I wanted to get others’ takes but it seems like the only real way to get a non-spying car is to get an older car without any sort of telemetrics. I saw a video about different car companies’ security policies, well specifically the new Mental Outlaw video, and it just blew me away how even our cars aren’t safe. Anyone got tips for how to anonymize their car?
Also ford recently redesigned their app so the users have to use built in google maps in order to track their car.
The problem with the “just buy old cars” is that I want a used electric car for like $10k.
We need a wiki of EVs that.has a section on each model enumerating which components are used to spy on you and videos showing how to neuter them.
Exactly. Like I got a new android phone last week and I want to make it more.private. I want be afraid of making mistakes. Any mistake I can do can be undone.
Yeah fortunately there’s tons of info on the internet on how to security harden phones. Its down to a science
Hardening cars is wild west right now.
Hardening cars is wild west right now.
The cars should not need to be hardened. That is what needs to stop, imo!!
We need a wiki of EVs that.has a section on each model enumerating which components are used to spy on you and videos showing how to neuter them.
I have been thinking we need something like this but for all new vehicles, not just EVs. Like instructables but for how to locate and rip out the cellular radio/antenna on every make and model that has one.
Definitely. But its more complicated than that.
My understanding is that many cars store the information airgapped and then upload it to the dealer when the mechanic pluggs into the car doing routine service checks.
So we need the wireless/radio neutering, but also someone needs to hook up to the car and see if/what data can be leaked via hard wire. And possibly find ways to disable the sensors, send random/nonsense data, update the software to not store sensitve data, automatically wipe the data every time the car turns on, or at least document how to manually wipe the data when you pull into the shop for maintenance.
Oof, yeah, didn’t think about that. Much more complicated.
Yeah with EVs it seems like improving the privacy would be a pain, since they are reliant on parts of the digital system that is causing the privacy problem in the first place. I’m planning on sticking with a gen 3 Prius for awhile.
Are you sure the gen3 Prius doesn’t have these sensors and privacy issues? I had a gen2 Prius and that thing had loads of sensors everywhere.
I ask because I’m seriously considering buying a gen3 Prius. Do you have any resources you can link me to where researches actually did an audit of this car to see what info it collected and what was uploaded to Toyota or the mechanics?
The best privacy from an EV is an electric bicycle
Well, would be nice to be able to haul drywall and not get wet. There are some projects for this, but they’re a bit immature and documentation is lacking
You can haul a lot of weight by bike, especially if you use a trailer. How often do you really haul things? Just rent a panel van on days you want to move shit.
I live on a bicycle, but I’m going to be building a house soon, which is why I was looking at buying an EV.
An EV van has the same privacy issues, and we’re back at square 1
And then they’ll add the same tracking to them too.
My ebike comes with a GPS tracking app to locate it. Luckily it’s optional but it’s already begun
Not all. Bosch equipped ebikes send name/address when they get serviced.neither rad nor aventon have systems smart enough to record data at all. I dont think shimano ebikes are smart either.
I’ve got a 2009 dumb car and I am babying it because I dread having to try to buy a new to me car that isn’t full of telemetrics and other modern car garbage.
Learn how to work on it
I already do. I’m no mechanic, but I’ve made numerous repairs over the years and am familiar with and can do basic car maintenance.
Old and serviceable. Don’t give me plastic
Are there any write-ups on the situation in Europe under GDPR-legislation? Mostly I read about the US-situation which seems like the wild west, but I can’t imagine that it is perfectly fine in the EU either even if you opt-out of using their apps etc.
Remove the cellular modem.
What are the chances the software is designed to throw errors and “See a technician” messages if you dk?
Not small, but I think you’ll have better chances with the mid level commuter cars. You’ll probably get some error messages on some of them, but if you can ignore them, they wouldn’t stop the car from running.It’s the high end ones and EVs that have a higher chance of bricking if you disable the antenna.
My suggestion, if you’re looking for a new car, is to research where the modem in the car is, and unplug it during the test drive (assuming it’s reachable).
I unplugged the one in my work truck, 2023 Ford F150. They call it the “Telematics unit” and it’s on the rear cab wall on the right side, hidden behind the sound deadening foam. I did this after it was bought, but if I had known about it before my boss paid it, I definately would have tried it before the test drive to make sure, and I plan to do it if/when I look for a newer car!
I unplugged every cable coming into it - power, antennas, data, all of them! The only issue that comes up is the center screen on the dash crashes back to the main menu when you try to open the data/wifi settings.
No other issues so far after almost 5k miles! No warnings, no lights on the dash, nothing! Android auto/carplay even still works! Don’t know yet if the dealer will try to plug the unit back in during the next service, but I intend to raise hell if they try!
We need an iFixit-like database giving each car a score about how easy it is to unplug the telematics units and what errors it may result in, complete with a score.
Depends on the car but I’d say the chance is above 50%
I’ve heard it can cause problems in some models, so people need to do their research. With my truck it’s dead easy and are no drawbacks.
Perhaps disconnecting the RF antenna, and replacing it with an appropriate termination?
Get rid of the car
Most of the cars will still try to connect to open Wifi when available to upload data.
Very nice ! That’s when you can start spying on your car’s behavior.
Not really. If they use TLS / HTTPS then you won’t see a damn thing.
Yeah. Believe me most of these embedded controllers are not very well programmed. Play a bit with fake certificates and I won’t be astonished if you to catch something.
And add a Faraday’s cage. There are other things except for cellular connection used in cars such as WiFi and Bluetooth.
I’d want bluetooth for music from my phone though. And it’d be nice if my phone’s cellular and GPS didn’t get blocked.
Isn’t your phone far more connected to your identity than your car? As in, if your worried about Toyota or Ford tracking your vehicles driving statistics it seems using GPS and wifi and Bluetooth on your phone that also has all your payment info, browsing history, and all your passwords saved defeats the entire purpose of worrying about your car. However, at least your phone gives you a benefit to using it like navigation and music, your car just mines your location data.
Privacy is not just black and white.
But then the car can send the data via unprotected WiFi spots. I don’t think you can turn off autoconnect.
That’s impractical. Bluetooth and Wi-Fi also needs modems so just remove those too.
I mean sure if you can find and remove them. They’re very small.
They’re going to be in the same location for a given model year, which somebody will likely have documented online.
Holding onto my 2016 van with zero telemetry for as long as possible.
I am a private person. Not because I have something to hide, I just don’t like the idea that my data is being sold which exposes me to various scams. I got to the point where some of my online purchases are marked as fraud due to measures I took - vpn, email alias, delivery to a parcel locker, spoofed phone number, one time cc. But with cars I cannot help myself. I truly enjoy all the “smart” features. Collision detection, ability to press SOS button when I need help, ability to remotely start/stop/lock/unlock/turn on/off ac/etc. I know how privacy invasive those things are but in this case I’ve chosen convince over privacy.
Take a look at motorcycles. They tend to be far behind the curve technology wise, and only Zerocycles have a telemetry system afaik.
they’re also dirty as fuck.
Let me try this comment again.
There is no driving with privacy or anonymity unless you’re on private land.
Anyone got tips for how to anonymize their car?
Remove the license plate. You will rarely have privacy driving a car on a public road. You should disable the modem, of course, but you’re still not going to be driving anonymously or privately. Automated license plate readers means your travels are going into databases that very well could be breached at some point in time.
Law enforcement use of ALPRs is rapidly expanding, with tens of thousands of readers in use throughout the United States; one survey indicates that in 2016 and 2017 alone, 173 law enforcement agencies collectively scanned 2.5 billion license plates.
According to the latest available numbers from the Department of Justice’s Bureau of Justice Statistics, 93 percent of police departments in cities with populations of 1 million or more use their own ALPR systems, some of which can scan nearly 2,000 license plates per minute. In cities with populations of 100,000 or more, 75 percent of police departments use ALPR systems.
Despite this expansive data collection effort, many departments have not developed a policy to govern the use of ALPR technology, or provided privacy protections.
The fact that your data is exposed to someone doesn’t mean that you have to give up and just let everyone else have it as well.
That’s not the point I’m making. You should disable your cars modem if it has one, but you still should have no expectation of privacy. Thinking you can have anonymity with a license plate displayed to everyone is foolish. It’s like asking how to be anonymous while wearing a name tag and the same clothes every day.
Adding to this, automatic plate flippers exist and are pretty popular for show cars to display something else when parked. Typically wired to ignition so it shows your plate only when the cars running.
Issue is if you street park dependent on the state, if the vehicle registration is hidden by the plate being flipped they can likely tow it. Would work great for at work/in your driveway though. Could maybe just have a bypass switch for if you need to park somewhere and display the plate.
Still a pain in the ass that it’s this bad though.
Theyre also recording the make model car type car size etc so you’re still not immune from fingerprinting
Depending on the car you might be able to physically disable telemetry. Here are some thoughts/ideas I’ve been collecting:
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
- It’s possible that the info could be stored locally and then uploaded when it gets serviced though
- Remove the fuse to the modem/data communication module (DCM)
- Disconnect wiring to the LTE antennas
- A number of people have mentioned that they can get the dealer to disconnect the telemetry as a precondition to buying. For instance, here.
- Jump the data communication module (DCM) cable with a ~$70 dongle to bypass just the telematics components
- Disconnect the DCM cable, which will likely gimp the infotainment if not other systems, or remove the entire DCM unit
You need a line break between your paragraph and your list.
Depending on the car you might be able to physically disable telemetry. Here are some thoughts/ideas I’ve been collecting:
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
- It’s possible that the info could be stored locally and then uploaded when it gets serviced though
- Remove the fuse to the modem/data communication module (DCM)
- Disconnect wiring to the LTE antennas
- A number of people have mentioned that they can get the dealer to disconnect the telemetry as a precondition to buying. For instance, here.
- Jump the data communication module (DCM) cable with a ~$70 dongle to bypass just the telematics components
- Disconnect the DCM cable, which will likely gimp the infotainment if not other systems, or remove the entire DCM unit
Oh, it looked Ok in my app (Voyager). But I added the line break.
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
Quite a few cars also still have a SIM card hidden somewhere, which can be removed. The location of it varies widely though and they’re usually pretty hard to find.
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
Definitely keeping me far away from upgrading, newest vehicle is an early 2000s Corolla and still does 40mpg.
Honestly with how cheap and easy it is to fix at home, barring safety improvements I really don’t see a point in upgrading. Infotainment is just another component that will eventually go obsolete like the ones from ~2010 that are dog slow and a pain to go aftermarket on.
Yeah, this is something always in the back of my mind. There’s no way I could replace the one in my car without serious modification. There’s a bunch of shit integrated into it (heat/air controls, safety feature toggles, etc.) and it takes up the entire center of the dashboard.
Another awful “innovation”. The screen in my 2016 van just does maps, music, and radio. I can swap it out no issue if I want (but I don’t want android auto so I don’t). The climate controls are still physical knobs thank god.
I don’t recall what kind of car it was, but there was one that saved the phone number associated with any phone that connected via Bluetooth.
While I don’t think it’s likely as a way to trick people to connecting to get their phone number, it was a rental car which opened them up to impersonation scams. Knowing they just rented from the company and where in the city provides quite a bit of information on you.
Android has the ability to deny this information. If iOS has one it does jack shit because Apple doesn’t care about your privacy.
I did not watch the mentioned video so I am not sure if what I am about to mention is discussed there or not. Also, sorry for the really long reply!
I am not aware of any available truly privacy respecting, modern cars. However, assuming theat you obtain one or you can do things like physically disconnect/remove all wireless connectivity from the car to make it as private/secure as possible, there still is little you can do to be truly anonymous.
Your car likely has a VIN and license plate as well as a vehicle registration. Assuming you legally obtained the vehicle and did not take any preventative measures prior to purchasing the car, those pieces of information will be tied back to you and your home address (or at least someone closely connected to you). You would need to initially obtain the vehicle via a compsy/LLC/partnership/etc. as the owner/renter/leasee of the vehicle and an address not associated to you. Additionally, you would need to find some means of avoiding or limiting the additional information connected to you that is likely required to obtain the vehicle like car insurance and your drivers license.
Additionally, any work that certain mechanics perform may be shared (either directly or indirectly) with data brokers - even just routine maintenance like an oil change or alignment. Hopefully you didn’t use your credit card, loyalty rewards program, etc. when you had any work done!
There is also CCTV, security cameras, and other video recorders that are nearly impossible to avoid. Given enough time/resources and maybe a little bit of information, your car could be tracked from its origin to destination locations. This location history can be used to identify you as the owner (or at least driver/passenger) of the car. Unless your car never leaves your garage, you can almost guarantee that your car is on some Ring camera, street camera, etc.
Furthermore, anything special or different about your car (custom decal, unusual window tinting, funny bumper sticker, uncommon color for the car, uncommon trim/package for the car, dented bumper, fancy rims, replaced tires, specific location of toll reader placement on the windshield, something hanging from your rear mirror, etc.) all help identify your car. The make/model and year of your car can also be used to identify your car if its not a common car in the area. These identifiers can be used to help track your car via the video feeds mentioned above.
Then there are license plate readers which are only slightly easier to avoid than the video recordings. Permanent, stationary license plate readers can be found on various public roads and parking lots. There are also people who drive around with license plate readers as part of their job for insurance/repossession purposes. You may be able to use some sort of cover over your license plate(s) to hinder the ability of license plate readers to capture your plate number, but that could be used to help identify your car in video feeds/recordings.
ITT people are all dismissive because you can’t actually be anonymous on the road (license plates, speed cameras…), but, honestly, I just want a car that doesn’t listen in on my conversations, sell my data to brokers, require any passanger to accept the privacy policy, or record the times I have sex (jk it won’t be able to if I don’t have any)