this post was submitted on 19 Nov 2024
506 points (99.4% liked)

Privacy

32100 readers
759 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

New research reveals serious privacy flaws in the data practices of new internet connected cars in Australia. It’s yet another reason why we need urgent reform of privacy laws.

Modern cars are increasingly equipped with internet-enabled features. Your “connected car” might automatically detect an accident and call emergency services, or send a notification if a child is left in the back seat.

But connected cars are also sophisticated surveillance devices. The data they collect can create a highly revealing picture of each driver. If this data is misused, it can result in privacy and security threats.

A report published today analysed the privacy terms from 15 of the most popular new car brands that sell connected cars in Australia.

(page 2) 45 comments
sorted by: hot top controversial new old
[–] Sam_Bass@lemmy.ml 20 points 3 days ago (4 children)

Even if your vehicle isn't watching you, your phone is

[–] AlexWIWA@lemmy.ml 12 points 3 days ago

The car has its own power generation though so it can do a lot more without risk of killing the battery. They can record and stream the whole time you use it.

[–] JustVik@lemmy.ml 3 points 2 days ago* (last edited 2 days ago)

You can turn off your phone at least sometimes. :) But this of course does not solve the problem.

[–] Joker@sh.itjust.works 3 points 3 days ago (2 children)
[–] Sam_Bass@lemmy.ml 6 points 3 days ago* (last edited 3 days ago) (1 children)

Just what I said. Your phone is watching you and listening to you. If you are driving with it on you are being tracked as well

[–] pineapple@lemmy.ml 15 points 3 days ago (2 children)

Not if you install a custom rom like graphene os. Or turn off all privacy invasive features in the settings.

[–] electricprism@lemmy.ml 12 points 3 days ago (1 children)

I find it hard to believe that Google phones wouldn't have a hardware±SIM backdoor no matter what ROM is installed.

This technology already was in place on Intel ME desktops using a operating system on a chip called MINIX

That and phones far exceed surveillance perfection and device count vs PC.

Anything not RISCV and with a binary blob is a vector.

load more comments (1 replies)
[–] Sam_Bass@lemmy.ml 4 points 3 days ago* (last edited 3 days ago) (1 children)

Am using vanilla android 14 and have disable as much tracking software as I can find in it. I truly believe there is tracking code embedded in the os. But since I still owe on this phone from my service I'm not real comfortable rooting and flashing it right now. Looked at a couple "topten list"s of available Roms and the grapheneos was advertised as pixel only. My samsung doesnt fit so....

I like minimalist stuff anyway so went to download the OmniRom but was warned it "may not be compatible with your device" and was prevented from downloading. Just have to wait till this one is paid off before dinking around with it.

load more comments (1 replies)
[–] AtariDump@lemmy.world 3 points 3 days ago

The point is people hyper focus on one thing while completely disregarding / forgetting something that as bad or worse.

load more comments (1 replies)
[–] BigDaddySlim@lemmy.world 21 points 3 days ago (3 children)

First thing I did when buying my '21 Toyota was remove the fuse giving power to the cellular modem. Is it still recording my data? Of course, but that's only a worry if I go to their dealership for service. If I ever need to actually do that (recalls for example) I'll remove the DCM module from the vehicle before bringing it in. There's a very good local shop near me that I'll bring it to for normal maintenance before letting Toyota plug in to the car and download my data.

Some vehicles this may not be possible, so if this concerns you, check forums about your vehicle if it is a moving spy machine before trying this because you might end up causing the vehicle to be put in limp mode because of some BS design choices.

[–] Anonymouse@lemmy.world 2 points 2 days ago

I am consistently disappointed to see the top posts say to not buy a car whenever news like this comes out.

Your post at least provides an alternative.

[–] Dust0741@lemmy.world 6 points 3 days ago (1 children)

Which fuse? And links to a guide?

[–] BigDaddySlim@lemmy.world 3 points 2 days ago

Pretty simple, there's a fuse in the fuse box under the dash labeled DCM, just remove it. It's extremely simple and takes 3 minutes. The DCM has an 18650 backup battery so it'll stay powered for a short time but should die in a day or two and stop transmitting.

[–] EngineerGaming@feddit.nl 4 points 3 days ago (1 children)

I'll remove the DCM module from the vehicle before bringing it in.

Why don't you remove it right now then?

[–] BigDaddySlim@lemmy.world 5 points 2 days ago

Haven't had the time to tear the dash apart. It's located below the infotainment screen. It's not transmitting so no need for immediate action.

[–] heavyboots@lemmy.ml 14 points 3 days ago (3 children)

Toyota at least has an opt-out website. (Or at least in the US they do). You lose the ability to do stuff like remote start from your phone though. And emergency roadside service, blah blah blah. I turned off all the mapping saved route stuff immediately that let you see your previous trip average miles/KW and then turned off everything once they wanted me to pay a monthly fee for remote start and such.

[–] krolden@lemmy.ml 12 points 3 days ago (1 children)

Theres still an LTE modem in your car sending data somewhere

[–] SoylentBlake@lemm.ee 5 points 3 days ago (1 children)

So if I were to take one of them cars and drive out to the middle of nowhere in the desert where there's no cell service, what's it gonna do? Shut off once it's roaming? Not start back up and strand me in 115° heat? I just want to be prepared for my lawsuit that's all

load more comments (1 replies)
[–] Anticorp@lemmy.world 5 points 3 days ago (1 children)

I seriously doubt they're not capturing the information just because you told them not to. They're just going to treat it differently. But have no delusions that they're respecting your wishes as you think they should.

[–] heavyboots@lemmy.ml 1 points 2 days ago

https://privacy.toyota.com/#/landing

They appear to be doing so for all states, not just Cali where they have a legal obligation to. Do you have any proof to the contrary or is this just your feeling about it? Because at this point, given the class action lawsuit they would face from Californians, I suspect they are actually following it to the best of their ability.

[–] bobs_monkey@lemm.ee 4 points 3 days ago

What's ridiculous is they made remote start only available from the app instead of a keyfob

[–] pineapple@lemmy.ml 10 points 3 days ago (2 children)

Is there any open source/privacy focused connected car software?

[–] jagged_circle@feddit.nl 3 points 2 days ago

There are some open source cars, but they're very basic

[–] AlexWIWA@lemmy.ml 3 points 3 days ago (1 children)

The problem isn’t e.g. CarPlay, it’s the car itself, which is usually entirely custom.

For example with Infiniti they have their own Android based OS and the only way to get a new head unit in the car is to have a full emulator. Otherwise you lose access to anything that the head unit controls.

I don’t know if open source custom car roms will be a thing until we have an LLM that’s smart enough to automate porting the rom to different models of car.

[–] pineapple@lemmy.ml 2 points 2 days ago (1 children)

Yeah OK, so stick with dumb cars for now. Or take public transport and ride your bike because cars just suck in general!

load more comments (1 replies)
[–] nixfreak@sopuli.xyz 9 points 3 days ago

No shit , this just in said anyone in security.

[–] ThermonuclearCactus@lemmy.blahaj.zone 3 points 2 days ago (2 children)

I mean if you're mechanically talented enough and sufficiently motivated, you could probably rip out the digital controls and replace them with mechanical analogs, getting rid of the computer entirely. Extremely difficult, but probably doable if you know what you're doing.

That aside, we shouldn't have to do that to get out of being spied on.

load more comments (2 replies)
[–] 0x0@programming.dev 4 points 2 days ago

I'm shocked, i tell you, shocked!

load more comments
view more: ‹ prev next ›