I don’t know anything about cars.

Now that we have established that cars seriously undermine our privacy (look at the flurry of posts in this community in the last few hours), what can we do about it?

From a networking POV, if you remove the ability to connect to the Internet, it doesn’t matter what the car is recording as long as you can ensure there is no physical tampering. Depending on who you are, this is a good idea, and doable for the most part (very few people have the technical knowledge to pull out the right chip from a car).

So, how do we achieve this? I implore the community to invite mechanical/car engineers who can help us on this matter, and to form methods to prevent vehicles from accessing the Internet without express consent from the user.

Thanks!

  • slazer2au@lemmy.world
    link
    fedilink
    arrow-up
    86
    ·
    1 year ago

    You could, but some antenna are printed onto circuit boards so disabling them without breaking the board entirely will be interesting.

    With that Mozilla study out I hope some car manufacturers get sent some very pointed questions by government regulators.

      • Jay@lemmy.ca
        link
        fedilink
        English
        arrow-up
        19
        ·
        1 year ago

        Not so easy to rip your dashboard apart to wrap things in screening though. Nor should a person have to considering the tens of thousands of dollars they already paid for something.

        • over_clox@lemmy.world
          link
          fedilink
          arrow-up
          9
          arrow-down
          1
          ·
          1 year ago

          Who said the computer components you’re looking for are in the dash? I mean I’ll be honest, I dunno about these modern vehicles, but vehicles I’ve worked on in the past have the main computer in weird unexpected places like under the driver’s seat or in the passenger side cowell area.

          I do get your point though, yes such modifications might be simple on paper, but cost quite a bit in labor to actually accomplish.

          Regardless, I’ve done dashboards too, even drove my car around for a day with the entire dash completely missing, because I needed to drive it to the store during service that took me two days.

          Hooray for dumb cars!

          • Jay@lemmy.ca
            link
            fedilink
            English
            arrow-up
            7
            ·
            1 year ago

            I have a “differently abled” car as well that doesn’t have Onstar (it came out on the next model year after mine.) but even it has most of it’s electronics buried under the dash by the firewall. You’d have to pay me to replace it with all this tracking crap they stuff in there now.

      • Jay@lemmy.ca
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        Not so easy to rip your dashboard apart to wrap things in screening though. Nor should a person have to considering the tens of thousands of dollars they already paid for something.

  • j4k3@lemmy.world
    link
    fedilink
    English
    arrow-up
    70
    arrow-down
    13
    ·
    1 year ago

    Just ask the dealer to disconnect the modem upon purchase.

    Better yet, refuse to buy shit you don’t own and make this known. Go to the dealer force them to stand around while you read the privacy agreement. Use an attorney because they have stupid legal agreements. Waste everyone’s time because they are the ones doing this to you. It must cost profit. Then walk away from this bullshit. Tell them why you are walking away.

    All of this exists because people are too stupid to care. If you ignore this, you are one of them, and part of the problem. Legal agreements are theft and slavery. Signing them blindly is the stupidest thing you can ever do in your life. Anyone that needs a legal agreement for you to make a purchase is a worthless criminal. Signing their bullshit is saying you are okay with being their little slave bitch.

    • protist@mander.xyz
      link
      fedilink
      English
      arrow-up
      48
      arrow-down
      3
      ·
      1 year ago

      Waste everyone’s time because they are the ones doing this to you

      I agree with your intentions, but no, the person working at the car dealership is not doing this to you. That person is just trying to get by, they’re not the MBA executive trying to squeeze every dollar out of humanity who you should be targeting

      • rockstarpirate@lemmy.world
        link
        fedilink
        English
        arrow-up
        23
        ·
        edit-2
        1 year ago

        Maybe not, but they are the one who keeps leaving me alone in their office for 15 minutes at a time to “go ask their manager” if our negotiations are ok and they are the one who pretends to settle on a price with me and then tries to hard-sell me on all sorts of useless addons. And at they end of the day they are the one that turns making a purchase into a 4-hour process.

      • j4k3@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        2
        ·
        1 year ago

        It has to irritate the GM of the dealership enough to file a report and work its way up the chain to the top. Unfortunately this is capitalism. It is no different than the military in that it sucks to be the person at the bottom of the shit pile but they work for criminals. If they don’t like it, quit working for criminals. Yes it is pervasive. But we are the problem. We are funding and enabling these people. You must make it extremely well known that you have money and you are not spending it because of this bullshit. No one else controls the market. We fund the entire thing with what we are willing to ignore and make excuses for. We must burn it to the ground too. That means stop being nice about the person working for the thief. Sorry; not sorry.

        • protist@mander.xyz
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          1
          ·
          edit-2
          1 year ago

          It has to irritate the GM of the dealership enough to file a report and work its way up the chain to the top.

          I think you think the manager of a dealership is going to care a lot more than you think they will. More likely they’re going to just ask you to leave after you start acting like a dick to their staff.

          You must make it extremely well known that you have money and you are not spending it because of this bullshit.

          By causing a scene you are going to affect no change, more likely you’ll end up being mocked on Tik Tok. Write a letter to corporate explaining your decisions, sure, or petition for state or federal legislation; otherwise spend your money elsewhere. Only by funding alternatives are you going to impact the market outside of regulation

          • j4k3@lemmy.world
            link
            fedilink
            English
            arrow-up
            8
            arrow-down
            1
            ·
            edit-2
            1 year ago

            I didn’t say cause a scene. I spent nearly a decade painting cars for dealers. I have had close dealings with used car managers and general managers more than most people. Yes, any possible excuse about cars not selling over this kind of issue will be a leverage point that they will use when it comes to inventory. Just one sale lost over this will end up getting documented at most large dealers. All you need to do is read the document and say you are not okay with it and walk out because of it. No drama needed. This is intelligent. Signing your privacy away blindly is the only idiotic choice here.

    • phar@lemmy.ml
      link
      fedilink
      arrow-up
      37
      arrow-down
      1
      ·
      1 year ago

      Like the other person said, you are confusing the dealership and the manufacturer. This is the equivalent of those people that yelled at the teenagers working at chik filet. The dealership will just say they don’t create those rules and you’d have to take it up with the manufacturer, then ask you to leave. If you don’t leave and act like a jerk, they’ll just call the cops and have you escorted off premises.

      • Adalast@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Except it’s really not. Most of the dealerships around are thinly veiled fronts for the manufacturers. The salespeople are shills and scam artists who are specifically hired for their ability to pull the wool over people’s eyes. That poor sap working at Chik-fil-A is some minimum-wage kid who is about as complicit in the greater organization than the mop is. Dealerships are a mouthpiece for the very manufacturers who are patenting ways to make your care self repossess and are charging subscriptions for basic functions that are built into the cars.

        The comparison is shallow and not at all reasonable.

        • phar@lemmy.ml
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          lol no not at all. They are franchises, not fronts for the manufacturer. Everything you said is as wrong as can be.

    • atrielienz@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      arrow-down
      2
      ·
      1 year ago

      To put it simply, this may not even be something they can do legally. For instance, when the mach E came out they were having serious electrical issues. The electric battery has it’s own junction box. So much current was flowing through the contacts that they ended up fusing themselves open or closed. That basically disabled the vehicle. It was fixed with an OTA update. The update works through the same antennas and network you’re talking about. If a vehicle can’t receive an OTA and it affects the security of the vehicle/driver or poses a danger on public roads? Might be out of compliance with NHTSA or other authorities of similar spec in other countries.

      https://www.nhtsa.gov/technology-innovation/vehicle-cybersecurity

      • j4k3@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        edit-2
        1 year ago

        They have no rights to anything I own. What they ship the vehicle with is what I bought. I don’t give a shit about anything anyone has to say about this. This feudalism bullshit is the absolute antithesis of freedom. I am not for sale.

        • atrielienz@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          1 year ago

          I didn’t say they had a right to your data. I’m not defending them. I’m pointing out that cars these days (new ones especially) are as much device as they are machinery. And you absolutely do not want someone hacking your vehicle. And neither does the regulating federal authority in your country. As a result they put certain laws in place that may protect you from this possibility (being hacked), but also leave you open to being taken advantage of by the automaker (having your data taken without your permission).

  • Wicked4wesome@lemmy.world
    link
    fedilink
    arrow-up
    41
    ·
    edit-2
    1 year ago

    The manufacturer that i work for has esims built into every vehicle they build that cannot be removed without bricking the vehicle. I feel like this is pretty much industry standard at this point. They used to have a removable sim, but there was an esim along side that so you could not completely disconnect.

    Edit: added words

    • over_clox@lemmy.world
      link
      fedilink
      arrow-up
      32
      arrow-down
      2
      ·
      1 year ago

      Then block the signal with a Faraday Cage.

      I see I’m getting downvoted for my comments about this, but the vehicle will not fail due to a lack of internet connection. Otherwise your vehicle would brick itself anytime you drive through a tunnel.

      Go ahead, look it up. It’s about as simple as wrapping the cellular device with metal screen.

    • TootSweet@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      Jesus. Any idea how old a car I’d have to buy to be realtively certain it wasn’t phoning home?

  • Adalast@lemmy.world
    link
    fedilink
    arrow-up
    34
    ·
    1 year ago

    I wish I were a billionaire. I would literally start a company that made cars, phones, tech of all kinds on the basic premise that I don’t give a fuck about you or your data. Make it private. Make it have no EULA that says anything beyond IP protections. Make it so consumers never have to worry about underhanded bullshit. Sure, I may not make tons of money, but I think I could be happy turning a small profit, paying employees fairly, and knowing that I am selling better products and undercutting all the assholes to send them careening directly I to the ground.

    • ThyTTY@lemmy.world
      link
      fedilink
      arrow-up
      45
      arrow-down
      3
      ·
      1 year ago

      To become a billionaire you can’t have a moral compass from the start so it’s hard to imagine. I wish you well though, hope to buy one of your devices in future

    • jabjoe@feddit.uk
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      They thing to do is buy the rights to old designs, then open source them and sell them. It pisses me off no end I can’t find system diagrams, schematics or source code to think I apparently “own”. It keeps everyone ignorant and throwing stuff away to keep buying new. And now, with all going online, turns everything to a privacy nightmare . When the manufacture moves on to the next shiny, it will become part of internet of infected things botnets.

      • slurpeesoforion@startrek.website
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Bruh. Hold down the setup button. No more single tone screams of your meal is ready.

        If that doesn’t work, there should be instructions for your brand online.

        • Adalast@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Or just open the side panel and pull the lead off the speaker. Hopefully they didn’t do something dumb like wire the speaker in series with the main power supply so to the computer so the whole thing doesn’t work if the speaker is disconnected or dies.

      • BOB_DROP_TABLES@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        They do exist. Mine has a mute button. The keypad is awful though. I don’t remember the brand and not at home, but can look it up later

  • pm_me_some_serotonin@lemmy.zip
    link
    fedilink
    arrow-up
    28
    ·
    1 year ago

    Sincerely, the best thing consumers can do is to drive dumb cars and use them for as long as possible (cars aren’t like phones, and can work reliably for over a decade).

    • Clymene@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      The best thing to do is to demand better public transportation and walk ability. We’ll always have some cars but we should move away from car dependence anyways.

  • Wisely@lemm.ee
    link
    fedilink
    arrow-up
    27
    ·
    1 year ago

    How exactly are cars connecting to the internet? Cell providers give them free data?

    • jetsetdorito@lemm.ee
      link
      fedilink
      arrow-up
      15
      ·
      1 year ago

      the oems pay for it. some offer basic features for free but charge for features like music streaming.

    • rmuk@feddit.uk
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      It’s generally not much data. A 1GB/mo SIM with ten years service can be had for less than a €10 if you’re buying in bulk.

  • StarkillerX42@lemmy.ml
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    I did something like that with my robot vacuum. I opened it up and ripped the soldered-on wifi card. Now I can’t control it from my phone, but it can’t phone home to Shark either. I was willing to risk it for a $400 robot vacuum, which I also happened to have a second defective one to practice on thanks to their return policy. I’m not sure if I’d attempt this on an electronics behemoth worth several thousands of dollars that I can’t afford to lose.

    • ScoobyDoo27@lemm.ee
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Wouldn’t it have been easier to block it from accessing the internet through a firewall? And having a firewall helps you see what’s going on with the rest of your network.

      • wizardbeard@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        A lot of these devices will refuse to complete setup, or will silently do meshnet type stuff with other devices from the same manufacturer just to get the collected data out

      • StarkillerX42@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I don’t think I could have set it up. After it was connected, there’s no way to disconnect it, which seems to be a growing tactic. I’ve seen several TVs that have no WiFi disconnect button.

    • radau@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Unsure on the sharks but a lot of the roombas have an open source project (ha980?) that lets you run all the Apis locally and cut it off from the internet fully. Mines managed through home assistant now, it’s not perfect but it beats the heck out of that shitty iRobot app

  • over_clox@lemmy.world
    link
    fedilink
    arrow-up
    15
    arrow-down
    4
    ·
    edit-2
    1 year ago

    I’ve had a thought I’d love to have a chance to try one day…

    I’d like to see about not only disconnecting the antenna, but also basically wrap the cellular circuit module in metal screen, basically a crude Faraday Cage.

    I’ve never had any chance to try such a thing, but I can only imagine it would probably do the trick.

    Edit: For those that believe this will cause the vehicle to malfunction or even brick itself, have you never drove through a tunnel and found you lost Internet? Your vehicle won’t stop functioning just because it lost Internet, it literally cannot do that.

    That would be like the absolutely most unsafe thing any vehicle could ever do, to stop functioning because of an internet connection failure.

    • ElderWendigo@sh.itjust.works
      link
      fedilink
      arrow-up
      18
      arrow-down
      3
      ·
      1 year ago

      Or the car just doesn’t start one day because it hasn’t connected to its server in a month, forcing you to go to the dealer to fix it. Why do you so fervently believe a manufacturer wouldn’t resort to tactics like this that they already employ for other systems? It’s naive to think that manufacturers would never remotely disable a car in full or in part because it has been modified without authorization. If it profits them, they physically can, and no regulation prevents it, they will. Right to repair is a nice movement, that I fully support, but it’s very very far from a universal right anywhere.

      • corvus@lemmy.ml
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        1 year ago

        Or the car just doesn’t start one day because it hasn’t connected to its server in a month, forcing you >to go to the dealer to fix it.

        You are exaggerating, a manufacturer can’t do that. The simple reason is that lots of people live (or spend part of the year) in places where the only internet access is through satellite, this is specially true in big countries. The most probable thing they do is to save all the data until there is internet connection available to send it.

        • ElderWendigo@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          You seem to be confused about the difference between can and will. I don’t believe every or even most manufacturers would actually do this, but pretending that they cannot do it (or something like it) purely due to market pressure is naive.

          • corvus@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            I understand the difference but they never are going to do that for the same reason that they have never and they never will block your phone if its not connected to the internet, there are personal security reasons, they cannot leave you with an unusable phone or car. Even people who dont give a fuck about privacy wouldn’t accept something like that, they would go bankrupt.

            • ElderWendigo@sh.itjust.works
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              1 year ago

              I understand the difference

              Proceeds to conflate ability and willingness again.

              You sound like a corporate chat bot stuck in a rhetorical loop.

    • kabobglance@infosec.pub
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      So only thing is they might just store all the data locally and send it when they get reception again. Microsoft Word used to do this with “Aria”

      • over_clox@lemmy.world
        link
        fedilink
        arrow-up
        5
        arrow-down
        16
        ·
        edit-2
        1 year ago

        Do you not understand what a Faraday Cage is or does? It literally blocks radio frequencies.

        Cover the module in a metal screen, block any and all data transmission and reception, without even altering the electronics.

        And the vehicle ain’t got much other choice but to keep functioning as expected anyways, as it’s expected to have signal loss at times anyways.

        Edit: If you think losing internet connection is gonna break your vehicle, well God forbid you ever drive through a tunnel…

          • over_clox@lemmy.world
            link
            fedilink
            arrow-up
            9
            arrow-down
            5
            ·
            edit-2
            1 year ago

            What happens when/if we hopefully get our right to repair our own shit back?

            R2R, Louis Rossmann!

            We should all try to fight the good cause.

        • L3ft_F13ld!@links.hackliberty.org
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          Driving through a tunnel is a short break in connectivity. These things are probably built in such a way that they’ll brick after not being able to connect for an extended period since not working due to a short disconnect would give the brand a bad reputation after happening a few times.

      • over_clox@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Have you not heard of the chip in the hand? It’ll be an aluminum foil glove silly.

        Unless you volunteer yourself for unnecessary brain surgery…

  • Professorozone@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    That might help in some situations, but some of the data is stored on hard drives and retrieved later, either at dealerships or when police “request” it. I think it would take some invasive modifying to really render your car private.

  • Monkey With A Shell@lemmy.socdojo.com
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    1 year ago

    Wrap the car in a large faraday cage? As a general rule it should be assumed that any device with a direct to internet connection capability has the potential to track the user, even of it’s at a very course level like IP history that in theory could be made more precise if the ISP was inclined to keep tabs on a mac address.

    My own vehicle has the ability, if not the subscription, to use one of those manufacturer sponsored satilite connections. Plenty of new vehicles have such things as paid DLC and just lock it up behind software but the hardware is still there. Physical interferance through disconnecting the relevant modules in a clean reversible way has potential for some enterprising sort to either open a school or a specialty repair shop. Now if we could just do something about the phone the driver has with them at the same time.

  • iamhangry@programming.dev
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    1 year ago

    I thought they would disable my esim after the grace period was over, they gave me the option to pay for a subscription and I said “Hell no!”. But I guess I’m more valuable driving that thing than I thought. So yeah, probably only hacking it to disable the esim.

  • AphoticDev@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    6
    ·
    1 year ago

    Probably not without bricking your car. I doubt they are gonna tell you how to disable the telemetry, and with how connected the systems are these days, if you break something the whole thing stops working.

    • Dizzy Devil Ducky@lemm.ee
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      As far as I’m aware, so long as you have purchased it fully with no payments left on it or any loans used to finance it, there is absolutely nothing the car manufacturer or the place you bought it from can do besides void any warranty you have on it. And that’s if they figure out you removed the component.

    • melooone@feddit.de
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      If you own the car; I would say it’s completely reasonable to modify it, as long as its still legaly able to drive after. In Germany your car needs to be regulary checked by TÜV to be street legal.

      If this is legal probably depends on where you live, but I would be suprised if it’s illegal in any developed country. (Im not a lawyer btw.)

  • PseudoSpock@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Most vehicle head units are still running a low power version of Java 6 and have difficulty with nested levels of DNS CNAMES. I wonder what other problems that Java stack has that can be exploited?