Have a client that just took delivery of 3 2017 duramax trucks. Is there any support for these yet?

NOPE..........BE A LONG TIME MOST LIKELY

Rumor is the ECM is locked down like an Apple Phone as far as encryption.........many roadblocks in the way, and some may be almost impossible to remove !!

There is no encryption as such but there is SHA-256 (https://en.wikipedia.org/wiki/SHA-2) signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.

There is no encryption as such but there is SHA-256 (https://en.wikipedia.org/wiki/SHA-2) signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.


SHA-256 is just a hashing algorithm. It's pretty easy to generate as long as you know exactly what generates it. (Hiding exactly what makes the hash is a sort of weak form of encryption I guess you can say).

What makes a signature is when you somehow encrypt that hash, and store that encrypted hash in the file. Then the program will take that encrypted hash and decrypt it using a key (public key if asymmetric). From there it takes the encrypted hash and checks it against the rest of the file by running the hash algorithm. (Sometimes it will check it against the actual hash stored in the file).

Your solution is to find that public key/key and swap it out with your own. This might not be doable through OBD2 flashing. It really depends how they implemented it.

I would expect the ECM bootblock would contain the public key as that is the part of the ECM that is doing the validation during the reflash.
When the controller is flashed a hash is sent up to the ECM for the data to be flashed for each cal segment (I don't recall the exact size, maybe 800 bytes or so), we have to assume this hash is generated with GM's private Key which we will likely never know therefore we cannot generate a valid hash that works with their public key.
The bootblock is not accessible via OBD-II therefore we cannot replace their public key / hash with our own and sign then calibrations with our own matching private Key either.

I look at it this way, GM have been working on this for years no doubt and they've chosen SHA-256 because it is not crackable if implemented correctly..... so it is possible they have actually won the battle to keep tuners out (and therefore soon to be watching sales drop off!). So just like the video game console manufacturers appear to have won the battle against game piracy as processing power becomes cheap for them to put in solid signing mechanisms or encryption systems that have yet to be beaten. And think about how many people would be working on that since the PS3 came out in 2006 and only once did anyone get anywhere because SONY made an implementation error on one of their firmware updates that was fixed. But for the last 11 years nobody has beaten the PS3 protection to be able to sign valid signatures for PS3 games.

Well..........that was an interesting read :

https://en.wikipedia.org/wiki/SHA-2

So at any time they can alter the public and private key ??

So in effect, they could, as a normal coarse of business make constant changes to the public and private key ?

As in, sorry about your luck ???

Well..........that was an interesting read :

https://en.wikipedia.org/wiki/SHA-2

My intention behind posting that link was to try to nip in the bud the 'But can't you just' questions :hihi:
So here is some numbers on the older SHA-1 system that GM aren't using and has been replaced with stronger SHA-2 (or SHA-256 as per GM) with no known exploit existing.

"This attack required over 9,223,372,036,854,775,808 SHA1 computations. This took the equivalent processing power as 6,500 years of single-CPU computations and 110 years of single-GPU computations"
http://thehackernews.com/2017/02/sha1-collision-attack.html

Pretty sure that with the current approach the universe will run out of energy before someone finds a SHA2 collision.

BUT. Vulnerabilities will be found. If not by humans, then computers will find the vulnerabilities. That will knock the number down significantly just like it did with SHA1.

So there is hope (if you can call it hope). But... At the point it comes to fruition I doubt anyone is going to be concerned with 20 year old Duramax engines.

So in effect, they could, as a normal coarse of business make constant changes to the public and private key ?
If they did then it breaks their own compatibility in a way. They could be all means change the Keys if they released say an E41A controller, or E41B controller.
Lets (safely) assume there is a only a handful of people at GM that know their private signing key for a particular controller so they can be reflashed via OBD-II. We know it is impossible to reverse engineer what that key value might be so the only way to get the private key is from one of those people. Imagine tomorrow EFILive released tuning for this E41 where we could correctly sign the calibrations so when it is processed with the public key in the ECM it works out, GM are not going to turn a blind eye to that and heads would roll and lawyers would smell blood, it's not a good situation at all.
Maybe there is an exploit that someone will discover down the track, who knows.


As in, sorry about your luck ???


So there is hope (if you can call it hope). But... At the point it comes to fruition I doubt anyone is going to be concerned with 20 year old Duramax engines.

Unfortunately, yes that about sums it up.

Would a flood of letters to GM explaining that cutting off aftermarket alterations is going to be detrimental to their sales once word gets out actually change anything? Probably not and it may be external pressures have forced them to take this path. As soon as this finds its way in to the gas controllers (which I assume it will) then GM will be in trouble with their performance cars, nobody wants to go see ten 2018 Corvette's run the exact same times down the drag strip because nobody can tune them, that would be embarrassing really.

Im sure a ~30hp harness box (rail pressure fooler or something) isnt out of the question for the L5P.

But any more than that and you'll probably bump into the limits of the "max allowed calculated power" algorithms/ECM torque model sanity checks.

If they did then it breaks their own compatibility in a way. They could be all means change the Keys if they released say an E41A controller, or E41B controller.
Lets (safely) assume there is a only a handful of people at GM that know their private signing key for a particular controller so they can be reflashed via OBD-II. We know it is impossible to reverse engineer what that key value might be so the only way to get the private key is from one of those people. Imagine tomorrow EFILive released tuning for this E41 where we could correctly sign the calibrations so when it is processed with the public key in the ECM it works out, GM are not going to turn a blind eye to that and heads would roll and lawyers would smell blood, it's not a good situation at all.
Maybe there is an exploit that someone will discover down the track, who knows.





Unfortunately, yes that about sums it up.

Would a flood of letters to GM explaining that cutting off aftermarket alterations is going to be detrimental to their sales once word gets out actually change anything? Probably not and it may be external pressures have forced them to take this path. As soon as this finds its way in to the gas controllers (which I assume it will) then GM will be in trouble with their performance cars, nobody wants to go see ten 2018 Corvette's run the exact same times down the drag strip because nobody can tune them, that would be embarrassing really.

I see the value of the LML just went up...........LOL

I think a 2016 is going to be the last one then.

It's too bad, but for a long time GM and other big name manufacturers have been trying to crush any parts that compete with genuine GM parts, there was a big deal a few years back with them trying to forbid anyone from installing anything other than genuine GM or FORD or whomever parts on anything, right down to wiper blades !!

You will see a hoarding of older trucks, and sales will continue, but guys who want to personalize and go faster will hold onto tunable vehicles, I see many people wanting to hang onto LB7 and LBZ models for those reasons, especially in Communist CA and other blue emissions zealot states.

When a enthusiast cannot even change his speedo for tires and a lift or remove the speed limiter its a non-starter.

I was going to do some mods to my 2012, but I am now looking for a low mileage/pristine and stock 2016........I don't want a new truck that is forced to remain stock, and many others will think the same way.

Maybe save the $10K and get a gasser..........LOL

I know this was brought up before during the initial LML tuning issues debate back in 2011, but what are the chances that a LML ECM could be setup to run a L5P???? ...... in a 2017 truck???? Just a random thoughts on something to try ....

Bosch vs Denso.

Different fuel system............so NOPE.

Banks has a stand alone, but it will not work with a vehicle like a new L5p.

Its going to be a long road, with maybe no way to tune them, unless after 5 years GM decides to release the key, after warranty is out, but I highly doubt that is going to ever happen either.

They want to keep it locked down, and they have done just that.

Just give it time, much is yet to be seen.


2004 Silverado Cali lb7, Airdog ll 165, fresh sticks at 325k, Custom tune on v2 for daily driver, 33x12.5 nitro at on 20 inch American steal wheels, modded factory air box, Profab Intake Horn, Batmo Wheel, Turbo port and polish, Full EGR Removed w/ fed belt, 3.5 inch MBRP Downpipe, Full five inch MBRP Exhaust axle dump, 10mm lbz cp3 pump, Dual Yellow Top Optimas, High Output Alternator, Cognito Pittman and idler w/ support kit, Cognito Contol arms, Drilled and Slotted Rotors on all four Corners, FEd Y Bridge.

Just give it time, much is yet to be seen.



Of course you can tune them. You have access to the hardware. All measures to prevent that are just obfuscation. But you need to remember the bulk of our customers and money comes from day to day drivers. These people don't want to take out their ECM and send it off the be tuned, nor should you expect them to. There is no profit here, and at the end of the day everyone is here to put bread on the table.

Tuning through OBD2 might be possible if some easy to exploit vulnerability exists, but how much you can do through over the CAN is really limited. It's unlikely any vulnerability exists at all, and you would still need the RND to find and exploit that vulnerability.

So that means tackling the encryption directly is the only 'viable' solution. Because if you did that you can flash over OBD2 just like you can with the LMl and others. But now we are back to the issue we were already talking about....

So! If you want you can explore the realm of mathematics and look at the SHA2 algorithim. One of two possibilites will happen.

1. You never figure it out.

2. Your door gets busted down and you will have guns pointed at your head. Welcome to the NSA. You work for us now.

When a enthusiast cannot even change his speedo for tires and a lift or remove the speed limiter its a non-starter.
Not only simple stuff like that, we have customers in the gas world that are GM approved fitters of CNG systems for late model gas trucks that must disable E85 etc. If this security flows on to the gas ECM's then they are stuck too because GM cannot legally modify calibrations for them, they are 100% reliant on aftermarket tuning solutions and the irony is their CNG conversions are 100% EPA approved.
I don't know, maybe a 2017 Dodge RAM isn't a bad option? I jumped off the GM ship on my last vehicle purchase because of what they did with Holden.

We are not to an entirely digital platform yet. Modules are dependent on a network of devices that talk to each other. Vendors with deep pockets will end up replacing the entire network(all the modules) and writing a new base tune from which an entire generation of tuners will be born. After a base is made then tuning companies, vendors, and individual tuners the world over will begin refining and customizing.

Like I said, just wait.


2004 Silverado Cali lb7, Airdog ll 165, fresh sticks at 325k, Custom tune on v2 for daily driver, 33x12.5 nitro at on 20 inch American steal wheels, modded factory air box, Profab Intake Horn, Batmo Wheel, Turbo port and polish, Full EGR Removed w/ fed belt, 3.5 inch MBRP Downpipe, Full five inch MBRP Exhaust axle dump, 10mm lbz cp3 pump, Dual Yellow Top Optimas, High Output Alternator, Cognito Pittman and idler w/ support kit, Cognito Contol arms, Drilled and Slotted Rotors on all four Corners, FEd Y Bridge.

Really not certain what solutions will be taken. Much like EFI, PPEI has also established great connections in the programming industry - long story short... We have spent literally hundreds of thousands trying to crack this ECU and we have only made it full circle to see we currently see no way of it being done.

Now, i'm sure someone will think outside the box and (Even maybe simply) make it happen... but all of my techniques and contacts have been exhausted.. We will not be visiting L5P for at least a few months again... No clue what is going to be done!

We have spent literally hundreds of thousands trying to crack this ECU and we have only made it full circle to see we currently see no way of it being done.
Thanks Kory, it's a sad day for GM Diesel that is for sure.

Probably come down to replacement hardware, these guys appear to be working on the older stuff not sure if they will last I don't foresee them flying off the shelf at that price. https://www.razemotorsports.com/products/duramax-lml-ecu-kit

The idea of designing an ECM and having rock solid software running it is pretty daunting, these companies do an amazing job for sure so I don't want to rain on their parade in any way. But I'm not sure what benefit it would be to use one on the LB7 etc, maybe they do need to get serious about the L5P instead and with volume the price might come down.

Yeah that's rediculous


2004 Silverado Cali lb7, Airdog ll 165, fresh sticks at 325k, Custom tune on v2 for daily driver, 33x12.5 nitro at on 20 inch American steal wheels, modded factory air box, Profab Intake Horn, Batmo Wheel, Turbo port and polish, Full EGR Removed w/ fed belt, 3.5 inch MBRP Downpipe, Full five inch MBRP Exhaust axle dump, 10mm lbz cp3 pump, Dual Yellow Top Optimas, High Output Alternator, Cognito Pittman and idler w/ support kit, Cognito Contol arms, Drilled and Slotted Rotors on all four Corners, FEd Y Bridge.

Really not certain what solutions will be taken. Much like EFI, PPEI has also established great connections in the programming industry - long story short... We have spent literally hundreds of thousands trying to crack this ECU and we have only made it full circle to see we currently see no way of it being done.

Now, i'm sure someone will think outside the box and (Even maybe simply) make it happen... but all of my techniques and contacts have been exhausted.. We will not be visiting L5P for at least a few months again... No clue what is going to be done!

Let the Russians hack it, or have Snowden get someone in the NSA to hack GM's servers.............LOL

But on a more serious note.........it will dampen new L5P sales and make the LML, LBZ market even stronger for resale values.

GM Most likely will see these sitting on the lots, people who don't want to tune them will buy them, but the enthusiast with $60k+ and on top of that $10K in mods will refuse to upgrade.

I know I had a new 2018 on my radar, but now a low mileage 2016 Denali is in my cross hairs.

And yes, as Ross stated, a sad day indeed.

Let the Russians hack it, or have Snowden get someone in the NSA to hack GM's servers.............LOL

But on a more serious note.........it will dampen new L5P sales and make the LML, LBZ market even stronger for resale values.

GM Most likely will see these sitting on the lots, people who don't want to tune them will buy them, but the enthusiast with $60k+ and on top of that $10K in mods will refuse to upgrade.

I know I had a new 2018 on my radar, but now a low mileage 2016 Denali is in my cross hairs.

And yes, as Ross stated, a sad day indeed.


Same here come 500k on my lb7 I will do a 16 high country


2004 Silverado Cali lb7, Airdog ll 165, fresh sticks at 325k, Custom tune on v2 for daily driver, 33x12.5 nitro at on 20 inch American steal wheels, modded factory air box, Profab Intake Horn, Batmo Wheel, Turbo port and polish, Full EGR Removed w/ fed belt, 3.5 inch MBRP Downpipe, Full five inch MBRP Exhaust axle dump, 10mm lbz cp3 pump, Dual Yellow Top Optimas, High Output Alternator, Cognito Pittman and idler w/ support kit, Cognito Contol arms, Drilled and Slotted Rotors on all four Corners, FEd Y Bridge.

Probably come down to replacement hardware, these guys appear to be working on the older stuff not sure if they will last I don't foresee them flying off the shelf at that price. https://www.razemotorsports.com/products/duramax-lml-ecu-kit

I happen to know personally who is behind that project......I will probably have one for testing, he is a long time customer and personal friend.

He has been working on it for a few years, the code will be void of any gotcha or "parameters" that look for or care about any thing other than the fuel system and turbos.............LOL

No messages, dtc codes or gremlins, like LB7 code for an LML.

I did not think he was that far along.

I don't see how a race stand along will ever fill the position of of a ecm that controls many functions of other modues on the data bus.

No messages, dtc codes or gremlins, like LB7 code for an LML.


I don't see how a race stand along will ever fill the position of of a ecm that controls many functions of other modues on the data bus.
I thought the same thing, unless GM provided them with the intermodule CAN comms data it is probably for pure race trucks only. For the owner that just wants a bit better throttle response and better shifts with all emissions in place they will be out of luck still because I cannot imagine that ECM will have DPF & EGR, Urea control for the later models AND be EPA approved for road use.

I thought the same thing, unless GM provided them with the intermodule CAN comms data it is probably for pure race trucks only. For the owner that just wants a bit better throttle response and better shifts with all emissions in place they will be out of luck still because I cannot imagine that ECM will have DPF & EGR, Urea control for the later models AND be EPA approved for road use.

As far as I was told last year when it was mentioned to me it is a custom OS, the person writing the software is quite talented at many tasks, including encryption........the files and editor will be from what I was told very secure from hacking and reverse engineering.

As far as I was told last year when it was mentioned to me it is a custom OS, the person writing the software is quite talented at many tasks, including encryption........the files and editor will be from what I was told very secure from hacking and reverse engineering.
It would have to be their own ECM OS written from scratch or they'll find themselves in court if they reused any of GM's code. That is the impressive part for me, not sure how many people work there but companies like Bosch, Delphi etc have 'buildings' full of engineers to come up with what they do.

If anyone is interested here is GM's patent on the new security used.
http://patentimages.storage.googleapis.com/pdfs/US8930710.pdf
(http://patentimages.storage.googleapis.com/pdfs/US8930710.pdf)
No need to read over the whole thing because the paragraphs under "2. Discussion of the RelatedArt" explain the cryptography used. Notice also that it was filed in January 2015 and two years later it finally appears, I doubt there is any exploit in this, I think GM spent a long time getting it right.

It would have to be their own ECM OS written from scratch or they'll find themselves in court if they reused any of GM's code. That is the impressive part for me, not sure how many people work there but companies like Bosch, Delphi etc have 'buildings' full of engineers to come up with what they do.

I was "told" he wrote a lot of code for those above named companies, he is from what I was told a very high level OS programmer and skilled encryption expert.

I have known the person financing the projects for 8 or 9 years, he has been a long time customer and friend, I knew he was working on this project, but I never thought he would get it done this quickly.

I have reached out to him, waiting to hear back.

But lots of stuff going on in that company, the guy financing it loves to go fast and make lots and lots of power, all the vehicles pictured on his web site, the white/pink LLY the black LB7 and the Kodiak are all tuned by me, he is a great person and very smart business wise.

I am sure a gaggle of high priced lawyers are already on it !!!

I can't imagine it would be very hard if you are not concerned about the massive feature list of the original ECU.

The big kicker is finding a nice micro controller to build off of. And a Decent RTOS. But, a decent RTOS is lots of dollars. (I think the LML uses something from etas?). You could also make your own, and that really just becomes a question on how fancy you want to be.

I hope he is successful the power-sports side I bet does really well in time, hopefully the diesel side goes somewhere but the LB7-LMM is a tuff market since it can be handled easily with what we have. The LML I could see a maybe but it's slowly coming along with what we have just not perfect.

I hope he is successful the power-sports side I bet does really well in time, hopefully the diesel side goes somewhere but the LB7-LMM is a tuff market since it can be handled easily with what we have. The LML I could see a maybe but it's slowly coming along with what we have just not perfect.

Last time we talked, which was before Xmas 2016, he told me that the goal was to have simplicity of the code, meaning that all the tables that screw up on LLY-LML in the background due to the may emissions tables were out, gone, and the code as far as how it would control the ecm would be like an LB7, fuel, boost, timing, its geared more towards a race/purpose built vehicle, as in go fast without issues.

I was told back in the beginning the pricing would be less that this is, as in this much higher than his initial cost estimate, I am not sure how many people will pay $5k for an ecm/harness.

In the case of a transplanted LML, no vats, no BCM, no DIC messages, etc, so for an option of say a square body chevy with a LML transplant I can see that becoming easy to do.

Its one ECM, I am not sure there is any difference other than the harness and the code, I am waiting to get one, even if its just for testing on my 2012 LML.

What is the chance of snooping in on the data being transmitted over the obd if the is any future updates to see what is transmitted and look for this key? Or is the key different for each segment so this would be impractical?

It is different boss


2004 Silverado Cali lb7, Airdog ll 165, fresh sticks at 325k, Custom tune on v2 for daily driver, 33x12.5 nitro at on 20 inch American steal wheels, modded factory air box, Profab Intake Horn, Batmo Wheel, Turbo port and polish, Full EGR Removed w/ fed belt, 3.5 inch MBRP Downpipe, Full five inch MBRP Exhaust axle dump, 10mm lbz cp3 pump, Dual Yellow Top Optimas, High Output Alternator, Cognito Pittman and idler w/ support kit, Cognito Contol arms, Drilled and Slotted Rotors on all four Corners, FEd Y Bridge.

What is the chance of snooping in on the data being transmitted over the obd if the is any future updates to see what is transmitted and look for this key? Or is the key different for each segment so this would be impractical?


It is different boss
Exactly, LB72004 I posted the link to an explanation on how SHA hashing works HERE (https://forum.efilive.com/showthread.php?27554-2017-Duramax&p=238129&viewfull=1#post238129).
But to quickly answer your question, the 'private' key GM sign these calibrations with is never transmitted on the CAN bus, it is never let loose outside of GM engineering so it is impossible for anyone but them to sign calibrations correctly.

Can they be flashed from the back door? Or is it locked too?

Can they be flashed from the back door? Or is it locked too?

128 bit encrypted according to ROSS.

They got serious this time................!

Guys, there is no encryption on these ECM's, lets get the terminology correct.
There is a password on the 'back door' as it was put (and sorry, it is 64 bit, not 128), but either way you ain't getting in unless you know it. This is the password that protects the ECM from being opened up and the flash dumped out using JTAG tools (Google PowerPC censorship password).
The flash segments again are not encrypted in any way, they just have a SHA-256 signature included that nobody other than GM can calculate with their private key that must be sent and validated during the OBD-II flash.
So yes doors are closed and the keys broken off in the lock, nothing to see here folks please move on to your nearest Dodge or FORD dealership.

Guys, there is no encryption on these ECM's, lets get the terminology correct.
There is a password on the 'back door' as it was put (and sorry, it is 64 bit, not 128), but either way you ain't getting in unless you know it. This is the password that protects the ECM from being opened up and the flash dumped out using JTAG tools (Google PowerPC censorship password).
The flash segments again are not encrypted in any way, they just have a SHA-256 signature included that nobody other than GM can calculate with their private key that must be sent and validated during the OBD-II flash.
So yes doors are closed and the keys broken off in the lock, nothing to see here folks please move on to your nearest Dodge or FORD dealership.

2017 FORD is in need of a locksmith as well it seems.

Its one ECM, I am not sure there is any difference other than the harness and the code, I am waiting to get one, even if its just for testing on my 2012 LML.

I highly HIGHLY doubt it will work in a factory truck. Im sure its strictly for standalone applications.

Which would still be nice...because as of right now, its impossible to make an LML run in standalone without keeping the BCM, TDM, and original ignition key. So this aftermarket ECU would give engine swap guys a nice alternative to a complex standalone harness that has additional wiring for the BCM etc.

2017 FORD is in need of a locksmith as well it seems.
Oh dear.
I don't think it is in any of this generation EDC17 ECM's but I had read last year about the new Bosch ECM's that were coming out that did have on the fly decryption meaning everything stored in the ECM is gobbledygook unless you know the private decryption Key (there's that private key thing again). That is even one step beyond what we are dealing with today.
Out of interest, read page 6 of the pdf in the link below, this explains exactly what GM have implemented in the E41.
http://www.nxp.com/assets/documents/data/en/white-papers/AUTOSECURITYWP.pdf


I highly HIGHLY doubt it will work in a factory truck. Im sure its strictly for standalone applications.

Which would still be nice...because as of right now, its impossible to make an LML run in standalone without keeping the BCM, TDM, and original ignition key. So this aftermarket ECU would give engine swap guys a nice alternative to a complex standalone harness that has additional wiring for the BCM etc.
I would say it'll be like many of GM's late model gas ECM's where there is no specific theft disable calibration, we have to patch the OS in those to make them run standalone. Unfortunately (here we go again) the LML OS sections are protected with a digital signature.

Reading that made my head hurt !!

I wonder if there are any vulnerabilities via the secondary CAN controller.

I wonder if there are any vulnerabilities via the secondary CAN controller.
I can't see how that would be possible, once the ECM is put in to programming mode it would not be listening to any other modules on the bus.

Oh dear.
I don't think it is in any of this generation EDC17 ECM's but I had read last year about the new Bosch ECM's that were coming out that did have on the fly decryption meaning everything stored in the ECM is gobbledygook unless you know the private decryption Key (there's that private key thing again). That is even one step beyond what we are dealing with today.


That's probably less about keeping the aftermarket out (I mean, the signatures is enough, right?) and more about keeping researchers from discovering diesel defeat devices. ;-)

Very unlikely. The researchers didn't need to examine the VW code to see something was wrong. Also a court order can force GM to reveal the emmision strategy/code if the epa/carb had enough to show something was not right.

Very unlikely. The researchers didn't need to examine the VW code to see something was wrong. Also a court order can force GM to reveal the emmision strategy/code if the epa/carb had enough to show something was not right.

One can't deny that researchers could have (maybe not quite so easily) reversed engineered the ECU code to find the defeat device code, right? If the code is encrypted, however, reverse engineering is a much less feasible (likely impossible, as Ross said) option.

If the code is encrypted, however, reverse engineering is a much less feasible (likely impossible, as Ross said) option.
The code is not encrypted so they aren't trying to hide anything, it's just digitally signed to stop people modifying it.

The code is not encrypted so they aren't trying to hide anything, it's just digitally signed to stop people modifying it.

Ross,

Can you explain this digital signature for those who don't understand it vs encryption?

Ross,

Can you explain this digital signature for those who don't understand it vs encryption?
I had a link a few pages back to a Wiki article that demonstrated the signature system GM used.
https://forum.efilive.com/showthread.php?27554-2017-Duramax&p=238349&viewfull=1#post238349

But as simple as I can put it.
A digital signature is used to validate data.
Encryption scrambles the data so it is not 'readable' until Decrypted.

Unfortunately the digital signatures these days are so complex they cannot be tricked and can valid ones can only be generated by GM.

Cheers,
Ross

The code is not encrypted so they aren't trying to hide anything, it's just digitally signed to stop people modifying it.

Yes, I was referring to Bosch's apparent future plans to encrypt/decrypt on the fly.

Right ok, yeah that sounds bad. These are (http://www.infineon.com/cms/en/product/channel.html?channel=5546d4614815da8801487eb5b85d3 291) the CPU's they are going to be using. Goodnight to tuning for anything running that.

Dumb question...Dont the newer tunable cummins ecms have a similar signing and a way to patch it so it'll accept unsigned calibrations?

Sent from my 2PS64 using Tapatalk

Yes but they have an exploit to turn it off. The signing is solid, they just left a gap in the door. At this stage it doesn't look like GM made the same mistake.

There is no encryption as such but there is SHA-256 (https://en.wikipedia.org/wiki/SHA-2) signatures on every calibration segment and the OS, no external reflash bootloader permitted so the signature validation cannot be bypassed and to top it off the JTAG/BDM is 128bit password protected.
Be prepared to accept that these may never be tunable, nobody but GM can generate the SHA-256 signatures and if someone does they will likely be sued by GM because SHA-256 is not crackable.

Hi, do someone know what tool was used to confirm the JTAG/BDM is 128bit password protected , any board pictures available
tks

We use P&E Micro's equipment for BDM purposes......and the BDM password is different on every ECM.

Hi, do you recall the ecu family , were you able to access the pad board by removing the thin cover or it required to completely dismantle the box, tks

CPU is a MPC5676R.
There is no BDM pads in a row, the connection points are spread out all over the PCB... and no we aren't showing where they are, we had to destroy an ECM to trace them out :).
Forget BDM, honestly you are wasting your time.

Thank you for the info

Any news? lol

Yes, 2017+ GM Duramax tuning is dead...but that is old news :shock:

I'm such an idiot, I traded my 16 for a 17 :wtf1:

I wish we could help but GM have set themselves a goal to kill off the aftermarket and so far they are winning with worse to come.

Yes, 2017+ GM Duramax tuning is dead...but that is old news :shock:

Sad........they killed all of it, Gassers and TCM's as well


I'm such an idiot, I traded my 16 for a 17 :wtf1:

Trade back for a 2016 !


I wish we could help but GM have set themselves a goal to kill off the aftermarket and so far they are winning with worse to come.

Sad day it is........... :(

We've heard of some more bad news folks, looks like another new gas ECM is getting the full on security treatment from GM (like the E41, E88), this one is going to be even less popular than the L5P being killed off.

We've heard of some more bad news folks, looks like another new gas ECM is getting the full on security treatment from GM (like the E41, E88), this one is going to be even less popular than the L5P being killed off.

The next gen small block controller? Ie the E92 successor/replacement?

This thread is getting worse by the day !! I can’t take it ... this is depressing

The next gen small block controller? Ie the E92 successor/replacement?
Yep

https://i.imgflip.com/24nj4y.jpg (https://imgflip.com/i/24nj4y)via Imgflip Meme Generator (https://imgflip.com/memegenerator)

Yep
Just to clarify, are these in the 2018's or the 2019's?

2017 and up

Just to clarify, are these in the 2018's or the 2019's?

2019 for the gassers

2017 for the Duramax L5P

Yes, the gassers is what I was trying to clarify. I know this is a Duramax thread but the fact that the gassers are now also screwed will affect a much larger base. Very sad to hear.

Where are other manufacturers with this type of security? Have any other implemented something like this?

Sent from my LG-H872 using Tapatalk

Dodge and ford trucks you can still delete

I suspect FORD may in the same boat in a few years. The Bosch ECM's they use are due for replacement, the next generation of these Bosch ECM's are supposed to have all security doors closed.
Dodge, I don't know there, maybe the new ECM due in 2019 will have all doors closed too. It is a trend that isn't reversing.

I was curious about the gas ECMs I'm more concerned about buying cars from a manufacture who has the least amount of this type of security.

I'm assuming there is some background rules at the EPA or something that's driving these changes.

I just learned how much tuning solutions are out there for BMW especially for bcm and peripheral modules, which i feel is completely locked down for gm stuff.

Sent from my LG-H872 using Tapatalk

I just learned how much tuning solutions are out there for BMW especially for bcm and peripheral modules, which i feel is completely locked down for gm stuff.
Euro cars tend to use a mix of Bosch and Siemens controllers. As far as I know the next gen ECM's from those two companies will use new Infineon AURIX CPU's that like GM now will have dedicated security subsystem built in to keep people out. It isn't just GM heading in this direction, as cars become 'connected' to the outside world and with greater automation of driving the manufacturers must make them 100% secure. Unfortunately the tuning business we've all known for so long isn't part of that grand vision.

My guess is there will be a gap. Just like when we went from carb to OBDI EFI and that was the devil. Either the aftermarket will eventually figure out how to hack the factory PCMs with different methods (maybe a mole leaks a secret?), or the standalone industry will step up. Either way, this really jives with that RPM act that the EPA tried ramming down our throats a year or so ago. One thing's for sure, it looks like the cost of tuning just went through the roof on the new stuff ASSuming someone can do it. Lucky for me I'm not afraid of old shit so it'll be a while before I'm butthurt by a lack of ability to tune my own rides. My real concern is without the ability to remain relevant with new stuff, how long will EFILive survive and support what they have cracked? Or will your focus shift to unlocking more capability to older modules? It's difficult to project how profitable that may be. On one hand, it's not the new new but on the other hand, if that's what we're relegated to then it is relevant.

My real concern is without the ability to remain relevant with new stuff, how long will EFILive survive and support what they have cracked? Or will your focus shift to unlocking more capability to older modules? It's difficult to project how profitable that may be. On one hand, it's not the new new but on the other hand, if that's what we're relegated to then it is relevant.
We saw this coming a year ago when the L5P ECM (aka E41) hit the streets which is why our focus has been on developing non traditional EFILive markets for the last year (Cummins HD) and we will keep going back to support older HD ECM's too.
Will ECM tuning become the next Playstation & Xbox mod chip industry where eventually the modifiers got outsmarted by technology? Yes, I believe so.

what about the 2018 2.8 duramax for the Colorado?

Should be ok, I haven't seen a 2018 2.8L Colorado file yet but some other 2018 vehicles that use E98's have been tuned so they have not migrated to the new security the E41 is using.
But keep in mind at some point GM will migrate all vehicles over to the new security for their connected vehicles, that might mean new ECM's to replace ones currently in use or they may update them (like T87 to T87A).

I’m trading my 2017 2500 duramax for a Colorado duramax... music to my ears

Wow, that bad hey ?

Yeah I mean no point in having a 2500, can’t delete it

EFILive doesn't have delete parameters in E98 either.

Tuning issue aside, doesn't this create a complete monopoly on repair of GM vehicles. You must go to a dealer, pay what ever they want and wait as long as make you?? It's this just the same issue John Deere has created -by contract, not technology- that prevents farmers from repairing their own tractors (and has precipitated state legislator involvement - https://www.wired.com/2015/04/dmca-ownership-john-deere/). Doesn't this destroy the idea of ownership?? Seems to me we should stop trying to find work-arounds and standalones and start writing legislators.

I was going to wait a few years to buy another Cummins, and I was hoping the '19 rumored EGR-less engine would happen. But if that ecm is locked down I'd be forced to buy a 18'. Keeping a close Eye on the '19 Cummins

Tuning issue aside, doesn't this create a complete monopoly on repair of GM vehicles. You must go to a dealer, pay what ever they want and wait as long as make you?? It's this just the same issue John Deere has created -by contract, not technology- that prevents farmers from repairing their own tractors (and has precipitated state legislator involvement - https://www.wired.com/2015/04/dmca-ownership-john-deere/). Doesn't this destroy the idea of ownership?? Seems to me we should stop trying to find work-arounds and standalones and start writing legislators.

I was going to wait a few years to buy another Cummins, and I was hoping the '19 rumored EGR-less engine would happen. But if that ecm is locked down I'd be forced to buy a 18'. Keeping a close Eye on the '19 CumminsI don't think this prevents people from flashing a tune with aftermarket equipment , only problem is the tune has to have a signature that's encypted, meaning the only ones who can make tunes is GM since they are the only ones who have the key to that signature. If you had to repair an ecm or something you could still do it yourself with but you can only flash it with stock software that's verified to pass emmissions.

Sent from my LG-H872 using Tapatalk

Tuning issue aside, doesn't this create a complete monopoly on repair of GM vehicles. You must go to a dealer, pay what ever they want and wait as long as make you?? It's this just the same issue John Deere has created -by contract, not technology- that prevents farmers from repairing their own tractors (and has precipitated state legislator involvement - https://www.wired.com/2015/04/dmca-ownership-john-deere/). Doesn't this destroy the idea of ownership?? Seems to me we should stop trying to find work-arounds and standalones and start writing legislators.

I was going to wait a few years to buy another Cummins, and I was hoping the '19 rumored EGR-less engine would happen. But if that ecm is locked down I'd be forced to buy a 18'. Keeping a close Eye on the '19 Cummins

GM indicated that this stuff is their intellectual property, so reflashing now violates the law in a way. I can see GM circumventing said monopoly in a catch 22 sort of way where they offer their scanners to repair shops at a price no sane person would ever pay.

I don't think this prevents people from flashing a tune with aftermarket equipment , only problem is the tune has to have a signature that's encypted, meaning the only ones who can make tunes is GM since they are the only ones who have the key to that signature. If you had to repair an ecm or something you could still do it yourself with but you can only flash it with stock software that's verified to pass emmissions.
Spot on, anyone with a TIS subscription can flash a correctly signed factory file in to an L5P, GM haven't restricted that.
What will make things even more interesting is when the CAN bus becomes encrypted (2020 I think I read), Maybe like Dodge do now they will have a gateway module on the OBD-II port that only translates allowed messages to pass and get encrypted so scantools continue to work but of course that mean they can block whatever they want from reaching the modules.

I guess you could argue if there was something wrong in the calibration and gm wouldn't release a fix, you would have the right to fix it yourself, but then again if it affected emissions integrity I do know? I guess the only thing we can do now is boycott gm products but I have a feeling everyone will follow along.

Sent from my LG-H872 using Tapatalk

Yup. Long term the RPM Act will slowly become a moot point.

I guess the only thing we can do now is boycott gm products but I have a feeling everyone will follow along.

Sent from my LG-H872 using Tapatalk

I agree, with the onslaught of driving automation (https://www.theverge.com/2018/1/12/16880978/gm-autonomous-car-2019-detroit-auto-show-2018) (who is asking for this BTW) and cars connected to the internet then all manufacturers will make their cars as secure as technically possible. Boycotting GM won't do much, I doubt they will reverse what they've spent many years perfecting so the aftermarket can continue to modify their cars.

I agree, with the onslaught of driving automation (https://www.theverge.com/2018/1/12/16880978/gm-autonomous-car-2019-detroit-auto-show-2018) (who is asking for this BTW) and cars connected to the internet then all manufacturers will make their cars as secure as technically possible. Boycotting GM won't do much, I doubt they will reverse what they've spent many years perfecting so the aftermarket can continue to modify their cars.Yeah I'm really against the obsession of driverless cars, I support safetey systems that help us avoid accidents, but it's a very sad time I feel time is running out very fast for us.

I still think there are still too many scenarios to account for to make a completely autonomous vehicle, every one of these scenarios must be programmed in. Funny how Tesla gets away with literally killing people, and gm gets sued because people decided to put way to much on their key chains. Tesla gets away with it because the do gooders say they are green and saving the world from the evil corporate America.



Sent from my LG-H872 using Tapatalk

Turning America into a dictoatorship country

Dictatorship *

Is this what our fathers and grandfathers said in 1970 when the hp wars began grinding to a halt in favor of emissions? Are we now the crusty old dudes?

Europe is worse, Diesel cars will be totally banned by 2025 I think it was.

Banned or no longer in production of new ones?

As in no longer allowed to drive them.
https://www.theguardian.com/environment/2016/dec/02/four-of-worlds-biggest-cities-to-ban-diesel-cars-from-their-centres

But in Germany they can do it now.
http://www.abc.net.au/news/2018-02-28/diesel-cars-could-be-banned-from-german-cities/9491680

Anyone see this thread on DuramaxDiesels?

http://www.duramaxdiesels.com/forum/showthread.php?p=1099677&posted=1#post1099677

Apparently Sc search technology "cracked the ecm and is flashing in their modified code

Super smart guys if they did, well done to SC Research LLC.
I've decided to lock this thread for the time being because I can see where this will go, will reopen at a later date as things pan out.