What's new
By:

Lucid app update v1.49.0

GoFast said:
The cool thing about the telematics module being "always on" would be that the car would always be awake instantly when you opened the app, including when the car is on WiFi .
Click to expand...
Right, but what about battery drain?
 
jtbg said:
It would be protected against by the nature of 802.11 (in theory). WLAN connections are _always_ initiated by the client probe frame. Receiving and parsing that signal is a very low-power task, certainly less than the current model where the the car acts as a client and sends its own probe frames.

tbh the fact that it's not done this way makes me think maybe there's like an FCC regulation against it maybe
Click to expand...
It’s the vehicle side parsing I’m worried about - is there an automotive part available that can do this within a low power budget? (I thought the car is woken by SMS which I suppose is low power?)

(I am well and truly out of my depth there if you couldn’t tell)
 
idiot900 said:
Right, but what about battery drain?
Click to expand...
The battery drain of a mostly sleeping embedded computer waiting for a radio RX interrupt? Even just on the 12V battery, that wouldn't be an issue. Factor in the HV battery which could power a house for a day or two? You'll never notice that. Think about all the IoT devices that do more than that and run on a button battery for 1-2 years.
 
segbrk said:
The battery drain of a mostly sleeping embedded computer waiting for a radio RX interrupt? Even just on the 12V battery, that wouldn't be an issue. Factor in the HV battery which could power a house for a day or two? You'll never notice that. Think about all the IoT devices that do more than that and run on a button battery for 1-2 years.
Click to expand...
Then the obvious question is - why can’t our cars do this? 😛 @GoFast
 
thecodingart said:
Heck, I've personally added this type of stuff professionally due to business needs I couldn't dispute.
Click to expand...
With all due respect, you can always dispute a business need that breaks the terms of service and rules of engagement with the platform you are building for.

thecodingart said:
Telling users that it doesn't do anything and most companies they're using products for don't abuse ignorance in these areas -- that's a lie. Telling users that most app don't need to be force closed is true. Telling users that most of the apps they use don't need to be force closed for reasons -- that's statistically a lie.
Click to expand...
I didn't say it doesn't do anything. Quite the opposite; it does a lot. I said not to do it.

Most apps users use don't need to be force closed. That is the truth.

Some do things that can make it worthwhile to force close them. Most users don't have the nuance to understand which those are, and will simply go the opposite direction and force close all of them, which is a worse scenario than not force closing any.

So, if you have to give one piece of advice to a forum full of people who are not necessarily super-technical; you choose the one that's likely to kill their battery less, and improve the performance of their device and apps. You don't pick the one that 1% of the time is going to help them save a little battery life because one or two or three apps broke the rules. That will end when Apple catches up.

thecodingart said:
Heck, I've been on the side of using some Darwin commands for app scanning in an iOS app. You'd be surprised what you can do when you work with a slew of smart engineers and a bad business/ethics model. You'd be really surprised on what you could do if you've done OWASP testings to the extent I have.
Click to expand...
Please don't lecture me on OWASP or reverse engineering and attacking mobile binaries, web apps, or APIs. This Is literally all that I have done since 2009, and that's just counting when someone started paying me for it. My license plate is literally ZERODAY, and that's not just because I thought it was a cool word.

I promise you, I wouldn't be surprised what a 'slew of smart engineers' and a 'bad business/ethics model' can do.

I have taught multiple companies in the Fortune 10 how to break software, both with tools I and others had written, and from the ground up from first principles (teaching IDA Pro or Ghidra, learning assembly, learning how to spot a bug, learning kernel programming when necessary, and so on). I have found more than a few zeroday vulns in the past, and written exploits and weaponized them; it was literally my job.

I won DEFCON CTF as a captain of Samurai in 2012, and have played dozens of CTFs before and since. I have written CTFs. I have given talks on security across plenty of conferences. Here's one I gave in South Korea.

I won't lecture you on how to write automotive software. Please don't surmise to lecture me on software security.

(unless you know more, and then teach me! but please don't assume. <3)
 
idiot900 said:
It’s the vehicle side parsing I’m worried about - is there an automotive part available that can do this within a low power budget? (I thought the car is woken by SMS which I suppose is low power?)

(I am well and truly out of my depth there if you couldn’t tell)
Click to expand...
I have zero experience with embedded auto electronics to be clear, so we're on more or less the same level here lmao

You can get several months out of a esp8266 logging probe rx on a AAA battery . . .but ideas like "hey lets rely on an esp8266" is probably why I shouldn't be in charge of ideas.

The whole concept of trusting client probe frames is a security nightmare anyway
 
jtbg said:
I have zero experience with embedded auto electronics to be clear, so we're on more or less the same level here lmao

You can get several months out of a esp8266 logging probe rx on a AAA battery . . .but ideas like "hey lets rely on an esp8266" is probably why I shouldn't be in charge of ideas.

The whole concept of trusting client probe frames is a security nightmare anyway
Click to expand...
There are plenty of consumer-grade parts available, of which ESP8266/ESP32 are great examples, but as I understand it, automotive parts need to be able to live a long and tough life and so there are fewer viable options. I'll take your word that (ab)using 802.11 as you describe is not necessarily the best idea :)
 
jtbg said:
pffft, that's nothing. I break software without even having to be taught
Click to expand...
Honestly, that's the first step, lol. For a year or two I was known as "point and click find vuln guy" because that's exactly what would happen, lol.

It's the second step of attaching WinDbg, breaking it in a repeatable way, seeing if you can control the instruction pointer or some buffer somewhere, and so on, that takes infinitely more time.

But "point and click find vuln guy" found a lot of vulns that way, lmao, before he ever wrote his first fuzzer.
 
P.S. This is why I try so hard to never assume someone's background on the internet. I'm reminded of this guy: https://news.ycombinator.com/item?id=35079

I have no idea who most of you are or what your backgrounds are. I wouldn't lecture anyone here on finance or anything else; I might have opinions, but I'm probably wrong. I would never lecture @segbrk on security either, because I happen to know his background.

But unless I ask, I try very hard not to assume what someone knows or doesn't know.
 
borski said:
Please don't lecture me on OWASP or reverse engineering and attacking mobile binaries, web apps, or APIs. This Is literally all that I have done since 2009, and that's just counting when someone started paying me for it. My license plate is literally ZERODAY, and that's not just because I thought it was a cool word.
Click to expand...
This has similarly been a part of my job with a pretty tight loop and the same tools with a hyper focus on iOS.

My original background and mentorship was NSA bound 😅.

Anyways, if you understand iOS dev and this then my points stand.
 
thecodingart said:
This has similarly been a part of my job with a pretty tight loop and the same tools with a hyper focus on iOS.

My original background and mentorship was NSA bound 😅.

Anyways, if you understand iOS dev and this then my points stand.
Click to expand...
OK.
 
borski said:
With all due respect, you can always dispute a business need that breaks the terms of service and rules of engagement with the platform you are building for.
Click to expand...
Also, this isn’t what I’m saying nor did the examples I provided break Apples terms…

They were concretely loops holes vetted by a legal team, some 100% still are.

For example, companies recording screen metadata and reconstructing UI rather actual screen recording without user consent. It’s a thing and doesn’t break terms.
 
borski said:
P.S. This is why I try so hard to never assume someone's background on the internet. I'm reminded of this guy: https://news.ycombinator.com/item?id=35079

I have no idea who most of you are or what your backgrounds are. I wouldn't lecture anyone here on finance or anything else; I might have opinions, but I'm probably wrong. I would never lecture @segbrk on security either, because I happen to know his background.

But unless I ask, I try very hard not to assume what someone knows or doesn't know.
Click to expand...
Cool, with respect my decade plus of Big Tech, Small Tech, and Fortune 500 experience is hyper focused around this area of expertise. It’s unlikely for most people to not have used at least 1 app I’ve had a large hand in at some point. Lecturing me on this topic is, well, funny. This is my career and my life/legacy. The dialogue is tied to corporations and background tasks + force closing. Anyone who umbrellas a statement of dont do that because it doesn’t do anything is unequivocally incorrect. Tagging on that companies can’t do anything is also incorrect. This is a fact, not an opinion. I understand oversimplified responses, but it doesn’t take much to say “it depends” without the BS.

It’s a pet peeve of mine because it’s an ill informed response.. period. Anything outside of the pros/cons can be debated, but facts are facts here.

To be clear, I’m not lecturing you, just stating facts.
 
Last edited:
thecodingart said:
Cool, with respect my decade plus of Big Tech, Small Tech, and Fortune 500 experience is hyper focused around this area of expertise. It’s unlikely for most people to not have used at least 1 app I’ve had a large hand in at some point. Lecturing me on this topic is, well, funny. This is my career and my life/legacy. The dialogue is tied to corporations and background tasks + force closing. Anyone who umbrellas a statement of dont do that because it doesn’t do anything is unequivocally incorrect. Tagging on that companies can’t do anything is also incorrect. This is a fact, not an opinion. I understand oversimplified responses, but it doesn’t take much to say “it depends” without the BS.

It’s a pet peeve of mine because it’s an ill informed response.. period. Anything outside of the pros/cons can be debated, but facts are facts here.

To be clear, I’m not lecturing you, just stating facts.
Click to expand...
I agree there are exceptions to almost every rule. I also agree that you can absolutely have a nuanced conversation about any topic, all of the pros/cons contained therein, and so on.

I disagree that this will matter at all for most people, or that most people who see advice like this will not do worse by following it and killing every app in the background, which is what they will do.

And on that, we will simply have to agree to disagree.

Thanks for letting us know how you feel. Have a nice evening.
 
On the new version of the app when I add the lucid widget I get…. Pretty sure that’s not how it is supposed to work. Any idea?
 

Attachments

  • IMG_5046.webp
    IMG_5046.webp
    166.2 KB · Views: 124
dcase99 said:
On the new version of the app when I add the lucid widget I get…. Pretty sure that’s not how it is supposed to work. Any idea?
Click to expand...
Try removing it, restarting your phone, and try adding it again.
 
dcase99 said:
On the new version of the app when I add the lucid widget I get…. Pretty sure that’s not how it is supposed to work. Any idea?
Click to expand...
I believe JoeC shared some instructions earlier in the thread and want to give credit where its due.

If you remove that widget (if its in a stack just remove it from the stack), reboot the device, and then re-add the widget then the widget should work. Props to JoeC though, Im just being a parrot.
 
borski said:
Did your car originally get delivered with the 21” aero blades?

What wheels does it say you have when you check the details at https://testmycode.cc?

Look for either:
<class 'vehicle_state_service_pb2.Vehicle'>:

Field 8, wheels: WHEELS_DREAM (1)


In the gRPC API response, or:
"userVehicleData": [
{

"wheels": "DREAM",


In the JSON API response.
Click to expand...
Shows Blade for both Field 8 and JSON wheels.
I believe the car originally had 21” but I had them swap to 20” for delivery. Guess they never changed it. I’ll stop by my service center sometime and see if they can update that. Thanks
 
I've got a problem with the new app. I'm on an iPhone 13 mini, and it looks like they have assumed that all iPhone 13's are full sized. The edges of the U/I are all cut off. I can see much of it, but the button for the key is completely off screen. I've tried force-quitting and restarting the app, and rebooting the phone too, but no change.
IMG_7261.webp
 
You must log in or register to reply here.

Similar threads

C
RESOLVED Mobile app on 2.3.10 control buttons disabled
Replies
2
Views
300
Cuestix
Cuestix
B
RESOLVED Cannot log into Lucid iOS mobile app
Replies
7
Views
289
wcpopi
wcpopi
Buffalo Bob
Mobile App Feature Improvements with 2.4.X
Replies
4
Views
269
Buffalo Bob
Buffalo Bob
Andretex
APP Update 1.51.0
Replies
1
Views
311
DeaneG
DeaneG
HC_79
Apple is opening NFC to 3rd Party Apps (iOS 18.1)
Replies
18
Views
668
HC_79
HC_79
Back
Top