DODGE RAM FORUM banner

2011 ram tuning question

9K views 62 replies 31 participants last post by  SoCal 
#1 ·
Ok so it doesn't seem that this has been asked in a while or brought up in conversation but is there any update or news on tuning 2011 ram hemis just curious
 
#3 ·
Ok cool thank you I'll spend some time and go through those threads.
 
#4 ·
I got tired of waiting for superchips and DS to come up with software to tune our trucks so I uploaded the pcm software and was able to crack the code myself and spent about 4 hrs rewriting the abk and setup a backup and now have disabled the MSD, changed the top speed limiter, changed the shift points and was able to adjust air and fuel mixtures. Increase in power appears to be significant it now does not shut down over 100 mph and no need in having to run the truck in 5th to disable the MSD. I will run this new code for a few days and pull the plugs and see how they look. OBTW my truck is the 2011 R/T
 
#6 ·
Breaking there source code took some time but once I hacked into it the codes were easily writeable and were able to save anyone with knowledge of DOS and ABK can do the tune with the open code file, a laptop and harness to the PCM cnnection along with a laptop is all one needs. You will need to use superuser to keep the open source code usable for other tunes. You also need some working knowledge of how to use Cyangenmod.

If any of the big companies would be willing to pay me for this info I'd be happy to hand over to them the open source file I have created, the thing is though and from dealing with other sources in codes and writing code they just don't want to pay for the source files. DS has already contacted me for my backup and source file so lets see if there heart or shall say there money is in the right place.

James
 
#8 ·
Why would something so new and complex have anything to do with DOS? I am super intrigued however, how were you able to send the requests to the PCM to allow it to be read?

Which OBD setup did you use to interface the PC to the port?
Also, what software did you use to pull the info from the PCM, then compile it?
How hard was the encryption to hack?
Sorry for all the questions, but again I am super intrigued..:wavey:
 
#9 ·
DOS is used to rewrite the code but in order to hack the code I had to use a program called Cyangenmod, I pulled all the software from the PCM onto the laptop where as the progrom broke the encryption and transfered into DOS and rewrote my own program. Saved both files and then sent back thru Cyangenmod so it then enycrypted the rewritten program and installed back into the PCM.

Now that I have the saved original file I'm going to play around with it in Excell and see if by any chance I can rewrite the codes there. If this can happen then it makes life so much easier to many than going over into DOS

Sadly I don't get how or why a nobody as myself that has access to writing codes and a computer can figure this out yet high paid engineers are stumped.

Anyhow I will pull plugs on the truck this upcoming weekend and see how they look and see what else I can do with fuel and air mixture and the timing to push it just a bit more.

James



Why would something so new and complex have anything to do with DOS? I am super intrigued however, how were you able to send the requests to the PCM to allow it to be read?

Which OBD setup did you use to interface the PC to the port?
Also, what software did you use to pull the info from the PCM, then compile it?
How hard was the encryption to hack?
Sorry for all the questions, but again I am super intrigued..:wavey:
 
#10 ·
22Dasher, are you a software engineer or something by profession? That just seems crazy that you were able to do it and the dozens of engineers couldn't...

If you did do it, why not start your own company....overnight millionaire...?
 
#11 ·
Sean,

No I'm no software engineer, I'm an engineer by trade yes but for development and design for the aerospace industry. I agree it is crazy and I'm just not getting it how or why these comapnies that makes a living at this can't crack the code where I was able to in just a few hours, yes it took a bit of trial and error to unlock the encryption but once it's unlocked there it is like heaven, The source map is also there just like a schematic for an electrical diagram of what each code does when timing and all, when relays open and close, it's all there. I'm going to play with it this week in Excell and see if maybe I can remap it thru there and rewrite the source codes and send back to the PCM and see if the truck takes the code. Hell what is worse I can do? Blow my PCM is it but if thats all I just buy another and reinstall the original codes and I'm back up and going. Excell sure would make life easy if I can pull it off. Stay Tuned literally lol for upcoming news.

James



22Dasher, are you a software engineer or something by profession? That just seems crazy that you were able to do it and the dozens of engineers couldn't...

If you did do it, why not start your own company....overnight millionaire...?
 
#26 ·
People are actually believing 22Dasher? Seriously?
and Cyanogenmod, which he couldn't even spell correctly, is just an Android distribution.
Once I heard him say something about CM7 (Cyanogen) i started laughing.





Anyone that could have cracked the code should have gone right to DS/Superchips and started a bidding war. The guy DS has working on all their cracked/encoding stuff is a freaking genious that started in the LSX world. He was good friends with the mechanic at my old shop and when i talked to him about it even he said it took him months to get through the encryption
 
#19 ·
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Now THAT'S funny!!!!!!
 
#21 ·
^^I'm with snrusnak, I require proof myself but I am also giving him the benefit of the doubt as well. I know what DOS is and Cyanogen is a rooted distribution for Android. Maybe he took a different approach, hit the nail on the head and VROOOOOOM! We are off to the races! But if he didn't and that would suck Green Donkey B#%s if it is, but oh well. We will all know soon enough.
 
#23 ·
Subscribed to this thread! I am interested in seeing how this goes. I'm a seeing is believing type of person and once I see something in a vid that proves his code breaking skills my blood pressure will rise in excitement to see that some progress is being made for tuning these mo-fo's.
 
#24 ·
Subscribed, I want to be one of the first to talk to the man who changes the history of sport tuning the 2011 and up Chrysler products and tell people that he's a smart cookie and I know a rich person and, I just spanked that Camaro SS's ass because of this dude and, and, and All I want to say in the end of this is...:thk:



Please don't let us down!!!!
 
#27 · (Edited)
I am a software developer (electrical engineer by training) who's been involved in a lot of PC and embedded projects over the years. Perhaps I can shed some light on what's going on with these tuners. First some background...

An encryption system in its most basic flavor relies on two things: an encrypted payload that usually looks like random scrambled characters and a key that can be used to decrypt it. It can get quite a bit more complex but those two elements always exist. The key can be a number of things...it might be a password that's in your head (like in the case of encrypting your hard drive) or a large string of numbers stored somewhere else (like in the case of online banking) or even something completely random.

Since encryption algorithms are generally known and published, the encrypted payload can theoretically be descrambled mathematically without knowing the key. The reason encryption is effective is simply that the math problem is hard and it takes a very, very long time to solve, even for a computer. Having the key fills in one of the variables and makes the problem trivial to solve. Barring a huge leap in computer technology or mathematics (especially prime numbers) the encrypted data is safe unless the attacker has the key.

The challenge here likely has nothing to do with breaking the encryption. That's not realistic or even necessary. The PCM code may be encrypted but the truck sitting in your driveway already knows how to decrypt that code. It must or it couldn't use the code either. Each of our trucks already has both the key and the decryption code in it. The trick is to find it.

(For what it's worth the situation is similar to DVD movies. They are distributed encrypted but, of course, your DVD player must know how to decrypt them or they're useless. So between the DVD and the DVD player one or the other has the key. And it's all over the Internet now too.)

The challenges they're facing are probably:

1. Finding the key. It could theoretically be on any connected piece of silicon in the truck. And it's not like there's a comment that says "KEY STARTS HERE"...it'll probably look very similar to the encrypted code itself. There may be multiple.

2. Identifying the encryption algorithm. Usually not hard since you probably had to decompile the loader routines to locate the key(s) anyway. Sometimes you get lucky with trial and error. Other times they've done something homegrown and you have to implement it line by line.

3. Dealing with the fact that each of our trucks probably has a different key. If I were designing the system for maximum security I'd do that and make sure whatever component held the key was electrically isolated from the OBDII port. That would make it very difficult to create a universal programmer that was convenient for the end user (read: marketable).

(Does anyone know how the dealer flashes our trucks? Via a cable to that port? Or do they remove the unit and plug it in to something else? That process would be similar to what a tuner would have to do.)

4. Getting the lawyers to approve it. It's kind of a gray area but the DMCA has been used to prosecute people for subverting encrypted systems. The argument would be that Chrysler wrote the PCM code and encrypted it (in part) to prevent theft of trade secrets by other automakers. Producing and marketing a device that can decrypt that code as a tuner would have to do would probably violate Chrysler's rights under the DMCA. The law that protects Chrysler's IP might inadvertently prevent you from tuning your truck.


As I understand it there actually is case law around #4 from when Apple started encrypting their BIOS code a number of years ago. I don't know a whole lot about it but I'm pretty sure that's part of the reason why you still can't legally buy a commercial product that lets you run MacOS on your PC.

Issues #1 and #2 above are completely solvable by someone with the right tools, knowledge, time and a Dodge truck. My guess is that #3 and #4 are the real challenges...trying to package something that's fit for the end consumer and keeping Chrysler from suing you. After all if they didn't mind trucks under warranty being tuned then they wouldn't have bothered encrypting it in the first place.

My bet is we'll see something right about 2015 when the 2012s start going out of warranty.
 
#31 ·
I should say that it's not unreasonable to think someone like 22Dasher could download, decrypt, modify encrypt, and reupload his PCM code. It would be quite an involved project but there's probably not a huge technical barrier to doing that. (Disclaimer: I've never been inside one of these units so it may be 100% proprietary stuff. But probably not.)

Now based on his description of tools and process I seriously doubt that he did. And even if he had those skills it's even less likely that he was able to interpret what he decrypted and modify it into a usable (and improved!) engine map. So I'd bet heavily on "didn't happen".
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top