I am sure this article has been shared before, however I wanted to have a look at this topic.
The articles short summary is this:
All 25 car brands we researched earned our *Privacy Not Included warning label – making cars the worst category of products that we have ever reviewed
I am currently driving a 2014 Ford Fiesta which just has a radio with a CD player and Bluetooth. I do not need more than that in a car.
The reason I am looking at all is that that the Fiesta does not belong to me and the friend owning it will be moving out in a bit, so I kinda need another one.
There seems to be one brand that is not as bad as the other ones (but still bad): Renault; mozilla's review...
Maybe I will have a look at their cars.
What do you guys think? Stick to older used cars and not use an EV or look at which of the manufacturers have the least bad privacy policy?
I bought a used Chevy bolt EV, for now I've pulled the onstar system fuse which kills the telemetry and GPS+cell antenna. No tracking with no power, it's my car and my battery so I decide what gets my power.
I'm not interested in letting any of these companies screw me over behind my back regardless of who is "less evil," but I've gotten so used to the convenience of EVs that I won't do without one.
I use my phone for navigation and music/podcasts and that still works just fine.
Might at some point look at a more sophisticated way of doing this like removing just the onstar module or terminating its antenna, but for now it's fine.
If that is possible in a european car that would be exactly what I'd want to do as well :D
It’s almost certainly possible, but it might void your warranty/be illegal, depending on your jurisdiction (and qualifications- it’s probably not illegal if you’re a licensed mechanic, but might violate your employment contract). Even if it’s not illegal, it might affect your liability insurance coverage.
I’m not saying you shouldn’t do it, but make sure you know what the potential consequences are.
Blow the fuse then. Plausible deniability
I bought a used 2017 Bolt a few months ago and I love it. It is the most practical car I've ever owned and it's nice to drive.
Sorry to burst your bubble, but the sensors store data locally and then get uploaded to the Internet when you take it to a mechanic, who plugs your car into an internet-connected computer
Ehhh that's a bit of a blanket statement that applies to dealers: I promise you my indie guy who does my tires and inspections will not be plugging anything in. Everything else I will be doing anyways.
He would be a bad mechanic if he didn't plug it in to get a readout of the computer on your car during routine maintenance
He would be an exceptional mechanic if he made sure to only do this on an airgapped machine.
That's simply not how it works. The only "computer" system that is required and widely used is still obd-II which has been around since 1996. Thats all the independent shops diagnose with whether the car is 1999 or rolled off the lot yesterday. Any other computer system on board is dealer specific and a specialised system NOT accessed during regular work. Quit spamming misinformation.
It's not required. These surveillance systems and data profiteering are very optional.
this is just blind undirected cynicism. please show your work. I hate our surveillance state too, but if you misidentify the problem you will push away people who understand the situation from your cause.
Literally read the article that you're commenting on
3rd party mechanics aren’t plugging into anything but OBD II, and the kinds of systems you are talking about aren’t being checked by mechanics.
And OBD II is open source and has been confirmed to not send home data from the car, right?
you would have to show your work if you want to make that accusation. otherwise it’s just conspiratorial thoughts and cynicism.
i can’t get much of anything like this telmetry over OBD II, and it certainly isn’t giving an internet connection to the car.
No. You want to trust an app that's closed source and make claims that it isn't stealing your data?
That burden is on you to reverse engineer every release and prove that it respects your privacy
Your assumption about how datalogging works is incorrect.
In short, sensors almost never store local data which doesn't even matter if those sensors are depowered. There is absolutely nothing to be afraid of here.
So yeah, sensors do not locally store data except in very rare and high-cost cases not found in basically any consumer electronics. There needs to be a datalogger or handoff to a datalogger of some variety. While the ECU or MCU of a vehicle logs data, there's not a permanent memory of every action you've done with the car because it literally doesn't have enough memory. Doubly so if some of the sensors such as GPS are physically unplugged or depowered as in my case.
So, no amount of malicious action from a dealer would extract location or even more basic data from a car. The only thing they'd see are the basics of the ECU or MCU which has been common for every car produced since OBD2 became... a thing.
I'll also add that an easy solution to this is not to go to a corporate dealer (all Chevy dealers are shit anyway to be fair). While the independent mechanic might have to buy proprietary diagnostics from the manufacturer, they aren't going to re-enable systems like GPS or telemetry if you tell them not to because they care about you coming back and thus have an incentive not to fuck you over.
Sounds like you've been out of the industry for a while.
The sensors don't store the data. The storage does. How do you think the entertainment system remembers your music history? Its stores it. And uploads it. And they sell it.
So your car won't track you but your phone will. OK.
That was my first thought too, but some people are moving to more privacy focused phones like grapheneOS, and other ROMs, or even Linux phones.
Besides, reduction in the number of people tracking you is still a positive thing.