this post was submitted on 26 Jul 2024
245 points (99.6% liked)

Privacy

31782 readers
369 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 35 comments
sorted by: hot top controversial new old
[–] [email protected] 36 points 3 months ago (2 children)

Once they've got your data it's gg.

ToS never works. Libre software does.

[–] [email protected] 9 points 3 months ago

Do we have a rockbox for cars?

[–] [email protected] 3 points 3 months ago (1 children)

Unless we are taking about trivoization

[–] [email protected] 5 points 3 months ago* (last edited 3 months ago) (1 children)

Doesn't the latest GPL patch that?

[–] [email protected] 2 points 3 months ago

Yes but that doesn't apply to Linux

[–] [email protected] 34 points 3 months ago (1 children)

I think it's really sad how people lose the plot and go and go on murderous rampages against ethnic/sexual/random/political minorities when insurers are sitting right there the whole time.

[–] [email protected] 6 points 3 months ago (1 children)

I've always somewhat disliked single issue voters, only to become one and would vote for pro-privacy candidates... If any existed.

[–] [email protected] 11 points 3 months ago (3 children)

You don't have a pirate party in your country? Maybe you can start a local chapter

[–] [email protected] 5 points 3 months ago

Do I need an eye patch?

[–] [email protected] 4 points 3 months ago

We need this in the US

[–] [email protected] 3 points 2 months ago (1 children)

Oh, I like this idea. 7 seas PAC, endorsed by anonymous,

"We want you to download cars!!!!" as a slogan

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago) (1 children)

Pirate party is a legitimate party in many countries. Its not a joke. They fight for human rights and data protection laws.

https://www.patrick-breyer.de/en/
https://digitalcourage.social/@echo_pbreyer

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Thank you for further context. I would love to see this spread. Privacy in the US is like smoking in the 50's, we all know, but no one cares because the cancer hasn't metastasized yet.

[–] [email protected] 21 points 3 months ago (2 children)

Serious question: how can I hack my Honda to block these communications? (Any phone home bs)

[–] [email protected] 14 points 3 months ago (1 children)

Seems that cutting the internet connection would take you a long part of the way

[–] [email protected] 18 points 3 months ago (3 children)

I know someone who is in engineering at one of the big Auto makers, we where discussing this issue and the person told me that even if you remove the SIM (disable cellular internet) The dealer we still upload all the data from the “black box” to the auto maker when they connect to OBD / CAN diagnostic port in your car during service. The manufacturer’s service software just does that now the tech does not even have to initiate it. Also some dealers can automatically connect using RF to your car as soon as you enter their lot, This can be by Bluetooth, WiFi, and/or the CAN bus via the keyless entry module or TPM (Tire Pressure Monitor). There was an issue a several years ago with hackers gaining access to Jeeps while on the road via RF.

https://www.pcmag.com/news/hackers-remotely-hijack-a-jeep-crash-it-into-a-ditch

[–] [email protected] 11 points 3 months ago* (last edited 3 months ago) (1 children)

So software is running on your car that desprately tries to extract and sent your peronal information to its command and control server.

I was going to say "be stingy with access to the OBD / CAN port" but if wireless is involved then avoid the beacon (its wireless and tucked away in a corner so you dont know if its there) or get your data stolen. I feel violated.

[–] [email protected] 7 points 3 months ago (1 children)

It gets worse, Auto makers are now building cars with options in them that require an online subscription and disabling access for more than x time will shut off the option(Tesla, BMW, and others do this now). There is talk about putting the car in “Limp home” mode if access is cut (Car will only have 35mph max speed and limited functions, no HVAC, no Radio, etc.)

[–] [email protected] 4 points 3 months ago

You will own nothing and be happy

[–] [email protected] 5 points 3 months ago* (last edited 3 months ago) (1 children)

Can you just wrap your entire car in foil?

[–] [email protected] 2 points 3 months ago* (last edited 3 months ago)

😂 Jammers might work, but then you run amuck of the FCC, in the US anyway not sure what other countries feel about jammers.

[–] [email protected] 2 points 2 months ago (1 children)

Isn’t this solved by having your car serviced with an independent mechanic? The only catch is warranty work, which is pretty unavoidable unless you’re willing to pay for repairs in lieu of free ones.

[–] [email protected] 1 points 2 months ago

A lot of independent mechanics will use the manufacturer scan tool and service applications or use a 3rd party scan tool/applications that is licensed through the manufacturer and still uploads the data.

[–] [email protected] 10 points 3 months ago

For my Ford, the manual was very helpful. Taking a look at the fuse box diagram, I was able to remove the fuse for the modem.

Thankfully I was able to verify that the modem power was secured because when I enter the infotainment settings to view the modem serial number, I can no longer see the modem serial number. It is just blank.

This won't work for all vehicles because the modem may have the same fuse as critical equipment.

[–] [email protected] 12 points 3 months ago* (last edited 3 months ago) (1 children)

paywall

edit: sorry, not a paywall I did not see the link at first cancelled downvote, have an upvote instead.

[–] [email protected] 3 points 3 months ago (1 children)

I'm not a subscriber and I don't see a paywall. It might be a soft paywall you can block with an adblocker.

[–] [email protected] 6 points 3 months ago (1 children)

I am running a dns based ad blocker.

[–] [email protected] 8 points 3 months ago (1 children)

A DNS based blocker wouldn’t block this, because the subscribe prompt is almost definitely being done by a script from the main NYT domain. The DNS blocker only blocks things that come from domains only used for things that should be blocked, and can’t differentiate between what type of content is being loaded (script vs image vs raw HTML) and definitely not between different things in the same class (paywall script vs the script that makes the buttons work).

[–] [email protected] 3 points 3 months ago

Yep, when they ship the AD, tracker, or popup off to another site the block will work but on the same domain it fails to block.

[–] [email protected] 6 points 3 months ago* (last edited 3 months ago)

FYI ron wyden also voted to pass anti BDS laws to criminalize protest and boycotting of Israel.

He also was one of the original signers of the patriot act and then acted surprised when it was used to spy on american citizens so was one of ten congressman that voted against its renewal. Feels like someone who likes to play the image of a man of the people but only does it when he knows his voice will be ignored.

But alas, he's 'one of the only people in power fighting for privacy rights' which is just sad

[–] [email protected] 6 points 3 months ago
[–] [email protected] 4 points 3 months ago* (last edited 3 months ago) (1 children)

Is he really saying it'd be better if they got more money?
I read the article. I still don't get the argument.
He's sounds disappointed they got paid so little.

[–] [email protected] 7 points 3 months ago

By the time one becomes a senator, they are experts at fleecing money. He is disappointed because he knows all the lost revenue he could have had if he only had known about the data beforehand.

[–] [email protected] 4 points 3 months ago (1 children)
[–] [email protected] 3 points 3 months ago

Automakers Sold Driver Data for Pennies, Senators Say Ron Wyden and Edward Markey urged the F.T.C. to investigate how car companies handled the data from millions of car owners.

Ron Wyden speaking to a small group of reporters around him. Sen. Ron Wyden, above, and Sen. Edward J. Markey sent a letter on Friday to Lina Khan, the head of the Federal Trade Commission.Credit...Anna Rose Layden for The New York Times Kashmir Hill By Kashmir Hill Kashmir Hill has been reporting for the last year on the privacy implications of connected cars. July 26, 2024 Updated 11:16 a.m. ET If you drive a car made by General Motors and it has an internet connection, your car’s movements and exact location are being collected and shared anonymously with a data broker. This practice, disclosed in a letter sent by Senators Ron Wyden of Oregon and Edward J. Markey of Massachusetts to the Federal Trade Commission on Friday, is yet another way in which automakers are tracking drivers, often without their knowledge. Previous reporting in The New York Times, which the letter cited, revealed how automakers including G.M., Honda and Hyundai collected information about drivers’ behavior, such as how often they slammed on the brakes, accelerated rapidly and exceeded the speed limit. It was then sold to the insurance industry, which used it to help gauge individual drivers’ riskiness. The two Democratic senators, both known for privacy advocacy, zeroed in on G.M., Honda and Hyundai because all three had made deals, The Times reported, with Verisk, an analytics company that sold the data to insurers. In the letter, the senators urged the F.T.C.’s chairwoman, Lina Khan, to investigate how the auto industry collects and shares customers’ data. One of the surprising findings of an investigation by Mr. Wyden’s office was just how little the automakers made from selling driving data. According to the letter, Verisk paid Honda $25,920 over four years for information about 97,000 cars, or 26 cents per car. Hyundai was paid just over $1 million, or 61 cents per car, over six years. G.M. would not reveal how much it had been paid, Mr. Wyden’s office said. People familiar with G.M.’s program previously told The Times that driving behavior data had been shared from more than eight million cars, with the company making an amount in the low millions of dollars from the sale. G.M. also previously shared data with LexisNexis Risk Solutions. “Companies should not be selling Americans’ data without their consent, period,” the letter from Senators Wyden and Markey stated. “But it is particularly insulting for automakers that are selling cars for tens of thousands of dollars to then squeeze out a few additional pennies of profit with consumers’ private data.” Hyundai enrolled any car with an internet connection in the data sharing, the letter said. G.M. and Honda customers had to opt in to be included, but Mr. Wyden called the enrollment process “deceptive.” The sharing of driver behavior data stopped after The Times reported on it in March. Verisk shut down its “data exchange” for driving behavior in April. A spokesman for Honda, Chris Martin, said that Verisk had provided a driving score service to its customers, and that “no identifiable consumer information was shared with any insurance company” without customers’ opt-in. Hyundai also provided a driving score service. Ira Gabriel, a company spokesman, said the terms and conditions of its Bluelink connected car service had informed customers that data would be shared with Verisk when they activated Bluelink at the dealership. Verisk shared the data with insurance companies only with a customer’s consent, Mr. Gabriel said. “Verisk paid Hyundai for potential future earnings from customers who affirmatively opted into the insurance feature,” he said in a statement. Image Silver skyscrapers rise above a river with a blue sky in the background. The Detroit headquarters of General Motors, which does not seek customer consent for sharing anonymized location information, the senators’ letter said. Credit...Rebecca Cook/Reuters While G.M. has stopped selling personally identifying information about driver behavior to data brokers, it still shares anonymized location information from its cars with a company that Mr. Wyden’s office said G.M. had declined to identify. According to the letter to the F.T.C., G.M. told the office that it did not seek consent from customers to share the location of their cars, and that the only way to opt out “was by disabling the car’s internet connection entirely.” “As is common business practice, we share de-identified data not associated with specific drivers or vehicles with select partners to enhance city infrastructure and road safety for pedestrians, cyclists and drivers,” a G.M. spokeswoman, Malorie Lucich, said. Previously, G.M. shared cars’ locations with a British data broker, Wejo, in which G.M. had an investment. Wejo filed for bankruptcy last year. Matt Bialuk, who was an executive at Wejo, said that the company had gotten the precise location of about 10 million G.M. cars up to every one to three seconds, but that the data did not include identifying details about the driver. The data was useful for universities and state transportation departments, he said. “You can see braking, bottlenecks, route optimizations,” Mr. Bialuk said. “There are tons of use cases. This is how to create smart roads.” He added: “We could see windshield wipers are on. Windshield wipers tell a huge story in vehicles.” FTC @FTC · Follow Concerned about what information your car collects and how it’s used?

Tell the FTC at https://ReportFraud.ftc.gov. Click “Report now” then choose “Something else” to tell your story. #connectedcars #privacy 1:41 PM · Mar 21, 2024 23 Reply Copy link Read 2 replies This is at least the third letter the F.T.C. has received from Congress asking it to investigate the collection of data from Americans’ cars. In March, the F.T.C., which is responsible for policing unfair and deceptive business practices, solicited reports from consumers about the issue, but an agency spokeswoman said she couldn’t comment on whether the agency is investigating. Privacy Concerns about Connected Cars

Your Car Is Tracking You. Abusive Partners May Be, Too. Dec. 31, 2023

How G.M. Tricked Millions of Drivers Into Being Spied On (Including Me) April 23, 2024

Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies March 11, 2024

‘Smartphones on Wheels’ Draw Attention From Regulators April 30, 2024 A correction was made on July 26, 2024: Because of an editing error, an earlier version of this story misattributed who paid for driving data. Hyundai was paid for its data, it did not pay for it. When we learn of a mistake, we acknowledge it with a correction. If you spot an error, please let us know at [email protected] more Kashmir Hill writes about technology and how it is changing people’s everyday lives with a particular focus on privacy. She has been covering technology for more than a decade.