My 2025 Mazda Miata has a CAN connected Telematics Control Unit that sends a bunch of data to Mazda on ignition off. Among this data is acceleration and velocity data along with coordinates sampled for where you were. It is also used as a gateway for the Mazda app to start your car, query your vehicle's tire pressure, etc. It is claimed that you can opt out of this by calling Mazda and being persistent.
The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board and a can transceiver to enable writing a two way filter capable of blocking the traffic that didn't raise any DTCs (that I observed) and could be turned on/off by the user. I preferred this approach to complete disconnection of the module (which is noticeable via errors at the diagnostic port) or trying to faraday cage or disable the antennae on the TCU so it can't remotely send/receive. I can also turn off my module or completely remove it before I sell it.
I fear the next version of Miata will be an encrypted CAN like most other cars have moved to and even with my expertise I won't be able to access the latest safety features from new cars without surrendering what little privacy I've been able to claw back.
> The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board
And you didn't poison their databases and statistics with fake data?? OMG, I'm thinking of buying one of these cars just for this opportunity! (No, I'm not.)
I suspect this data is made "anonymous" and sold to insurance companies and misc data brokers. If it's linked to my insurance company, I don't want to jack my rates. Further, I've thus far avoided a CFAA conviction and I'd like to keep it that way.
They don’t want people modifying ADAS systems mostly, and the main requirement is SecOC, which is cryptographic authentication but the message is still plaintext. Basically they don’t want third party modifications able to randomly send the “steer left” message to the steering rack, for example.
Remove the antennas. Do not give in to the mirage of convenience.
Use a stand alone generic GPS. Vehicle GPS devices are anti privacy for so many reasons.
Listen to stored music from an SD card if terrestrial radio (NO SATELLITE). Did you know almost ALL late model cars can play a <128gb FAT32 USB drive with non- vbr mp3s? 64gb filled with 168kb mp3 audio would take roughly 3 years at 4 hours a day to listen to.
TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
Disable autonomous driving hardware by unplugging the cables from the interior cameras. If your car needs to see and feel you in order to do it's job, it's co-dependent; break up with it.
Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
>TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
All phones nowadays have bluetooth/wifi mac address randomization, so it's basically useless for tracking, not to mention google/apple conscripting every phone into a wardriving network will kill battery life. Moreover all this effort in avoiding being tracked doesn't really mean much when all cars have a very visible and unique identifier that's mandated by law (ie. license plate).
I sympathise. However, being able to start de-icing my car while still in bed at 5:30 on a January morning is a powerful feature. And I'm the kind of person who wraps his tin foil hat no less than 10 layers thick.
Ideally this shouldn't involve the internet, because the car is in wifi range, but what can I do about it?
Yeah that's terrible advice. Learning to ignore safety warnings is an amazing way to wind up stranded or with a destroyed car because you decided to ignore a warning light
Check your tire pressures when you get gas, along with your oil and other fluid levels. Eyeball the tires every time you get in the car. These habits are not hard to develop and they will work even when the sensors malfunction (which is not infrequently).
All that these sensor-based systems do is train you to be an inattentive car owner.
What's wrong with GPS in vehicles? If it's not connected to the internet, there is no issue.
What's wrong with playing music from the phone on Bluetooth or Aux? Did you also know you can ride a horse instead of a car?
Bluetooth and WiFi isn't running if you turned them off. Bluetooth also isn't really used for tracking unless someone is looking for you or you're part of some service like AirTags.
> Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
>It's connected to the Internet. Every car has a SIM card now.
Maybe every new car, but the average car is 13 years old, and the OP made no clarification on whether his advice was for only new cars, or for a 2015 econobox as well.
Disabling the hardware can be really hard, my 2025 Toyota Sienna is always connected. You can't just pull a fuse or rip out an antenna, I have to take the entire dashboard apart to reach the Data Communication Module (DCM) module. If anyone's curious what that looks like, it's a little bit easier on the Toyota Tacoma, here are some pictures of the process: https://www.tacoma4g.com/forum/threads/disabling-dcm-telemat...
It's complex enough that I haven't done it yet in my Sienna, but I plan to!
On a 2021 Camry there is an below-dash fuse labeled "DCM" which you can remove (and it does disable OnStar/telemetry, but not sat.radio[0]) — it also disables one of the speakers (used for phone calls), which there is a bypass to resolve (but it still requires removing infotainment, so at that point just unplug it there.?!).
[0] It was my understanding that, like GPS-receivers, Sirius/XM was one-way streaming, only..?
I won't mince words. This is criminal and should be dealt with that way. It is obvious I don't want my information collected and sold. I make it clear every reasonable chance I get. This goes beyond abuse of my privacy, this is digital assault and the company officers that allowed these 'features' should be thrown in jail for it.
I'd like to see a website that ranks vehicles by make and model. That would influence shopping behaviors, and consumers would influence manufacturer behaviors.
I did do this, but I also want a reasonable modern and safe car and in the EU, since 2018, that means a car with eCall. I have a 2017 that I will keep going as long as is economical, but after that, it will be nearly impossible to avoid these systems.
But what's the point if you're just going to use Android Auto or Apple's car-thing instead? You're just letting some other company invade your privacy.
Not possible when things are 10+ mile apart and a general grocery run takes 3+ hours and you can't carry more than a backpack, so you have to do it multiple times a week.
In the EU, eCall is mandatory and disabling it fails most roadworthiness checks and voids most insurance policies, so it doesn't help much.
Also, while the EU does (for now) have stronger privacy protections for citizens against corporate interests, the opposite is true in most EU countries for Government surveillance.
IIRC, Massachusetts passed a right-to-repair law a few years ago. Based upon the text of the law, all new cars purchased there have the spying disabled because they did not want to give up their proprietary info.
There have been a lot of court cases about that law by the manufacturers, so I do not know the status at this point.
So I wonder if that is still the case. If it is and an out of state person buys new there, will that "spying" remain disabled when they bring the car home ?
"Now, according to Reuters, NHTSA has written to automakers to advise them not to comply with the Massachusetts law. Among its problems are the fact that someone “could utilize such open access to remotely command vehicles to operate dangerously, including attacking multiple vehicles concurrently,” and that “open access to vehicle manufacturers’ telematics offerings with the ability to remotely send commands allows for manipulation of systems on a vehicle, including safety-critical functions such as steering, acceleration, or braking.”
Faced with this dilemma, it’s quite possible the automakers will respond by simply disabling telematics and connected services for customers in the state. Subaru already took that step when it introduced its model year 2022 vehicles, and NHTSA says other OEMs may do the same."
nothing. And banning ALPR wont fix anything either. All cars have 4 unique serial numbers broadcast via radio at all times via the TPMS system. you don't even need a camera, just a radio receiver.
Be aware this is the IDF. Everything they say and do is suspect. They're committing genocide and lying about it while there are videos of them sniping Palestinian children and laughing while calling them animals.
That ban is possibly all optics. The US, under Trump, performatively bans stuff all the time.
Those e-scooters are a red herring. Ring cameras on everyone's front door and automated license plate readers (ALPR) on police vehicles and Flock cameras throughout cities are bigger concerns in America.
Flock is already known to assist the government surveilling protestors:
The even worse part of Flock isn't that they cooperate with the government, it's that there is(or was) basically no security in the service. Cops from one state can/could use flock services from other states. A few cops got caught stalking via Flock.
Flock takes the "do nothing until forced to" mentality.
It's where we are. Everything everywhere is collecting data and spying.
If it exists in a database, then the government has access to that database if it ever wants to legally or otherwise. It's been like that since 9:11 and probably before.
All we need now is for the right person to walk in and turn the key. We're lucky that Donald Trump is probably too stupid to understand what he's got under his thumb.
I went to Carvana to get some idea on what my car might be worth. I gave them the license plate, and it gave me a questionnaire about specific trim and options along with asking about the current mileage. I couldn't remember the exact figure so I guessed rounded to the thousand. The app complained and wouldn't take it as they knew the mileage which was some 150ish miles more. Apparently my car has reported the mileage last time I drive it, which has been about an hour before.
Carvana knew exactly how many miles I had driven within an hour of me driving my car.
The problem is a lot of the features of these cars require you to opt into giving your privacy away. And when you’re shopping it’s not clear where that line is.
A 2013 Chevy Volt has a camera on the dashboard pointed at the driver. The entertainment dashboard has a dozen communication options, including those for safety? Zealots and the unhinged will quickly comment no doubt, but for the rational citizens I ask, when was this normalized? Was it automakers emboldened by the acceptance of cell phone central record keeping?
"Safety" is a magic word like "god" was a thousand years ago. If you say it just right you can manufacture an excuse to do all sorts of stuff that'll clearly lead to bad stuff if left to run.
They undoubtably said things like "if it saves even one person from falling asleep at the wheel it's worth it" or something along those lines.
this is still a technology advancement... what if smartphone usage or asleep safely stops the car? what if this run locally? or what if it's linked to public entities that will add penalty points to your license?
as a cyclist and public transport user with no driver license, i hope personal vehicles have so much sensors that they can detect if you are drunk or stressed and limit your reaches. fuck your metallic beetle
>as a cyclist and public transport user with no driver license, i hope personal vehicles have so much sensors that they can detect if you are drunk or stressed and limit your reaches. fuck your metallic beetle
What a great illustration of the sort of selfish opinions that people like to peddle under the guise of perceived common good.
Are you willing to have your bike brakes linked up with GPS and red light signals? It's in the name of safety and progress after all.
My house is fairly close((125') to a rural "highway", and only internet here is mobile data that my phone shares with other devices and mornings(anytime) my older desktop with 2.5 ghz wifi gets bumped off with the passing of every car that has glaring supper white headlights,but, not the ones running yellow incandecents, whatever rf signal is comming of these things must be barely, or completly illegal, and could obviously be tracked in any number of ways, so not so much bieng spied on, as just flat out trasmitting everything you do in ridiculously fine grained detail.
The car data collection story is concerning, but it's part of a broader pattern: credentials and personal data are scattered across dozens of services we interact with daily.
The automotive example shows how even "non-tech" products now collect and transmit data. Each service creates another attack surface, another set of credentials to manage, another potential breach vector.
What's frustrating is that breach response still falls on individuals. When one of these services gets compromised, it's users who have to scramble to change passwords across potentially hundreds of connected accounts. The "change your password" advice is good but wildly impractical at scale.
My 2025 Mazda Miata has a CAN connected Telematics Control Unit that sends a bunch of data to Mazda on ignition off. Among this data is acceleration and velocity data along with coordinates sampled for where you were. It is also used as a gateway for the Mazda app to start your car, query your vehicle's tire pressure, etc. It is claimed that you can opt out of this by calling Mazda and being persistent.
The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board and a can transceiver to enable writing a two way filter capable of blocking the traffic that didn't raise any DTCs (that I observed) and could be turned on/off by the user. I preferred this approach to complete disconnection of the module (which is noticeable via errors at the diagnostic port) or trying to faraday cage or disable the antennae on the TCU so it can't remotely send/receive. I can also turn off my module or completely remove it before I sell it.
I fear the next version of Miata will be an encrypted CAN like most other cars have moved to and even with my expertise I won't be able to access the latest safety features from new cars without surrendering what little privacy I've been able to claw back.
> The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board
And you didn't poison their databases and statistics with fake data?? OMG, I'm thinking of buying one of these cars just for this opportunity! (No, I'm not.)
I suspect this data is made "anonymous" and sold to insurance companies and misc data brokers. If it's linked to my insurance company, I don't want to jack my rates. Further, I've thus far avoided a CFAA conviction and I'd like to keep it that way.
I fear the next version of Miata will be an encrypted CAN like most other cars have moved to
As I understand it, they're required to do that now if they want to sell in the EU. They emphatically do not want anyone tinkering with their cars.
They don’t want people modifying ADAS systems mostly, and the main requirement is SecOC, which is cryptographic authentication but the message is still plaintext. Basically they don’t want third party modifications able to randomly send the “steer left” message to the steering rack, for example.
Yes, and to do that, CAN must be encrypted. The idea isn't just to secure it from hackers. The idea is to secure it from owners.
> SecOC, which is cryptographic authentication but the message is still plaintext
Oh, OK, that's better. I can see what my car is doing, I just can't do anything about it.
Remove the antennas. Do not give in to the mirage of convenience.
Use a stand alone generic GPS. Vehicle GPS devices are anti privacy for so many reasons.
Listen to stored music from an SD card if terrestrial radio (NO SATELLITE). Did you know almost ALL late model cars can play a <128gb FAT32 USB drive with non- vbr mp3s? 64gb filled with 168kb mp3 audio would take roughly 3 years at 4 hours a day to listen to.
TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
Disable autonomous driving hardware by unplugging the cables from the interior cameras. If your car needs to see and feel you in order to do it's job, it's co-dependent; break up with it.
Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
>TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
All phones nowadays have bluetooth/wifi mac address randomization, so it's basically useless for tracking, not to mention google/apple conscripting every phone into a wardriving network will kill battery life. Moreover all this effort in avoiding being tracked doesn't really mean much when all cars have a very visible and unique identifier that's mandated by law (ie. license plate).
>Do not give in to the mirage of convenience.
I sympathise. However, being able to start de-icing my car while still in bed at 5:30 on a January morning is a powerful feature. And I'm the kind of person who wraps his tin foil hat no less than 10 layers thick.
Ideally this shouldn't involve the internet, because the car is in wifi range, but what can I do about it?
> Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
"Tire pressure low" is one you should probably check out on a regular basis.
it may be better to code out TPMS anyways. I had a BMW that wouldn't allow you to enter Sport/Sport+ when TPMS light was on, what a drag.
Yeah that's terrible advice. Learning to ignore safety warnings is an amazing way to wind up stranded or with a destroyed car because you decided to ignore a warning light
The first 100yr of automobiles didn't have TPMS and it was mostly fine.
I mean if you consider that death rate per mile driven 'mostly fine'
Check your tire pressures when you get gas, along with your oil and other fluid levels. Eyeball the tires every time you get in the car. These habits are not hard to develop and they will work even when the sensors malfunction (which is not infrequently).
All that these sensor-based systems do is train you to be an inattentive car owner.
Ok stop with the panicking.
What's wrong with GPS in vehicles? If it's not connected to the internet, there is no issue.
What's wrong with playing music from the phone on Bluetooth or Aux? Did you also know you can ride a horse instead of a car?
Bluetooth and WiFi isn't running if you turned them off. Bluetooth also isn't really used for tracking unless someone is looking for you or you're part of some service like AirTags.
> Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
What? Worse advice out there regarding cars.
If it's not connected to the internet, there is no issue.
It's connected to the Internet. Every car has a SIM card now.
>It's connected to the Internet. Every car has a SIM card now.
Maybe every new car, but the average car is 13 years old, and the OP made no clarification on whether his advice was for only new cars, or for a 2015 econobox as well.
Disabling the hardware can be really hard, my 2025 Toyota Sienna is always connected. You can't just pull a fuse or rip out an antenna, I have to take the entire dashboard apart to reach the Data Communication Module (DCM) module. If anyone's curious what that looks like, it's a little bit easier on the Toyota Tacoma, here are some pictures of the process: https://www.tacoma4g.com/forum/threads/disabling-dcm-telemat...
It's complex enough that I haven't done it yet in my Sienna, but I plan to!
On a 2021 Camry there is an below-dash fuse labeled "DCM" which you can remove (and it does disable OnStar/telemetry, but not sat.radio[0]) — it also disables one of the speakers (used for phone calls), which there is a bypass to resolve (but it still requires removing infotainment, so at that point just unplug it there.?!).
[0] It was my understanding that, like GPS-receivers, Sirius/XM was one-way streaming, only..?
I won't mince words. This is criminal and should be dealt with that way. It is obvious I don't want my information collected and sold. I make it clear every reasonable chance I get. This goes beyond abuse of my privacy, this is digital assault and the company officers that allowed these 'features' should be thrown in jail for it.
I'd like to see a website that ranks vehicles by make and model. That would influence shopping behaviors, and consumers would influence manufacturer behaviors.
Not driving seems to have worked pretty well thus far.
Is all of this data collection from the driving aids actually us doing R&D for their autonomous car projects?
Here is something else you can do about it. By an older low mileage car. If we all did that the manufacturers would change tack soon enough
I did do this, but I also want a reasonable modern and safe car and in the EU, since 2018, that means a car with eCall. I have a 2017 that I will keep going as long as is economical, but after that, it will be nearly impossible to avoid these systems.
Is there anything we can do about it short of avoiding new cars? Our legislators have proven unwilling to pass real privacy laws.
Yes - remove the telematics radio and GPS antennas. They are usually in the overhead console area around/behind the lighting and mirror controls.
In BMWs, the gps antenna is behind the upper lights, the telematics and V2V antenna is in the sharkfin(unplug it from underneath the headliner)
In some seem to be in the fin antenna:
https://m.youtube.com/watch?v=OqFdFO_STJ0
But what's the point if you're just going to use Android Auto or Apple's car-thing instead? You're just letting some other company invade your privacy.
Maybe there is a way to pollute the data? At least it makes data cleaning more expensive.
Ride a bike.
I've never had a driver's licence, lived in a zillion countries; don't think I could do that in America though.
Over half of New York City households are car-free. That jumps to 3/4 in Manhattan.
Millions of American households don’t have a car, but you rarely hear about it as a viable option.
Because as soon as you leave a major metropolitan area, not having a car is almost a nonstarter.
It's the same in Europe, but people pushing an agenda don't talk about that either.
Over 100 million people live in just the top 20 metro areas alone. It's hardly an edge case.
"the best public transit in the densest US city barely manages to reach 50% of car-free lifestyle" is what you're leaving out.
Not possible when things are 10+ mile apart and a general grocery run takes 3+ hours and you can't carry more than a backpack, so you have to do it multiple times a week.
No. Enjoy the ride.
Defeatist and cowardly.
Moving to the EU becomes a more appealing option every day.
Greetz from Germany, we have Chat Control now even though we've been trying to reject it for at least 3 years.
Autocracy is just everywhere these days, Noah get the boat.
This is false, https://news.ycombinator.com/item?id=46063166
No panacea here! Better in some points. In general privacy. OTOH many things are not afvancing.
In the EU, eCall is mandatory and disabling it fails most roadworthiness checks and voids most insurance policies, so it doesn't help much.
Also, while the EU does (for now) have stronger privacy protections for citizens against corporate interests, the opposite is true in most EU countries for Government surveillance.
eCall has very strong privacy protections, see Article 6: https://eur-lex.europa.eu/eli/reg/2015/758/oj
This crap is being done because of EU rules. It's "for your protection." The vehicles are being secured from you.
https://www.coro.net/blog/what-new-eu-cybersecurity-rules-me...
https://www.dw.com/en/new-eu-cybersecurity-rules-push-carmak...
IIRC, Massachusetts passed a right-to-repair law a few years ago. Based upon the text of the law, all new cars purchased there have the spying disabled because they did not want to give up their proprietary info.
There have been a lot of court cases about that law by the manufacturers, so I do not know the status at this point.
So I wonder if that is still the case. If it is and an out of state person buys new there, will that "spying" remain disabled when they bring the car home ?
Theoretically, that should be a catch-22, right?
How would they know you're no longer in Massachusetts, without the spying enabled while within Massachusetts?
Because "spying" in this case means "sending data to the mothership."
It doesn't mean "the car's gps is disabled"
Perhaps. But what if a person living in Massachusetts travels to another state?
I found this when looking into it more: https://arstechnica.com/cars/2023/06/feds-tell-automakers-no...
"Now, according to Reuters, NHTSA has written to automakers to advise them not to comply with the Massachusetts law. Among its problems are the fact that someone “could utilize such open access to remotely command vehicles to operate dangerously, including attacking multiple vehicles concurrently,” and that “open access to vehicle manufacturers’ telematics offerings with the ability to remotely send commands allows for manipulation of systems on a vehicle, including safety-critical functions such as steering, acceleration, or braking.”
Faced with this dilemma, it’s quite possible the automakers will respond by simply disabling telematics and connected services for customers in the state. Subaru already took that step when it introduced its model year 2022 vehicles, and NHTSA says other OEMs may do the same."
nothing. And banning ALPR wont fix anything either. All cars have 4 unique serial numbers broadcast via radio at all times via the TPMS system. you don't even need a camera, just a radio receiver.
There is spying and there is spying
Back in august IDF banned Chinese cars from entering bases
https://www.jns.org/report-idf-bans-chinese-cars-from-bases-...
And now banned then from used by officers
https://securityboulevard.com/2025/11/why-israel-just-banned...
I wonder what IDF knows
Tesla cars to be banned from Chinese government buildings amid security fears.
I wonder what China knows :)
https://www.drive.com.au/news/tesla-vehicles-to-face-entry-b...
Be aware this is the IDF. Everything they say and do is suspect. They're committing genocide and lying about it while there are videos of them sniping Palestinian children and laughing while calling them animals.
That ban is possibly all optics. The US, under Trump, performatively bans stuff all the time.
No doubt about this one. But, how much are the ubiquitous ride-for-hire e-scooters spying on you, and everyone else on the street?
Those e-scooters are a red herring. Ring cameras on everyone's front door and automated license plate readers (ALPR) on police vehicles and Flock cameras throughout cities are bigger concerns in America.
Flock is already known to assist the government surveilling protestors:
- [CBP is monitoring US drivers and detaining those with suspicious travel patterns](https://news.ycombinator.com/item?id=45996860)
- [How Cops Are Using Flock Safety's ALPR Network to Surveil Protesters and Activists](https://www.eff.org/deeplinks/2025/11/how-cops-are-using-flo...)
- [Amazon has a form so police can get my (Ring) data without permission or a warrant](https://www.theverge.com/2022/7/14/23219419/amazon-ring-law-...)
The even worse part of Flock isn't that they cooperate with the government, it's that there is(or was) basically no security in the service. Cops from one state can/could use flock services from other states. A few cops got caught stalking via Flock.
Flock takes the "do nothing until forced to" mentality.
Enough to make sure the kids won't undercut the cartel this time around.
It's where we are. Everything everywhere is collecting data and spying.
If it exists in a database, then the government has access to that database if it ever wants to legally or otherwise. It's been like that since 9:11 and probably before.
All we need now is for the right person to walk in and turn the key. We're lucky that Donald Trump is probably too stupid to understand what he's got under his thumb.
He's a useful president surrounded by smarter people who will figure out ways to use this data rather than sit around tweeting all day.
Comment of the year.
I went to Carvana to get some idea on what my car might be worth. I gave them the license plate, and it gave me a questionnaire about specific trim and options along with asking about the current mileage. I couldn't remember the exact figure so I guessed rounded to the thousand. The app complained and wouldn't take it as they knew the mileage which was some 150ish miles more. Apparently my car has reported the mileage last time I drive it, which has been about an hour before.
Carvana knew exactly how many miles I had driven within an hour of me driving my car.
The problem is a lot of the features of these cars require you to opt into giving your privacy away. And when you’re shopping it’s not clear where that line is.
A 2013 Chevy Volt has a camera on the dashboard pointed at the driver. The entertainment dashboard has a dozen communication options, including those for safety? Zealots and the unhinged will quickly comment no doubt, but for the rational citizens I ask, when was this normalized? Was it automakers emboldened by the acceptance of cell phone central record keeping?
"Safety" is a magic word like "god" was a thousand years ago. If you say it just right you can manufacture an excuse to do all sorts of stuff that'll clearly lead to bad stuff if left to run.
They undoubtably said things like "if it saves even one person from falling asleep at the wheel it's worth it" or something along those lines.
this is still a technology advancement... what if smartphone usage or asleep safely stops the car? what if this run locally? or what if it's linked to public entities that will add penalty points to your license?
as a cyclist and public transport user with no driver license, i hope personal vehicles have so much sensors that they can detect if you are drunk or stressed and limit your reaches. fuck your metallic beetle
>as a cyclist and public transport user with no driver license, i hope personal vehicles have so much sensors that they can detect if you are drunk or stressed and limit your reaches. fuck your metallic beetle
What a great illustration of the sort of selfish opinions that people like to peddle under the guise of perceived common good.
Are you willing to have your bike brakes linked up with GPS and red light signals? It's in the name of safety and progress after all.
> Zealots and the unhinged will quickly comment no doubt, but for the rational citizens I ask, when was this normalized?
[laughs in unhinged zealot]
so ya!
My house is fairly close((125') to a rural "highway", and only internet here is mobile data that my phone shares with other devices and mornings(anytime) my older desktop with 2.5 ghz wifi gets bumped off with the passing of every car that has glaring supper white headlights,but, not the ones running yellow incandecents, whatever rf signal is comming of these things must be barely, or completly illegal, and could obviously be tracked in any number of ways, so not so much bieng spied on, as just flat out trasmitting everything you do in ridiculously fine grained detail.
The car data collection story is concerning, but it's part of a broader pattern: credentials and personal data are scattered across dozens of services we interact with daily.
The automotive example shows how even "non-tech" products now collect and transmit data. Each service creates another attack surface, another set of credentials to manage, another potential breach vector.
What's frustrating is that breach response still falls on individuals. When one of these services gets compromised, it's users who have to scramble to change passwords across potentially hundreds of connected accounts. The "change your password" advice is good but wildly impractical at scale.