Polestar Forum banner
21 - 37 of 37 Posts

·
Registered
Volt, Polestar 2, R1T, Livewire One
Joined
·
531 Posts
I wonder how easy it is to get the MAC address — if my P*2 is sitting locked somewhere, unplugged, can someone just.. open the port cover and plug in a CCS plug that’s a fake charger and read out the MAC address? Seems too easy.

I guess one improvement would be for MAC address to only be transmitted when P*2 is unlocked, but no idea if they do even that.
Basically would be that easy with the right hardware. It's absolutely not a secure way to implement charging authentication. Right now, the hardware is obscure enough but it won't be forever.
 

·
Registered
Joined
·
848 Posts

·
Registered
2022 LRSM Thunder/Slate/Plus/Hitch
Joined
·
1,827 Posts
Discussion Starter · #24 ·
I wonder what would Polestar response be to a question like? … “Is this safe for me to be enrolling with EVgo? I just learned today that P2 is eligible to enrol, should I?” … I mean, they have to be aware of this effort surely. Let‘s hear what they have to say.
 

·
Registered
Joined
·
848 Posts

·
Registered
Joined
·
4,534 Posts
Basically would be that easy with the right hardware. It's absolutely not a secure way to implement charging authentication. Right now, the hardware is obscure enough but it won't be forever.
So if I understand right, one could design a CCS port cloner device that spoofs one car’s authentication while charging another?

could this be used to extend a free EA period to other cars in ones stable, for instance ?
 

·
Registered
Joined
·
37 Posts
I wonder how easy it is to get the MAC address — if my P*2 is sitting locked somewhere, unplugged, can someone just.. open the port cover and plug in a CCS plug that’s a fake charger and read out the MAC address? Seems too easy.

I guess one improvement would be for MAC address to only be transmitted when P*2 is unlocked, but no idea if they do even that.
MAC addresses are required for communication to happen at all in IP-based comms, so I doubt that's a viable option. The 'ideal' way to deal with the problem of someone tying payment directly to MAC address is for EVgo to not do this and for us not to sign up for it lol

'Real' Plug & Charge is way smarter, with a clever certificate chain - cryptographically secure and mutual validation that your car is the car it purports to be, that the charger is gonna send payment to who it claims will get the money, and your payment information is only ever stored with (or seen by) your car manufacturer. Super cool stuff! Background reading available here: GitHub - hubject/opcp: Open Plug'n Charge Protocol
 

·
Registered
Joined
·
37 Posts
So if I understand right, one could design a CCS port cloner device that spoofs one car’s authentication while charging another?
If EVgo's setup is as bad as it sounds, absolutely.

could this be used to extend a free EA period to other cars in ones stable, for instance ?
Unfortunately no, the main P&C protocol isn't nearly so naive.
 

·
Registered
Volt, Polestar 2, R1T, Livewire One
Joined
·
531 Posts
could this be used to extend a free EA period to other cars in ones stable, for instance ?
I think EA is using the reported VIN to verify it on the charger side, nothing cryptographic for the polestar. You could use the plan on a different EV this way but I'm kinda against fraud like that so I wouldn't. It's possible they are also using the device MAC but I have no idea.
 

·
Registered
California
Joined
·
1,726 Posts
MAC addresses are required for communication to happen at all in IP-based comms, so I doubt that's a viable option. The 'ideal' way to deal with the problem of someone tying payment directly to MAC address is for EVgo to not do this and for us not to sign up for it lol
I’m assuming you’re referring to my suggestion to not reveal MAC address while vehicle is locked and not my initial question about scraping?

Yes of course Plug & Charge would be better. But it doesn’t look like we’re getting that in P*2.
 
21 - 37 of 37 Posts
Top