We need a way to disable vehicle telemetry.
No, a software switch is not enough. We need to be able to physically unplug the cellular modem entirely and have the vehicle work with 100% functionality (barring features which inherently require cellular connectivity like turning the heating on remotely)
Car manufacturers' features are mostly useless anyway thanks to Android Auto/Apple CarPlay
In Europe, this is mandated by law.
In Spain they soon will require V16 [0] too. Originally it was just a flashing light but then it was improved to use mobile networks to send an emergency call to authorities. And proving, that technically, it is possible to have something like ECall without deep integration into the car.
No need of having always on connection to the network, enable on emergencies only. Thus no remote hacking of SIM/base band possible at random times, or broadcasting presence until used. Mechanic or user can check battery periodically, replace if low, just like refilling wiper fluid. Car could even cut all other electric systems after deploying the integrated autonomous V16-like system.
Car manufacturers deciding to make their ECall implementations complex and privacy invading was their choice.
This uses the LTE-M network, which is pretty cool. It doesn't do anything until you turn it on.
Yes and no. Ecall is but telemetry is not. And ecall only makes a call in case of a crash.
Ecall could/should use completely separate communications infrastructure than the entertainment/vehicle connectivity functionality.
That's difficult because both will need to use the cell network.
But I guess you mean on the car side like two modems? Yeah that would be nice, or at least to mandate the option to turn all manufacturer telemetry completely off. The EU never bothered to do this for computers and phones either though.
The GSM SIM cards, by design, can be remotely updated to do whatever the service provider wants (or asked "nicely", or paid to do).
https://www.thalesgroup.com/en/markets/digital-identity-and-...
I know, and they can be hacked too through sms messages.
But the sim card doesn't have access to the car telemetry. Probably even the whole baseband module doesn't. It just gets that data to transmit when an accident happens.
The worst you could do by hacking the SIM is to make the modem send nearby cell data somewhere. Which is serious enough because the rough location can be derived from it. But it's a far cry from what these manufacturers collect.
Or if the service provider is served a warrant, or if they're hacked.
AFAIK ECall uses a voice call with data encoded on the audio channel. This is not what telemetry does, it should be doable to leave the voice channel and disable any data connections. (But it's probably very hard to check for someone who has no background in emebedded systems). Plus, in theory an emergency call can be done without even using a SIM card, right (if network allows)?
Just enable it by default and put a warning in big red letters that disabling the cellular modem will also disable the ECall system, which may mean you might not get the emergency assistance you need and therefore die.
That shouldn't have to be linked. You should be able to turn off manufacturer telemetry while keeping ecall. Ecall doesn't even talk to the manufacturer. It just calls the emergency services directly.
Of course when the modem is on you can't be sure that it's not doing that but that's what we have laws for.
Instead, US senators will rail about the security risk of Chinese vehicles while refusing to provide competitive alternatives.
What do Chinese vehicles have to do with this, or the ability of US Senators to "provide" alternatives? Sorry wasn't aware that the Ford family has someone in the US Senate.
If the US Senate can't effectively set industrial policy, then they don't deserve to call themselves oligarchs.
They can and do though, and they are.
https://www.peters.senate.gov/newsroom/press-releases/senato...
Okay fair enough, I didn't realize that that's what you meant. I agree, there should be a more coherent industrial policy that's nested with some specific national objectives. I too am very concerned about the lack of industrial capacity in this country. Feels like the lead up to WWI, in many ways.
No device should be allowed to be sold without the ability to function without telemetry or sale of data to third parties. And telemetry and any data sharing should be opt in, as part of configuring the thing the first time. With a one click opt out of all.
Expand this to any product. I should be able to use ANY product fully, without maintaining some kind of communication channel to and/or from the product's manufacturer. When I buy a hammer from Home Depot, I take it home and hammer with it. The manufacturer doesn't know I have it, doesn't know how many nails per month I hammer with it, how many swings it takes on average for me to drive in a nail, how often I use the claw side. They don't know if I use it for other purposes besides hammering nails. They don't know if I lend it to my neighbor. I can sell it to someone else without the manufacturer's permission.
Somehow hammer manufacturers can live with this. Why can't automakers, tech device manufacturers, and software developers live with this?
Just wait....
"Your hammer has reached its monthly nail limit. Please upgrade to the pro plan to unlock an additional 60 nails"
I'm having a really fun time imagining how a hammer would physically prevent you from hammering a nail based on a subscription.
They wouldn't. Instead, they'd try to keep charging you automatically for out-of-plan extra nailing, and if you denied them the ability to charge your CC, they'll put your debt to collections by the end of the month.
Handle has retractable spikes (digitally retractable mincers, perhaps?) to promote compliance.
Because they make products that are harder to replace with a better alternative. (they have a moat/lock-in).
Anyone that has built a moat/lock-in will, sooner or later, screw you over.
Hammer manufacturers would too, if they could. But hammers are simple devices.
Default Opted Out
Opt In should NOT be required to enable features.
Features should not be rented, and should be delivered as purchased with the car. Shipped but disabled features that take up additional vehicle weight (relative to lacking the feature) should not be allowed. (This phrasing is precise, to allow for silicon and software enhancements which are not a material change to vehicle manufacturing / design.)
Setup processes should always empower the user. If there are multiple choices or paths a default may be indicated, but alternatives MUST NOT be in other locations, and MUST be displayed with equal prominence in a logically adjacent section of the dialog.
Example from a website: 'Paperless' should not be force enabled by default; the ability to have paper or paperless billing should be radio boxes next to each other. Additional benefits (E.G. higher account interest rates) should not be tied to either selection.
Although I'm generally pro coming down hard on dark patterns, I'm uncomfortable with that last example. To me, it's just differentiation. You can have the bare-bones service (digital only) with a higher interest rate, or the deluxe service (paper statements, in-country phone support, etc) with a lower interest rate. That doesn't seem inherently bad to me, it seems like a company offering two different products.
Devils advocate here
If this made it more expensive, because having cars that are physically different is harder, would you prefer that?
Why can't I simply not care that I don't get something I've not paid for and there's a doodad in the car that's capable of it?
If the alternative is having to buy that feature or pay more for a car that doesn't have it, that sounds like a bad outcome.
It's a question of ownership. If I see fit to modify something I own, as has always been done, why am I not free to utilise a particular piece of my purchase?
If I'm not free to do so - then do I actually still own my own product? Or is it now a lease?
Why should the era of rebuilding your car simply end? There are already safety regs you need to comply with. The average hotrod modifies a considerable proportion of the car. Reusing the majority of the structure in ways the manufacturer did not intend.
I think you're talking about something related but not discussed here, which would be making car modifications illegal. Let's say BMW make heated seats an optional extra, which it already is. What if they also install them in every car because it's cheaper to have one build, and subsequently are able to sell them more competitively - none of that would require making it illegal for you to get the seats working yourself.
Not illegal, in so far as I don't believe it's been tested in court - but it is an explicit breach of the giant terms and conditions contract that they require you to sign, when purchasing the vehicle. There is an attempt to prevent you from doing so.
Why would turning on the heating require cell service? If you’re out of key fob range do you really need to pre-heat the car?
The only possible use of cell service is for infotainment and even that’s questionable in a world of ubiquitous cell phones.
I do this all the time. Don't even have a fob to begin with but it's very convenient when you're in a shopping mall and are going to make your way back to the car, for example.
Also handy to find your car if you manage forget where you parked for some reason. Or to set a destination for GPS navigation.
Putting your PIN on the back of your credit card is the most convenient thing. It is always there when you need it, no need to remember!
Marginal knicknacks vs. serious risks kind of thing here.
The risks are not even comparable, IMO. I would rather take these conveniences because I don't think anyone would care to use that information against me if it was leaked. But many people would gladly use a credit card with PIN written on it.
An analogy does not mean it is around the level. ;D
It wasn't even the point of analogy dear. Help: the benefit/risk ratio is the point.
What you think about using information is different to what criminals think about using the information of anyone using the product. Not you is the point here, wrong orientation again. Everyone have the superfluous knicknacks, and everyone had their data leaked.
Maybe if you think you will not loose your credit card, you are much more organized for that or whatever superpower makes it so, or there will be no-one to take significant ammount from it, then please, write your PIN on the back. For you precious convenience. Better yet, have everyone's PIN written on it!! : /
Sorry for the bitter sarcasm, but I hate so much the self centered reasoning in something that is for everyone, you kind of people ruin things for all of us by allowing, even asking for fiddle-faddle tacky things, that expose all the rest to risks and dangers!
Schedule heating etc through their app
The car can't keep time? How is the dashboard clock always right?
It can keep time, but how can you schedule remotely?
That's two different components, so they're made by two separate cottage industries in two different states to make sure you have leverage on more politicians. Connecting the two would increase the BOM by $0.1, which means a $1000 increase in retail price, and customers don't want to pay that, so clearly everything is the customers' fault.
(/s)
All the clocks in my BMW were synchronized.
I like the 'call emergency services on airbag deployment' too, on the fence about removing it, I guess if I had an apple watch that could do the same thing but then I'm just moving the surveillance from one ecosystem to another
>If you’re out of key fob range do you really need to pre-heat the car?
Yeah, that can save 15 minutes of scraping the windows for snow and ice in the morning and afternoon.
Sure that takes a lot of time but why would the car be out of fob range? If you care about 15 minutes of scraping snow why is the car parked out of fob range and also still in cell service somehow?
People hating having to scrape their car in the morning doesn't help them getting a parking spot closer to their work place or their home.
If they had a garage next to their house to park their car they wouldn't need either. However there are lots of situations where the car isn't close yet it need pre heating. For me this is driving the car to and from work in the winter, and certain one off situations (going home from the hospital, picking up the car after avriving at the train station).
I live in an apartment building on the side that faces the woods. I obviously have to park on the other side, and my fob doesn't reach. I don't care about remote start anyways, but there are absolutely situations where fobs can't reach but cell service can.
Thank you for summarizing my feeling so succinctly.
The simplicity makes me think that law-makers can understand it.
I believe my new car has a fuse you can pull to disable the remote telemetry. However, it disables some useful features, like being able to set valet mode from the Toyota app (useful because some dealer service departments will take cars joy riding) and track the car usage. it also tracks tire pressures. sure the tire pressure can easily be checked manually with my Slime gauge but having it on the phone is handy.
I've read disabled cellular modem on toyota prius also disables the microphone for bluetooth phone calls / handsfree commands. funny that.
I pulled the DCM fuse on my GR Corolla. I can confirm that it disabled the microphone. One of these days I might get around to pulling the car apart and popping in a resistor in place of the antenna.
heh I have the same car. was thinking of doing the same.. but like mentioned earlier I want that valet setting feature and stuff. tough choice.
I'll never trust some rando working at a valet to treat my GRC right. I've seen too many dashcam horror videos of even people working at dealerships failing at manual and safe rev temps.
oh i’m not saying i’d use valet mode for literal valets.. but even when the car is at a shop for work.
Beyond any reasonable doubt any verbal conversation you have in your Toyota is being parsed by one or more LLMs. Anyone who believes otherwise is either room temp IQ or severely autistic.
https://foundation.mozilla.org/en/privacynotincluded/toyota/Both of those features were available on cars before cellular connectivity.
and?
And that means Toyota is choosing to link those features to cellular connectivity.
You can't see the tire pressure on the dash?
yeah, you can. but I work from home and don't drive every day. sometimes I want to make sure I don't have a slow leak or something.
> We need a way to disable vehicle telemetry
It should have a standard UI for doing so, but if you are technically inclined it is usually trivial to do- pulling a fuse, or changing a setting over the OBD port.
However, you will lose useful features like advanced charging controls, and starting the HVAC remotely on EVs.
It's pretty much industry standard for all consumer products to deliver metrics back to home base. Honestly there are many good reasons to do so and it does result in finding real problems and solving them. While I understand the argument that we did fine in these products for decades without them, the complexity of the products was also a lot less back then. Finding issues via metrics from the production fleet is an incredible tool and anyone who's deployed software to a server probably understands this.
I'd rather focus on standardizing a transparent and privacy safe way to gather these metrics. Consumers would know what metrics are collected and there would be guarantees that privacy is kept. There are ways to accomplish this today.
Providing a way to disable metrics is never going to be sufficient for anyone other than a power user.
> I'd rather focus on standardizing a transparent and privacy safe way to gather these metrics. Consumers would know what metrics are collected and there would be guarantees that privacy is kept.
I'd rather see laws to have it disabled by default. People who don't mind can then opt-in again.
If we do that the relative cost of software will increase and reliability will overall decrease. This doesn't sound like a great outcome for end users who will end up dealing with both of these things.
Defending this because "it's industry standard" is no better than justifying any wrong practice because "it's always been done this way".
My point is that it's done this way for a reason beyond the nefarious ones that people in hn always seem to assume. Engineers want this data because it helps them do their job, bit because some product person wants to use it to sell it or use it to train an ML model. There is certainly extraneous data collected because the incremental cost of doing so once you've established the pipeline is small and eventually someone does make a bad decision, but that's where we should focus our energy. Otherwise you're just making a lot of folks jobs harder because their software runs doesn't run in the cloud. An unintended consequence of this might be to push even more software into the cloud which would otherwise run on client side.
> Honestly there are many good reasons to do so and it does result in finding real problems and solving them.
Honest question, what is a good reason to do this?
My Logitech software sends telemetry to Logitech.
My VW apparantly sends my GPS coordinates.
How is this useful for improving their hardware?
I'm not sure I can defend all choices various vendors make, but there are plenty of signals that are helpful. Precise gps coordinates seem unnecessary, but some sort of region based information can help correlate whether there is a particular problem that might happen at far higher rates in hilly terrain or specific humidity levels. Users also often use products in a way that doesn't line up with how the product owner thinke it should be used. Metrics don't replace interviewing people but it might help you craft the right questions. In the case of a Logitech mouse, it might be useful to understand if people are actually using those extra features you've added or maybe it's worth removing in a future version.
The most obvious metric that everyone wants to know is failure or crash rates. After a software update it's always good to know if those rates went up. Those errors may be recoverable, but it's good to try and understand them to improve reliability. Maybe pairing android auto with specific phone models is more problematic, or maybe trying to pair Bluetooth is particularly bad under specific conditions like high thermals in warmer climates. It's pretty difficult to interop testing with all possible parties in all conditions.
> some sort of region based information can help correlate whether there is a particular problem that might happen at far higher rates in hilly terrain or specific humidity levels.
You know what will help in those situations ? Testing.
It is expensive, i know. Why not skip it and just analyse the KPIs from the telemetry. /s
Testing is not really an economically viable option in all cases. Ecosystems are simply to diverse and products are so complex that covering every case is not really possible. There is likely no software you use today short of projects like sqlite which don't leverage user reported bugs or telemetry to improve the software.
> Honestly there are many good reasons to do so and it does result in finding real problems and solving them.
Tell that to Microsoft. Although their products have telemetry, they become shittier every day.
In many (all?) cars with cellular modems you can remove the SIM card to have this effect.
I would love a wiki of vehicles for simply 'how to rip out the SIM card'
I thought I saw instructions somewhere for my 2020 prius but can't find it now. a few reddit threads asking about it, I like the suggestion that even if its eSim or somehow embedded in the cellular modem, "Disconnect the antenna! / shunt the telecommunication modems antenna with a resistor shunt. It will trick the radio into thinking the antennas still connected but won't allow any data to be going out they just won't get signal"
https://www.reddit.com/r/Toyota/comments/1be9zuc/wheres_the_...
My solution: Buy an old car...
And in 10 years time what’s your solution?
Well my 10 year old car had 3G, which is now defunct.
I'd hope in 10 years 4G and maybe be 5G would also be defunct with their networks turned off.
modern cars are unfortunately much safer
To a large extent this depends on the car and depends what you mean by "old". Modern cars vs. 1970s cars? The older cars are completely hopeless. Modern cars vs. 15 year old cars? The older cars may have had things like ABS and side airbags as options rather than as standard, but you can find one that has them that doesn't have cellular telemetry.
IIRC, there is for Europe a directive which requires 60/65% (?) of the force within a crash must be absorbed by the frame/chassis. It came into action around 2015, IIRC.
That's when it became mandatory on all vehicles, not when the first vehicle to satisfy the standard became available on the market.
As another example, side impact airbags have been mandatory in the US since 2013, but the Volvo 850 had them in 1995 and they were present on something like half of new cars a decade before they were mandatory and >97% of new cars three years before the mandate.
I think there have been considerable improvements in basic things like frame materials & airbag placement in the last 15 years. Certainly in the last 20.
Cars from 2010 with optional ABS? Maybe domestic third world sub-$10k tuna cans?
But the larger point is definitely true.
Apparently the 2010 Chevy Cobalt was available without ABS. Definitely in the minority even 15 years ago though.
Nice find!
Although, it seems to have been only available/produced in Brazil, Columbia, Russia, Uzbekistan, which I'd argue is in line with my original sentiment.
That was the second generation which started in the 2011 model year. The first gen Cobalt was made and sold in the US into 2010 (the last year the first gen was made anywhere). That was also the last full year a car without ABS could be made in the US, since 2011 is when it became required by law.
Hmm yeah but anything over 15 years isn't really viable as a daily driver anyway. Then you're getting to the point where you start having serious issues every year at the mandatory mechanical check. Then you're getting into old-timer drive once on a sunny day territory.
I always bought medium sized cars at 10 years when they're already only a grand or two. The smallest ones are made so cheaply that they're already too tired at this age and strangely enough they're more expensive due to the lower road tax. So more people want them.
And then I used to drive them till the maintenance becomes too expensive, for 5 or 6 years or so. And just scrap them then.
I guess if I still owned a car I could still do this for a good while without having to get spyware. But not too long.
>Then you're getting to the point where you start having serious issues every year at the mandatory mechanical check
More like every couple months on the road, from my experience in having driven one. Just this year here are couple of things that have occurred:
>glowplugs burnt out
>air-mass sensor failure
>faulty abs-sensor
>fuel nozzle malfunction
>brake failure
>engine back support failure
>short circuit after worn-out manufacturer divider causing massive sparking, heating and a drained battery
Some additional fixes identified recently not yet fixed:
>faulty brake booster
>moisture buildup(?)in door mechanisms leading to it sometimes not opening from inside
>rust buildup in some parts, needs replacing before reaching important bits
>transient misfire/spray/clog on acceleration leading to computer shutting off engine power
What are you guys driving?
20+ years old Volkswagen as a long range vehicle and daily driver. Yearly (preventative) maintenance: $300-400.
Yeah at that point I'd just go for another 10 year old car.
My last car was a Volvo S40, had really nice leather interior, nearly full option and cost me €2000.
I only had a few brake pads an a broken trunk cable to deal with (super common issue on this model), the latter I did myself for €40 in parts. Ran great for years. But yeah there's an element of luck also.
My previous car was an Octavia, that had more issues. Electric window broke and I replaced it all myself. But it was a pretty nasty job. Eventually the gearbox started whining and when I brought it to the shop it basically blew up. But it had served me 5 years at that point. Cost me €1200 to buy.
There are “modern” cars (~5-10 years old) that fit most of the modern safety standards and are effectively not transmitting things due to 3G no longer being much of a thing, coupled with automakers being glacially slow at replacing certain electronic components.
definitely
I for one am grateful for that fact ;)
Best of from 38th CCC: every three letter secret service of the country seems to be spyied out by this. And a secret VW testing facility in sweden was uncovered.
Also, effects mostly EVs, but not only. (If the EV motor was the group usually logged to the opened AWS bucket, I don't understand how there were ICE or possibly hybrid cars involved in the leak.)
https://streaming.media.ccc.de/38c3/ had a german language video on it, live, but will surely add english translation and permanent video link soon.
https://streaming.media.ccc.de/38c3/relive/598 is the recording
> I don't understand how there were ICE or possibly hybrid cars involved in the leak.
The data-collection has nothing to do with the used engine, but the software-platform. Basically, the "OS" on which the car is running. EVs and premium Cars where the first to modernize this platform, and for obvious reasons they all use the same platform. After that, other cars are moving on to this platform too, so they now have a mix of different car-models who are mainly defined by their price-category.
> Also, effects mostly EVs, but not only. (If the EV motor was the group usually logged to the opened AWS bucket, I don't understand how there were ICE or possibly hybrid cars involved in the leak.)
I can't parse this. Is there a missing word? Mostly implies other possible inputs but the last part of that sentence specifically says this is confusing. Why is it hard to understand how ICE or Hybrid groups also had access to a bucket EVs mostly had access to?
What I understand from the presentation
Many Volkswagen cars somehow report telemetry. Looks like there is data not only from the EVs based on the MEB plattform? But for a Name/email to be associated with the VIN of the car, the owner has to register and use the app (once). Many EV owners did, but fewer of the non EVs did.
The answer is simple: No matter the reason, if you have a data breach you must pay each person 100$ min with higher amounts depending on the information lost. Additionally, if that information is used in a crime then you are liable for further damages. Car companies, and other data vacuums, will just stop collecting it if they are liable for what happens to it.
I will not buy a car that does this. I am starting to turn my phone off when I am not using it as well. Being tracked every second of my life is not acceptable.
The $100 thing is kind of a standard that a European court just established in a Facebook data leak case!
In the case of full location data, it would need to be a lot more though. Yes, that might bankrupt the company. They should have thought about that before they illegally stalked nearly a million people then put their highly sensitive data on the Internet.
If I did this to one person, I'd probably (and rightfully) go to jail. I'd like the same standard applied here.
Ugh, I would love to see more companies bankrupted. How much more dynamic the economy might be if all of Volkswagens assets were put up for bid at government auction.
Adbusters magazine (credited with spurring occupy wallstreet with a solid meme campaign) tried to get inertia going around revoking corporate charters, stop acting like we don't have power, corporations are borne into existence by acts of government, we are not powerless to punish them for crimes against humanity (to be dramatic about it, I don't know what language would be appropriate for collecting location information for a million individuals without disclosure), but didn't see much traction about it.
https://www.adbusters.org/full-articles/rise-of-the-corporat...
Governments aren't powerless to revoke corporate charters. They're powerless to implode the livelihood of large chunks of their electorate.
A dynamic economy is great on paper where you don't have to worry about disrupting the lives of tens of thousands of people. Call that a political moat.
> I will not buy a car that does this.
Unfortunately it looks like that might be pretty hard:
https://foundation.mozilla.org/en/privacynotincluded/article...
One way of looking at it is that the manufacturers are acting as a cartel to prevent anyone having access to privacy.
This is made worse by the fact that they created a really bad UX for their cars in the name of data protection (at least in Germany). Example: you have to accept the T&C of the online services with every(!) start of the vehicle. If you don’t press either the accept or reject button, you can’t enter any of the nav / entertainment/ … screens.
In the name of data protection, you are not even allowed to have two main users of the car. As a result, it’s either me or my SO being able to see the car‘s state of charge in the mobile app. It’s impossible for both to see it except you do account sharing
Accepting T&C is for covering their asses, not data protection. Smells like bullshit excuse.
Find the guys who usually park at expensive family homes, but occasionally visit a known brothel, then blackmail them.
We all just let surveillance haplen to us, in fact we paid for most of it
I once worked for a firm that had access to credit card transaction data and came across almost this exact scenario.
Kindergarten transactions one day, escort payments on another.
It was — and still is — creepy. An average Joe like me shouldn't be able to pry into someone's private life like that.
My theory is that most people think about data misuse, perhaps unconsciously, from the viewpoint of your average good person. E.g. "if I got a hold of a stranger's bank information, then I'd be tempted to steal from them."
Instead they should think from the perspective of an evil person. E.g. "how can I proactively use whatever data that I can get to hurt someone."
For example, at a previous job I went to my managers and pointed out that every developer working on our system had access to our user's names and their involvement with racial justice programs our client was running. By guessing someone's ethnicity from their name, a bad actor could target minorities involved in racial justice. The response I got was not to fix the security issue; instead it was horror that I would ever conceive of such a scheme.
> Instead they should think from the perspective of an evil person
From experience, they usually come up with some variation of "If you have nothing to hide, you have nothing to fear" [1]. And even those who buy the idea that private information could be used against them, most of them don't believe that someone would do this to them. What seems to be missing is understanding of how scalable and automated these attacks can be in the digital world.
[1] Amusingly enough, one of those "I have nothing to hide" people was pretty shaken when they asked me to take a look at a scam email that said "Hello <firstname from leaked database>, we have photos of you watching porn. Pay us or we'll post them on Facebook."
Has anyone had success with informing people about these types of abstract dangers? I find that people either get it almost immediately, or they never really get it until it happens to them.
I hate those management arrogance. Reminds me a teacher that amply mocked me in front of the class to have mentioned Light Pollution [0] (I heard about in a youngster science magazine) during a chapter about... "various pollution type"!
Do you have a written record of the conversation?
That's just bad opsec. I would have thought rule number one of soliciting was to be cash only.
Ignoring of course that the amount of aggregated surveillance makes it impossible to escape monitoring. Credit cards, license plate scanners, phone GPS, airtags, doorbell cameras, "Eye in the Sky" spy planes, etc
"What kind of hooker takes credit cards?"
"A rich one!"
The exact example IS bad opsec... however assume some example fuzzing for good opsec.
Trip to McD's with a price of exactly happy meal + tax one day, and a recurring payment for XXX website OnlyFans access the next. Adjust the values to taste/theory. Sometimes a credit card is just a credit card.
Transaction data comes included with merchant metadata, simply fuzzing the amount doesn't mask anything.
There are countries where prostitution is legal and commercial brothels accept mainstream payment methods.
> An average Joe like me shouldn't be able to
The average joe is merely a side effect of the government collecting all that data. The government is also why your car reports its location.
[flagged]
[dead]
EVs are topping the list of (imho) useless extras in cars. I'm still cherishing my Honda Fit pre-touchscreen edition. I'm going to drive it until it will fall apart. My next car will be an EV but I have yet to find one that still comes with mechanical features (door handles, knobs/buttons), without a whole battery of surveillance/telemetry tech and (crossing fingers) exchangable batteries. Simple electric propulsion ...
I just bought a used 2023 Nissan Leaf.
Fully EV, real buttons and knobs, and of course the model is cancelled.
The original tracking was 2G cellular, later updated to 3G cellular. 2G is long depricated, and 3G is already shutdown in many places.
This is a great car! Which explains why it's no longer available. It doesn't meet modern american needs, like being at least as large as a small building, or having 0 visibility over the hood, or costing at least $75K. (p.s. I paid $15K for mine, with 18K miles on the odometer and 150 miles of battery range)
But if you're into retro, like buttons and knobs, I highly recommend it...
p.s. I have to wonder if the data breach doesn't affect ICE cars as well? Would they use a separate surveilance system?
I bought a used '14 Leaf in '16. It has been a great car with very little battery degradation. Sure, I'm not going to be taking it on any long trips, but for 90% of my driving it is great. I paid $11k for it. Best car purchase I've made in 30+ years of car ownership.
That's amazing considering 2023 was only last year.
I've owned two LEAFs. Fantastic vehicle. I only got rid of it when I realized all the cars around me were only getting bigger and heavier, and I felt I needed to get an SUV to defend myself against that.
Just to be clear, this breach mostly affects non-EV cars. Even my stick shift, manual window crank car came with a hidden cellular data modem, collecting my GPS location by default.
In a lot of cars you can pull the fuse that powers the cellular modem without any side effects
you're taking to a bunch of old men shouting (literally) at clouds
Pulling a fuse in a car is peak old maning.
Peak old manning would involve locating all the information needed to be able to identify and remove all the components used to facilitate the tracking (or other bullshit that complicates vehicle ownership) and then following the documented procedures and updating other like-minded owners on vehicle forums so that everyone else can do the same.
In the process some forum threads would pick up hundreds of posts over a decade or more so that removal of every nut, bolt, screw, plastic plug, etc is documented with photos, allowing anyone with the vehicle to see exactly how to take ownership of the vehicle from the manufacturer.
True old-school old manning involves not only removal of all the bullshit, but also covers all cosmetic changes to the vehicle that would be needed to eliminate all signs that any of the offending components were ever installed and would include things like how to accomplish all the trim and body work necessary to permanently fill all the holes in the vehicle like antenna penetrations through the vehicle body and plastic trim mods to fill holes that formerly held buttons or switches that no longer exist.
In the process, old-school old manning would attack the software used in the vehicle, removing all the offending functionality with a custom flash tool so that the only software running on the vehicle after all the mods are completed would be that which controls and monitors engine and transmission functionality since that is actually the only software on a vehicle that adds value by allowing the vehicle owner to track operating efficiency in real time.
One person’s useless extra is another person’s collision avoidance system, AC, music system… I like extras when they make sense.
I hate touchscreen buttons too and unfortunately all EVs I've seen have adopted that. I wonder if there are EVs with good old fashioned mechanical buttons.
The Polestar 2 is pretty good in this regard. All the most important things are on the steering wheel stalks, steering wheel buttons, and a few buttons for things like demist, play/pause and volume control on the centre console. There's still a lot on the touchscreen, including climate control, but it seems to hit a pretty good balance for me (and I'm not a fan on car touchscreens).
I love my Polestar 2. But there's gotta be a better way to do touchscreen climate controls. I've had mine for 8 months now, and had to google in order to figure out that the car had dual-climate zones—it's really hard to tell from the swipe-up page, so I just assumed it didn't have that feature for a while. Plus, I don't feel comfortable changing the climate settings while driving, because I might hit the wrong touchscreen button when I'm not looking at the screen.
But hey, maybe if I wait around another 5-10 years, there'll be more than 3 mainstream electric sedan options available for the US market and I'll be able to find the perfect car.
Recently drove a Dodge Hornet rental and it had a slew of physical climate buttons, most of which didn’t make sense or didn’t control what I wanted. In the course of trying to just turn on the defrost from the touchscreen, I turned on the heated steering wheel, stopped the airflow to the cabin, adjusted the driver side temperature way higher than I wanted, and probably subscribed to Disney+
Safety agencies in Europe are already pushing to bring these back: https://arstechnica.com/cars/2024/03/carmakers-must-bring-ba...
Many EVs have a sensible amount of buttons, and you generally don’t need the touchscreen for driving or much else for that matter.
I can even keep driving while the whole system is rebooting. Around here (where we have many immigrants and some odd practices) I’ve seen people with a towel hanging over their screen while driving, to protect it like a dust cover I guess.
The one thing you might argue I do need from my screen is the speed, which is very easy to see and usually not needed in the flow of traffic.
The outcry against screens is just misinformed imho. My car has plenty of mechanical buttons.
I can even keep driving while the whole system is rebooting
At least you're still acknowledging the abysmal state of modern cars by including this statement. Why on earth would anyone expect otherwise from a car?
if you are ever in the middle of highway (especially if you are traveling with loved ones) when your EV suddenly reboots you will understand why one does not expect shit to work… the anxiety is unlike most thing one can experience… I think 100% reverse of your comment but talking from a different real experiences.
EVs are computers on wheels, expecting them to work during reboot is not unlike expecting vim to work during a reboot :)
I'm pretty sure they're talking about rebooting the console system, not the entire car.
EVs are not computers, they have computers. The controllers that make it go should stay on during a "sudden reboot". Expecting them to keep working is like expecting my coolant pump to work during a reboot, not vim.
I would expect the drivetrain components (including computers) to be essentially bulletproof and only the unnecessary components like infotainment and maybe the dashboard displays to even have the option of crashing.
you are 100% right in theory. in practice the car is the computer. when my 2014 tesla s rebooted while I was going like 85mph on the highway it is a moment I’ll never forget. the car is running but everything is dead, quiet, have no idea what the speed is, all systems are shut down, a/c is out (I was in the middle of a desert in Utah)… EVERYTHING feels wrong and every instinct you have tells you to pull over immediately. no chance I would drive any distance other than maybe a quick 1-mile radius errand in that state of the car
Ok but how is this failure mode unique to an EV? Modern ICE cars are highly reliant on computers as well. Maybe even more than EVs since they have transmissions and timing and fuel injection and exhaust monitoring.
oh I don’t think it is, this thread was discussing EVs but yea, I don’t think it is unique to EVs. not sure how often on other cars you have to reboot (soft and hard) and when you do reboot what is “off” and what is “on” on any given modern car - I soft reboot couple of times per month at least (it is an OG tesla s, 10 years old now…)
You’re right that it’s not inherently unique to EVs, but it started with EVs and now this new dangerously fragile design (of having a single monolithic computer console handle display and control of everything from critical drive modes and gauge display, to non critical things like music and playing fart noise jokes) is infecting ICE cars too (e.g. BMWs new touch screen AC controls and unified touch screen dashboards rolling out to all new cars, Audi doing something similar now, etc. — all following after Tesla, but with crappier software).
I’ve owned and driven EVs from several brands. Prior to this, I could pretty much always expect the following from my car:
1. The drivetrain always operates normally and safely (aside from some actual mechanical failure) with no computer glitches.
2. I can always see my speed and gear selector state on a dashboard somewhere, even when (not if) the infotainment screen crashes and reboots. I’ve had (2010-2020ish era) Lexus, Audi, and others have infotainment glitches, crashes, and reboots, but the speedometer, drive train, and AC all had physical controls running on isolated systems and so they always continued to work through a reboot or glitch of the infotainment.
3. The AC is always operating (aside from some actual mechanical failure) with no computer glitches or lag to my ability to control it. I consider this a critical safety system given that many drive in climates with weather that can be dangerously hot or cold.
In pretty much every EV I’ve owned, none of these have been true except maybe #1, and that is pretty sad to say that the only thing that hasn’t happened is my entire cars wheels locking up on the highway (and yet still this is reported happening for many EV brands, Tesla, Audi, and Porsche at least come to mind where I’ve read stories).
It’s insane to me that it’s even possible for the cars computers rebooting to entail AC shutting down, not being able to see your speed, etc. If this EVER happens, the entire vehicle line should legally require a recall until it’s guaranteed this won’t happen. We have ways of guaranteeing computer systems don’t fail like this to extremely high probability — car companies only don’t do it because it’s expensive and more complex than just throwing all the same crappy software into one single system rather than designing multiple isolated fault tolerant systems.
Less horrible but still shockingly bad regression is how almost all modern cars AC is controlled through an often laggy computer system (not to mention the almost universally despised move of AC controls to touch screens, instead of physical controls). Maybe not so laggy on Tesla, but in my experience both BMW and Audi have AC control touch screens which sometimes respond but occasionally can have 1-10 second random lags before anything responds. Presumably due to garbage collector lag or something. But this is also a mild safety issue since the lack of predictable behavior from common controls makes it very distracting when trying to so something so common and simple as adjusting the temperature that should just be as simple as a simple physical button or knob.
Mine doesn’t reboot unless I reboot it.
What? This car is the far opposite end of the spectrum from abysmal.
What model is your car?
3
Both my Bolt(RIP) and my Ioniq 5 have mechanical buttons for the most common things(media controls/HVAC)
Kia/hyundai, best EVs imho
Kia is the company that gathers “information about your race or ethnicity, religious or philosophical beliefs, sexual orientation, sex life and political opinions” and “trade union membership”.
I don't want to have anything to do with a company like that.
You can convert an old car to EV. There are comoanies speciliazing in this, mostly to convert classics that needed a ton of maintenance.
Expensive yes but might be worth it if you value your privacy.
How is a complete rebuild of a car your go-to solution to an easily accessible cellular modem powered through the fuse box
Is it the case? Or is the fuse shared for something else that happens to be useful/important for the operation of the vehicle?
I'd be surprised if there was a dedicated fuse for only a modem really, especially in an EV or hybrid.
I agree it shouldn't be necessary, but its not like replacing a motor and drivetrain on a vehicle is some super rare thing either, and often still far cheaper than buying a brand new car.
me thinks anyone with a cell phone in this year of our Lord 2024 should not say they worry about privacy in any context. instead of converting old car to EV I’d start by converting a rotary phone to a portable one :)
only worth it if you really value the environment, your privacy, but not your life
Why the sideways fuck did they even have location data to begin with? It's like the checklist for buying a new car starts with figuring out what circuit drives the cell modem and pop that fuse out before taking a test drive to confirm it doesn't brick anything critical. Fucking ridiculous.
Mobile apps (one of our cars in a VW ID.4, and I can see where it is right now), as well as repo/theft recovery.
Repo isn't a customer's concern and is thus irrelevant. Incidentally I walked to the window and I can see where my truck is without my phone. Is there really no limit to the bullshit folks will allow themselves to be convinced to install on their phones?
Most new cars have features that require it such as onboard GPS, speed limits on the dash, OnStar and similar features.
Those are mostly things that require the car to know its location. They don't require that the car share the location with the car's maker except possibly sharing what region the car is in.
The region sharing might be needed to efficiently update things like the map and the speed limits.
None of that requires cellular connectivity. It can and was accomplished using only wifi sync at home. Live traffic information is (was?) broadcast on AM radio.
was it ever AM? info I can find points to traffic info being encoded in FM broadcast, as "audio" but above audible frequencies, 57khz, same as any metadata you get with modern digital radio - station name, song name, artist name etc.
https://www.mediarealm.com.au/articles/fm-rds-radio-data-sys...
Oh! Maybe it was FM. I always thought it was on the same band as the "Tune AM <whatever> for traffic information signs" but as you say outside the audible frequencies. Regardless the point is that the relevant information can be broadcast publicly and does not require location or cellular connectivity to function. My 2010 BMW knew about traffic jams but had no cellular connectivity to my knowledge.
Your 2010 BMW very likely did have cellular connectivity given that my 2008 model did. It might not work today though.
It had the ability to call emergency services. But I don’t think it got map or traffic data through the cellular radio. If it was getting data through the cellular radio it wasn’t very much data.
Niche feature that shouldn't affect any other part of the car's operation if it were turned off or nonfunctional due to modem hardware shutoff.
speed limits come from a database written alongside map data
All bullshit my car shouldn't do in the first place.
If it so bad there is actually a whistleblower then how do they pass their ISO27001 audits? Bit too friendly with TUV Nord?
https://cariad.technology/content/dam/digitalmindofmobility/...
EDIT: Just noticed this is an ISO9001 certificate. Though on their job offer site they do ask for "Foundational understanding of security related regulations and standards preferred (e.g. ISO21434, ISO27001, NIST-800)". Unclear if they are actually ISO 27001. Found the 9001 one by fluke, they don't seem to list that one on their site either.
Not sure about 27000, but ISO9001 is a paper audit only: you pass or fail them based on your defined business processes. The technical configuration of your systems is outside the scope of the audit.
TÜV certification has always been more about certification theater and being able to verify that you don't have egregious amounts of negligence than certifying that you are doing your work well.
edit: I've never prepared for our audits and we always get our certification, no matter what they find as long as you say "yes, we are aware"
The fact that you have passed audits isn't a guarantee (or even an indication) that you don't have major security vulnerabilities.
> The fact that you have passed audits isn't a guarantee (or even an indication) that you don't have major security vulnerabilities.
Please explain that to my IT department.
27001 does not specify implementation details.
I wonder if they were all petrol vehicles, or all diesel if that would be so prominent in the headline. The drive train has nothing to do with an unsecured s3 bucket, and if you think that electric vehicles are the only “connected” cars in 2024, you’re in for a shock.
Because EVs are new-ish and so mentioning them specifically is aproximate shorthand for "consumers of a certain tax bracket" so it's useful for getting those people to click on the article, hand wring, re-tweet and do all those other things that make money.
Ah, here's my daily reminder to treat my 2005 Honda like a princess and hope it never, ever dies.
I plan to buy old used cars forever when I can no longer keep my 2013 Subie going.
why not have whatever dies replaced? I will probably do that with my crappy small truck from 2006.
After a certain point, parts just aren't made.
I drive a 1997 ES300 that needs a new left rear taillight lens. The new part doesn't exist anymore, and I can't find a used part in Canada.
So uhhhh, buy one from USA?
They may very well be a different part. The USA and Canada have different regulations.
Subframe rot. I live in Wisconsin. My 2000 Lexus won't live forever, no matter what I do.
Rust. I mean, it's still possible to repair but it gets annoying.
Why is nobody talking about the fact that this should not be possible? There is precisely zero reason for them to have this location data. Give the CEO one year of jail per person whose location was illegally tracked.
On the contrary it's relatively simple to understand how it got there trivially.
Most modern cars, especially ones that fit into more "luxury" brands have an app. That app gives you telemetry and location data for a price. It's rather convenient to be able to pre-condition your car, or figure out where you parked in a massive unlabeled parking lot, etc. This is all consented to, but regardless the data is tracked anyway via some GPS/cell system modern cars have. When you pay for it you get more stuff - anti-theft, better tracking, service tracking, etc.
It's a convenience. I'm not entirely comfortable with it but if you want a better-than-decent car made after 2016 you probably have it on-board and unless you rip the ECM out you're stuck with it. Personally, I'd rather pay BMW, for example, for anti-theft and tracking than pay OnStar or another service that is gonna stick me with a ridiculous contract and stuff my car with even more buttons.
There is no reason why this can't be E2E.
Eh, "consented to" is rather weak when you are forced to hit the "I agree" button to be able to drive the car you bought. That and forced arbitration need to die posthaste.
I refuse to believe that it’s not possible to drive the car without the app.
Back in the day, during the original Browser Wars, when the US Department Of Justice was trying to force Microsoft to detach Internet Explorer from Windows, Microsoft argued that it was impossible for Windows to operate without IE baked in. Well, it took a couple of "hackers" about a day to prove them wrong. I ran Windows XP without IE for years just fine. So yeah, cars can run without the app.
Of course they can. It doesn’t even make sense to consider that microsoft/ie matter.
The data is collected even if you don't use the app or hit agree. The manufacturer has your personal info attached to the car from the warranty info. They're required to collect it so they can send you recall notices.
It's trivial to put a car in limp mode if the vehicle computers don't detect all the modules the manufacturer put there. It's slightly less trivial to detect missing antennas, but that tends to disable other features people enjoy like directions and data. Manufacturers simply don't care to cat-and-mouse this right now.
> The data is collected even if you don't use the app or hit agree
It’s irrelevant. The matter of the discussion is “cannot drive a car without hitting I agree button”.
The post you were responding to is specifically about the lack of consent, not whether the button is necessary.
I don’t think so. They even double down on the button: https://news.ycombinator.com/item?id=42525040.
And I'm skeptical that it is. Happy Friday.
I rode in a 1948 Oldsmobile three days ago. No app needed. At this point the ignition switch is so worn the key is actually optional.
Yes because that's comparable to a modern data-slurping EV, thank you for the useless comment.
You're skeptical a car can work without an app, I provided an example of why that isn't the case.
You're being deliberately obtuse and that kind of contrarianism is 100% correlated with douchebaggery IMPE. Be better.
Unless you somehow aren't kidding, in which I'll clarify: I'm skeptical that a modern electric vehicle that goes to the trouble of being a computer on wheels can work without an app. And I'll even clarify "can" - the car manufacturer allows you to operate the car without using its app.
Can we some how hack the car and disable this "feature"?
Most likely that's illegal in DE, FR and PL. See a related thread about trains at CCC.
I so hope this will start an avalanche and car companies will not be able to get away with collecting so much data about users (cars, but that's pretty close).
Especially in the EU, the hypocrisy is jarring: on one hand, GDPR, protecting users from surveillance by businesses, etc, and on the other hand, car companies get a free pass, because they are car companies, and the EU likes car companies.
I'm curious if the breach is from the German core Cariad or the Swedish subsidiary/joint-venture, WirelessCar?
Based on what sort of data was exposed, it seems plausible that it is one of the services from WirelessCar.
According to the article, Cariad
Soon we'll be in an era where our vehicles are geofenced.
Stop people driving to protests? areas of strategic interest? congestion? Yep that's all coming quick.
As a former owner of 3 VW vehicles, it does not surprise me that they have skipped obvious steps needed to secure owner data. They cut costs across the board on everything involved in producing vehicles for sale in the US to the point where their interior plastics were half the thickness of competitor's interior furnishings and their wire harnesses used the smallest gauge wire possible to carry the loads expected.
VW got caught because of their shit security but what is the situation with all other car makers?
The US does not have a GDPR so the collection of this information is legal. How much data is lying around at GM and others for someone to abuse?
Hey EU, maybe mandate an opt out for all vehicle telemetry?
Then maybe the rest of the world will follow suit.
I know, I know, I am kidding myself.
It's opt-out on my Renault Megane e-Tech.
It was a very clear prompt during initial setup, and it shows me a very unambiguous notification that it's enabled every time I start the car. If I click on that it takes me to the setting.
edit: might even have been opt-in during initial setup, now that I think about it. I do recall it being a very deliberate thing during setup.
Of course I'll have to trust that turning it off actually turns it off, no way for me to verify that.
The reason I keep it on is because my SO is a bit absent minded to where she parks the car, and I value not having to run around in the streets trying to find it when I'm in a hurry over the potential privacy loss.
edit: Renault was found[1][2] to be the "least problematic" with respect to privacy by Mozilla last year.
[1]: https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...
The opt-out should be pulling the telematics fuse. Unless you can audit the source code, you can't, and shouldn't, trust the software.
That might be impossible with mandatory eCall: https://en.wikipedia.org/wiki/ECall
Apple knows how to allow one to find one’s devices without Apple knowing where they are. It’s not that hard.
Ackhually, it is that hard, unless your method relies on millions of your devices out in the wild acting as sensors in a mesh network, as Apple does.
That’s a much harder problem than VW would need to solve. Also, Find My substantially predates the Find My network and AirTags.
There are very straightforward solutions, depending on the threat model. For example, the app could send VW a private key every day, and VW would send that key to the car. Then the car sends periodic location reports, encrypted to that key. VW can, upon request, send the report to the app, which decrypts it. But VW can’t decrypt the report itself, so they don’t know the location of the car. Also, it’s forward secure in the sense that a leak of VW’s database is entirely useless after a day.
You cannot establish a private channel between app and car if you don’t already have either a pre-shared secret, or pre-shared trusted certification authority keys (such as to allow TLS-like tamper-resistant encrypted communication between app and car) that VW can’t replace.
Otherwise, if there is no pre-existing private channel, the key (which by the way would have to be the public key, not the private key) could be switched out by VW acting as a man-in-the-middle, allowing it to access all encrypted content going through it.
The same is true for Apple. There are parts of the protocol or the pairing where you have to trust Apple, either their servers, or if the establishment happens locally via bluetooth or similar, their software that runs on the local devices.
This argument seems like a fairly extreme example of the perfect being the enemy of the good. Sure, it would require a more advanced system for VW to prevent themselves from silently compromising their own system to learn everyone’s location. But the design I outlined will prevent a passive compromise of VW, and even possibly a court order, from learned everyone’s location, and it prevents even an active and highly malicious compromise from learning past locations.
"Shipping the private key" does not meet the bar for "good". You still need a way to establish trust in your key distribution and also implement the system correctly. The proper way to secure access to a physical thing you own is to only communicate directly with that thing.
This is ridiculous. It would take heroic effort for VW to prevent themselves from silently uploading malicious firmware to VW cars. There are ways to do this, but it’s also a separate problem from the problem that should actually be solved here.
Uh, if the only communication with the car is direct and physical then how does VW upload anything?
If the only communication is direct and physical, then this entire discussion is moot.
Exactly.
I was triggered by the argument “Apple knows how to allow one to find one’s devices without Apple knowing where they are. It’s not that hard.” People misunderstand this as Apple having no possibility to learn the location if they wanted to. And that’s just not the case.
Of course Apple could do this. But Apple is the one major company that actually goes out of its way not to.
This would require a key per app installation, my SO has the app installed too for example.
It would also introduce a lot of additional failure modes.
Doable but not exactly trivial.
It would work exactly like how you can send an encrypted email to multiple recipients and each of them can decrypt it despite having different private keys. That part isn’t rocket science.
Indeed, it's making it work reliably and with zero friction given both apps and car will have variable internet access.
This is not hard. App login sets up a session with VW (which is surely already does), except the session needs a database entry and not just a JWT-like token. (Many auth frameworks do this anyway.) The database row needs to add a public key, and the server needs to send all the key changes to the car. And that’s about it.
Again, that's the easy part. The hard part is making it work reliably in the real world.
What, exactly, makes it hard to get this to work reliably in the real world? The app already won’t work without a valid login session. The car is already sending a little blob of data to the mothership containing a location. If the communication to the mothership changes to having the mothership send a list of keys and the car encrypt its blob, that’s basically it. The total increase in communication needed is one round trip to revalidate keys.
I realize that modern development has layers and layers of documents and teams and overcomplicated interfaces, but this is the kind of thing that could be done by one developer, using two servers and a load balancer (or a more creative HA scheme with client assistance that can easily survive complete loss of a datacenter or two), that can handle the entire fleet.
The app and car will have intermittent connection to the internet.
My car for example doesn't have reliable connection when it's parked in the garage, which is where I charge it.
Your solution would add a lot of extra edge cases that needs to be considered.
You have to ensure the updated key is reliably transferred to the mothership in a timely fashion, and subsequently that the key is reliably transferred to the car in a timely fashion.
That's the back-end stuff. There's also the front-end stuff, like will my SO understand why her app isn't showing the car's location but mine is?
Not saying it's impossible, but it adds a lot of complexity beyond simply encrypting the location with multiple keys.
If the car has enough signal to report, it has enough signal to get the key update. I don't see the problem.
Losing connection for extended periods of time can get in the way of "timely" key updates but they won't cause the encryption to fail.
> That's the back-end stuff. There's also the front-end stuff, like will my SO understand why her app isn't showing the car's location but mine is?
Well the reasons I can think of are either things like the server being broken, which can happen without any encryption, or she didn't finish setting up her app and waiting for it to sync which can also happen without encryption. Or she was removed from the list because she didn't open the app for a year... which can also happen without encryption.
> Losing connection for extended periods of time can get in the way of "timely" key updates but they won't cause the encryption to fail.
To be fair, if the car is offline while a newly installed app logs in, then the app won’t be able to locate the car until the car checks in. Which is not actually the end of the world, and there are ways to mitigate this. (See iMessage and Keybase for a couple of different approaches to this. See Signal for a shockingly poor group of bizarrely mutually incompatible solutions that barely work. I think that Matrix tries, too. MLS should be able to handle it, and piggybacking off an existing standard like MLS might be entirely reasonable albeit dramatically more complex than the simple solution I outlined.)
What edge cases? The app already can’t locate the car if the car hasn’t checked in recently enough.
> I realize that modern development has layers and layers of documents
Where do you work and are you hiring?
The reason for all that telemetry is the legislation. How do you think they are going to implement the full “intelligent” speed assistant in 2027?
More like automated ticketing for speeding.
I’d love to see that implemented, yes, but it would be even better if all cars' speed were automatically limited to the speed limit of each road.
Dangerous as hell. Imagine there’s a runaway truck behind you and you can’t speed up to avoid or at least soften the collision because of some government enforced handicap.
It would also give local governments a power they never had before: To directly control your behavior in the moment, with no judicial control or oversight.
No, thank you.
Interval cameras (checking your speed over a length of road, using ANPR) are very effective at slowing traffic in the UK. Although you still get people in expensive cars driving 20mph faster than others; maybe undeterred by fines, or using false plates.
The system can tell you if there was a runaway truck (at your time and location), so an appeal should be easy for that uncommon situation.
I like that solution much better. I find that a driver should always be free to make a cost/benefit calculation. The ideal, in my view, would look something like this:
- Speed of every car on the road is recorded continuously.
- If you stay within the limit, you pay nothing. For each second that you are faster than the limit, you incur some financial penalty, where the amount is calculated based on both the speed difference and the purpose of the limit (pedestrian safety vs. noise pollution, for example). In extreme cases, you can lose your drivers license.
- Speed data is also made available to your insurance. So drivers know they won’t get away with somebody else paying for any damage they may cause.
As a driver, I very much prefer this not to exist. But I think it would be the right thing from a “veil of ignorance” perspective of justice.
That "should" is doing a lot of work, and it is not always easy to convince a bureaucratic system that it has made a mistake.
There will always be contrived bogeyman edge cases to scare us from doing something.
The only question that matters is would it result in fewer road deaths? I bet the answer is yes.
In the US every single day 100 families are torn apart by a death on the road. I’m sure you don’t want it to be yours.
I don’t care about this particular edge case. The idea of being remote controlled by buerocrats is appalling to me.
I live in Europe. Regulations here make Teslas slam on the brakes when the road is curved by more than x degrees, and break off a lane change apruptly if they take longer than x seconds. The intentions behind these rules written by some buerocrat in Brussels surely were as good as those behind the cookie banner.
I’m glad I still get to override those rules with my pedals and steering wheel.
That’s a “think of the children” type of an argument. Remind me: how many people die because of guns every day in the US? On a serious note, how many of those road accidents are caused by exceeding the speed by less than 10%? You see, there is a difference between speeding and reckless driving.
Neither you nor me live in the US. They have other options to reduce those deaths. There’s no reason to drive a 4 ton EV truck made out of stainless steel doing 0 to 60 mph in 3 seconds.
> The only question that matters is would it result in fewer road deaths?
Speed doesn’t kill, it’s the sudden stopping that does.
Knowing exactly which lane you're in and the actual speed limit of that particular lane can be tricky for an automated system, at least in any of the systems I've seen implemented.
I've had cars with both automated speed limit sign readers, GPS+map databases, and more show me two different speed limits and neither one was actually correct for the lane I was in. This is a somewhat common occurrence on the highways around me.
That would risk unintended consequences. For example, suddenly slowing cars on the highway down to 30 kph because a small road with that speed limit runs right next to the highway.
This becomes a thing and I'll have a 25mph sign hanging off the back of my truck. I eagerly await starting a youtube channel of new cars losing their shit on jammed tailgating attempts.
Or in Germany, if you live in the village, put up a 60 sign by your driveway and when confronted just say someone is having their 60th birthday… Germans for whatever reason like putting up a speed limit signs by their driveway when celebrating birthdays.
As long as it’s accurate. The current technical implementation is a joke. The car has no idea what the speed limit is.
A few examples:
1) drive past the end of town sign in a particular German town, the car thinks it is 30kph, but only during the day because at night it doesn’t see the sign so it thinks it’s 50 where in reality it’s a 100 until the next speed limit,
2) driving between a couple of roundabouts inside of a town in the Netherlands, the car thinks it’s 30kph even though we stay within city limits and there’s no sign so the speed limit remains 50kph,
3) this is the funniest one so far… driving in Antwerpen along the Turhoutsebaan, there’s a massive 30 sign painted on a red painted road surface, the car insists that the speed limit is 50kph.
Those are just three out of a dozen examples happening consistently within 30 square kilometres I normally remain within. And I drive this car for 2.5 weeks. I have seen the future and I don’t like it. Number 2) happens routinely inside of the city limits after right or left turn. Car drops the speed limit to 30 just to realise a 100m down the road that it is 50.
Apologies for the ad hominem, I normally stay away from such tone. I genuinely hope that such pseudo cops like you get a grip. Because it’s my life you’re talking about and I already use speed limiter routinely. Every idiot around me on the road has exactly the same choice as me: curb the ego down and slow down or behave like a douche.
> but it would be even better if all cars' speed were automatically limited to the speed limit of each road
Yeah, you just described the ISA of 2027. This is going to be a tough year for car manufacturers. I forecast a ton of unsold new cars remaining on parking lots because one has to be really technically illiterate to buy something so dangerous willingly. Either full self driving or give full control. Everything in between is a disaster waiting to happen.
By the way, here’s a funny thought. So what is going to happen when that mythical zero casualties is reached and more people will be dying on bicycles than in car accidents? An implant in the brain? Where does it stop?
> So what is going to happen when that mythical zero casualties is reached and more people will be dying on bicycles than in car accidents?
I don't think anything will need to happen at that point. We wouldn't need to tackle down the top causes of death if the numbers were low, as seems to be the case of bicycle deaths not caused by cars. And when it comes to speeding, it's already against the law, so the technology is only trying to help prevent it. But of course, my enthusiasm is tied to a future where this technology works reliably, so I don't really expect anything like it with all the problems you're describing with current models.
The problem is that it doesn’t matter what you think, or what I think. What matters is what the bureaucrat in Brussels thinks. The bureaucrat doesn’t care. They are driven everywhere and fly on their private jets.
It’s also illegal to participate in the traffic drunk yet I routinely see drunk people riding bicycles and scooters in regular traffic, often ignoring traffic lights, often with their face glued to a phone. That’s half a problem, the other problem is those same people with those same things on the sidewalk. I bet you, a ton of those people do not even have a driving license and/or understanding of traffic rules. Humans will be humans. First they cry for cycling paths, when they get them, they don’t use them. Cannot win stupid.
As a pedestrian in the city I want scooters and bicycles regulated AND enforced. But nobody cares. I stopped counting how many times I have to do acrobatics to walk around scooters and bicycles left in the middle of the sidewalk.
Earlier today my car thought I was on a 10mph road, I was in a 60
Earlier it said I was on a 30mph road despite being on a 20mph road
This summer Apple Maps believed I teleported 200m into a corn field for long enough it told me to return to the route. The location kept updating, moving in parallel to my real location.
What is the speed limit in that field?
Would a car suffer from similar problems? Should it continue at the original rate of speed or slam the brakes?
I had that a couple of months ago. Phone was fine when not connected to car play, location bang on. Soon as I plugged it in it moved my location.
Did the same with two other phones. Car play takes the location from the car rather than the phone.
An onboard database and a GPS receiver?
Plus full name, address, email?
Huge privacy violation. I would just close down this business. Unfortunately it's a state cartel, and even part owner. They'll change the constitution to save those criminals
Huh? Why would a speed limiter need anything other than current position and a database of speed limits?
Your license plate already has your name and address associated with it.
So we can tamper with it? :)
You have physical control so you can tamper with anything.
VW do use opt-in. In fact it is so annoying that you get asked every time when you start your car. So basically every time your car start it says „do you want to use the profile connected with the vw service“ if you do not accept it than the car will be in a dumb mode. One of my coworkers was annoyed by it and „reset“ the car to use a non connected profile which does not do that.
I’m a owner of a id.4 (or rather a user of it, since my company owns it)
Reminds me of cookie banners. Annoy you into submission
(I know the EU doesn't mandate annoying cookie banners but unintended consequences etc)
actually in that case its more the other way around. its easier to drive with a profile that is not connected, you only loose the app functions like heating and knowing how much you still can drive and other things that are not 100% needed. with a not connected profile the car starts and you dont need to press an additional button to access your media stuff. so far only vw does that in the german market. everbody else uses agb's/eulas and stuff to tell you about the connection. vw is just bad when it comes to software.
Nah, make it illegal to collect any kind of identifiable data in the first place.
It already is and this will go to EU courts.
Opt in you mean, like the cookie banners?
Oh no that'll never happen because VW are a European company and the money is in fining US tech companies!
VW paid "$14.7 billion to settle civil charges in the United States" and was ordered "to pay a $2.8 billion criminal fine for 'rigging diesel-powered vehicles to cheat on government emissions tests'."
"Seems low" and "cost of doing business" - paraphrasing any thread about US company. Could also says "VW should be sued out of existence".
Also I genuinely think those fines were low.
The fact that it did not seem to stunt their growth speaks for itself:
https://www.macrotrends.net/stocks/charts/VWAGY/volkswagen-a...
European companies get fined the same as any other companies.
Well within the constraints they set out which exclude a hell of a lot of European companies.
(I am in Europe for reference, this is not an external perspective)
https://www.enforcementtracker.com/?insights shows breakdown by country, type, industry sector. "Highest fines: individual" top 10 list is all international companies (Meta, Amazon, TikTok, LinkedIn, Uber) and those make the news. Smaller European companies hardly make the news.
What constraints? And which companies are excluded by them?
I'll be holding on to my dumb 2012 civic for as long as I can
Not surprised- VWs CarNet app for interacting with the car is the single worst software I have ever used… I would literally believe that their entire software engineering team consists of a single 11 year old with 2 weeks of coding experience.
Every satellite imaging company knows where they are.
Revisit frequency and spatial resolution aren’t high enough to meaningfully and uniquely identify vehicles without additional data.
I doubt VW cares about real time locations of all their vehicles. Only government officials at the DMV care.
Of course they care. Only then they can sell it. With real name and full precision location. Even with 10m precision it would be a good sell.
I had to opt in to this shit to get firmware updates. I'm very angry. This explains the laggy infotainment on my id.3 if these idiots were involved in its creation.
I can't seem to find a link to the leaked data. I want to see if I'm in it.
As per this guy, maybe I should sell my vehicle before VW is sued out of existence. https://www.reddit.com/r/electricvehicles/comments/1hnh3sg/c...
That could be a nail in the coffin to end VW, the EU GDPR is quite a sharp weapon.
The EU won't do much, because this is a car company. Car companies run the EU, basically, especially German ones.
Not surprisingly as the EU grew out of post war coal and steel association
The problem was caused by Cariad, not VW directly. Cariad will be held responsible for, not VW.
Yep, and this will be the end of CARIAD. Volkswagen has already b decided to bleed them to death with the Rivien joint-venture. I guess they'll shut down the rest of the operation much, much faster now. This is the perfect reason for them to do so and what they have been waiting for.
That's not how the GDPR works. Cariad may be a subcontractor (data processor in GDPR speak) for VW, but the driver does not have a contract with Cariad -- their contract is with VW (the data controller in GDPR speak). The data controller is always jointly liable with the processor for 3rd-party data breaches.
CARIAD is a 100%-owned subsidiary of the Volkswagen group.
It’s their bad software bank.
Sure. Good accounting and disaster prevention from VW. The matter of the discussion proves that the decision was correct.
I think even in the EU, VW group is "too big to fail".
Too big to fail and too much of it is state owned, either directly, or through government-owned retirement funds.
The government will investigate itself and find no wrongdoings, let's go after the journalists who committed the ultimate crime: Embarassing Officials.
Oh yea, that big gubmint is the one to blame!
Never mind that it's a for-profit company that does the surveiling, and wrote the faulty IT structure.
Neoliberal religion runs deep...
Way to miss the point. Governments giving semi-private companies blank cheques is the worst possible combination, because nobody's incentivised to care about laws in such constructs.
supervisory board of VW has 20 members, state of Lower Saxony appoints 2 (as a minority shareholder), workforce elects 7 among themselves, and 3 are trade union representatives also elected by the workforce.
no one is denying it's a for profit company, but its governance model doesn't really scream "neoliberalism". assuming you're from the US, (German) enterprises like VW are vastly different from what exists in the US, not just in the terms of their structure but also their influence on Germany and EU.
The EU will play favorites. There will be a slap on the wrist. Some probation. Maybe a CEO or high level C* person will step down in disgrace with only a few hundred million in severance. Then everything will go back to normal.
Isn't this a GDPR violation by VW?
[flagged]
Sofa King stupid. Why add this shit that is a liability?
Maybe legal needs to have a talk with marketing.