Hacker News new | ask | show | jobs
by StopDisinfo910 299 days ago
> What happens when Bosch changes the protocol / encryption just for the heck of it

Bosch old batteries don’t work with their own new controller anymore. Not saying it will never happen but Bosch can’t do that every week either.
2 comments
dmitrygr 299 days ago
If I was an asshole designing such a protocol, I would design two or three protocols, specifically so I could disable one via an OTA when somebody reverse engineers it. My real batteries would note the authentication failure, and try protocol number two, their firmware aware of the design from the very start. The people who reverse engineered protocol number one would be hosed until they can reverse engineer the second one, because this would be the first time they even see the second protocol. Do this enough times, and the third parties doing reverse engineering run out of customers willing to wait for them to fix it every time. Hell, you can also just make the BMSs support OTAs. OTA a new firmware with new encryption, force REs to re-solve the problem, since of course the OTA for the stock BMS's stm32f104 will not apply to their board's CH23FVQTZM123123.

There are in fact, a few devices out there that did precisely this and successfully hosed reverse engineers (ask me how i know).

Don’t ever depend on reverse engineered protocols for anything you care about. This game of cat and mouse only has one end -- the manufacturer is at a significant advantage.

I tip my hat to this team for successfully reverse engineering, a encrypted protocol. But if they really think they can sell something based on that, I rescind that hat tip because that is fucking insane. There are just so many ways that the manufacturer could fuck with them. And the reverse logistics of shipping back a large battery for all those pissed-off customers who just want a refund are going to cost a lot of dollars.

I personally would not put a cent into this company unless they agreed to only ship products for devices that already support completely normal interoperability. This business of reverse engineering and attempting to sell based on that is going to be a money drain that kills them (thus ending all customer support). I am willing to bet that they have not even priced out ($$$) the cost of a return to them, nor estimated what percent of customers will need it when the encryption changes or something else doesn’t work.

link
wongarsu 299 days ago
And there'd still be all the already sold controllers, including brand new bikes at retailers. These things don't exactly have over-the-air updates, they are designed to just work forever with the firmware they ship with
link
jMyles 293 days ago
> they are designed to just work forever with the firmware they ship with

Is that so? Every time I have brought my bike into a Bosch dealer, they ask if I want firmware updates. One of them was a significant change (changing the "sport" mode to a mix of "tour" and "turbo" depending on torque and speed).

link
nandomrumber 299 days ago
There are stick vacuum cleaners with wifi connectivity.
link
wongarsu 299 days ago
Yes, but that's not the way Bosch builds their stuff
link
dleary 299 days ago
Are you sure? My Bosch dishwasher has wifi connectivity and a companion app.
link
eliaspro 298 days ago
BSH Group which builds household appliances for Bosch Home is not related to Bosch eBike Systems in any way.

They're geographically and organisation-wise so far from each other, they're basically two different companies.

link