I reached my limit of new posts for a day. Please remind everyone to do a password reset or make sure the passwords used here are not same as any password they use anywhere else.
At the top of the forum there is a message from Tesla official staff with the red T emblem. "dan" is the only poster to have that same red emblem.
I'm 98% sure dan is/was on the inside of Tesla in some capacity.
The fact the forum blew up an hour or so after he posted just makes the whole thing so much more entertaining.....dan come back and tell us you're safe! Lol
Stay tuned for the full story.
Whoa.... waiting patiently....not
What does that mean? dan hacked the forum?
Seems weird to expose yourself as a hacker and then hit up Musk on twitter.
I guess we will have to stay tuned. I have did look at the twitter feed but really don't want to click on his website. Looks like he is Cleveland? But you never know.
I went onto the website and more interestingly, the about dan page....I learned some things.....it's legit.
What did you learn?
More than I anticipated learning.....go see for yourself.
100 Quatloos on the "dan" story. The most surprising thing is that it has not happened before now.
And we now know why "dan" kept a PDF of his post.
Is this more Galaxy guardian talk????
OK, now I'm intrigued.
But correct, PDF of his post now makes sense.
You weren't already?!
I don't see anything there now. What did you see?
Bottom of page. About Us.
If I go there I just see a bunch of ad redirects that go nowhere.
Keep hunting Carl you it is there you just have to look harder.
Obvious when you see it.
dan!!! Where are you?????
Stop watching the Cavalier's/Brown's game and spill your beans!
dan is a regular guy that bought a TM3 and came on here to complain.
But he's also a tech guy that somehow hacked into the forum through a back door.
He then warned/threatened Tesla to expose the vulnerability.
Tesla paid him an undisclosed amount to stay quiet.
Tesla fixed the security hole in the forum.
And we'll never hear from dan again (due to an IDA).
Cleveland is boring. Gotta do something to create excitement besides dropping a Cleveland Steamer.
Stop drinking Lake Erie water!!
I am really close to being totally on board with that theory, expect why would he choose a FUD thread for the exploit?
Why the taper off of "delivery" and "paint" threads since the exploit? If Dan "fixed" a FUD problem that would be awesome! If Dan was phishing to make some money by exposing a breach, why go public first? If Dan happened on a security breach, again why go public first? Still seems odd.
Dan is now public, his identity is known, he posted some things that might make people pissed off at him, is that a wise move?
Agreed. Still more questions than answers.
I've typed up the full story, but per Tesla request, I'm not publishing it until they can finish fixing the problem.
Who is at risk dan?
Are you benevolent?
If individuals are at risk why not share specifics?
Who are you loyal to?
Thanks for the update.
So we will know the story. Looking forward to it.
How would sharing specifics now help Tesla or help consumers??
Are individuals at risk of having personal information (I.E. Tesla account info.) compromised as a result of this security issue? If so, do those individuals not have a right to know immediately?
So you think it's better to tell everyone how to get every Tesla owner's contact info rather than let Tesla attempt to resolve the issue?
Here's what I know:
The site is up and running and you have not shown up as danT (in red) since the exploit.
We can now assume you have everyone's personal contact information based on your most recent comment.
No one finds a security breach like this on accident, you were snooping.
Do you have a good lawyer?
BTW, what does a full package summer in Europe cost these days?
Keep on making those ASSumptions. I find it all rather humorous.
So now you are down to the level of rhetoric.
What timeline did TESLA give you to "finish"?
Before you go to the "press".
I am not too sure you have many others laughing with you on this one dan.
dan said: "Keep on making those ASSumptions. I find it all rather humorous."
dan's credibility quotient has just skyrocketed. You go dan!
Really, you find someone who claims TESLA has not finished fixing a security breach, promising not to tell anyone of the details until they finish, a credible thing to do?
Say dan bought a list of contacts (something a dansdeals guy would do) and said list was proven to be good by a simple test. Or say some other scenario got dan this intel to get into the TESLA site. It could be innocent or nefarious as to his access was achieved, it does not matter.
Does anyone find it funny that dan would get on the internet, hang this on the line, and tell all when TESLA meets some "finalize".
Is it reasonable to think that, based on what dan disclosed (if sincere), that people are worried that their personal contact information was illegally obtained through security breach at TESLA and a fix is not yet "finalized".
This stinks to high heaven.
I feel a bit puny. I must have missed out on the entire "dan" episode, whatever it was.... but I doubt I lose a minute's sleep over it.....
Even IF there was a breach on Nov 8 & you did get a dump of everyone's info, Today is the 11th. The forum has been restored. I'm going to take a wild guess that the so called security hole has been patched.
I changed my password this morning. Please let me know if you can get into my account. Thx!
Mollom has already gone end-of-life. Hopefully this will spur Tesla to introduce better forum software. Like one that is searchable, posts that can be edited and deleted, and a post ratings system.
"Really, you find someone who claims TESLA has not finished fixing a security breach, promising not to tell anyone of the details until they finish, a credible thing to do?"
Yes. That's the way these things are almost always handled.
Really Carl? What exactly do you find credible about dangling a security breach in public view and telling people that TESLA is has not "finalized" a security fix. Are we waiting until someone comes back to work so they can be walked out?
This is never how a benevolent person tries to help people he is "concerned" about. The action of going public has consequences of making people worry about their personal information being secure with TESLA. This will not go away until dan discloses the story, as he said he would. So how long is dan going to make people worry? What timeline has TESLA given dan so dan can share the "story"? Are we to wait in perpetuity with worry wondering if dan really exposed something significant?
FUD by any other name.
This is how a security breach is reported to TESLA:
Not through a forum hack and twitter exposure using a dansdeals website account.
I don't know what to tell you. It is extremely common for companies and researchers to announce they've found a security breach but to not disclose details until the companies whose software is affected have had time to mitigate the issue and deploy patches. It's just how it's done. Sorry if you don't like it.
That should be:
"... to announce they've found a security _vulnerability_ ..."
Not necessarily a "breach."