I would love to know how to disable telemetry on my own hard drive on wheels or at worst prevent it from phoning home. Mozilla did a great job bringing this issue to light but now we need actionable solutions that don’t rely on governments passing laws
this post was submitted on 28 Dec 2024
776 points (99.9% liked)
Privacy
32587 readers
283 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Accidentally, lol. The point was to mine and sell the data, wasn't it? Not exactly private.
The made public part is the accidental
Anyone that has owned a recent VW, knew this was true. I would get text messages from my local dealer anytime I was close to needing an oil change.
Wouldn't that just be a time based notification rather then dependent on any privacy invading metrics?
Not from my experience. I went from driving the car like 30000 miles a year to like 5000, the text messages were always about right on time for my services based on miles driven. Clearly the car was reporting to VW in some way routinely.
That's so weird! Just like when my dentist calls me to an appointment when I've had a cavity for six years! Incredible! Just when I need to fill it!
Obviously... It's anti-libre software. It fails to include a libre software license text file, like GPL. We do not control it.
Spain is mostly empty
I don't get why they feel the need to keep it a secret.
Google takes GeoLocation data with maps and people happily use it. I even put reviews for places I go to.
If they were to just be above board about it while selling the stuff, they would have much happier customers and they could even get some legitimate use out of the data, like traffic status that Google does.
I'm not a fan of Google, but must say, they definitely managed to do better in this regard.
Let's be 100% clear, all of these cars with "smart" features are collecting your data and selling it. Insurance companies are also buying this information and using it to raise premiums if they determine you a "bad driver." Also this could reveal info such as where you live if anyone is determined enought depending on the info if stores (such as geolocation data).
Basically I'm saying wrap your car in tinfoil
Basically I'm saying wrap your car in tinfoil
and don't ever let diagnostic tools with network access be connected to it. just as well could say never bring it to service, which is not really possible
At this point, just get a bicycle without a battery.
Of course, sometimes you need to move heavy stuff and there's nothing you can do about it, bu I tend to save enough, not owning a car/motorbike that I can afford to pay for a pickup on those occasions.
I live in a small, rural community. The county sheriff's department just announced how they bought the GPS tracking data for every vehicle in the county and how it's going to "help calm traffic because they can predict where people are going to be speeding and can have an officer waiting"
The pre-crime department is starting and no one batted an eye.
USA?
Every time I hear something like this I'm glad I bought an old car without any connectivity.
My car is a 2012, I'll be holding onto it until it falls apart.
load more comments
(2 replies)
load more comments
(1 replies)
Hmm. Is there a faraday vinyl I can wrap my car in?
Or, alternatively, would the pelts of tech billionaires offer any protection?
Or just pull the fuse to the antenna?
A Volkswagen id4 was the best choice I had from work (Belgian companies give company cars for personal use as perks because of tax benefits).
I completely disagreed to all terms involving internet access in the vehicle, but I have no doubt they are tracking me without my consent too...
It's a shame that they deleted their data after their evaluation.
Should have checksummed the e-mail addresses and put a haveibeenpwned-like website up where car owners can check if they are affected.
If they are, make a complaint to your local governing body. See if they'll investigate it. Because it's not okay for them to agree to terms for you or to try to end around the agreement you made.
There's no way to know though...
Sure there is. Most people don’t have the hardware handy to do it, but at the end of the day it’s just a computer sending IPv4 traffic through an LTS cellular modem to an S3 bucket.
And if you know your car’s UDID you can probably look it up in said S3 bucket, since it was open to the public.
You are aware that encryption exists, right?
And the decryption key is stored… where?
Sure, they COULD be using a TPM in the cars and PKI so that having the public key still only lets them encrypt the data and not decrypt it… but in that case, we wouldn’t have this article, because they’d have properly secured the data.
Since they only really value that telemetry in bulk and have to foot the compute bill, I’m pretty confident they don’t actually do that, but instead depend on the S3 bucket and the connections to it being encrypted.
Take your car into a dealer and ask them if the modem is connected. Frame is as you think it's malfunctioning and they'll look to see.
load more comments
(2 replies)
load more comments
(1 replies)
"Accidentally"
From what a gathered, it was the classic misconfigured AWS S3 Bucket. ~~It's criminal how AWS still makes the default configuration insecure.~~
Edit: apparently buckets are private by default now, haven't set up S3 in a while.
It was also the classic "collecting the information to begin with," and it's criminal how that is allowed, too.
The default for net new buckets is actually very strict.
But it's that strictness that makes devs just to open it up to everyone and not learn proper IAM syntax.
The unfortunate part is that AWS made rules and privileges so nuanced and detailed that it makes people want to make everything public and deal with it "later".
load more comments
(6 replies)
load more comments
(1 replies)
"Accidentally" is the new "through incompetence"
Negligence. Volkwagen can afford competence, but chose not to invest in it.
After dieselgate and the discovery that VW was subjecting monkeys and humans to exhaust fumes in experimentation, their sales are still fine.
I honestly don't think consumers give a shit about what negative things companies do.
Certainly many people do, though. It depends on the individual.
It's when they become loud mouth attention seekers like Musk that people begin to care. But if everyone claiming to boycott Musk products actually boycotted all the companies that have done terrible things (and way worse than musk), they'd suddenly have nothing to buy.
My boycott is not meaningful because I can't really finance such an expensive car anyway.
I think they just don't know. People are oversaturated and oversaturated and overloaded, and suffering for scraps, nobody has time, mental space or money to be choosy. Researching companies, suspiciously doesn't show results. Finding that information isn't easy, by design. It might be released, on the same day something else happens. But mostly people aren't watching the news to the depth required to soak that stuff in, and don't have the extra energy to soak anything in. Everything sent into our hands and eyes as news is controlled by a few with vested inrests. It would be lovely if there was a place that collected atrocities and kept them fresh. Who stopped buying nestle after all the horrible things they've done. I can bet you have supported a company with your dollar, that's responsible for huge atrocities, it's almost impossible to avoid. Look at the stuff happening in the Congo atm, all the top brands, committing atrocities for new phones to be built. How much have we heard about all of that? There's so much. Where do you start. Funny story, I watched resident evil with my kid, just recently, and it was terrifying for whole new reasons. A top company who owns everything, goes into weapon manufacturing and creating advanced bio weapons, accidentally releases it, then doubles down continuously, shutting thousands in to die, and firing into crouds to cover up what it did. And that doesn't seem far fetched, any more. All for the ever expansion of money, something that has a finite amount set. Literally the only way to achieve ever expansion is to commit atrocities, there's a point where you take too much and the only option is atrocities to make more. And that's capitalism, baby!!
That’s why there will be many more Luigi’s before anything improves.
Thank you. There is so much shit going on, keeping up to date with everything is literally unhealthy.
load more comments
(1 replies)
Is there a company yet that let's me pay them to internet disconnect and rip out sensors on a modern car?
load more comments
(5 replies)
Has someone located the frequent visitors of "houses of ill repute" yet?
The republicans are on it in the US, but now they call them drag shows.
load more comments
(1 replies)
GDPR/DORA monies when?
"I told a joke to my wife. I laughed, my wife laughed, my smart toster laughed "
view more: next ›