I don’t know anything about cars.
Now that we have established that cars seriously undermine our privacy (look at the flurry of posts in this community in the last few hours), what can we do about it?
From a networking POV, if you remove the ability to connect to the Internet, it doesn’t matter what the car is recording as long as you can ensure there is no physical tampering. Depending on who you are, this is a good idea, and doable for the most part (very few people have the technical knowledge to pull out the right chip from a car).
So, how do we achieve this? I implore the community to invite mechanical/car engineers who can help us on this matter, and to form methods to prevent vehicles from accessing the Internet without express consent from the user.
Thanks!
You could, but some antenna are printed onto circuit boards so disabling them without breaking the board entirely will be interesting.
With that Mozilla study out I hope some car manufacturers get sent some very pointed questions by government regulators.
Faraday Cage, read my other top level comment…
Not so easy to rip your dashboard apart to wrap things in screening though. Nor should a person have to considering the tens of thousands of dollars they already paid for something.
Who said the computer components you’re looking for are in the dash? I mean I’ll be honest, I dunno about these modern vehicles, but vehicles I’ve worked on in the past have the main computer in weird unexpected places like under the driver’s seat or in the passenger side cowell area.
I do get your point though, yes such modifications might be simple on paper, but cost quite a bit in labor to actually accomplish.
Regardless, I’ve done dashboards too, even drove my car around for a day with the entire dash completely missing, because I needed to drive it to the store during service that took me two days.
Hooray for dumb cars!
I have a “differently abled” car as well that doesn’t have Onstar (it came out on the next model year after mine.) but even it has most of it’s electronics buried under the dash by the firewall. You’d have to pay me to replace it with all this tracking crap they stuff in there now.
I’m stealing that from you LOL!
“Differently Abled”…
Not so easy to rip your dashboard apart to wrap things in screening though. Nor should a person have to considering the tens of thousands of dollars they already paid for something.
Never thought I’d see a day where people feel compelled to circumsize their cars
I’ve always done this, it reduces the cars sensitivity so it lasts longer
Hmmm… something must be wrong with mine, it’s very vigorous but doesn’t last that long.
All that matters is that you like the car, and that it is trying its best <3
Even if it’s a Morris Marina?
deleted by creator
Oh, like updog
What’s up dog?
Just ask the dealer to disconnect the modem upon purchase.
Better yet, refuse to buy shit you don’t own and make this known. Go to the dealer force them to stand around while you read the privacy agreement. Use an attorney because they have stupid legal agreements. Waste everyone’s time because they are the ones doing this to you. It must cost profit. Then walk away from this bullshit. Tell them why you are walking away.
All of this exists because people are too stupid to care. If you ignore this, you are one of them, and part of the problem. Legal agreements are theft and slavery. Signing them blindly is the stupidest thing you can ever do in your life. Anyone that needs a legal agreement for you to make a purchase is a worthless criminal. Signing their bullshit is saying you are okay with being their little slave bitch.
Waste everyone’s time because they are the ones doing this to you
I agree with your intentions, but no, the person working at the car dealership is not doing this to you. That person is just trying to get by, they’re not the MBA executive trying to squeeze every dollar out of humanity who you should be targeting
Maybe not, but they are the one who keeps leaving me alone in their office for 15 minutes at a time to “go ask their manager” if our negotiations are ok and they are the one who pretends to settle on a price with me and then tries to hard-sell me on all sorts of useless addons. And at they end of the day they are the one that turns making a purchase into a 4-hour process.
It has to irritate the GM of the dealership enough to file a report and work its way up the chain to the top. Unfortunately this is capitalism. It is no different than the military in that it sucks to be the person at the bottom of the shit pile but they work for criminals. If they don’t like it, quit working for criminals. Yes it is pervasive. But we are the problem. We are funding and enabling these people. You must make it extremely well known that you have money and you are not spending it because of this bullshit. No one else controls the market. We fund the entire thing with what we are willing to ignore and make excuses for. We must burn it to the ground too. That means stop being nice about the person working for the thief. Sorry; not sorry.
It has to irritate the GM of the dealership enough to file a report and work its way up the chain to the top.
I think you think the manager of a dealership is going to care a lot more than you think they will. More likely they’re going to just ask you to leave after you start acting like a dick to their staff.
You must make it extremely well known that you have money and you are not spending it because of this bullshit.
By causing a scene you are going to affect no change, more likely you’ll end up being mocked on Tik Tok. Write a letter to corporate explaining your decisions, sure, or petition for state or federal legislation; otherwise spend your money elsewhere. Only by funding alternatives are you going to impact the market outside of regulation
Like the other person said, you are confusing the dealership and the manufacturer. This is the equivalent of those people that yelled at the teenagers working at chik filet. The dealership will just say they don’t create those rules and you’d have to take it up with the manufacturer, then ask you to leave. If you don’t leave and act like a jerk, they’ll just call the cops and have you escorted off premises.
Except it’s really not. Most of the dealerships around are thinly veiled fronts for the manufacturers. The salespeople are shills and scam artists who are specifically hired for their ability to pull the wool over people’s eyes. That poor sap working at Chik-fil-A is some minimum-wage kid who is about as complicit in the greater organization than the mop is. Dealerships are a mouthpiece for the very manufacturers who are patenting ways to make your care self repossess and are charging subscriptions for basic functions that are built into the cars.
The comparison is shallow and not at all reasonable.
lol no not at all. They are franchises, not fronts for the manufacturer. Everything you said is as wrong as can be.
deleted by creator
deleted by creator
deleted by creator
Not noted internet super genius j4k3 though! So smart! Truly owns things! Not subject to any agreements.
To put it simply, this may not even be something they can do legally. For instance, when the mach E came out they were having serious electrical issues. The electric battery has it’s own junction box. So much current was flowing through the contacts that they ended up fusing themselves open or closed. That basically disabled the vehicle. It was fixed with an OTA update. The update works through the same antennas and network you’re talking about. If a vehicle can’t receive an OTA and it affects the security of the vehicle/driver or poses a danger on public roads? Might be out of compliance with NHTSA or other authorities of similar spec in other countries.
https://www.nhtsa.gov/technology-innovation/vehicle-cybersecurity
They have no rights to anything I own. What they ship the vehicle with is what I bought. I don’t give a shit about anything anyone has to say about this. This feudalism bullshit is the absolute antithesis of freedom. I am not for sale.
I didn’t say they had a right to your data. I’m not defending them. I’m pointing out that cars these days (new ones especially) are as much device as they are machinery. And you absolutely do not want someone hacking your vehicle. And neither does the regulating federal authority in your country. As a result they put certain laws in place that may protect you from this possibility (being hacked), but also leave you open to being taken advantage of by the automaker (having your data taken without your permission).
The manufacturer that i work for has esims built into every vehicle they build that cannot be removed without bricking the vehicle. I feel like this is pretty much industry standard at this point. They used to have a removable sim, but there was an esim along side that so you could not completely disconnect.
Edit: added words
Then block the signal with a Faraday Cage.
I see I’m getting downvoted for my comments about this, but the vehicle will not fail due to a lack of internet connection. Otherwise your vehicle would brick itself anytime you drive through a tunnel.
Go ahead, look it up. It’s about as simple as wrapping the cellular device with metal screen.
Yeah I like driving my car wrapped in tinfoil
I never suggested any such thing. I mean only to wrap the cellular module in metal screen, not the entire vehicle.
Jesus. Any idea how old a car I’d have to buy to be realtively certain it wasn’t phoning home?
2003
A lot of cars weren’t connected until 2007-2010 unless they were luxurymodels or had OnStar or LoJack.
Really wish I had the money to start a car company
What car manufacturer is this?
I wish I were a billionaire. I would literally start a company that made cars, phones, tech of all kinds on the basic premise that I don’t give a fuck about you or your data. Make it private. Make it have no EULA that says anything beyond IP protections. Make it so consumers never have to worry about underhanded bullshit. Sure, I may not make tons of money, but I think I could be happy turning a small profit, paying employees fairly, and knowing that I am selling better products and undercutting all the assholes to send them careening directly I to the ground.
To become a billionaire you can’t have a moral compass from the start so it’s hard to imagine. I wish you well though, hope to buy one of your devices in future
Closest we have to a “unicorn” billionaire with some sort of moral compass is Linus Torvalds, if you ask me.
I think he is far from being a billionaire
Eh, that might be why you’re not a billionaire
Perhaps. I like to blame my crippling ADHD and lack of generational wealth.
They thing to do is buy the rights to old designs, then open source them and sell them. It pisses me off no end I can’t find system diagrams, schematics or source code to think I apparently “own”. It keeps everyone ignorant and throwing stuff away to keep buying new. And now, with all going online, turns everything to a privacy nightmare . When the manufacture moves on to the next shiny, it will become part of internet of infected things botnets.
Can you make me a microwave that doesnt’t beep?
Bruh. Hold down the setup button. No more single tone screams of your meal is ready.
If that doesn’t work, there should be instructions for your brand online.
Or just open the side panel and pull the lead off the speaker. Hopefully they didn’t do something dumb like wire the speaker in series with the main power supply so to the computer so the whole thing doesn’t work if the speaker is disconnected or dies.
They do exist. Mine has a mute button. The keypad is awful though. I don’t remember the brand and not at home, but can look it up later
How exactly are cars connecting to the internet? Cell providers give them free data?
the oems pay for it. some offer basic features for free but charge for features like music streaming.
deleted by creator
It’s generally not much data. A 1GB/mo SIM with ten years service can be had for less than a €10 if you’re buying in bulk.
Sincerely, the best thing consumers can do is to drive dumb cars and use them for as long as possible (cars aren’t like phones, and can work reliably for over a decade).
I just bike to work.
The best thing to do is to demand better public transportation and walk ability. We’ll always have some cars but we should move away from car dependence anyways.
I did something like that with my robot vacuum. I opened it up and ripped the soldered-on wifi card. Now I can’t control it from my phone, but it can’t phone home to Shark either. I was willing to risk it for a $400 robot vacuum, which I also happened to have a second defective one to practice on thanks to their return policy. I’m not sure if I’d attempt this on an electronics behemoth worth several thousands of dollars that I can’t afford to lose.
Wouldn’t it have been easier to block it from accessing the internet through a firewall? And having a firewall helps you see what’s going on with the rest of your network.
deleted by creator
A lot of these devices will refuse to complete setup, or will silently do meshnet type stuff with other devices from the same manufacturer just to get the collected data out
I don’t think I could have set it up. After it was connected, there’s no way to disconnect it, which seems to be a growing tactic. I’ve seen several TVs that have no WiFi disconnect button.
Unsure on the sharks but a lot of the roombas have an open source project (ha980?) that lets you run all the Apis locally and cut it off from the internet fully. Mines managed through home assistant now, it’s not perfect but it beats the heck out of that shitty iRobot app
check out Valetudo
I’ve had a thought I’d love to have a chance to try one day…
I’d like to see about not only disconnecting the antenna, but also basically wrap the cellular circuit module in metal screen, basically a crude Faraday Cage.
I’ve never had any chance to try such a thing, but I can only imagine it would probably do the trick.
Edit: For those that believe this will cause the vehicle to malfunction or even brick itself, have you never drove through a tunnel and found you lost Internet? Your vehicle won’t stop functioning just because it lost Internet, it literally cannot do that.
That would be like the absolutely most unsafe thing any vehicle could ever do, to stop functioning because of an internet connection failure.
Or the car just doesn’t start one day because it hasn’t connected to its server in a month, forcing you to go to the dealer to fix it. Why do you so fervently believe a manufacturer wouldn’t resort to tactics like this that they already employ for other systems? It’s naive to think that manufacturers would never remotely disable a car in full or in part because it has been modified without authorization. If it profits them, they physically can, and no regulation prevents it, they will. Right to repair is a nice movement, that I fully support, but it’s very very far from a universal right anywhere.
I hate to have to give you this upvote 👍
You’re not wrong.
Hopefully they just haven’t thought about that yet
Or the car just doesn’t start one day because it hasn’t connected to its server in a month, forcing you >to go to the dealer to fix it.
You are exaggerating, a manufacturer can’t do that. The simple reason is that lots of people live (or spend part of the year) in places where the only internet access is through satellite, this is specially true in big countries. The most probable thing they do is to save all the data until there is internet connection available to send it.
You seem to be confused about the difference between can and will. I don’t believe every or even most manufacturers would actually do this, but pretending that they cannot do it (or something like it) purely due to market pressure is naive.
I understand the difference but they never are going to do that for the same reason that they have never and they never will block your phone if its not connected to the internet, there are personal security reasons, they cannot leave you with an unusable phone or car. Even people who dont give a fuck about privacy wouldn’t accept something like that, they would go bankrupt.
I understand the difference
Proceeds to conflate ability and willingness again.
You sound like a corporate chat bot stuck in a rhetorical loop.
So only thing is they might just store all the data locally and send it when they get reception again. Microsoft Word used to do this with “Aria”
Do you not understand what a Faraday Cage is or does? It literally blocks radio frequencies.
Cover the module in a metal screen, block any and all data transmission and reception, without even altering the electronics.
And the vehicle ain’t got much other choice but to keep functioning as expected anyways, as it’s expected to have signal loss at times anyways.
Edit: If you think losing internet connection is gonna break your vehicle, well God forbid you ever drive through a tunnel…
What happens when you send it in for repairs? As soon as the mechanic plugs the ODB unit in, it snitches like a stool pigeon.
What happens when/if we hopefully get our right to repair our own shit back?
R2R, Louis Rossmann!
We should all try to fight the good cause.
I think they mean it would cache the data and release it if you ever had to remove the screen for whatever reason.
My concern is that Faraday cages have limitations and you should think about mitigations
Seal it in lead then, what you want from me?
I’m just spitballing a possible solution here…
20 euros and patience for other people
Driving through a tunnel is a short break in connectivity. These things are probably built in such a way that they’ll brick after not being able to connect for an extended period since not working due to a short disconnect would give the brand a bad reputation after happening a few times.
Classic tin foil hat… Always gets the job done 😌
Have you not heard of the chip in the hand? It’ll be an aluminum foil glove silly.
Unless you volunteer yourself for unnecessary brain surgery…
The Future: “Hold my beer…”
That might help in some situations, but some of the data is stored on hard drives and retrieved later, either at dealerships or when police “request” it. I think it would take some invasive modifying to really render your car private.
One of those big degaussing cables they use to make ships safe from sea mines
deleted by creator
Probably not a “hard drive”, as vibration and shock are common things that cars experience, and not something that a hard drive handles well.
Solid state is still a hard drive.
Wrap the car in a large faraday cage? As a general rule it should be assumed that any device with a direct to internet connection capability has the potential to track the user, even of it’s at a very course level like IP history that in theory could be made more precise if the ISP was inclined to keep tabs on a mac address.
My own vehicle has the ability, if not the subscription, to use one of those manufacturer sponsored satilite connections. Plenty of new vehicles have such things as paid DLC and just lock it up behind software but the hardware is still there. Physical interferance through disconnecting the relevant modules in a clean reversible way has potential for some enterprising sort to either open a school or a specialty repair shop. Now of we could just do something about the phone the driver has with them at the same time.
I thought they would disable my esim after the grace period was over, they gave me the option to pay for a subscription and I said “Hell no!”. But I guess I’m more valuable driving that thing than I thought. So yeah, probably only hacking it to disable the esim.
What car is this?
Elantra
Probably not without bricking your car. I doubt they are gonna tell you how to disable the telemetry, and with how connected the systems are these days, if you break something the whole thing stops working.
Most vehicle head units are still running a low power version of Java 6 and have difficulty with nested levels of DNS CNAMES. I wonder what other problems that Java stack has that can be exploited?
It would probably be easier and less damaging to find the fuse for the antenna/transmitter and pull it. That being said, it will probably stop the buttons on your keyfob from working. I think the keyless/touchless entry would still work. IIRC, that system works with active RFID near the door handles.