Hacker News new | past | comments | ask | show | jobs | submit login
Hyundai Head Unit Hacking (xakcop.com)
283 points by jandeboevrie on Jan 17, 2023 | hide | past | favorite | 190 comments



Spamming taps on the 4 corners of every screen of an embedded app (with a rich UI at least) will always do something interesting.

Across the aeons embedded developers are always drawn back to the simple corner tap. I've personally seen it work everywhere from a gas station air dispenser to an airplane infotainment unit


Reminds me of when Windows 8 had recently been released, and all the laptops on display at electronics stores had a kiosk app installed on them for the demo. Clearly the kiosk devs hadn't really thought things through for the new world of touchscreens, because you could swipe from the right side to expose that godawful windows 8 bar (the one with start in the middle), and escape the kiosk from there.


Bored on a Virgin America flight back in the day I somehow stumbled on this with their infotainment unit.


I'm gonna try that everywhere now :P

I've also seen some fast food order kiosks have a "manager mode" or simply "settings" button in plain sight. It asks for a password when you tap it.


Having designed these screens before, often times the password is something mindless like zeros. If you luck out and it's a pin rather than unbounded input, try zeros or sequential numbers.

Usually a well meaning engineer adds the functionality and rigorously tests it... then customers not wanting every technician to ask the local store for a password have every unit set to the same exact easy to guess password.

Or so I hear.


just call a manager to help you, watch the code they tap in - they don't give a shit about secrecy and security - and enjoy raised privileges next week


try "guest"


Wow I just had a throwback memory to the “hot corners” of ..windows 95 I believe it was?


What’s the killer app for head units that’s being ignored by car manufacturers?


I'd love a subscription to heat my seats, or better yet a remote start device that needs the cloud...

It would be nice to open physically locked compartments with an app too! And if I could purchase more for my Steam library I'd be almost completely happy with my new advanced motor vehicle.


I do appreciate the sentiment, but I wonder if there's any actual market demand for a car with nothing smart whatsoever that isn't also a budget econobox?


Huh, maybe the people I know are the exception, but everyone I know gripes constantly "ugh, I wish my car didn't have all this electronic crap, I just want the analog stuff and no computer." The exception for at least a portion of that group would be the rear camera, which I believe is now mandated by law, but... the rest of it could be left dumb and I think most people (I know) would be as happy, if not happier.

ETA: I guess it could be debated as well whether the "auto brake" type features would be desirable by that group. My personal opinion is no, but I think other threads have indicated I may be in the minority.


> a portion of that group would be the rear camera, which I believe is now mandated by law, but... the rest of it could be left dumb and I think most people (I know) would be as happy, if not happier.

I rented a uhaul last year and it was mostly analog, with not a screen anywhere on the dash. The backup camera was ingeniously placed under the glass of the rear-view mirror. Most of the gauges were "digital-lite" (lots of lcd/led segmented displays). I'd say if there was a car version with the same interior I would have been quite happy to drive it.


I'd say people who object to high-tech-ifying the car aren't against high-tech as much as against bad tech and poor implementation.

For example a screen in the car doesn't have to be bad tech. But if the screen is where all the controls of the car are located then it probably is. Internet connectivity doesn't have to be bad tech. But if it allows access to the most critical parts of the car it probably is.

Then there are things that aren't bad until you realize they're probably abused by the manufacturer. Your internet connectivity meant to allow you to locate your car in the parking lot is great and might be harmless until the manufacturer starts selling that data to pad the profits.

Sometimes all the high tech in the car might be super useful, super secure, super private, and still be bad because in a few years it makes the car prohibitively expensive or outright impossible to maintain and repair.


Apple claimed during WWDC ‘22 that 79% of U.S. buyers would only buy a car if it was “CarPlay-capable”. Biased source, sure, but the data indicates most consumers value music, maps, and voice assistant in their cars and the manufacturers are responding with about 98% of new cars supporting them.


The issue is that car UI has historically been terrible. People just want usable maps and music, and maps are terrible in 99% of cars pre-2020.

Carplay is a common interface, and has niceties like being able to selecting different playlists from different music apps instead of needing to pre-select your music choice for the car ride.


> The issue is that car UI has historically been terrible. People just want usable maps and music, and maps are terrible in 99% of cars pre-2020.

This.

One of the nicest cars I've driven, controls-wise, was a Fiesta I rented a few years back. I just plugged in my iPhone, and directly got access to maps, spotify, etc via the car's controls.

It had physical knobs to adjust the volume, the air conditioning, etc. When I put it in reverse, the camera feed would replace whatever was on the screen.

It worked perfectly because it just didn't get in my way and didn't have me futz around in some three-level-deep menu to do anything.


My 2018 VW works the same way. It even has a third brand of phone connection; MirrorLink


Just because people want those things doesn't mean they also want to control AC from a touch screen and janky driver assist features.

And as others said, CarPlay is so much better than the older OEM systems for music and maps. Even current OEM systems in 2023 don't neccessarily have maps that keep themselves updated.

One feature of CarPlay I didn't think of until I used it, is the ability to plan your route on your phone while you're drinking a coffee or walking to your parking spot, and have your navigation ready to go before you even start your car.


I'm in the 21%. I prefer my phone in a dash mount for navigation. I don't need or want an expensive, outdated head unit that costs an arm and a leg to replace. Give me Bluetooth and analog knobs and I'm happy.


I'm of course with you on the physical knobs and having direct access to the vehicle's functions.

But I absolutely prefer having CarPlay instead of having to stick my phone in a random location, blocking the view, or having to make sure wires don't interfere with anything, or finding a way to have the phone not vibrate, etc. I usually rent my cars, so I can't set up something sturdy and have cables get there nicely.

I also like my phones small, which makes them less than ideal in a car, being sometimes far away (I hate talking to my phones so have to be able to reach them with my hands). The aforementioned vibrations don't help, either.

My dad's Toyota, as well as a Fiesta I rented a while back, were perfect for this. I could stash the phone somewhere out of the way, and have the map or whatever displayed on the big screen of the car, which didn't vibrate and was well-placed.


The dash mount I use doesn't have any of the problems you described. It's easily visible at a glance without obstructing my view of the road or mirrors. Arguably safer than looking down at the head unit would be. The cable routing never got in the way of anything. And no vibration issues either.


> Give me Bluetooth and analog knobs and I'm happy.

Preach it brother!

Throw in an analog dial for the A/C fan too!


Add a manual choke and a spark retard/advance dial and now you’re really driving!

/s


My first car didn't even have a battery. I drove it for 2 years, always being careful to park on a hill so I could "pop it". So yeah, leave out the useless 12-volt battery, too. /s LOL


I wonder if cars from 50 years ago came with two wooden ramps that you could place next to the rear wheels and back up onto them before turning the ignition off.


My grandpa used to tell me about hand-cranks to start an engine[1] and maintaining a car prior to antifreeze (had to drain all the water from the radiator in the winter).

[1] https://www.youtube.com/watch?v=D6pLp4tlIw0


Why would you replace it? So long as your phone can take over the screen, that’s where your updates come from.


They break just like why other car part. The replacement cost of a fancy, proprietary head unit is in the $US thousands.

I'd rather save thousands on the car price up front with a basic head unit that is affordable to replace.


I don't even need Bluetooth at this point. Give me audio and charging over my phone's Type-C port and I'm set.


People want carplay, but also buttons and knobs for AC, seats, volume. Car manufacturers dont want to pay for both screens and buttons so they push everything into screens.


I wonder what the market share makeup would look like for people who want smart appliances. This is another one where most people that I know want as dumb as possible.


Ive seen that the autobrake stuff can be glitchy and cause all sorts of (absolutely justified) steering wheel grabbing on the highway, so it would just be better if people… focused on the road while driving. Also, if anything happens to the car, even a minor fender bender, the cost to realign any of those sensors are ultra high, and gets passed along to everyone in a given are via increasing insurance premiums.


Is it the (lack of) reliability of electronic systems that people don't like? As a fairly anxious driver, I rather like the extra peace of mind that comes from having automatic braking, blind spot indicators, and cameras. ACC and lane centering are also quite convenient for long drives, and I do rather like CarPlay.

Maybe I'm the problem?


It's the implementation. In many cars stuff like automatic braking is kinda unreliable and twichy, can trigger by just someone changing lane in front of you (or so I've heard from colleague that have it).

Personally I'm in for anything passive (cameras, sensors) as long as it is not intrusive, acc and lane centering is kinda.... I'm already driving and have hands and feet on controls, I don't need that automated in the first place.

I am 100% or 0% on any "driving automation" or self driving. Either work as automated taxi, let me enter the address and let me read book in peace on back seat, or let me drive the car without bothering me. So I drive 15yo civic type R lmao.


> acc and lane centering is kinda.... I'm already driving and have hands and feet on controls, I don't need that automated in the first place.

Anecdotally: I and a number of friends have held this same opinion for years, but recently it has changed. Not because of lane marker following, but because of this situation: “idiot in front of me slammed on their brakes at the last second while I was scanning left or right”; the system kicked in and legitimately prevented an accident. If there was some way to just enable that feature I’d be pretty happy.


> “idiot in front of me slammed on their brakes at the last second while I was scanning left or right”; the system kicked in and legitimately prevented an accident.

How many accidents have you had of that type in the past, say, 300000km of driving?

Because you say it legitimately prevented an accident, but this is a routine thing that happens (drivers slam on brakes at the last second) and if you aren't routinely driving into the rear of cars who brake at the last minute, then ... no, the accident wouldn't have happened anyway.


I haven't looked into it, but I'm sure studies have and/or are being done on this. I wonder if the rate of incidence of rear-end type accidents has changed noticeably with these systems becoming standard. A quick Google suggestions around 30% of accidents are rear-end, accounting for something like 1.75 million accidents annually. What % reduction in these would make it make sense to "require" this? I'm not sure, I personally can't stand currently implementations, but it does seem like an easy thing to target for reduction.

As an aside, trying to quickly search for these sorts of statistics leads to an awful lot of law firm websites.


> A quick Google suggestions around 30% of accidents are rear-end, accounting for something like 1.75 million accidents annually.

But that number is not relevant. What is relevant is the ratio of humans avoiding these accidents to humans not avoiding these accidents.

Like I said, having to avoid the car in front which braked hard is routine. It happens all the time. It's why the blame and culpability for a rear-end accident is always on the rear driver by default - safe driving distance and all that.

Which is why I phrased my question to the GP the way I did - if he managed to go 300000km without rear-ending someone even though unpredictable braking happens so routinely ...

> What % reduction in these would make it make sense to "require" this?

I doubt there'll be a decrease, if any. A better system that beeps if a safe minimum following distance is not adhered to will almost certainly prevent more accidents than auto-braking, because the auto-braking system will sometimes get it wrong and cause the jackass tailing you to rear-end you.

An alert won't cause any accidents.


I'm not entirely sure I follow your argument. 1.75MM rear endings occur yearly. Decreasing that number does seem relevant. Could / do these auto-brakes decrease that number? You seem to think no, per your second quote comment - I'm not sure, I haven't done any further research to see if there's a trend. I wouldn't be surprised in either direction, honestly. The ratio of accidents to "near miss" is probably hundred(s?) to one, but could this make it more? I don't know. Fwiw - I'm anti-auto-brake as a rule, but I'm just curious if the data would be in their favor or not.

I don't have an auto-brake feature, only ridden with people who do. I believe that most of them do have some sort of warn prior to brake - but to your point, there are so many situations where this could falsely trigger that it would likely end up being tuned out, at least as I imagine it. Actually, my truck has one of the "warning" things, and I ultimately turned it off for this reason. The number of "immediate danger" warnings that would flash when I was driving, e.g. alone on a country road at night, made it not worthwhile to me. I can imagine an auto-brake would be even worse that way though, lol.


Anecdotally one (only been in one accident ever), but regrettably in that case I was the idiot braking at the last moment, and the driver behind me was distracted and rear ended me. Gave me a concussion that would have been nice to avoid.


People blaming the "idiot" in front of them for braking is the reason we need these features. The sooner they are mandatory the better IMHO.


I’m with you. I drive a 24 year old 740iL. It’s a car, it functions well as one. If I want nav or whatever I have a cell phone after all. I even left the sound system original and listen to CDs. Its nice to just go back to basics for a change. I don’t feel like I’m missing anything by my car being dumb as a bag of rocks.


I'm with you 100%. I love the lane keeping, distance keeping, lane change assist, etc. What I don't want though is for the car to use the screen for anything but CarPlay. I don't want anything in the car to be controlled via the screen, but but buttons and dials and I don't want them to provide anything CarPlay does. Don't bother me with your inferior navigation system, Bluetooth music or anything like that. Just give me a screen and audio system for my phone. Don't even give me a radio, it's not the 90s anymore!

It's IMO OK to use the screen for the rear camera when reversing, but even for this I'd prefer the rear mirror to have a picture-in-picture thing rather than taking over the screen that's IMO supposed to be my phone's external screen. This can be an actual nuisance because I cannot roll out of my garage, set directions on the phone while the gate closes and then finish backing up onto the street because the rear camera will keep hogging the screen unless I switch to a different great just to get the screen back.


For me, the biggest "blind spots" in the last few cars I've had are not covered by any sort of detectors... the front pylons on the windshield have often made me unable to see left and right. I often find myself rolling up to a stop sign thinking it's clear, but then realizing that someone has just been driving "in sync" with my pylon, entirely hiding them from sight. I'm not sure how to solve this problem, but I suspect some sort of indicator could be useful in this case.

Otherwise, I'm not sure what the main driver of this is. In part, it's probably a combination of "I know better than the system," especially after some incidences of false positives, and then the general confusion / annoyance with "new UI." Again, at least for most people I know, having an "entertainment center" in the car is not desirable. A simple display for current time / now playing and then a series of tactile buttons is the desire.

For me personally, the blind spot indicators specifically, the yellow triangle blinking on and off in my periphery, are really bothersome. I haven't owned a car with them yet, so likely after enough time I'd get use to it, but I really don't like this feature. I'm not familiar with ACC, looks like "adaptive" cruise control? In general, I don't have the opportunity to use cruise control, except for infrequent drives to some other location. In this case, the manual cruise has typically been plenty, and if I have to turn it off due to traffic, it's usually enough that I'd probably want to be paying enough attention to manually manage my speed rather than letting the car adapt. I haven't used it though, so hard to speak to that. I have not liked the centering, though maybe the versions I've used have been too primitive - it generally makes me nauseous if it's on, the unexpected pulls back are too abrupt..


The rear camera and bluetooth phone connectivity are very popular.


Backup cameras have been mandated in the US by NHTSA since 2018. https://en.wikipedia.org/wiki/Backup_camera#Mandates


I would be ok with bluetooth, I think this can be done while maintaining a "dumb" interface though. I'm not much for the backup cam, but there are implementations of it that are also not too over the top.


You're not alone. The electronic crap is always the first thing to break in any car, and this is a common sentiment from my experience too.


I don't mind clever features as long as it gives a positive benefit to actually driving the vehicle safely and efficiently.

Here's some example clever features that I like:

- automatic wipers

- automatic headlamps

- cornering lights

- auto-hold

- hill hold

- tyre pressure monitoring

Stupid features I don't like:

- games in the infotainment screen

- smartphone integration for, eg opening the glovebox

- anything involving a subscription, especially for features whose hardware is already in the car


I feel like automatic headlights should be mandatory. In my state, if your wipers are on, your lights should be on. Even during the day rain can make it difficult to see cars that don't have their headlights on and therefore don't have red lights on in the rear. I see many people driving around at night with no lights on and it's a safety hazard. Additionally, your dash lights will be at full brightness when the headlights are off so now your eyes can see even less light coming through the windshield. If relatively expensive backup camera and a display to show it can be mandated, then a much cheaper photodiode to switch on some lights should definitely mandatory.

I wonder if the insurance lobby was the one that pushed for backup cameras, it's probably greatly reduced the number of rear collisions that they have to pay out.


I noticed that when there's heavy rain, silver cars are practically invisible in rear view mirrors unless their lights are on. Particularly when there's plenty of water on the rear windshield.

I think in my developing country daytime running lights have been made mandatory for all new vehicles, but the millions of existing vehicles don't have them, and their drivers don't bother to turn them on during rains.


Same as for the demand for a small-screened smartphone. There's a vocal minority and they do exist, but not in numbers that can really justify the segment, especially considering it's one that makes less money for the manufacturer. If profit on the spartan model is $W, and you sell X of them, vs the luxury model, which you make $Y profit, selling Z units; and it turns out that $W * X is much smaller than $Y * Z, you'd be a fool to try and go after the spartan market because of some weird emotional connection to the product. X is definitely non-zero, but $W * X just small enough that it's not clear that it makes for a winning product all is said and done. I'm on an iphone SE 2nd gen. The fact that Apple made one is proof that X is non-zero. The fact that they didn't announceme a 3rd gen today is also a comment on how small X is.


Obviously, otherwise things like https://overbuiltcustoms.com/cj-packages/ ,

https://cjjeepbuilders.com/ , https://www.fj.co/

and similar wouldn't exist?


F150 2011 Lariat is maybe my favorite car I've ever driven from a "dashboard features" point of view.

It's got what I consider the important features - auto lights, auto rear view camera in reverse (embedded in the rear view mirror), bluetooth.

It has very little else smart. Knobs and buttons everywhere, basically no screens (a very small one under the dash showing trip stats, but dials are hugely predominate, and a normal radio display with nothing but the station, song, and clock).

It's a very nice truck - was near top of the line for it's year, good sound system, heated seats, cooled seats - all of it has a physical button.

I hugely prefer it to the dash of any modern car I've rented in the last 5 or 6 years.

It looks like this: http://gtcarlot.com/data/Ford/F150/2011/41459168/Dashboard.h...

---

I would absolutely prefer to buy a high end car with the budget dashboard (GIVE ME KNOBS AND BUTTONS!)


I have the same dash in my old ford, but with a screen with “Microsoft Sync”. Can’t praise it enough and tell everyone “I will run this truck into the ground” - the screen is almost completely unused; the Nav is.. ok in a pinch, and bluetooth sync is still completely seamless, autosyncs but shows no info about the song track. There are hard controls for everything. Just wish it had a 2A USB jack instead of 500mah or whatever it is pushing so I could avoid needing the cigarette adapter.


Could upgrade that pretty easily if you're just using it for power. I just bought a bag of 5 3A 12v -> USB converters for my dash cam install for US$8.


I'd imagine minimum that's sellable would be A/C + android auto/carplay/bluetooth.

Backing camera is kind of must for US market so I guess it would have to have it too


> I wonder if there's any actual market demand for a car with nothing smart whatsoever that isn't also a budget econobox?

This is literally why I drive a 25-year-old Range Rover.


There is, take a look at high end track-special sports cars.


Probably not, if only because most people don't realize how much of their car's expected behavior is driven by computers.


Company fleet cars just need a basic moving car.


I imagine there’s head unit coming to these that captures data of where and when and reports back to the head office of whoever owns the fleet.


Those things are usually propriety or come from third party.


If you got $1500 off the price of the vehicle to instead pay $20/mo, would you do it? What features would be reasonable to gate with this IAP? Especially considering you're not paying interest for that $1500, you only lose money via the subscription if you keep the car for 80 months, or 8 more months than a 72 month loan.


Because the goal of a marketing manager is to extract more money from you not less, by creating an accepted practice of disabling functionality to optimize the money you are willing to commit to actually pay over the lifetime of owning the car.

The point is to find the most innocuous thing that you would accept at time of purchase and then make the majority of customers pay for that more often and longer than anybody at the time of purchase thinks about.

It's similar to the marketing for payday loans. People are not entirely rational actors.

If you could make double the normal sales price of the car in revenue, and the car stops working if the customer ceases to pay, then if you don't mind the occasional customer service public meltdown on social media, then as a car manufacturer you are welcome to scheme away.

As a smarter than average customer, you are wise to the scam, and hope that the scheming of the car companies is not effective on the general public.

Also subscriptions are awesome for car manufacturers for accelerating planned obsolescence. Why should there be any resale value to your car anyway, if they could figure out a way to either 1) make the new owner pay for the car again in subscriptions or 2) make your car near worthless after you initially own it, then from their perspective this is the most brilliant thing they have ever thought of! ;)


My spite trumps their audacity. If I count one more entity looking to shake my pockets empty every month, I'm gonna start calling these crooks Al Capone. No, I don't want to subscribe -- to anything. Anymore.


Do you think RICO statutes could be a way out of subscription hell? It smells like a racket but I don't think it legally meets the bar for extortion because it's an at-will transaction between willing parties, and no one is making anyone buy a car.

It does seem anticompetitive though so maybe there are antitrust and interoperability angles?


Everything is regulated. Why not a "no subscriptions on safety measures" isn't one i don't know. Having a warm butt is a safety measure


Too much wiggle room. A cold butt never killed anyone.

How about "no subscriptions on titled property"


I think that, subscriptions are fine for items that require a subscription. Sort of circular reasoning but, for example, OnStar or onboard wifi or other things of that nature makes sense as a subscription.

Compare to a heated seat. They are some of the simplest circuits out there. Apply 12V and it will heat up a nichrome alloy wire. Same way a cigarette lighter works.


> RICO

It's never RICO until it is. But it's never RICO.


BMW's heated seats are $589 upfront or $29 per month here.

Auto loan rates are about 7% p/a.

On a 5 year loan of $589, you'd pay $700 including interest. Plus you might recoup some of that when you sell the car.

A monthly subscription for the same period would cost $1740.


Same with all lease formulas. You don't have to worry about anything, but you do pay at keast 30% more. For some this can be a good thing but it's not cheap.

Wordt lease offenders I've seen so far: bikes. You repay it in about a year.


I don't ever buy new vehicles, which I think is common in value conscious customers. For this segment the the question becomes how does this look when buying used (Certified Pre Owned, used from the dealer, used from a private party) At that point presumably I'm either stuck with the subscription, or whatever the previous owner chose. As a buyer I would always just avoid any car like that unless there weren't other good choices.


Are those numbers real? I can't imagine that particular deal makes any sense for the manufacturer.


Not really the same thing, but Tesla does it on a 10x scale: The monthly cost of the FSD Subscription is $200/mo, costing $14400 if you were to pay for it over the entire 72 month loan, but you can also choose to buy it outright for $15k ( $16800 over the loan term at a 2% interest rate; at current interest rates of 7%, $21300) - and for FSD, you can cancel anytime to save money if you don't want it. With the loan, you can't get a rebate for removing the feature.

Of course, for things like heated seats, the question is whether or not they've actually reduced the price of the car to account for the additional post-sale revenue. For Tesla, the Model 3 started out at $35k so heated seats being an additional charge at first made a lot of sense, but as it crept well over $40k for the standard range/RWD version, it started to look like a money grab and IIRC it was the 2022 refresh that removed the heated seat post-purchase requirement on the RWD trim.


Meanwhile many of the "lower end" brands started to include stuff into standard that you had to pay extra in higher end brands - because they are actually competing with their competitors on best deal


BWM sells heating seats subscription for $18/mo.

"Heated seats" is just a piece of wire put into seat, some $1 (probably less) micro to turn it off and on and some $0.1 sensor.

I wouldn't be surprised if even few % of buyers buying that would cover for having to fit extra (and not have separate SKU for heater-less seats)


I installed myself heated seats in my car. Installation set, heating pads, switches, wires and relays for two front seats was $56. I would say it costs manufacturer $10/seat.


JOOI, can you arrange to only pay when it's cold enough to need them, or is cancelling/resubscribing the huge pain one might expect from such a scheme?


You already know that answer to that, because making cancelling annoying will make them more money.


Is it possible that consolidating options so that there's fewer hardware variations of a car (with heated seats or whatever being a software toggle) makes manufacturing more efficient?


It depends on whether they actually lowered the price by $1500, rather than simply bumped the price by $1500 across the board then 'graciously' canceled it out if you subscribe.

Of course, barring legal discovery or a leaked email we'd never know.


Of course, then sell it after 4-5 years to some sucker /s


I own two vehicles requiring the cloud for remote start. It's the only useful "cloud" function, too. Very annoying.


You just went and gave carmakers some ideas for easy cash grabs.

Don't complain when they extrapolate to the subscription based door locks and braking system. Just about everyone would almost have to sign up for them! /s


Too late, you get literally all of that on current Teslas for free (well, Steam games cost money I guess). I actually can't tell if grandparent was being sarcastic or not, but yes: these are already products.


I was indeed being genuine with my question, as I see these hacks (Mazda headunit too) but I’m curious if I’m missing the point other than the sake of tinkering.


Some already sell unlocks for extra power


That would actually make sense.

Most cellular modems are pushed through the head unit, and most car operations are controlled by the canbus. Given this, you could probably talk to the canbus unit to control the seat warmers.


They were being sarcastic, BMW already did this



And perhaps we can get some block chain in the units?


Doom, of course.


Carmegeddon


Odd way to spell Tesla trollface


Personally I'd like the head unit to do as absolutely little as possible. Just run CarPlay and Android Auto and let your phone do the heavy lifting. Headunit software in cars is notoriously awful, slow and rarely gets updated. For this reason they should just offload as much as possible.


While I love CarPlay for most of the stuff, I hate navigation from Google Maps or Waze / phone. I'm not sure if it's placebo, or something else, but for my car, the navigation is just better, especially when driving in tunnels and other weak GPS areas. The car system seems to use more than just GPS, like speed, direction and distance and even if you drive in a long tunnel or other similar conditions, it just knows not to mess up the position of the car, miss exits and other things. I know it depends on the manufacturer, but I get regular OTA updates for the navigation, live traffic updates that are quite good, dangerous situations on the road ahead and so on.


I just don't understand why CarPlay doesn't show the outside temperature. It is readily available information, either from the car itself or from Apple's own weather service. The stock head unit software has no problem doing it. The iPhone has no problem doing it when using its built-in screen. But when CarPlay takes over you're left to guess.

Maybe in sunny California you have no reason to care, but in these northern climates it is useful information. Road conditions can change rapidly as you approach the freezing point.


I use an app called NAVITIME (Japan-only) for navigation in my car and I far prefer it to Google or Apple maps. It functions a lot more similar to a more traditional GPS navigator like a TomTom or whatever, and has a lot of nice features like showing prices on gas stations. It does have an option to show the temperature. It's a monthly subscription though.


I've never once seen a built-in nav that I liked. They're always clunky, take weird routes, and cost an arm and a leg to update every [other] year. I'd rather buy a Garmin and have dedicated than use the manufacturers option.


Fair point, perhaps the solution is the car should feed back more data through to the CarPlay/Android Auto API to allow them to use that extra information?


Quite the opposite. I'd like excellent offline navigation in the car that doesn't talk to a spyware FAMAG app on a phone, or the internet at all, so that the only people who know where I am going and when are the hundreds of ALPR data brokers and their customers.

Yes, this means you lose real-time traffic data.


Fair enough but you're in the minority there. Average joe just wants directions that will keep them away from traffic jams, and manufacturer maintained head units wont realistically do that without paying a subscription. Even then all their data is going to come from the big tech companies as its them who have all that data.


Pretty sure we're in a thread about reflashing a head unit via bootloader exploits to install hacker apps, no? "Average Joe" never even knew the HOWTO textfile existed.


Not applicable for this specific car, but I would really love a way that doesn't involve an ODBC dongle to monitor the nerdy battery details on electric cars. On extremely hot or cold days, battery temperature can make a huge difference in charge rate when you are on a road trip. And when I'm charging it's nice that most cars tell you the number of kilowatts you are receiving, but it would be nice to know exactly how many amps and volts as well.


I would love an ODBC dongle! SQL queries to access diagnostic data would be quite handy. :)


Unlike some of my sibling replies, I see(quel) what you did there.


hah. I didn't even realize that I confused my acronyms.


I hold a patent on an improved way of implementing a diagnostic vehicle network interface, basically HW protocol offload for CAN.

Plugging the prototype into a car and getting useful data out of it was satisfying.


You can get them for about 12 bucks and talk to them over usb. Pretty nifty


> You can get them for about 12 bucks and talk to them over usb. Pretty nifty

They are quite convenient, but tend to only "see" generic PIDs. The manufacturer specific diagnostic codes are much more useful.

I've got one and I've got the actual manufacturer scanner, and there is a world of difference in the utility of what is reported (things like transmission oil temperature, which is needed to correctly set the transmission oil level, etc).


Heck, I'd just appreciate OBD II data that's complete and standardized. For example, I can't seem to get the odometer on my 2015 Elentra GT.


That might just be your code reader. Mine will not give me odometer on my SAAB but it will on my Volvo and Ford.


> And when I'm charging it's nice that most cars tell you the number of kilowatts you are receiving, but it would be nice to know exactly how many amps and volts as well.

Well, it's giving you kW, and you already know voltage from the charger, so you can work out the number of amps being pulled, roughly.

Not that I am disagreeing; it would be nice to see all three figures without having to try to work out any of them.


Unfortunately most DC chargers don’t tell you the voltage either. I know that my car can charge at “400 volts” or “800 volts”, but I don’t know if that’s exact or just a ballpark number.


I believe Tesla has an API that exposes some of those metrics.


Yes you can see all of these metrics and more on the Tesla mobile app. There's also a handful of 3rd party Tesla apps that do even more. https://www.tessie.com/ https://tezlabapp.com https://teslafi.com Or host your own: https://github.com/adriankumpf/teslamate


If it's a Subaru, that would be an app that leaves the radio in the state it was in when you turned the car off. Instead of the way it is which is for the radio to be on when the car is turned on regardless of how it was left.


The media features on the Subaru are terrible. I want to be able to unset preprogrammed Sirius stations. I have presets 1-19 set but I still have to scroll past preset 28 that someone inadvertently set. My other big complaint is how often it turns on in "Sign up for Sirius mode" despite having an active subscription. All I need to do is hit channel up and it goes to preset #1.


My 2017 Subaru is obnoxious. The Bluetooth audio has a 2-3 second delay, way more than any other Bluetooth device I've ever used. My head unit has the same bug that plays Sirius preview channel. It used to happen all the time but I think what helped was setting all the presents. It would be nice to be able to update the Gracenote database since it's very out of date, I know Bluetooth didn't support album art until AVRCP 1.6 which came out later.

I'm considering swapping out the headunit but there are a few car settings the OEM headunit controls that I'm not sure if I want to relinquish control over.


There's a factory reset on these recent Subaru head units (if it's anything like mine). Mine had a weird bug where you'd see it intermittently crash/restart, and upon restart it would have lost all your radio stations (and probably some other personalizations). In desperation I wiped it maybe a year ago (because what other options do you have with these things) and I don't think it has happened since.


IMO I'd like a better head unit. Fast responsiveness, making Android Auto come up faster, more reliable bluetooth pairing.

Being able to see more data would be cool too. In my car I can't see my historical MPG like I've seen in other cars.


This. When doing a bunch of errands, that involve lots of stopping and getting out of the car, then getting back in, it seems to take a good minute for Android Auto to re-load every time I start the engine. Must be even more annoying for delivery drivers. This is on a 2-year old car. I don't even think it's Android Auto that's slowing it down, but the head unit's OS is taking that long to boot before it will allow Android Auto to start. Surely the whole thing could be kept switched on (in sleep mode perhaps) for 30 minutes after the car is stopeed?


In my old Jeep I replaced the factory U-Connect head unit with an aftermarket Alpine. Unfortunately I think Jeep's are the only target market where you can expect a user to do a DIY head unit swap.

https://www.alpine-usa.com/product/jeep-wrangler-radio-apple...


Buy an after market. I.e. Joying.


Allowing users to turn off crap like the "please fasten seatbelt", "do not drive while impaired", "do not change navigation while driving" or whatever common sense announcements that appear as forced modals every goddamn time you start the car.


You know that bright yellow ugly-ass label on the sun visor? I used to rant about those. They’re not removable and… like I said, ugly.

How I wish that was my only complaint. Now the nav scolds me, the seatbelts hector me, my passenger needs to swear some sort of oath that they “are not driving”, etc.

I hate warning labels. For every useful one (e.g. “Pinch Point”, “Not A Step”) there are ten more that believe me to be a hapless infant.


This is why I love BMW. They have the entire coding/updating software used at BMW dealerships online for download (not-official). You can change parameters for almost every feature on the car. Anything from disabling headunit warnings to injector control.


BimmerCode / BimmerLink makes coding/customising supported BMW models even easier, as long as you've got a mobile device and an adaptor (e.g. OBD II to Bluetooth, inexpensive), you can DIY coding and obtain visibility into a lot of the car runtime parameters (e.g. engine oil temperature, boost, etc.) - can connect a screen and display whatever you like, turn off the pesky `ASD` (fake exhaust sound pumped into the cabin via speakers...).

What's more amazing these days is that technology like `bootmod3` (bm3) makes flashing (remmaping) stage one as easy as 1-2-3. One needs to understand what they are doing though.


> You know that bright yellow ugly-ass label on the sun visor?

I may try this, although seems overpriced:

https://www.amazon.com/Universal-Sunvisor-Warning-Label-Cove...


You can almost certainly get a tool to code all those nags off, or at least most of them. $600+ for a Launch x431 in my case, but worth it.


Unless you're a mechanic that needs to operate on a wide range of cars, I suggest instead looking for a brand-specific scan tool.

Universal scan tools like Launch/Autel/Topdon/Snap-on are good in terms of the wide range of makes they support, but they lack in depth - you may not always get the full feature set especially when it comes to "coding" (aka setting configuration parameters) or anything beyond fault codes, live data streams and actuator tests.

Brand-specific scan tools on the other hand only cover their specific brand but generally offer a much deeper set of features.


I didn't see anyone give the following features so here goes:

1. Ability to integrate traffic light info (how long they're gonna be red for, how fast do I need to drive to get a green light, how fast should I drive to get as many constant greens as possible, integrate this into adaptive cruse control) - Audis have this feature, but I should not have to buy an Audi just for this.

2. Police info (integrate radar detectors, radio for police freq and Waze etc. directly into the infotainment, heads up display or dash)

3. Integrate CarPlay / Android Auto navigation into heads up display / dash (currently only Honda / Acura does this as far as I know)

4. Play media (Netflix and other popular apps) via wifi when the car is in park mode

EDIT:

5. Add ability to integrate dashcams (and SD cards)

6. Add Toll auto-payment apps


Get a forward camera view from that vehicle right ahead of you. It of course needs cooperation, but it could make certain maneuvers safer, to my mind.


I think this feature used to be called "not tailgating"


Don't forget "untinted windows". When every car is a sedan, a hatchback, or a regular cab pickup with untinted windows, you can see through the next 5 cars just fine.


There's already technology to shade a window, presumably with LCD. I'm sure people would pay for the privilege of being able to control how tinted their windows are.

https://www.vision-systems.fr/solutions/solar-protection/


While I understand your point there are other issues that could be solved similarly.

For example, trying to turn from my driveway across two lanes of bumper-to-bumper traffic.

In the US it'd be a left hand turn, but for me in Australia it's a right hand turn.

I wish I could get easier, better visibility of the moving traffic before I turn into that lane. It is always awkward, slow, and difficult. Especially when I am in my normal car surrounded by SUV's.


Not anymore with age of SUV.


This. Trucks. too.



How would you watching a different car driving make your driving safer?


He can now safely overtake on a blind curve.


Oh yeah this totally works: the car in front of you can monetize this effort by showing you ads in its video stream!


“Yo, yo, yo! What’s up‽ If you’re here, you’re watching my livestream of the turn up ahead, brought to you by that underwear with carbon in it so you don’t smell swampy! Don’t forget to smash those like and subscribe buttons … “


Earning CarToken for doing so! On the blockchain!


Up to date navigation and Android Auto over the air.

I got a model 2019 Hyundai Kona EV and the integrated navigation software is just shit: It's outdated, the saved chargers are not available anymore or just plainly false in regards to their power output, it's just unsuable.

So whenever I need good navigation, I have to fiddle with a USB cable so I can rund Android Auto with Google Maps on the head unit.


Since late 2020 you can update your head unit yourself for free:

https://update.hyundai.com/

You can download an updater (at least for Windows) which downloads the whole head unit update data, which you then just copy to an SD card and stuff it into the reader in your car.

There is a similar service for Kia (they share head units with Hyundai - it's basically the same company)

https://update.kia.com

I did a couple of successful updates on my Irish 2017 Cee'd . Maps are updated every few months, Kia claims to provide updates for cars up to 7 years old.


Thanks, I'll look into this!


Physical buttons. Fast boot time.

I'm looking at buying an aftermarket head unit. The biggest feature for me is the boot time of the head unit, followed by good feeling physical buttons. Suggestions?


If you have a VW, the RCD330 is an excellent OEM upgrade that is plug & play with most 2005-2015 VWs. I had the same list of requirements on top of Android Auto, and it checks every box. Other OEMs might have similar upgrades that come from other markets.


Not sure about current gen, but you can get plug-in replacement head units for 2010 and older cars at least.

They're basically Android tablets with physical buttons and a direct OBD connection.


Where to look for reasonable units? Been scouting but haven't found anything like what you mention which looks realistic. Preferably it should also support flashing a custom ROM but not a deal breaker.


AliExpress was the place I started at when I had an older car. (VW Passat 2008)


So many. For one, working better. Having a head unit that boots up instantly and connects to Bluetooth instantly would be huge.

Second, audio controls that match or exceed what I can do with my phone from which I’m playing audio. BMW’a click dial interface was fantastic the last time I used it. Basically something that is optimized for maximum capability without taking eyes off the road.

The holy grail seems to be the ability to text while driving. Nobody has figured this out yet. Voice to text and text to speech are just not great solutions. Add to this the fact that a million apps are used for texting and you really have a huge untapped market. Figuring this out could make someone very rich.


Fixing the shitty bluetooth experience. Specifically, ability to disable both autoconnect and autoplay.

When my wife takes my car, when she returns the car will automatically connect to my phone even when I've already got headphones on (so my headphones will just cut out).

And sometimes I just want to go for a drive with nothing playing, but it will aggressively autoplay without asking. By aggressive I mean, even if the last thing I listened to was an album which I finished, it'll just autoplay the last song again.

Then if you want more than one device connected to the car via bluetooth, it becomes a nightmare of device management. It seems to just randomly connect to one or the other.


Honestly, just spend a few hours driving around in a Tesla. The basics (navigation, streaming, radio, garage,) are slick and work. I think if you could package something similar as an OEM and get other car manufacturers to use it...

I personally think there's a lot of room for 3rd party audio apps. I don't mind using my phone via Bluetooth / Android Auto / Car Play, but I really just want to install my streaming service's app into the car.

One thing that would be nice is, instead of a subscription for data, use my phone's data plan. Or, if you can get data cheaper, in-car wifi.


Recording & sharing video footage using on-board cameras. I mean the cameras and stream is already there, it's trivial to store the data and make it accessible. Better yet, clips could be filtered by sensors being triggered - alarm, door opening, locking of car, automatic emergency brake engaging etc...


Tiny nitpick, but in my Kia (which uses the same software) the steering wheel button between next/prev track mutes CarPlay play instead of pausing it. Drives me nuts. No idea why they decided to do that. If there was a little less brick risk involved here, I’d give a fix a shot.


An app that can turn off the screen completely.


Hyundai, specifically, Android Auto using the entire width of the display. Works on CarPlay, just not Android Auto.


I believe they fixed this in the November update, though I’m not positive (I am a CarPlay user).


You are correct


If this hack enabled wiring up actual physical buttons for things that need them, that would be handy.


Ridesharing - arguably it's Google Maps who're ignoring it.


Them not working like shit.


Modular DIN mounts.


an API


An on screen keyboard that’s useable while driving like they used to have back in 1999, a century ago


> Turns out there is a convenient setuid binary called “amossu” in the stock firmware, it simply does:

   setgid(0);
   setuid(0);
   execv("/system/bin/sh",__argv);
Amazing!


Is this not... a terrible idea?


It's a good idea for debugging, a bad idea for security.


you probably wouldn't want to ship that in the final image, but then again, if someone is capable of fiddling with the image, nothing stops them from writing these three lines of code, compile and add the binary to the image.

So I don't think it's that bad.


What's bad is that it works. SELinux would have let them block out those kinds of low hanging fruit, but let's be thankful they didn't bother


Depends on if you give untrusted users access to a shell on your car's infotainment system.


I hope Amos doesn't get crucified for leaving amossu in there haha.


:) Am os su?


I thought it was maybe a joke by a dev who set the binary name to his co-worker's surname. Or something. I feel dull now. :D


no I actually think you're right.


I'm not very familiar with infosec. How is the author able to obtain this information? Are there 2 identical files, one source and another encrypted? >They must be encrypted with AES-128-CBC using key=”)1Zorxo^fAhGlh$#” and IV="aoAkfwk+#1.6G{dE”. Only system.ext4 must be converted to sparse image before the encryption.


By pulling that information out of the disassembly of the u-boot image.


AES is a symmetrical cypher. The key is just hardcoded into uboot.rom


> Turns out there is a convenient setuid binary called “amossu” in the stock firmware

Understatement of the year!


I thought I was following along but then it got to this and I had no clue where that key came from:

“They must be encrypted with AES-128-CBC using key=”)1Zorxo^fAhGlh$#” and IV="aoAkfwk+#1.6G{dE”. Only system.ext4 must be converted to sparse image before the encryption.”


That's an example of why you should use public key cryptography for loading data from untrusted source.

AES is symmetric which means any encrypted payload need key used for encryption for decryption.

Which means it is on device, just need to dump it. And you can now use same key to encode new firmware


How does that help in this scenario? The need for the unencrypted data necessitates the decryption key on device. Putting it in accessible software rather than a tpm is the problem here.

That said, I own the item and I should be able to do what I want with it without technology trying to limit me artificially.


If it were encrypted with a private key the device would only have a public key and you wouldn't be able to encrypt your own version of the software.


It came from the disassembly of the "uboot.rom (part of lk.rom)" but it is not shown, it is only mentioned.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: