Comment by dmitrygr

Comment by dmitrygr 3 days ago

0 replies

View on Hacker News

If I was an asshole designing such a protocol, I would design two or three protocols, specifically so I could disable one via an OTA when somebody reverse engineers it. My real batteries would note the authentication failure, and try protocol number two, their firmware aware of the design from the very start. The people who reverse engineered protocol number one would be hosed until they can reverse engineer the second one, because this would be the first time they even see the second protocol. Do this enough times, and the third parties doing reverse engineering run out of customers willing to wait for them to fix it every time. Hell, you can also just make the BMSs support OTAs. OTA a new firmware with new encryption, force REs to re-solve the problem, since of course the OTA for the stock BMS's stm32f104 will not apply to their board's CH23FVQTZM123123.

There are in fact, a few devices out there that did precisely this and successfully hosed reverse engineers (ask me how i know).

Don’t ever depend on reverse engineered protocols for anything you care about. This game of cat and mouse only has one end -- the manufacturer is at a significant advantage.

I tip my hat to this team for successfully reverse engineering, a encrypted protocol. But if they really think they can sell something based on that, I rescind that hat tip because that is fucking insane. There are just so many ways that the manufacturer could fuck with them. And the reverse logistics of shipping back a large battery for all those pissed-off customers who just want a refund are going to cost a lot of dollars.

I personally would not put a cent into this company unless they agreed to only ship products for devices that already support completely normal interoperability. This business of reverse engineering and attempting to sell based on that is going to be a money drain that kills them (thus ending all customer support). I am willing to bet that they have not even priced out ($$$) the cost of a return to them, nor estimated what percent of customers will need it when the encryption changes or something else doesn’t work.