I wanted to get others’ takes but it seems like the only real way to get a non-spying car is to get an older car without any sort of telemetrics. I saw a video about different car companies’ security policies, well specifically the new Mental Outlaw video, and it just blew me away how even our cars aren’t safe. Anyone got tips for how to anonymize their car?
Are there any write-ups on the situation in Europe under GDPR-legislation? Mostly I read about the US-situation which seems like the wild west, but I can’t imagine that it is perfectly fine in the EU either even if you opt-out of using their apps etc.
Mozilla Foundation did a deep dive into this. And the results where abysmal. The only brands not completely horrifying where Renault/Dacia because they are European and only serve the European market so they have to follow GDPR.
Depending on the car you might be able to physically disable telemetry. Here are some thoughts/ideas I’ve been collecting:
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
- It’s possible that the info could be stored locally and then uploaded when it gets serviced though
- Remove the fuse to the modem/data communication module (DCM)
- Disconnect wiring to the LTE antennas
- A number of people have mentioned that they can get the dealer to disconnect the telemetry as a precondition to buying. For instance, here.
- Jump the data communication module (DCM) cable with a ~$70 dongle to bypass just the telematics components
- Disconnect the DCM cable, which will likely gimp the infotainment if not other systems, or remove the entire DCM unit
Quite a few cars also still have a SIM card hidden somewhere, which can be removed. The location of it varies widely though and they’re usually pretty hard to find.
- Hit “SOS” button and opt-out of all services through customer service. This of course requires trusting the company to actually do it.
Should be quite easy to remove any WiFi/cellular/satellite antennas from the car’s computer. (Might be trace/chip antennas, so make sure to get those). If you’re extra paranoid, get the GPS antenna too, so it can’t simply record data indefinitely.
Might take a few hours to go through the car to make sure you get everything, but you won’t be limited to super old cars.
I don’t believe for a second that the car won’t be sending either an unremovable error message, a constant and un-mute-able audible alarm, or a complete lockout of subsystems or the entire system itself. The best case scenario is that this is a mild inconvenience.
Does your car lock up outside of cell coverage? I’m not suggesting removing the radios themselves, just the antennas. To the car, it will just always be out of range.
The antenna used for talking to the keys might cause trouble, but those are either inherently short range inductive systems or are receivable using a 20$ RTL SDR to verify it’s not sending anything else.
Remove the cellular modem.
What are the chances the software is designed to throw errors and “See a technician” messages if you dk?
I’ve heard it can cause problems in some models, so people need to do their research. With my truck it’s dead easy and are no drawbacks.
My suggestion, if you’re looking for a new car, is to research where the modem in the car is, and unplug it during the test drive (assuming it’s reachable).
I unplugged the one in my work truck, 2023 Ford F150. They call it the “Telematics unit” and it’s on the rear cab wall on the right side, hidden behind the sound deadening foam. I did this after it was bought, but if I had known about it before my boss paid it, I definately would have tried it before the test drive to make sure, and I plan to do it if/when I look for a newer car!
I unplugged every cable coming into it - power, antennas, data, all of them! The only issue that comes up is the center screen on the dash crashes back to the main menu when you try to open the data/wifi settings.
No other issues so far after almost 5k miles! No warnings, no lights on the dash, nothing! Android auto/carplay even still works! Don’t know yet if the dealer will try to plug the unit back in during the next service, but I intend to raise hell if they try!
And add a Faraday’s cage. There are other things except for cellular connection used in cars such as WiFi and Bluetooth.
I’d want bluetooth for music from my phone though. And it’d be nice if my phone’s cellular and GPS didn’t get blocked.
Isn’t your phone far more connected to your identity than your car? As in, if your worried about Toyota or Ford tracking your vehicles driving statistics it seems using GPS and wifi and Bluetooth on your phone that also has all your payment info, browsing history, and all your passwords saved defeats the entire purpose of worrying about your car. However, at least your phone gives you a benefit to using it like navigation and music, your car just mines your location data.
Privacy is not just black and white.
But then the car can send the data via unprotected WiFi spots. I don’t think you can turn off autoconnect.
Most of the cars will still try to connect to open Wifi when available to upload data.
Very nice ! That’s when you can start spying on your car’s behavior.
Not really. If they use TLS / HTTPS then you won’t see a damn thing.
Yeah. Believe me most of these embedded controllers are not very well programmed. Play a bit with fake certificates and I won’t be astonished if you to catch something.
The problem with the “just buy old cars” is that I want a used electric car for like $10k.
We need a wiki of EVs that.has a section on each model enumerating which components are used to spy on you and videos showing how to neuter them.
I don’t recall what kind of car it was, but there was one that saved the phone number associated with any phone that connected via Bluetooth.
While I don’t think it’s likely as a way to trick people to connecting to get their phone number, it was a rental car which opened them up to impersonation scams. Knowing they just rented from the company and where in the city provides quite a bit of information on you.
Android has the ability to deny this information. If iOS has one it does jack shit because Apple doesn’t care about your privacy.
As long as data harvesting is legal and profitable, privacy will be a cat and mouse game. Gotta wonder how much capital and human effort is invested into all these anti-consumer innovations.
Let me try this comment again.
There is no driving with privacy or anonymity unless you’re on private land.
Anyone got tips for how to anonymize their car?
Remove the license plate. You will rarely have privacy driving a car on a public road. You should disable the modem, of course, but you’re still not going to be driving anonymously or privately. Automated license plate readers means your travels are going into databases that very well could be breached at some point in time.
Law enforcement use of ALPRs is rapidly expanding, with tens of thousands of readers in use throughout the United States; one survey indicates that in 2016 and 2017 alone, 173 law enforcement agencies collectively scanned 2.5 billion license plates.
According to the latest available numbers from the Department of Justice’s Bureau of Justice Statistics, 93 percent of police departments in cities with populations of 1 million or more use their own ALPR systems, some of which can scan nearly 2,000 license plates per minute. In cities with populations of 100,000 or more, 75 percent of police departments use ALPR systems.
Despite this expansive data collection effort, many departments have not developed a policy to govern the use of ALPR technology, or provided privacy protections.
The fact that your data is exposed to someone doesn’t mean that you have to give up and just let everyone else have it as well.
That’s not the point I’m making. You should disable your cars modem if it has one, but you still should have no expectation of privacy. Thinking you can have anonymity with a license plate displayed to everyone is foolish. It’s like asking how to be anonymous while wearing a name tag and the same clothes every day.
