After a pretty efficient previous part, the mind was asked for a break. So, the investigation of the remotes and commands they sent was postponed for a long time. Instead of it, the internal child required a new action. So, happy to present the MIB3 set. Thanks to the Lviv Audi club community, I bought the display and control module for a pretty sweet price - 200 EUR.

With the next part numbers: 80A919620 and 80A035043H. The seller said that the modules were extracted from the Audi Q5 2024MY. I was just worried that the parts had been stolen because the next step was to solve the problem with component protection (next CP). VAG using CP as a security mechanism to prevent easy parts replacing between cars. So, if the control module has special identification (FAZID, Fahrzeugbezogene Zugriffsdaten-Identifikation), it cannot be just replaced from car to car as is. Right after turning it on, it will get the active DTC called "Component Protection Active", which cannot be erased. Depending on the module, this DTC can limit various functionalities. For example, from previous logs, the BCM will not send the button states to the HomeLink ECU if the component protection is active.

Before continuing the adventure, the base thing is to turn on the MIB. A few hours of searching for the connectors, the one problem appears. I was not able to find the connector for the display. Audi uses the tricky connector for the display, which is a hybrid of classic LVDS with an additional 4-pin connector. It takes a whole week of calls, messaging, and communication with the local sellers who sell used parts. The main problem was a simple laziness. No one wants to do something to sell me a simple connector. The whole wiring of the salon was found, but even to get info if the necessary connector is in it took two days of messaging. But finally, the luck comes to me and one of the numerous sellers send to me the next photo.

Wrong color (LVDS or Fakra or HSD, it has a lot of names) means the wrong keys, but it can be easily fixed with a utility knife. So, shut up and take my money! Right after that, another seller, a member of the Lviv Audi Club community, sent me another photo. With the whole LVDS cable from the Audi A8. The LVDS cables are mostly standard and used by a lot of cars, so the central (LVDS) part of the blue one were replaced with the central (LVDS) part from the whole cable. Then another bit of wiring, crimping a here we go.

Interesting fact. The MMI does not start after the power supply is on. It can be started by ignition on (by CAN bus) or by shorting the special wire to +12V from the volume control button, which also communicates by CAN btw. That special wire is the external trigger to wake up the MMI. The 8th pin of the T12ac connector is called SIG (guess: Signal). The same approach is used by the lightning switch, but it communicates via LIN.

A huge step was taken; the next is the component protection. To remove component protection, the ODIS with online access is required. Only that way can it be done with a small and reasonable effort. Of course, for sure, the component protection can be removed in a hardware way at least. But the amount of effort is useless unless that knowledge is used somewhere else. The services where the online access can be purchased are easily googled. Aaand let's do it. First of all the all connections were checked and instructions read, a few times, just for sure. Ten minutes of ODIS online access costs from 30-40EUR depends on the service. As I was worried about MIB3 ECU status (was it stolen), the initial plan was to remove the CP from the BCM, Gateway, and BCM2 (Immo) control units. And only then from the MIB3. But the mission was impossible. Ten minutes were not enough to remove component protection from 3 blocks and then connect the 4th one and do the same with it, especially when you're doing it for the first time. Or let's rephrase, it is enough if it is for a complete vehicle with correctly connected modules. But not in my case. 

Shaky hands, emotions, and the ODIS are online. The money was paid, and the token was exchanged. Then, I go to Gateway, starting the special function called "Component protection remove" and following the instructions. Unfortunately, due to a lack of time and experience, the "screenshot" is merely a frame from a video I took while the component protection has been removed.

Another interesting fact: removing component protection by special function in the Gateway module is doing it to the whole car. So, every module will be adopted, and CP will be removed. And vice versa, when the component protection in a concreen module is removed, it will also disappear from the gateway.

After that, 6 minutes were left, and probably it might be enough if I did everything correctly on the first try. In the rush, I connected MMI to the gateway, but I connected it to the wrong CAN bus. So, the ODIS was not able to connect to the MMI to do the CP remove, and I lost time (and money). Then the MMI was reconnected to the proper BUS, and have been purchased another 10 minutes of ODIS online access. The same procedure and component protection disappear from all modules. Now, I have a workbench with a BCM, Gateway, BCM2 (Immo), and MMI with no CP at all. 

Let's summarize. MMI is turned on. Component protection is removed. The last step is to enable the HomeLink in the MMI, as the original donor car did not have it ordered from the factory. What can be easier? How wrong I was...

Starting from the 2019 VAG implement a new SFD (Schutz der Fahrzeugdiagnose) mechanism, which should protect the car from configuring the cars without requesting the access to do it from VAG. Earlier VAG was using the simple 5 num login code that grants access to do some specific coddings and adaptations. Starting from 2019, simple code was replaced with unlock tokens. Kind of end-to-end encryption. So, if some changes need to be made in the specific module configuration, it should be unlocked with the specific token. Token ttl is 90 minutes or a specific mileage. During that, everything with coding and adaptation operations can be performed. This is the first implementation fo SFD from VAG. But, starting from 2023, the next generation of SFD was introduced - SFD2, which is real hell. SFD2 does not unlock the whole module, it generates a special request that includes information about the car identification and concrete information about what data must be changed. Then VAG server generates a token and that token can be used to write that changed. Only once.  

I started to Google services that can generate SFD2, and NO ANY SERVICE at all! Friends who are related to car diagnostics provided me with a few contacts and information. The starting price was 800 EUR per single SFD2 token. One of the recommended people proposed to generate a token for 100 EUR. Which is ridiculous! I paid 200 EUR for a set of MMI, and I should pay 100 EUR to enable HomeLink. For the stupid adaptation changes that I can do myself, but not to generate the token. And here is a dead end! A huge huge huge step back. Because I am at the same point where I started from (without MMI with HomeLink)...

Does anybody know somebody who can help with SFD2 (ideally disable it) or downgrade the MMI to the version with SFD1?