←back to thread

Tesla said it didn't have key data in a fatal crash, then a hacker found it

(www.washingtonpost.com)
650 points clcaev | 4 comments | 29 Aug 25 11:15 UTC | HN request time: 0.627s | source
Show context
metaphor ◴[29 Aug 25 12:25 UTC] No.45063162[source]
> Immediately after the wreck at 9:14 p.m. on April 25, 2019, the crucial data detailing how it unfolded was automatically uploaded to the company’s servers and stored in a vast central database, according to court documents. Tesla’s headquarters soon sent an automated message back to the car confirming that it had received the collision snapshot.

> Moments later, court records show, the data was just as automatically “unlinked” from the 2019 Tesla Model S at the scene, meaning the local copy was marked for deletion, a standard practice for Teslas in such incidents, according to court testimony.

Wow...just wow.

replies(5): >>45063302 #>>45063632 #>>45063687 #>>45063980 #>>45064115 #
A4ET8a8uTh0_v2 ◴[29 Aug 25 12:39 UTC] No.45063302[source]
I am trying to imagine a scenario under which that is defensible and does not raise various questions including compliance, legal, retention. Not to mention, who were the people who put that code into production knowing it would do that.

edit: My point is that it was not one lone actor, who would have made that change.

replies(3): >>45063366 #>>45063389 #>>45064252 #
jeffbee ◴[29 Aug 25 12:46 UTC] No.45063389[source]
The artifact in question was a temporary archive created for upload. I can't think of a scenario in which you would not unlink it.
replies(3): >>45063557 #>>45063579 #>>45064000 #
constantly ◴[29 Aug 25 13:03 UTC] No.45063579[source]
> I can't think of a scenario in which you would not unlink it.

Perhaps if there is some sort of crash.

replies(1): >>45063851 #
1. artursapek ◴[29 Aug 25 13:28 UTC] No.45063851[source]
Exactly. That's the last data I would ever delete from the car, if I was trying to preserve valuable data.
replies(2): >>45064006 #>>45064035 #
2. jeffbee ◴[29 Aug 25 13:40 UTC] No.45064006[source]
What if you were the guy who got a ticket that just said "implement telemetry upload via HTTP"?

Which of these is evidence of a conspiracy:

  tar cf - | curl
  TMPFILE=$(mktemp) ; tar cf $TMPFILE ; curl -d $TMPFILE ; rm $TMPFILE
replies(1): >>45064141 #
3. alias_neo ◴[29 Aug 25 13:42 UTC] No.45064035[source]
All of their actions point at intentionally wanting that data to disappear, they even suggested turning it on and updating it, which everyone who's ever tried to protect important information on a computer knows is that exact opposite to what you should do.

Any competent engineer who puts more than 3 seconds of thought into the design of that system would conclude that crash data is critical evidence and as many steps as possible should be taken to ensure it's retained with additional fail safes.

I refuse to believe Tesla's engineers aren't at least competent, so this must have been done intentionally.

4. alias_neo ◴[29 Aug 25 13:51 UTC] No.45064141[source]
That's reductive.

The requirements should have been clear that crash data isn't just "implement telemetry upload", a "collision snapshot" is quite clearly something that could be used as evidence in a potentially serious incident.

Unless your entire engineering process was geared towards collecting as much data that can help you, and as little data as can be used against you, you'd handle this like the crown jewels.

Also, to nit-pick, the article says the automated response "marked" for deletion, which means it's not automatically deleted as your reductive example which doesn't verify it was successfully uploaded (at least && the last rm).