New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.
Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.
But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.
A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.
Sell me a dumb car.
yep. I just with some car company would choose not to do this and advertise the fuck out of it. (looking at you Chrysler you have nothing to lose)
I played Cyberpunk 2077 many times and in the game they have vehicle quickhacks that allow you to stop a car temporarily (emergency break), force the car to full throttle (Floor it), taking control of the car… or making the car blow up with self-destruct.
Now it’s just a game and this can be excused, but at the same time I wondered how the hell could you make a car blow up? Then I realize Tesla cars can burn quite viciously, and the mechanisms of opening the door CAN be jammed. The other shit is probably going to be quite possible soon if not already. Meaning we could see high-tech murders happen by people who find weaknesses in car cybersecurity and exploit it to kill their target, and if they cannot trace where the hacker was or how it would be an unsolvable murder…
But that’s only if a random ass murderer does it. It wouldn’t surprise me if corporations wanted to off someone they didn’t like for any reason and that person was driving one of their cars then… yeah, it doesn’t take much imagination there, does it?
Maybe it’s because I am an elder millenial who never owned a car, but only rented cars when I need them, The most I ever used is google maps (now Osmand… which is the superior Open source option!) to find my way. But I never felt the need for anything else other than blindspot detectors (which don’t need to be connected to anything!) to help in lane changing since it makes that task easier. I listen to all my music and stuff on my phone (which is another tracking device I fucking hate) so I don’t even bother with the radio.
In short. I would like my automobile to be like what automobiles were… a hunk of metal that is used to travel from point A to point B. This is coming from someone who LOVES technology and I recently took the time to buy a 6000$ desktop because I fucking wanted the most high end machine I could get and I love it. But even I have my limits.
That’s how the CIA killed reporter Michael Hastings for demonstrating american arrogance of McChrystal and his squad of butchers which led to the europeans funding the war on islam a little bit less.
it can happen easily in future moreover like wireless earbud which can be dos as they use bluetooth which was not build as security in mind , if used in hot countries they can be easily blasted which is enough to kill someone considering the shards will go in the brain . so this can easily be replicated in electronic cars as well . though these earbud manufactures had brain and have a device in earbuds but sometimes that device can also fail , i never used a e car so dont know if they have some type of device in it . but i would love to see a experiment over this
Israeli terrorism with their pager bombs is something that is already happening, but with those they had some explosive material planted. The thing you are mentioning doesn’t require anything dubious to be added and they can work as is. This shit is just scary as hell.
@Phoenicianpirate @legionguy it is quite implausible too. The battery in your earbuds will at most deform your earbuds and cause ear damage and or hearing loss.
I mean if you’re mechanically talented enough and sufficiently motivated, you could probably rip out the digital controls and replace them with mechanical analogs, getting rid of the computer entirely. Extremely difficult, but probably doable if you know what you’re doing.
That aside, we shouldn’t have to do that to get out of being spied on.
The more we electrify our cars, the less feasible this is.
Decoding and sending messages to mechanical systems over the CANBUS is one thing (still difficult, but possible), but taking control over system software is another. In the us, consumers are supposed to have the right to repair their personal vehicles, but a lot of that law was established back when you could do work on a vehicle without having access to digitally protected copyright. We might have a right to repair, but that’s starting to clash against their copyrights over their IP and software controls.
And that’s not even getting into their eagerness to utilize subscription models - would a court side with a consumer if they decided they wanted to circumvent DRM controls over subscription-controlled car features (a car that they own outright)? It’s unclear to me that right to repair or consumer protections have been written in a way to accommodate those conflicts… Especially when cars are subject to far higher safety regulations than computers - a manufacturer could argue that they need to prevent consumers from tampering with their software systems for their own safety.
If you still own a ‘dumb’ car without one of these systems, it’s really not a bad idea to hold onto them for as long as possible. You can always upgrade them if you want to - some people have even replaced ICE transmissions with electric ones. But once you own one of these cars with software-controlled systems, it’s far harder to strip them out. Especially once they start requiring cellular connection to operate or function (or require connections to privately-owned satellite constellations…)
Bikes are great.
I can’t sleep in my bike
Seems like you have bigger issues than corporate surveillance.
Guess where surveillance capitalism is going to send you besides the grave.
Not with that attitude!
I’m shocked, i tell you, shocked!
Mozilla Foundation did a deep dive into this. And the results where abysmal. The only brands not completely horrifying where Renault/Dacia because they are European and only serve the European market so they have to follow GDPR.
Any company that serves European customers have to follow GDPR. Any company that breaks it can be fined by the EU. Hence why a bunch of American websites rather just block European browsers instead of changing their cookie/data retention policies.
This is why when I get my driver’s license, I’ll buy a car from 2012 that has no Internet.
Unfortunately, many of the cars transmit the surveillance data through phone carrier data lines, using an embedded SIM card. So, sadly I don’t think this would help very much.
If it’s not helpful to the operation of the vehicle, then you can just wrap it in a Faraday cage. Oops no signal.
I once had a conversation with AI to see what the fastest form of transportation is, that didn’t absolutely require paying any kind of insurance, like cars do. I did not expect the response at all: the AI told me horseback riding. The thing is, it’s completely right, but it’s something no human would ever have given as a response. Anyways, if anyone has a horse you don’t want…
An eBike would be faster, and way easier to maintain and store. They don’t require insurance.
Horses can run between 25-30 MPH, a class 3 e-bike caps out at 28 MPH. So, they’re about the same.
Also, horse is bigger/more visible to cars, and maybe could be in the street. So you may not have to wait on traffic crossings as much depending on the area.
I still choose e-bike because poo, but what a looney idea, I love it.
Just superglue a neodymium magnet to the bottom of your bike shoe and hover it over the sensor lines in front of the stop light.
The AI was doing that meme
“Humans have horses. Don’t ride them. Are they stupid?”
Horse Outside by the Rubber Bandits
No shit , this just in said anyone in security.
Is there any open source/privacy focused connected car software?
There are some open source cars, but they’re very basic
The problem isn’t e.g. CarPlay, it’s the car itself, which is usually entirely custom.
For example with Infiniti they have their own Android based OS and the only way to get a new head unit in the car is to have a full emulator. Otherwise you lose access to anything that the head unit controls.
I don’t know if open source custom car roms will be a thing until we have an LLM that’s smart enough to automate porting the rom to different models of car.
Yeah OK, so stick with dumb cars for now. Or take public transport and ride your bike because cars just suck in general!
Definitely. If you’ve got an old car keep it alive as long as you can
Even if your vehicle isn’t watching you, your phone is
You can turn off your phone at least sometimes. :) But this of course does not solve the problem.
Not my phone. I dont run spyware on it
The car has its own power generation though so it can do a lot more without risk of killing the battery. They can record and stream the whole time you use it.
What is your point here?
Just what I said. Your phone is watching you and listening to you. If you are driving with it on you are being tracked as well
Not if you install a custom rom like graphene os. Or turn off all privacy invasive features in the settings.
I find it hard to believe that Google phones wouldn’t have a hardware±SIM backdoor no matter what ROM is installed.
This technology already was in place on Intel ME desktops using a operating system on a chip called MINIX
That and phones far exceed surveillance perfection and device count vs PC.
Anything not RISCV and with a binary blob is a vector.
You may or may not be right but it’s still very beneficial to install a custom rom or disable as many privacy invasive settings as possible because it will definitely at least significantly limit the amount of data google gets and its definitely better than giving up and doing nothing.
I honestly believe that Google doesn’t have any back-door into your device anyway.
Am using vanilla android 14 and have disable as much tracking software as I can find in it. I truly believe there is tracking code embedded in the os. But since I still owe on this phone from my service I’m not real comfortable rooting and flashing it right now. Looked at a couple "topten list"s of available Roms and the grapheneos was advertised as pixel only. My samsung doesnt fit so…
I like minimalist stuff anyway so went to download the OmniRom but was warned it “may not be compatible with your device” and was prevented from downloading. Just have to wait till this one is paid off before dinking around with it.
Yeah I have a samsung too it sucks that they have basicly no suport for custom roms unless you go with something really old like the galaxy s10.
The point is people hyper focus on one thing while completely disregarding / forgetting something that as bad or worse.
A few years ago, when I cared little about my privacy, I would fancy buying a new car. Thanks to privacy concerns, I became proud to have my old car, which also happens to be highly repairable.
Yep, I have my 2004 landcruiser. I will never get rid of this car
That’s why I’ll take bus, train, rideshare, carshare, plane with all the cameras and tracking over buying a new personal vehicle. Modern cars can build a personal digital profile of you, they know where you travel, they track your plate, and we found out they track your driving behaviour to screw with your insurance rates.
Also consider getting an ebike, if possible.
In fact, I have one! And for its size (20-inch wheels and foldable) it can fit a lot!
E-bike
Toyota at least has an opt-out website. (Or at least in the US they do). You lose the ability to do stuff like remote start from your phone though. And emergency roadside service, blah blah blah. I turned off all the mapping saved route stuff immediately that let you see your previous trip average miles/KW and then turned off everything once they wanted me to pay a monthly fee for remote start and such.
I seriously doubt they’re not capturing the information just because you told them not to. They’re just going to treat it differently. But have no delusions that they’re respecting your wishes as you think they should.
Theres still an LTE modem in your car sending data somewhere
So if I were to take one of them cars and drive out to the middle of nowhere in the desert where there’s no cell service, what’s it gonna do? Shut off once it’s roaming? Not start back up and strand me in 115° heat? I just want to be prepared for my lawsuit that’s all
It’ll just cache telemetry locally then send it in when you reconnect to the network
What’s ridiculous is they made remote start only available from the app instead of a keyfob
