02-16-2019, 03:30 PM | #23 | |
Lieutenant
409
Rep 558
Posts |
Quote:
Here let me help you some more (hopefully for the last time so we can get back on topic). As for hyphens....there should be one between "mid 2018" (but you know that right because you are a self professed English composition person - i mean that's what's going to carry you forward in life as you stated).....here let me show you....mid-2018 As for your math - yes you are correct your simple little division that you did was in fact correct (congratulations) - however using that formula to prove your point of "randomness" was no where near the correct answer. In fact you dug a deeper hole for yourself (a deep one) when you pointed out how long the B58 has been out - the longer it's been out the less likely it is a total random act that multiple tuners cracked the code around the same time. I hope none of this is lost on you...I'm only trying to help. Not trying to fry your brain In closing I'll add while you speak of indecisiveness - you may want to look at your own - after all you started to respond to my post yesterday but had to sleep on it before you came up with this response (admit it). I mean I wouldn't really care when someone responds but if you are accusing someone of something you yourself are guilty of----------(hyphens for you) it just shoots your credibility all to poop - I can share the screen shot. In the end I have only shared and written about objective facts ------you however have gone subjective personal etc...and that's not nice. ps-look for upcoming edit I'll make sure it's there ------------------------------------- Last edited by RTPenland; 02-16-2019 at 10:42 PM.. Reason: B58togo asked me to and I added a line of hyphens |
|
Appreciate
0
|
02-16-2019, 04:56 PM | #24 | |
Brigadier General
1646
Rep 4,877
Posts |
Quote:
It's not like BMW publishes the keys to their DME's, so having a bunch of tuners all having a solution within months on a 3.5 year old platform is a bit of a statistical anomaly. |
|
Appreciate
0
|
02-16-2019, 07:32 PM | #25 |
Private
16
Rep 57
Posts |
I don’t know anything, but is it an idiotic idea that one examines the tune from one vendor and reverse engineers it some way thus the initial breakthrough opens the floodgates so to speak?
|
Appreciate
0
|
02-16-2019, 07:43 PM | #26 |
Private
16
Rep 57
Posts |
Or maybe more plausible is that the aftermarket community has unwritten understanding that whoever has the breakthrough shares the info for a price. Insurance of sorts for all, no single vendor is confident they will be first or attain, so they work in concert with the first getting the spoils.
|
Appreciate
0
|
02-16-2019, 08:01 PM | #27 | |
Lieutenant
409
Rep 558
Posts |
Quote:
However something is up - it's just idle curiosity for me. But I can tell you that there is no way all these recent developments are random. Separate, isolated development work flows cannot produce independent solutions in such rapid succession if there is not some correlation between them (at least not for this complex of a challenge) Last edited by RTPenland; 02-16-2019 at 08:09 PM.. Reason: multiple periods, ellipses and of course hyphens added |
|
Appreciate
0
|
02-16-2019, 09:52 PM | #28 |
Lieutenant
409
Rep 558
Posts |
well said
Last edited by RTPenland; 02-16-2019 at 09:53 PM.. Reason: hyphens |
Appreciate
0
|
02-19-2019, 06:22 AM | #29 | ||
Major
253
Rep 1,334
Posts |
Quote:
Quote:
Typical in this industry. |
||
Appreciate
0
|
02-21-2019, 05:28 AM | #32 |
Major General
3489
Rep 9,709
Posts |
You are getting professions mixed up. A tuner is a guy who modifies an excel like table, to make an engine run differently. They know absolutely nothing about 'hacking'.
A 'hacker' has cracked the DME code and sold the ability to alter the tables to 'tuners'. Nothing more than that! |
Appreciate
1
dizzy619446.50 |
02-22-2019, 08:26 AM | #33 | |
Second Lieutenant
53
Rep 199
Posts
Drives: F22 M240i
Join Date: May 2013
Location: South Africa
|
Quote:
To add the above it has widely been known that the same Russian "hackers" have been responsible for dismantling the code for the last few BMW ECU breakthroughs and distributing the toolsets/methodology required for tuners to take advantage of. |
|
Appreciate
1
jalkster220.00 |
02-22-2019, 12:51 PM | #34 | |
Captain
225
Rep 677
Posts |
Quote:
|
|
Appreciate
0
|
02-22-2019, 01:53 PM | #35 |
Lieutenant
73
Rep 439
Posts
Drives: 2016 M235i Xdrive 8A
Join Date: Oct 2018
Location: 20036
|
Can someone explain how the DME itself is secured? How long is the encryption key and how much distributed computing power do these tuning companies have at their disposal?
Keep in mind my rack of just 6 AMD RX570s churns out 150-175 million hash combinations per second which is staggering, but mining alone it would still take me months to break a secure hash. So the math here is very well "complicated" to say the least. If one company did crack the encryption they likely just sold the solution to the others for profit. Its also possible the key was just leaked or compromised via traditional hacking or corrupt under the table dealings. This points to the "money to be made" argument.
__________________
SOLD 23K Black 2013 F30 335XI 8A Msport | BMS Intake | BMS Front Mount | VRSF Charge Pipe | BM3 Tune
2016 F22 M235 8A HK NBTevo | CTS HEX Intake | CTS Chargepipe | Gplus Intercooler | VRSF DP | BM3 Stage 2+ | 18" CSL Replicas | XHP X-Delete |
Appreciate
0
|
02-22-2019, 02:44 PM | #36 | |
New Member
0
Rep 25
Posts |
Quote:
|
|
Appreciate
0
|
02-27-2019, 06:51 PM | #37 | |
BimmerPost Supporting Vendor
1506
Rep 676
Posts
Drives: '17 F31 340xi US Spec
Join Date: Aug 2014
Location: The Woodlands, TX
|
Quote:
I know not a lot of others are willing to go into discussion on this but let me just put it simply. The security key doesnt get cracked. In theory its possible to crack that key, but its just not practical. Instead, we have spent over a year buying used computers where-ever we can find them, ebay, car-part and so on. Then we go to work and extract the bootloader, "the main brain" behind the operation of the DME. The bootloader contains all the important code that has to do with flashing/updating. We reverse engineer the bootloader and look for bytes/areas that request the data/tune file to be signed in a special way using a specific RSA key. Once we know the area where the signature is requested after a flash, we modify it to NOT request a signature. Now we have a "patched" bootloader but still have no way of loading it on the ECU because even bootlaoder is signed, just like the data/tune. This is where the hard part begins: We run the bootloader through different routines looking for errors/loopholes that BMW has accidentally left behind. This is a very long and very frustrating process and results in frying/locking countless ECUs (I think we have over 20 dead computers in storage now), but eventually we find a way that we can exploit these "errors" and force unsigned bootloader into the ECU. With our patched bootloader loaded, the game is over. ECU no longer requests signature check and we can load any file we want. And to answer the initial question: We use ethernet connection to load our tunes as this is the safest, quickest and most stable way of loading a flash onto the ECU. But, the biggest downside of etherent is the fact is that anyone can use packet sniffer and log every single byte that is transferred. Then its just a matter of putting those bytes together and finding the exploit used as well as bytes changed in bootloader. |
|
Appreciate
7
|
02-27-2019, 07:15 PM | #38 |
Lieutenant
73
Rep 439
Posts
Drives: 2016 M235i Xdrive 8A
Join Date: Oct 2018
Location: 20036
|
So instead of leasing computer power to take a run at cracking the key, you somehow find enough errors to change the bootloader not to ask for RSA key anymore?
__________________
SOLD 23K Black 2013 F30 335XI 8A Msport | BMS Intake | BMS Front Mount | VRSF Charge Pipe | BM3 Tune
2016 F22 M235 8A HK NBTevo | CTS HEX Intake | CTS Chargepipe | Gplus Intercooler | VRSF DP | BM3 Stage 2+ | 18" CSL Replicas | XHP X-Delete |
Appreciate
0
|
02-27-2019, 07:48 PM | #39 |
BimmerPost Supporting Vendor
1506
Rep 676
Posts
Drives: '17 F31 340xi US Spec
Join Date: Aug 2014
Location: The Woodlands, TX
|
It's just not practical. MG1 has 9 different bootloader versions all of them have different RSA keys. It's just not happening with the "guessing" method.
|
Appreciate
2
OldCrow7xx72.50 nikman011174.50 |
02-27-2019, 08:39 PM | #40 |
Lieutenant
73
Rep 439
Posts
Drives: 2016 M235i Xdrive 8A
Join Date: Oct 2018
Location: 20036
|
Thank you for the insight, great knowledge!!!
__________________
SOLD 23K Black 2013 F30 335XI 8A Msport | BMS Intake | BMS Front Mount | VRSF Charge Pipe | BM3 Tune
2016 F22 M235 8A HK NBTevo | CTS HEX Intake | CTS Chargepipe | Gplus Intercooler | VRSF DP | BM3 Stage 2+ | 18" CSL Replicas | XHP X-Delete |
Appreciate
0
|
02-28-2019, 06:31 PM | #41 | |
Lieutenant
73
Rep 439
Posts
Drives: 2016 M235i Xdrive 8A
Join Date: Oct 2018
Location: 20036
|
Quote:
__________________
SOLD 23K Black 2013 F30 335XI 8A Msport | BMS Intake | BMS Front Mount | VRSF Charge Pipe | BM3 Tune
2016 F22 M235 8A HK NBTevo | CTS HEX Intake | CTS Chargepipe | Gplus Intercooler | VRSF DP | BM3 Stage 2+ | 18" CSL Replicas | XHP X-Delete |
|
Appreciate
0
|
03-01-2019, 12:11 PM | #42 | |
BimmerPost Supporting Vendor
1506
Rep 676
Posts
Drives: '17 F31 340xi US Spec
Join Date: Aug 2014
Location: The Woodlands, TX
|
Quote:
For sure the second one as from a very early age, cars have been in my blood. Growing up in post-soviet Russia, I was able to pretty much do anything I wanted to (within reason of course) from ditching weeks of school to spend that time in garage to driving as soon as I was able to reach the pedals and still see the road...and all of that without getting child services called on by neighbors. Moving to USA has given me opportunities after HS to actually turn this hobby into a carrier, something I would never be able to do back "home". And that is how my first company was started in 2010 when we built world's first Twin Screw BMW V8. The car was a '99 E39 540i Wagon converted to 6Speed with a Eaton M122 mounted to it. The hardware aspect was pretty easy, but the tuning was next to impossible. I have reached out to numerous tuners, in states and abroad, in hopes to have them custom tune this build but no one was able to. They had a basic SC tune but it just wouldn't work with our setup....so it was time for me to learn the art of tuning/hacking/programming. Countless sleepless nights and gallons of coffee has led us to where we are now, and its still just the beginning. PS: Found the video of that project still posted on youtube: |
|
03-01-2019, 12:39 PM | #43 | |
Captain
225
Rep 677
Posts |
Quote:
|
|
Appreciate
0
|
03-01-2019, 12:57 PM | #44 | ||
Lieutenant
73
Rep 439
Posts
Drives: 2016 M235i Xdrive 8A
Join Date: Oct 2018
Location: 20036
|
Quote:
In high school I put a blower on a single cam Honda four cylinder (d16y8) because that's all I had and I wanted a supercharger! Jackson racing made an Eaton based kit with mechanical fuel manager. Very nice work on the wagon, blown V8 is just a great platform.
__________________
SOLD 23K Black 2013 F30 335XI 8A Msport | BMS Intake | BMS Front Mount | VRSF Charge Pipe | BM3 Tune
2016 F22 M235 8A HK NBTevo | CTS HEX Intake | CTS Chargepipe | Gplus Intercooler | VRSF DP | BM3 Stage 2+ | 18" CSL Replicas | XHP X-Delete |
||
Appreciate
0
|
Post Reply |
Bookmarks |
|
|