Russification of Lixiang

How to Russify Chinese cars? How not to make bricks by bricking a car more expensive than 10 million rubles? I work with software for Chinese cars, one of the most popular models today is Lixiang, it is on its example that I will show how cars are usually or, on the contrary, unusually Russified.

We live in interesting times. The paragraph below applies to almost all premium Chinese auto brands.

Applying a certain degree of simplification to statistics, which, to paraphrase the proverb, are a derivative of lies, we will rely on hard facts from the first links in the search engine. At the end of 2023, the number of cars of this brand sold already amounted to 376030 pieces. Currently, more than 20,000 Lixiang cars are registered in the Russian Federation. The Russian Federation is the leader among countries where cars of this brand are imported. This is a consequence of the coincidence of the departure of Western auto brands and the rapid development of the Chinese auto industry. Keep this in mind, now the next part of the Erickson loop.

In addition, we have sanctions and American participation in the capital of automakers. Russian and Chinese are brothers forever, but China can think in centuries, apparently in the planning horizon of several hundred years, cars and goods can be sold to us, but we should forget about any support.

My name is Vyacheslav and I work in the company Provolta. I am Russifying Chinese cars, and before that I worked for many years after Elon Musk and made Tesla a little more convenient for the Russian market. I wrote the article Fix your Tesla yourself, you're a programmer, which has been read more than 73K times to date, and the sequel Fix your Tesla yourself again, you're a programmer, which has been read more than 50K times. In addition, I told you how you can generate navigation maps for any country in the world and download them to your battery-powered swallow. My first article about Russification of Android in Chinese cars has been read more than 41K times.

A huge number of people write to me, I will try to collect the most frequently asked questions in articles. If there is interest, I will continue.

Actually, the Russification process itself should be done at the software creation stage, by adding locale, these are very small expenses on the scale of production. This is not done to contain machines produced for the local market in China. And it is simply easier this way, why spend even some money if you can simply not notice that 10-20% of your goods go to another region and you do not need to service and support them. And Chinese words are much shorter than Russian and English, so the design just floats like that from a simple replacement of lines.

Learning to Russify Chinese cars is a complex and multifaceted process that requires a deep understanding of both technical and cultural aspects. On the one hand, it is necessary to adapt the car software to Russian standards and requirements, which includes localizing the interface, customizing functions and integrating with services familiar to Russian drivers. On the other hand, it is important to take into account the mentality and needs of domestic users, which may require revision of not only the software, but also the concept of the car itself.

Russification training is not just translating text, but creating a convenient and intuitive user experience for Russian drivers. This requires close cooperation between specialists of various profiles: programmers, translators, designers, marketers and testers. The key point is the ability to anticipate the needs of the Russian market and integrate them into the development of Chinese cars. The success of Russification depends on the efforts of all participants in the process and the willingness to constantly improve and adapt to changing requirements.

To add a locale, we need the source code. Either we take up the soldering irons and pray (for getting whole images, for the presence of GPT, for normal data entropy), or we use more subtle tools.

Reset Glitch Hack Attack

ChipWhisperer is one of the best tools for this. Here is an example of how it can be used to hack Xbox, well, let's say other devices too. ChipWhisperer is an open source platform designed to study and attack embedded systems.

Key Features of ChipWhisperer:

• Multifunctionality: ChipWhisperer supports various attack methods including Side-Channel Analysis, Fault Injection, Reverse Engineering and more.

• Flexibility: The platform allows the use of various hardware such as oscilloscopes, logic analyzers and microcontrollers.

• Openness: ChipWhisperer is an open source project, allowing the community of developers and researchers to contribute to its development and expansion of functionality.

• Education: ChipWhisperer is often used for educational purposes to train students and security professionals.

In short, at the moment of checking the SSH password, you can make a deliberate mistake and bypass the check by triggering a failure on the power bus at the right moment.

Intercepting update packages

You can intercept it with good old Wireshark. Wireshark is a powerful tool for analyzing network traffic, but it does not intercept traffic itself. It analyzes the traffic that has already been intercepted.

To intercept traffic, you will need to use a network interface that will capture packets. Here are a few ways:

1. Setting up a network interface in promiscuous mode:

• In Windows: At the command prompt, type netsh interface set interface "имя_интерфейса" promiscuous mode=enabled store=persistent (replace имя_интерфейса to the name of your network adapter).

• In Linux: Enter sudo ifconfig "имя_интерфейса" promisc (replace имя_интерфейса to the name of your network adapter).

• On macOS: Use the utility tcpdump with option -i "имя_интерфейса" -p.

2. Using specialized software to intercept:

• For Wi-Fi: There are special programs for intercepting Wi-Fi traffic, for example, Aircrack-ng.

• For Ethernet: In Linux you can use tcpdump or wireshark with option -i "имя_интерфейса" to intercept traffic from a specific interface.

3. Using a virtual machine:

Having received the update packages, we already have the source code for translation and can find in the code ways to calculate hashes in order to re-sign the packages and send them to the device, which will not even understand that we have done our dirty work.

…and then grandma left a will

All tools are good, and the road will be mastered by the one walking and inspiration should find you at work. In general, one of my employees called me with the words that Lixiang after manipulations that are automated stopped turning on. There was not even a change of software. There was no impact on the multimedia unit (telematics unit, central computer, DHU are all called differently, the terms will come in handy).

In general, we took all the measures that were supposed to revive the dead man, all the reboots, prayers, lit Chinese lanterns, nothing helped. For a week we tried to resurrect the test subject, but all in vain.

I took a ticket to Beijing, the block under my arm and, hoping that the brothers would not leave me in trouble, set off for the Celestial Empire. Imagine my disappointment when in Beijing, amid the bustle and aromas of spices, at the Lixiang service center, I was greeted not with a smile of goodwill, but with cold detachment. “We need a whole car,” they told me, with the confidence of a judge passing a sentence. And I found myself alone, with a dead block in my hands, facing an indifferent technological fate. Like a prodigal son returning home, I stood at the door of the great technological king, but he did not want to accept my repentance. “Error in the firmware” or any other verdict would have been the starting point for further work, but the dialogue was very quickly curtailed, citing translation difficulties.

Before this trip, I already had a personal Lixiang. In general, upon arrival from China, I bought a new Lixiang L9 for a client, and became the happy owner of a brick for 10 million rubles. I ordered new telematics units, bought used units at Chinese dismantlers, but either the firmware version was so unsuitable that the multimedia unit did not see the other units, or the unit refused to connect to the car. And several more units were flooded, floods in China are not uncommon, and unscrupulous intermediaries can palm off anything to a white vandal.

Every cloud has a silver lining, but this story has helped us develop connections with component suppliers with whom we still work. We figured out the internal structure of the multimedia unit and firmware. The problem with the unit was that the day before the car downloaded and installed updates, an employee installed Yandex navigator applications, music, etc. and rebooted the car to check their operation. The system considered that it was necessary to change the active memory bank without checking the integrity of the image, which is why there was a black screen. A month later, I already had a bricked Lixiang L9 and a lot of experience. Experience is what we get without getting what we wanted.

What about grandma and the will? You ask.

Lixiang is one of the few Chinese car brands that update over the air without dancing with a tambourine. This is both a strength and a weakness. All your changes to Russification can turn into a pumpkin in 1-2 weeks. Either you need to prepare your own updates and disable receiving updates from China, which is quite a difficult task, or disable the update altogether, which few users will agree to.

Machine owners treat updates in much the same way as Linux users, it's joy, smiles, laughter and just a dose of endorphins. While we were dealing with the brick, we noticed something strange. In the unprotected part, where user data is usually stored /data/Download, strange files with the name patch are stored

So, Lixiang engineers made a patch system to quickly change the system and apply features, so that they could test without releases. And, apparently, they either forgot about it, or stars light up when someone needs it. In general, the code from these patches is also executed as root. Well, here's where our luck began…

Installing customized applications

In addition to Russification, one of the most common tasks is installing the applications we are accustomed to. Do you prefer Amap or Yandex Navigator? Someone, say Waze, and someone 2GIS. In general, I have not yet met any Bilibili fans, so we are collecting our own package of applications, but we customize them for each user. At some point, this began to take too much time and we created our own app store and everyone could install them themselves. Most of all, copies were broken to issue the correct permissions for installation without access to Android settings. Via ADB

adb -d shell appops set –user 21473 xyz.genscode.provoltastore REQUEST_INSTALL_PACKAGES allow

The second problem of Lixiang was the display that was too good. Record DPI requires special precision and refined fingers, it is extremely difficult to hit the buttons, so we had to rewrite the layout by pixels, adaptively everything was crawling. Colleagues from the Li chat spent a lot of time on this work, but now usability is at its best. This is how, by joining efforts and sharing experience, we will make the world around us better.

Installing a SIM card slot

And all this beauty with the modification would be incomplete without stable access to the Internet. Initially, all Chinese cars contain an eSIM chip in the TCAM block or in the multimedia block, we are currently modifying the software for loading information about the Russian eSIM into the chip, but for now we have to install a cable for the Russian SIM instead of the eSIM. And I am not just telling this, the fact is that most systems have a check for the SIM identifier that is currently in the car, somewhere there is traffic monitoring, somewhere there is DNS monitoring or network name monitoring, and all this stuff has to be worked with software. Is this part of Russification? Of course, because Russification of cars is not only about Cyrillic, it is about the convenience of using a car in Russia.

I hope you liked everything, be healthy, and may Provolta be with you!