link, and wi-fi capabilities. Do you want some punk sitting on the side of the road with a laptop shutting down your car remotely?

Most of the rest of the world has had ECM's that cant be OBD flashed for the past 10 years...we should count ourselves as extremely lucky.

I would almost bet anything that we alter or customize our vehicles here more than anywhere.

LOL. Hardly the case. Check out www.youtube.com

I can wrap my head around that Ben. I just don't believe that's the main driving force behind it. Do you know you people here being hacked and can't use their vehicle? By the way I own one of those fancy vehicles.


Sent from my iPhone using Tapatalk

Sent from my iPhone using Tapatalk[/QUOTE]




Sent from my iPhone using Tapatalk

I can wrap my head around that Ben. I just don't believe that's the main driving force behind it. Do you know you people here being hacked and can't use their vehicle?


Sent from my iPhone using Tapatalk

Personally? Well no, because I dont personally know anyone who owns a 2017 vehicle.................

But this is just the beginning. Its been proven many times that its pretty easy to hack into late model vehicles and take control. Google it.

If theres a motive, and network access, anything is possible. Manufacturers just want to make it more difficult. Look at the Jeeps that had a massive recall due to a security vulnerability that allowed OTA breaches.

My guess is at some point the entire vehicle CAN communications will be encrypted using some sort of public-key cryptography system and ECM's totally locked down (well, the E92 and E80 ECM's are welded shut!). Who knows that might only be two or three years off, then we all just have to live off what is already out there that can be tuned because if you think we can break systems like RSA, DSA etc then you need to do a little more research on the subject.

Or someone can come up with a stand alone control system.


Sent from my iPhone using Tapatalk

Ok but how could a 'non GM' stand alone ECM broadcast all the required CAN messages all other modules are expecting if the CAN messages are encrypted using GM's private Key from the OEM ECM? I know where you are coming from but at some point this could all end and there is NOTHING we can do about it. I don't want to be the grim reaper but that is a real possibility.

I understand you brother. That means I just won't by one for that purpose.


Sent from my iPhone using Tapatalk

Yes that is the sad part, it will ultimately hurt GM's vehicles sales. It is kind of like making a law that hot dogs can no longer have ketchup put on them....oh really, well I'll just buy something else then.

You know, no one can hack a computer when it is off. If systems could power down then instant boot after ignition event happened using just simple parameters to make a start then the rest after that. They do that now with coms.

Like GMPX said, dollars spent somewhere else makes changes fast.

Gale Banks has posted on his facebook page he will be offering tuning. Then again, he can use Bosch Motorsports controllers, an EDC16 version he uses, and has the strongest ties with GM since he's developed his own version of the LP5 for the oshkosh truck.