I am sure this article has been shared before, however I wanted to have a look at this topic.
The articles short summary is this:
All 25 car brands we researched earned our *Privacy Not Included warning label – making cars the worst category of products that we have ever reviewed
I am currently driving a 2014 Ford Fiesta which just has a radio with a CD player and Bluetooth. I do not need more than that in a car.
The reason I am looking at all is that that the Fiesta does not belong to me and the friend owning it will be moving out in a bit, so I kinda need another one.
There seems to be one brand that is not as bad as the other ones (but still bad): Renault; mozilla’s review…
Maybe I will have a look at their cars.
What do you guys think? Stick to older used cars and not use an EV or look at which of the manufacturers have the least bad privacy policy?
I bought a used Chevy bolt EV, for now I’ve pulled the onstar system fuse which kills the telemetry and GPS+cell antenna. No tracking with no power, it’s my car and my battery so I decide what gets my power.
I’m not interested in letting any of these companies screw me over behind my back regardless of who is “less evil,” but I’ve gotten so used to the convenience of EVs that I won’t do without one.
I use my phone for navigation and music/podcasts and that still works just fine.
Might at some point look at a more sophisticated way of doing this like removing just the onstar module or terminating its antenna, but for now it’s fine.
I’ve pulled the onstar system fuse which kills the telemetry and GPS+cell antenna
If that is possible in a european car that would be exactly what I’d want to do as well :D
It’s almost certainly possible, but it might void your warranty/be illegal, depending on your jurisdiction (and qualifications- it’s probably not illegal if you’re a licensed mechanic, but might violate your employment contract). Even if it’s not illegal, it might affect your liability insurance coverage.
I’m not saying you shouldn’t do it, but make sure you know what the potential consequences are.
Blow the fuse then. Plausible deniability
I bought a used 2017 Bolt a few months ago and I love it. It is the most practical car I’ve ever owned and it’s nice to drive.
Sorry to burst your bubble, but the sensors store data locally and then get uploaded to the Internet when you take it to a mechanic, who plugs your car into an internet-connected computer
Your assumption about how datalogging works is incorrect.
In short, sensors almost never store local data which doesn’t even matter if those sensors are depowered. There is absolutely nothing to be afraid of here.
So yeah, sensors do not locally store data except in very rare and high-cost cases not found in basically any consumer electronics. There needs to be a datalogger or handoff to a datalogger of some variety. While the ECU or MCU of a vehicle logs data, there’s not a permanent memory of every action you’ve done with the car because it literally doesn’t have enough memory. Doubly so if some of the sensors such as GPS are physically unplugged or depowered as in my case.
So, no amount of malicious action from a dealer would extract location or even more basic data from a car. The only thing they’d see are the basics of the ECU or MCU which has been common for every car produced since OBD2 became… a thing.
I’ll also add that an easy solution to this is not to go to a corporate dealer (all Chevy dealers are shit anyway to be fair). While the independent mechanic might have to buy proprietary diagnostics from the manufacturer, they aren’t going to re-enable systems like GPS or telemetry if you tell them not to because they care about you coming back and thus have an incentive not to fuck you over.
Sounds like you’ve been out of the industry for a while.
The sensors don’t store the data. The storage does. How do you think the entertainment system remembers your music history? Its stores it. And uploads it. And they sell it.
So your car won’t track you but your phone will. OK.
That was my first thought too, but some people are moving to more privacy focused phones like grapheneOS, and other ROMs, or even Linux phones.
Besides, reduction in the number of people tracking you is still a positive thing.
I had been actively looking forward to the Slate truck (even though I don’t want a truck) for this reason - an EV with modern drivetrain but no BS electronics or telemetry. Unfortunately the price has gone from about $20K - a price appropriate for it’s minimalist approach - to “below $30K” and it’s not due out for another year, so who knows how it will pan out.
Seeing how Bezos is involved it will start small and then jack up the prices as demand for it goes up. Probably even last minute fees for those on waiting lists.
The toyota champ looks like a nice simpe ute but fuck knows when or if it’s happening.
Toyota is def gonna be a surveillance nightmare
Well that’s it, I’m just going to drive my 23-year-old 350Z Roadster forever. As a 90s computer geek, I would have never imagined that future technology would turn me into a classic car guy, yet here we are.
I miss the days when spyware was treated like a virus; now it’s the norm.
2000s car is classic car
☠️☠️☠️ i feel old.
I know, right? I shuddered as I typed out that part of my comment. But yes, it’s a 2004 model; in 2029 it’ll be legally considered a classic where I live.
List of automotive connectivity module providers: https://www.evbusiness.net/ev-directory/automotive-lte-5g-module-manufacturers/
Find which one your car has. Then see if you can find a repair manual with schematics. Find where the cell antenna connects. Non-destructively disconnect it. This way your telematics won’t be affected. It will just look like you’re always in a cell dead-zone.
Edit: don’t do this if it’s a lease, a rental, or there’s a loan on the vehicle. If you own it outright and it doesn’t void the warranty, go nuts.
Sorry to burst your bubble, but the sensors store data locally and then get uploaded to the Internet when you take it to a mechanic, who plugs your car into an internet-connected computer.
You have to neuter the sensors, not just the cell antenna
Source?
deleted by creator
A lot of cars do have EDRs (Event Data Recorders), but they only store certain events related to crashes so they can go back and establishes what was going on before an accident.
AFAIK, regular telemetry going out the cell is much more extensive, continuous, and realtime.
Its not the sensors that store the data, the ecu/pcm/bcm do that. Yes, there is essentially a black box function in most modern-ish cars that logs the last X minutes of driving. It likely also has an “event recorder” for when certain conditions are triggered.
I know for a fact that most have reflash counters or log when the ecu was written to last. That is more to do with tuning or warranty stuff but still.
Of course, but the computer won’t store any sensitive data if you neuter the sensors.
Yeah that isn’t an option unless you want the dash to light up like a Christmas tree, your abs not to work, the stability/traction control to freak out and disable your accellerator, or cause an airbag fault, or cause the seatbelt pretensioners to fault.
You’re saying the airbag will deeply if I feed it a black feed from the cameras and silence from the microphones? Huh.
No, I am saying if you disable or tweak the sensors that feed the onboard telemetry system on a modern car which include sensors for the accelerator pedal position, vehicle speed, individual wheel speed sensors (for abs, traction control, and stability control), the car will probably freak out and enter limp mode.
If you screw with the stability or traction sensors, they can cause the airbags to not trigger properly or predictably. Remember, there are basic impact sensors for airbags but there are also angle sensors and accelerometers for rollover detection now. If you disable any of that, the car will not work properly.
Yeah, and I’m saying that those aren’t the sensors that we need to neuter. Namely the surveillance sensors are cameras, microphones, and seat sensors.
Basically all the things that they use to sell your sexual habits to the highest bidder.
Would it be possible/easier to slap a Faraday cage around it instead of disconnecting anything?
In most cars, there is an integrated antenna for all wireless signals. For example:
- Audi: https://parts.audiusa.com/p/Audi__/Mobile-Phone-Antenna/78750936/3G9035534.html
- GM: https://parts.gmparts.com/product/gm-genuine-parts-mobile-telephone-and-telematics-antenna-22964579
- VW: https://parts.vw.com/p/Volkswagen__Jetta/Mobile-Phone-Antenna/78750936/3G9035534.html
These are often mounted behind non-metallic surfaces (plastic bumper, spoiler, etc). You can try to cover them up, but it means you’ll lose all the other antenna functions.
Disconnecting at the other end can only take out cellular without affecting wifi, Bluetooth, etc.
Mind you, it’s not easy. There’s a wiring harness with a waterproof connector that eventually goes into the cell modem. You’ll have to find the right antenna pin and disrupt the signal. Different for every make/model and not possible without proper schematics.
The article is from 2023, it is likely several orders of magnitude worse now.
Imo, the sweet spot for reliability and unconnected tech is the mid 2000s to 2015ish. Good engine control, simple user interfaces with buttons, nice creature comforts, good fuel efficiency, and still good safety (generally)
I have a 2019 wrx that while I like it, I know the subaru telemetry is both significant and easy to access, there has been a number of articles about it published in the last year or two. There are opt out procedures through subaru but let’s not kid ourselves here do you really trust them to do it? How do you prove they have stopped?
That said, your phone shares all that data already, it being shared by another device is not really much different than coming from one source.
(Edit: since some of you missed what I was trying to convey here, I was trying to point out that the exercise of securing your car is half the battle, yes you SHOULD do that, any reduction in data sharing is a positive thing. You should also be realistic about how much that actually accomplishes when you are also carrying your cell phone with you in your car.)
What I really don’t like is the driver aids. My mom has a newer Mercedes suv and it is realllllllly intrusive. The auto brake function as awful, it auto does corrective steering. I am sure in an actual panic situation I would welcome it but I absolutely do not like it on normal situations. I also don’t trust it from a cyber security situation.
That said, your phone shares all that data already, it being shared by another device is not really much different than coming from one source.
That is imo neither here or there. It is about the car. “Another device is also bad so its irrelevant” is just not a good response.
I’m not arguing you shouldn’t try and be secure. If you are going to the effort to secure your car, you should also make sure your other devices are secure because these sources share much of the same data.
That said, your phone shares all that data already
lol. No. No, it does not. Location data cannot be anonymized, so I dont share it.
You can throw your hands in the air and give up, but I will not.
If you think your wireless cell phone that constantly is in sync with cell phone radio towers around you does not allow your location to be known or calculated, I have some bad news for you.
Again, I am not saying I am giving up on anything. I mention that because the action of securing your car without being realistic about what your phone is doing while in your car or in your pocket is an half baked exercise.
You’re moving the goalposts. My carrier being able to infer my location is a far cry from every app broadcasting my location back to their CDP so they can sell it to advertisers. I have worked within the infrastructure involved here and I know very well how much information YOUR apps are sharing with their masters.
I’m not doing anything, you are inferring what I meant without asking… Again, all I am saying is that the car is one vector for tracking both via location and activity and you should not ignore one and think that you are not being tracked.
Fair enough. Have a good one.
This is a lose-lose-lose.
- New cars don’t respect people’s privacy.
- New cars cost more due to the extra camera/sensors/compute/connectivity necessary for tracking.
- Less people buy new cars due to increased cost and tracking. Instead drive older, more polluting cars for longer.
The word is lose.
Maybe 3 of the 4 wheels need tightening?
So it’s a loose-loose-loose-tight situation when it should be a tight-tight-tight-tight situationYes exactly. Thanks for backing me up :)
Thanks, fixed. Sorry for being a bit too loose with spelling
None of this has anything to do with the car’s powertrain. Regular internal combustion engine cars are just as bad as EVs in this regard.
Nobody said it does. OP said “buy an old car without all of this shit even though it won’t be electric or suck it up”
There is a tiny number of cars available (mainly certain years of Nissan Leaf afaik) from right when batteries were getting kinda good but this stuff wasn’t all added yet
I have a 2014 Chevy volt. Not a full EV, but used ones are affordable and the 3g cell modem no longer works.
We get 30-38 miles per charge depending on the outside temperature which covers most of our day to day driving. It will charge from a regular wall outlet (120v at 8 amps) in 12 hours. The ICE engine gets an oil change every 2 years since it gets rarely used.
And all of a sudden data roaming costs isn’t an issue anymore ;) Who pays the mobile subscription? Or do car manufacturers pay the telco’s with a part of the data gathered …
Yes, the OEMs pay for it. They get sims that are prepaid for like 10 years.
Which shows that wholesale, data subcriptions are probably a few dollars a year.
Depends entirely on the amount of data and the bandwidth.
Phoning home every hour is a couple of KB at most and doesn’t matter how long it takes.
Streaming videos on the other hand, a lot more and you don’t want to be waiting.
well I don’t know what they collect and send but there was an article the other day about a fucking Bosch washsher sending 3.6 Gb of data a DAY
https://www.newsweek.com/homeowner-baffled-washing-machine-uses-3-6gb-internet-1862675
Makes me wonder if there’s an easy way to get the car to start using a lot more bandwidth. Make the deal not worth it for the carriers anymore. Something that could be distributed for use on many cars, maybe used to give free internet to a wifi mesh in the vicinity of any of those cars.
Since it’s in your car can you just use it to do what you want?
Like. I don’t drive. But if I did I’m yanking that SIM card out.
There have to be people hacking these, right?
Probably e-sim or heavily embedded in critical systems.
Makes sense.
Fucking horse shit.
While I’m glad I don’t drive the idea of paying $60,000 for something that does whatever the fuck it wants without my say so makes me frothing mad.
I feel the same. But it goes for so much. My wife just bought a new phone and i’m angry for hours already. All that shit you need to remove and turn off. All the configurations “help” that starts and you must walk through that turns it all back on again and reinstalls bloat. And god damnit so many shit we had turned off on the old phone shows up on the new one. All privacy settings feel like placebo toggles. I’m done with “smart” devices.
It’s possible, as long as its not an eSim or soldered to the PCB.
If you’re going with another Ford, you should be good to get one as new as 2017, since that’s the last year they used 3g cell radios. It can’t report back since the network was shut down.
Sorry to burst your bubble, but the sensors store data locally and then get uploaded to the Internet when you take it to a mechanic, who plugs your car into an internet-connected computer
That would only be possible for vehicles equipped with gps. Without gps the 3g networks’ shutdown means there’s not even assisted-gps data.
Again, it doesn’t need the cell towers to transmit data, once the car is given an internet connection by cable at the mechanics
Fun fact, French auto brands are defacto banned in the US. You can’t insure them.
Why not?
No idea on the technical reason, but it’s complicated. There’s a lot of foreign brands that are banned here.
Freedom, probably.
Your phone is tracking your every move.
Maybe yours is, but ours aren’t.
Your cell provider is tracking many of your moves by seeing what cell towers you are talking to.
Your phone is only tracking your every move if appropriate spyware is installed.
I suppose you’ll have to settle for an e-bike, and even those are increasingly electronic. Maybe retrofitting a standard bike with an electric engine.
I have one, but it is hard to transpost a lot of things on them. But maybe I should look into a trailer for it :D
I bought a used Chevy Bolt, then disconnected the antenna to put a dummy load on the OnStar transmitter. Never told it my Wi-Fi password. It can’t connect to the Internet unless I park it next to a cell tower, unless I pay for OnStar, which I refuse to do. I only use CarPlay so it can’t even hope to use my phone’s Bluetooth tethering (not that it seems capable).
Fortunately, Chevy’s only OTA infotainment update was to remove the video player, so I’m not missing much. Unplug the power cord and drive.
It’s full of sensors and cached locally. When you take it to the mechanic, they connect it to a computer with internet access, where all the data is uploaded. Sorry.
You have to neuter the sensors, not just the antenna
That’s definitely a possibility, depending on the year and make. Now you’ve given me something to think about.
We need more development of open source cars
I’d love this, but I doubt that it is ever going to happen. Open-Source-Hardware is not as widely spread as open source software which is also still a niche. The big difference is that you can easily develop OSS on your own in your free time, but with hardware its a lot more difficult. And then think of all the parts necessary to build a car and then again all the certifications to actually get it on the street and after that the question of liability in case of accidents…
I think the real obstacle isn’t even the regulations but the safety systems. The various US DMVs can comprehend things like scratch-built or kit cars, but the level of engineering to make a thing that can even sometimes decelerate a person from like 60 to 0 without killing them more with exploding airbags is several levels above that required to make a thing with wheels that drives forward.
So you can build and probably even drive a car from plans you got off Github, but if you crash it it will kill you.
I’d be happy to have a car that goes max 50 kph
All it takes is one company to do open hardware. Then all the other companies will use it, because its cheaper for them without having to do the initial r&d.
If it’s licensed properly, then all subsequent customizations by these other companies will get shared, so the project just gets better and better with time.
I love the idea but the cynic in me sees the Mountains of hurdles, starting with the gigantic piles of money you need for development and certification.
You mean… Trains?..
