That all track GSW sounds sweet! Even includes a dsg transmission. Looks like it has the underpinnings of the R but with 100 less horsepower. Basically a better daily driver.For those looking to stay with VW here is a list of 2017 updates on models
http://media.vw.com/release/1212/
Actually RSA is an encryption technology. Hashing, namely SHA-2 or SHA-3 would be impossible to break in the memory space in the ECU. SHA-1 has known collision issues, as does MD5, but SHA-2 and 3, are holding up pretty well.Checksums are SO 1980's. We have RSA now, and no tuner is going to crack that.
My opinion is I hope you got a hell of a deal buying a tdi in the middle of all this.
I'd say you got a nice deal!Paid $25k for a mint 2015 Audi A3 Premium Plus with 8k miles. Damn cars is getting over 50 mpg already.
Whoa, whoa, why the talk about hashing? Did I miss something? Are the going to lock the ECUs in the "fix" or something? If that's the case, I'm bailing. After that extended warranty would run out in Jan 2021 for me, I'd be throwing a tune and DPF delete on it to have a blast with the remaining life of the car.Actually RSA is an encryption technology. Hashing, namely SHA-2 or SHA-3 would be impossible to break in the memory space in the ECU. SHA-1 has known collision issues, as does MD5, but SHA-2 and 3, are holding up pretty well.
There has been talk of encrypting the ECU code, but that would most likely be AES-GCM, not RSA. RSA is high cost, and really only useful for encrypting keys used in a block cipher, which is more useful for large blocks of data (like the ECU program).
No, there isn't. It must drive under its own power (specifically, the power of its own 2-liter diesel engine), and not be a salvage title under conditions already discussed up-thread. That's it.4 say I don't have to fix the ad blue heater and one says I do. Is there a stipulation in the buyback program that references legal operation?
Yes, that makes the calculation work correctly. alighter, if reading you might consider adding that instruction to the calculatorTry leaving the "," out of the mileage. I noticed it doesn't handle them correctly but without the coma, it works.
Who it's overly fair to is post 6/28 buyers. No 50/50 split on the owner payment, and a 9/2015 trade in price. Started running numbers last night, based on autotrader listings, can make about 7k a car right now. What isn't clear is how the 50/50 split works, someone sold to a dealer pre-6/28, they get 50%, someone buys post 6/28, there is no split with prior owner language, that I've seen (yet).Something else worth considering: As a post-9/17 buyer, I think the proposed settlement is more than fair to post-9/17 buyers. I bought with full knowledge of Dieselgate, and deliberately took advantage of the depressed values when I bought my car. I've suffered no harm at all from this. So why should I get a buyback at all, or compensation for having the fix installed?
Simple: I otherwise don't have any incentive to do it. Like most of the rest of you, I like my car now, and I'm skeptical that any fix (if one ever is approved for Gen 1 cars) will maintain performance, economy, and driveability where they are now. If all they offer is "we'll do the fix for free", it's highly unlikely that I get it done, and their numbers suffer. A large part of the point of this settlement is to get the cars either fixed or off the road.
I am sure the average person walked onto used car lots in late September and knew they where getting a car with a major scandal brewing. I am sure every car salesman knew what was going on and what would happen and made sure his customer knew about it. Heck I bet the people purchasing TDI's had crystal balls and knew that there was going to be a massive buyback then too.Something else worth considering: As a post-9/17 buyer, I think the proposed settlement is more than fair to post-9/17 buyers. I bought with full knowledge of Dieselgate, and deliberately took advantage of the depressed values when I bought my car. I've suffered no harm at all from this. So why should I get a buyback at all, or compensation for having the fix installed?
Just paid to extend my registration. The best part...now I have to go get an emissions test to get my stickers and make it official, lol.
Keep in mind...these cars were designed specifically to pass stationary state and federal emissions tests.This is an interesting point, maybe I completely missed something. How are these vehicle passing yearly emissions inspections? Are the state requirements so high that it doesn't matter?
Most checks are nothing more that plug in OBD, see readiness indicators and no faults, pass.This is an interesting point, maybe I completely missed something. How are these vehicle passing yearly emissions inspections? Are the state requirements so high that it doesn't matter?
It should remove the commas and dollar signs for you now... Good catch.Yes, that makes the calculation work correctly. alighter, if reading you might consider adding that instruction to the calculator
In my state, (Oklahoma) there has not been any testing for decadesThis is an interesting point, maybe I completely missed something. How are these vehicle passing yearly emissions inspections? Are the state requirements so high that it doesn't matter?
Checksums are SO 1980's. We have RSA now, and no tuner is going to crack that.
some areas of the ecu are already encrypted using RSA FWIW.Actually RSA is an encryption technology. Hashing, namely SHA-2 or SHA-3 would be impossible to break in the memory space in the ECU. SHA-1 has known collision issues, as does MD5, but SHA-2 and 3, are holding up pretty well.
There has been talk of encrypting the ECU code, but that would most likely be AES-GCM, not RSA. RSA is high cost, and really only useful for encrypting keys used in a block cipher, which is more useful for large blocks of data (like the ECU program).
I'd think that the 2015+ cars would be easiest to fix. If I had a '15 I would likely be holding on to the car to see how they plan to fix them before making the final decision. We should know something on the 15s before any of the other cars.Filled out paperwork to cancel my Portfolio warranty. Letting VW buy back my 2015 TDI. Car is financed with VW. Finance guy had to see the car to write down the mileage. The refund will come off what is owed on the car, not a check to the consumer. Finance guy didn't seem very happy.
My lady seemed very surprised, and then it was a slow look of of "oh crap, will there be more TDI owners doing this" recognition. I had a feeling she has a normal spiel to try and save it but she didn't even try.Filled out paperwork to cancel my Portfolio warranty. Letting VW buy back my 2015 TDI. Car is financed with VW. Finance guy had to see the car to write down the mileage. The refund will come off what is owed on the car, not a check to the consumer. Finance guy didn't seem very happy.
Doesn't it have TDI markings, & "Diesel Only" label on fuel door?What wasn't so funny is he started giving me the 50k maintenance for a gas Jetta talk. I had to tell him it was Diesel. This is the dealer that sold it to me. He checked the records to make sure I was right (I mean, I've only put diesel in it for 4.5 years so I'm glad he checked). He was pretty embarrassed.
They probably had someone pull a "there was no dents on my car when I dropped it off for service" bit recently. My cars have gotten that thorough visual inspection 50/50 over the years, when dropping cars off for service.I should also mention when I brought it to the service dept... they did a walk around. He was eyeballing it pretty hard. He even wiped a white spot I had on my bumper to see if it would come off (it was bird poo so yes). Pretty funny. No clue why the extreme walk around like I was returning or renting a car, that's never happened during maintenance before. I think since he thought it was gas (see below) he was going to see if I was interested in getting a new car?
What wasn't so funny is he started giving me the 50k maintenance for a gas Jetta talk. I had to tell him it was Diesel. This is the dealer that sold it to me. He checked the records to make sure I was right (I mean, I've only put diesel in it for 4.5 years so I'm glad he checked). He was pretty embarrassed.
They probably had someone pull a "there was no dents on my car when I dropped it off for service" bit recently. My cars have gotten that thorough visual inspection 50/50 over the years, when dropping cars off for service.
On the fuel type thing...the average person is doing good to get the car pointing in the right direction down the road and says that they put "gas" in their car, regardless of the fuel type...so you can't blame him for not just taking your word on it. Just my $.02...
They actually encrypt the code with RSA, or a key that encrypted the code? RSA is really a poor choice for any significant block sizesome areas of the ecu are already encrypted using RSA FWIW.
There is actually a pretty simple way around this, been this way in phones for better than a decade now. OTP is small compared to the old time fuses, even SRAM isn't much smaller, but ROM is smaller, flash memory much larger. So, you put 3-4 programs worth in the part, thinking is you won't have more than 3 updates over the car lifetime, and even those can be managed through patch tables, you only have to update parts of the image, saving space, and only when it's rip it all out and start over do you have to consume an entire image worth. You have an obsolete patch/image table, and as one image is no longer used, you advance to the next bank. Should they use up all the replacement banks, they have to swap ECUs, but that's on the manufacturer, don't mess up the code over and over, no need to replace the ECU.But more effective is configuring the chips for one-time programming (OTP) only. There are already OTP memory areas of the ecu that are written once and can't be overwritten. It's part of the reason it's very difficult to clone the EDC17 ECUs. It can be done by soldering in a virgin tricore BGA chip but there are workarounds that allow using another ecu without actually having to clone it. The TDI Ecus have always had OTP in the processor areas going back to the AHU days, but only recently have the OTP areas started to have car-specific info that won't allow using them in a different car (but as always there are workarounds)
If they OTP the whole ECU that would certianly render the ecu absolutely untuneable barring soldering in a virgin tricore processor chip. But then every dealer update will require a fresh piece of hardware instead of a simple reflash. This would also complicate programming on the assembly line and risk obsoleting large numbers of ECUs before they even get a chance to be installed (which could be very expensive!!!). So there is always going to be a way to write info to ECUs- over OBD too, so the dealer can do it. And if the dealer can do it then the aftermarket will find a way.
There are many ways to recover the RSA key, without actually having to get into the part, just let it use it, and you will see it reveal the key using any number of side-channel observation methods, many have 90%+ accuracy on the value.If they can be written, then the trick becomes reading the existing info, because regardless of what you may think, tuners do not use "their program" they modify a very small part of the factory DATA areas and then write the revised data tables back to the ecu, with 99.9% of the ecu remaining what was installed at the factory. Nowadays for OBD programming we simply read the identifying info (part number and SW version) and then select the original file from a list of known files. This is known as "virtual reading". The original ecu file has to be acquired somehow, either by reading an ecu with that sw version in boot mode or another outside source. Then it can be written back to the ecu with the modifications after correcting the appropriate checksums.
FWIW these ECU already have RSA encryption of certain key areas. The problem with that is, the tricore processor has to be able to use the instructions and data according to its machine assembler language so the ecu programming also includes a built-in way to decrypt as well.
Can't lock out tuning by hashing because then that precludes dealer updates, too. And there is always going to be an incentive for that capability. So if the dealers can do it, then so can the aftermarket.