<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Hi EFF,</p>
<p>Have I got a story for you! I am Trevor aka Trezdog44, a hacker
from So. Cal, 5 year EFF member and developer of the open source
software <a moz-do-not-send="true" href="http://mazdatweaks.com">MZD-AIO-TI</a>:
The Mazda Connect Infotainment System All In One Tweaks
Installer. Feel free to use my name and any part of this story
because I am very proud of what I have done with the help of a
global community of talented hackers with one desire: to be able
to modify and "tweak" the software that we use every day in our
vehicles. This is going to be long so strap in because it all
starts in 2014 before I even came into the scene...</p>
<p>Every Mazda model from 2014-2019 comes with the same infotainment
system, the <a moz-do-not-send="true"
href="https://www.mazda.com/en/innovation/technology/connect/">Mazda
Connect</a> system. This system is basically Linux with a
frame-less Opera full screen window running an intricate web app
that controls Music, Navigation, and phone calling and texting
functions. It comes with certain limitations like when the car is
driving (Speed > 0) the touchscreen is completely disabled
forcing the user to use the control knob to control the system.
This is what started it all because that was not OK for many
users, so some hackers got together in forums and found a way to
disable this "feature" and before long an exploit was found that
would allow arbitrary code to run on the system essentially
opening it up for any modification that a community of hackers
could think of! This drove someone to create a program that would
give users a list of "tweaks" they could install including new
user-made apps like a video player app, speedometer app and a
community-made reverse-engineered version of <a
moz-do-not-send="true"
href="https://github.com/gartnera/headunit/">Android Auto</a>.</p>
<p>Fast forward, 2016 held a personal milestone in my life, my first
brand new car! I researched a lot and decided on a Mazda 3
because I discovered that the infotainment system was hackable and
I love that! That day I started messing with the tweaks and
talked to the developer in Germany but he wasn't really a hacker,
he was just a guy who liked computers winging it, so when I told
him I wanted to rebuild the GUI and make the app more usable for
everyday users he was happy to hand it off to me. So I started
building off his code with about 20 available tweaks to start and
built it to include over 50 many of which I developed myself. At
first the exploit we used would allow modification to be done by
anyone who wanted to do them with just a USB stick and the MZD-AIO
app but then we started gaining notice from Mazda and some framed
what we were doing as a <a moz-do-not-send="true"
href="https://github.com/shipcod3/mazda_getInfo">dangerous
security threat</a>. This is what started the push-back.</p>
<p>Early on in the development of MZD-AIO on 02/17/2017 I (and a few
others) experienced a <a moz-do-not-send="true"
href="https://github.com/Trevelopment/MZD-AIO-TI">DMCA Takedown</a>
by <a moz-do-not-send="true"
href="https://github.com/github/dmca/blob/master/2017/2017-03-06-NNG.md">NNG</a>
the company that makes the navigation software that they sell for
a ridiculous price as an add on the the system. I took out all
the tweaks having to do with navigation and moved on but it opened
my eyes to the importance of what I was doing. Mazda never
contacted me or anything like that but from then on I felt their
presence in the forums and shadows watching me and calculating
what my next move would be.<br>
</p>
<p>Over the last 4 years several <a moz-do-not-send="true"
href="https://www.bleepingcomputer.com/news/security/you-can-hack-some-mazda-cars-with-a-usb-flash-drive/">articles</a>
name me personally as the developer of MZD-AIO but none of them
ever mention it being used in a harmful way. In fact, I still
frequently get emails from people thanking me for greatly
improving their driving experience with sometimes as little as
just being able to change the background to the <a
moz-do-not-send="true"
href="https://github.com/Trevelopment/Mazda-Videoplayer">Video
Player</a> app that I greatly improved over the years (so their
kids can watch a movie while they are driving). First the exploit
we used was removed in v59.00.502 of the firmware but that didn't
stop us at all. With the help of one of my good hacker friends
from Thailand, only days before we had just found an autorun file
that ran on every boot and was not erased or replaced in the
update process. I quickly put out an update and warning message
urging users to install the "Autorun and Recovery" tweak that
would spark recovery back to the open system we knew and loved and
allow the installation of tweaks after the update to the newest
FW. For those who already updated there had to be a little more
drastic measures taken so we turned to an exploit we had known
about for years but didn't have to use, connecting directly to the
<a moz-do-not-send="true" href="https://mazdatweaks.com/serial/">serial
port</a>. This would become the method that anyone who
purchased the car with FW > 59.00.502 would have to use to
modify their system but it requires a good amount of technical
knowledge, skill and confidence to pull off.</p>
<p>With each update of the FW they tried to close the exploits but
given that they would take approximately 4-6 months to release,
the global hackers and I would find new exploits within days
causing their developers to scramble back and attempt to stop us
again. Eventually they made a FW that is un-hackable but it took
them 4 years and by then the community was tired, not to mention a
new Infotainment system was released by Mazda (MZD Connect II?)
for 2020 models killing the motivation to continue with this
project. I still maintain and answer questions from users every
day but will probably only make 1 more update at the most to the
MZD-AIO app.</p>
<p>Let me know if you need any additional information since it is
impossible to include everything in this one email but I tried to
touch on all the most important points.</p>
<p>Thanks for reading, I hope you liked my story and it helps EFF in
the fight for digital freedom! <br>
</p>
<div class="moz-signature">-- <br>
Peace out,<br>
~ ŦⓇḝź
<hr></div>
</body>
</html>