"It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals unless the attacker knew the VIN (vehicle identification number) of their target's car."
Am I dumb or are they? If you know someones home address, then all you need is a geo lookup, and a filter which selects for cars parked near that address at 3AM over some time period. Which then gives you the VIN and the entire location history, right? Sure you might get more than one car if the someone lives in a city and uses street parking but its still going to reduce down to just a handful of cars which can then be cross referenced against place of work, relatives, etc.
And of course home address lookup can be made with any number of public databases with little more than a name and maybe some additional filtering (age, city, phone number, etc).
> its still going to reduce down to just a handful of cars which can then be cross referenced against place of work, relatives, etc.
You are correct, but I can't imagine why anybody would go to that much trouble for a speculative answer. Your idea requires quite a bit of intelligence collection as well (relatives' addresses, addresses of known hangouts, etc. that you have to vet for accuracy).
If you have a confirmed home or work address, just go to their home or work and take a picture of the target VIN through the windshield.
Going to everyone's house seems multiple orders of magnitude more trouble than looking at where a car is most often parked, and seeing if you have anybody in your database that lives, works, or has relatives (or facebook friends) that live at those addresses. I bet you'd get a unique hit 99.99% of the time if you have 10 years of data.
I think his point is just because the data in isolation isn't identification, we live in a world where multiple public datasets are easily used to make 99.9% correlation, yet laws still act like these associations are "technically challenging"
Most of the problems are from actors who are very specifically motivated and we need to start a less isolated view of data breaches .
Okay, massive tangent, but it's been bugging me for a while and this has finally tipped me over the edge - why is it called personally identifiable information? That would be information that someone can personally identify surely? Shouldn't it be personally identifying information?
Yes, all location tracking data is personaly identifiable.
Given any dataset like this it is trivial to pick any entry and trace where is home and where is work thus de-anonymizing it. Conversely given any home or work addreas it's trivial to find all other related entries for the individual.
Definitely agree. If I have a time series of geo location information, which visits point x,y once per day at 5:00pm I can probably conclude they probably live at this location.
Of course it would all be incredibly boring to analyze. We can conclude that people live at a certain location, (dumbly for no good reason) drive to another one 5 times per week and go a few other places.
Sure you might be able to find the odd person that is doing something weird or illegal but if you already know location x1, y1 contains bad guys might as well just go there and arrest them instead of creepily analyzing data that you know you shouldn’t have.
Yes people can finally see if their spouse was cheating. Or learn when a target is typically not at home. Or what church they go to. You are not dumb. The statement in the article is dumb however.
If you commute from home to a job I think even with somewhat coarse information it’s easy to figure out who you are. The NYT did a story like this based on advertiser data.
All car shrink-wrap licenses that I have looked at are similar. That's why I think it is funny when people freak out about Android Automotive. The Android Automotive terms are much, much better for customer privacy.
The EULA for my Honda says that Honda can and will share all available data with itself and third parties, named and unnamed, for any or no reason.
How does these EULA’s work if you buy a used car? I suppose manufacturer doesn’t really know if the car has been sold and the new owners haven’t accepted the terms?
Funny, I looked around and couldn't find an equivalent for Honda motorcycles. Perhaps Honda understands their customers better than we think. Honda seems perfectly willing to build tracking-free products when the customer base cares enough. I have never met any sportbike rider willing to share one iota of ongoing GPS data with anyone.
This is an absolutely unbelievable level of privacy intrusion IMO. I 100% support very heavily fining this sort of behavior, otherwise it will continue to proliferate.
We need stronger laws about protecting user data. Like HIPAA but for everything. Storing millions of hours of video of people driving and their GPS should be a liability. I did not consent to any of this, but I'm certainly on recordings for drivers who did, that should also be an enormous fine.
Where would the support for fines come from? When government understands these issues at all, they only want more control and restriction. The only thing I can imagine legislators getting upset about is they the car manufacturers are not sharing all the info with government by default. Next steps will be mandating tracking, not fining for it.
Voice recording without explicit consent of all recorded parties is illegal under wiretapping laws in my state, and my state is pretty aggressive about it.
When you look at the specific uses, I think it's a bit less unbelievable. I think the important piece is that they should more clearly stipulate how the data is used and what controls are in place to protect it. Even more importantly, opt out by default if there's any chance of the data leaving your vehicle and a clear mechanism for wiping all collected data.
> Your Facial Geometric Features will only be stored on your vehicle.
> Vehicles equipped with Teammate use sensor and/or image data from the vehicle’s interior and exterior to evaluate the vehicle’s surroundings
I've purchased a few Toyota models, with the first having the connect service being a 2014 model. The sales rep asked for my phone so they could download the app that works with their system. The manner in which it was asked was interesting to me in that they clearly had not had someone so much as flinch as to giving them their unlocked phone and access to an app store. Maybe I was the first person not a grandparent they had worked with, but they obviously were not handed my unlocked phone. Since it was my first car with a connected system, I tried it out but was very unhappy with it. Their GPS required you to use your phone to enter a location and provide GPS. The in car system was basically just a screen for the services your device provided. The next time I purchased a car, I never even connected a phone to it.
That sounds perfect. How could a car system be better than just be a screen and interface for the functionality your phone provides? It's literally the dream.
If it's a particularly cheap car I wouldn't even mind if it doesn't have a screen or interface, and just supplies an API to the phone and a holder for it.
Either way would be a million times better than any car made between 2005 and 2015 has to offer.
if you own a car from 2008 or newer the government essentially mandates it to be a privacy nightmare. If you care about privacy don't buy a modern car. Throw in the Vault 7 CIA leaks about how they explicitly had programs to research how they could hack modern cars remotely
you have to wonder how many vehicle 0-days nation state actors have saved up for when they need them, even just displaying the ability would grind the country to a halt because people would be afraid to even drive
> This Privacy Notice DOES NOT apply to:
>[...]
> Any Toyota vehicles equipped with Connected Services located outside of the continental United States, Alaska and Hawaii.
If companies want to collect such personal data it should not be by default, and each clause should have to be independently validated by the customer including what data, how it's used, where stored, for how long, who it's shared with.
Nobody will accept basically so that says something about the asymmetry here.
The privacy policy looks really reasonable and mostly only collecting the data that it needs to provide the services. And the most cloud-based / privacy concerning stuff (e.g. external video capture, and usage-based auto insurance) is listed as opt-in.
I'm not sure the location data aspects are great but yeah, there is some discrepancy between what the parent post was claiming and the policy states:
> Certain vehicles equipped with an interior, driver-facing camera [...] If you opt-in and link your user profile using the in-vehicle “Setup Face” process, the Face Identification feature may use your Facial Geometric Features and Profile Data... Your Facial Geometric Features will only be stored on your vehicle.
> External Vehicle Video Capture. Owners of certain vehicles equipped with [...] may also opt-in to participate in External Vehicle Video Capture...
> To use the App Suite, you must download the application and accept the End User License Agreement... We will use Voice Recordings to improve our responses and voice recognition. To facilitate functionality of your App Suite and linked third party services, your vehicle may share your Location Data and Voice Recordings transcriptions with your third party services...
Owners may want to disable this in hardware rather than relying on a sketchy opt-out mechanism. The relevant part is the "data communications module". It has an LTE modem and a backup battery, so it's able to transmit even if the car battery is disconnected. It requires a little bit of dashboard disassembly to access. You can either remove it or disconnect the LTE and GPS antennas. Toyota has technical documents available for $25 at https://techinfo.toyota.com.
It would be great if there was some website that collected all the detailed instructions for removing the spy devices from different car models.
do you know if there are easy equivalents for other car brands? when I bought my new car in 2019 I also wanted to disable any built in GPS/Data connection but it was hard to find any instruction if nobody else had done it or documented it yet. subaru if you happen to know!
edit:
hah, should have just googled it first. looks like people are trying it out more now
Do you have a source for it being illegal for an owner to disable it on their own vehicle? Your link talks about it being required in new cars but I didn't see anything that said you couldn't deactivate it.
In many cases this isn’t viable. On my car for for instance - a 2016 Subaru - removing the telematics module also disables all front speakers because the audio signal is routed through it.
> It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals
The data included timestamped GPS data, which has been demonstrated to be easy to de-anonymize.
Yeah, companies seem to think that "personally identifiable information" is basically just your name. That's clearly wrong because GPS data and VIN make it extremely straightforward to figure out who a car owner is.
As far as I'm concerned, this is PII. That statement is a bald-faced lie and a state AG should bring charges over this - it's extraordinarily irresponsible for Toyota to collect this data and then leak it for TEN YEARS.
"Personally identifiable information" is a legal term with a legal definition[1], and location data is not PII. Companies think that PII is basically just your name because that's literally true: PII means name and government-issued ID number. That's it. Everything else is not PII.
Relatedly, PII sucks as a basis for privacy law. The laws enshrining PII were made in response to identity theft[2], and that's the "threat model" those laws are protecting against. They do a reasonable job protecting against that threat model, but are very narrowly-focused on that threat model.
Fine-grained location data is absolutely sensitive data, and any non-braindead privacy legislation would consider it as such. The US lacks such legislation. It would be considered Personal Data under GDPR, and Personal Information under CCPA.
[1] Actually like 400 definitions in 400 different laws, but there's a lot of similarity.
[2] Specifically, the first data breach notification law was made in response to lawmakers being the victims of identity theft. This is a common thread in US privacy laws. See also Robert Bork.
But the VIN number was available, as it says right below that
I mean does anyone think there HASN'T been a leak of VIN numbers and owners that would be trivial to join with this?
It's also kind of staggering how long this was a problem
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
In my state, anyway, vehicle registrations are public information. If you have a VIN or license plate #, you can get the identity and address of the person the car is registered to, and if you know the name and address of a person, you can get the VINs/plate #s of the vehicles registered to them.
I don't think it's any indicative of how long this problem has been here? Unless I misunderstood, because after re-reading I guess I see how you did read it.
It is clear that automakers are utterly failing at technology.
In-vehicle control systems are typically garbage.
Several hacks have been shown where vehicle data is exposed over cellular links, in some cases with remote attackers being able to actually control elements of the vehicle (eg: Jeep).
Software updates are rare, with manufacturers often trying to charge exorbitant amounts for basic updates.
Data breaches of various customer data, credentials, PII, etc. are repeated.
IMO we are at the point where in-vehice technology is a thing that is never going away. Auto manufacturers need to become bona-fide software developers and take development, QA, cyber security, etc. far more serious than they have so far.
So I don't work in automotive domain, but I work in Controls Engineering. Basically everything you just said relates to my work as well, and based on tidbits of anecdotal info I've picked up through various technical forums it sounds like automotive & controls are quite similar in that regard.
The dirty truth is often times these domains were designed and chiefly operated by non-software people. Not to say a mechanical engineer or electrical engineer can't program, it's just that their focus is on their work, and the software is but a tool to accomplish those means. So the world of software has leapfrogged over PLC and automotive design and gone to run laps around it several times since the 90s. It's only in say the last 5 years or so that I've seen a cultural shift in controls towards embracing the modern realities of software, networking, security, version control, databases, etc.etc.etc.
I'm not going to go too much further into this, but this is why Software Engineering as a regulated profession is going to be a necessity as much as civil engineering or electrical engineering has been. The digital world is just too vast and complex now with so many pitfalls for those who only ride the edges can handle. And people's lives are starting to matter. It is no longer safe to treat security as secondary with an "oopsy" anymore. We don't tolerate bridge collapse or electrical design that can destroy livelihoods, why do we still tolerate hacks governing data and safety of public?
this is why Software Engineering as a regulated profession is going to be a necessity as much as civil engineering or electrical engineering has been
Unfortunately the challenge with this is still the same as always: do we even know how to engineer software, in the sense that established engineering disciplines use the term, yet?
If we started permitting only “qualified” software engineers to make the big technical decisions, who would decide on the required qualifications? Would it be the few experts who really have spent whole careers successfully developing genuinely high-reliability software in industry or researching innovative techniques for improving quality in academia? Or would it be people like career consultants who write popular books on “best practices” and give keynote speeches at conferences with big name sponsors?
The dominant trend in the software industry for years has been towards short-termism and ad-hoc everything. That often makes sense as a business strategy, at least given the current financial incentives, but it’s not necessarily the best way to promote robustness, predictability and longevity. Prematurely trying to codify accepted practices for engineering software might end up entrenching the status quo, when what is really needed as software eats the world is disruption by people who have demonstrably figured out better ways to do it.
So while I strongly agree that we need to raise standards in parts of the industry where Very Bad Things can happen when software fails, I don’t think regulating software engineering in the same way as more established engineering disciplines is a viable way to do that. Not yet, at least.
> Auto manufacturers need to become bona-fide software developers and take development, QA, cyber security, etc. far more serious than they have so far.
Follow the money.
Their core business depends on the sale of a manufactured good, software is not the product. Software in Automotive is a cost centre.
They will absolutely contract out to the lowest bidder (coincidently probably the least capable). Cost downs in BOMs/features are trimmed to the cent because they are manufacturing in volume so manufacturing cost per unit is King.
What we define as sane Software best practices™ is a result of an industry were Software or services via software are in fact the product.
Also people won't vote with their wallet because we absolutely post-rationalize features and UX in a car. Most people don't realize or won't admit how reptilian their decision process goes in buying a car it's 80% "do I like the looks of it" and 20% the price tag.
I hope regulators fine the hell out of these companies. Enough to make them think twice about offering these upload everything to the cloud services no one really asks for.
This is how engineers think executive decisions are made and it is just not accurate.
The CEO of Toyota plays golf with the uncle of the head of the “we track you forever” group. They both feel like the nephew has a big future and there is a ton of money to be made over the next 5 years before the CEO plans to retire.
Plus, according to their marketing team, Volkswagen is worse. Much worse.
There is way less science and way more emotion at play.
A simple equation but no one actually operates that way. Except for maybe auto manufacturers from late-90s books-turned-movies starring Brad Pitt and Edward Norton.
Most variables are impossible to accurately predict. e.g. "Cost/probability of fine" -> how do you model the cost of brand tarnishment?
I think for a lot of tech products, it's more that the profit margins are tight and competition is fierce, such that spyware integration is needed to subsidize what would otherwise be a money-losing product. At which point the only remedy may be to impose regulations telling companies that no, you can't sell customer's private data without their permission -- and then the price of electronic goods should stabilize at a somewhat higher price but without the user-hostile features.
There's some really active community discussions around disabling the Data Collection Module, discussing everything from simply pulling the DCM fuse to disabling only the antenna.
If you pull the DCM fuse, you'll loose the microphone and potentially one of the right-hand speakers - these can be fixed by jumping the wires in/out of the DCM.
What's concerning to me are reports of the car still uploading all the collected data if you attach a cell phone to the radio's bluetooth. Apparently the car just relays all the info.
I kinda want to snoop that data and see what it is, at least collect the encrypted packets... but my car is from 2007 and has no connected features, so...
> What's concerning to me are reports of the car still uploading all the collected data if you attach a cell phone to the radio's bluetooth
This must be if you have the car manufacturer's app installed. I can't think of any other way for it to phone home from DCM via buetooth if the cellular module is disabled.
Doesn't doing things like this void your car's warranty (at least to those units that are hooked to said wires you're cutting/bypassing?) I'm sure the fuse removeal is fine though. You should put up a dislaimer for unknowing people that this will make their warranty reimbursement tough or impossible. If it's out of warranty of course it doesn't matter.
Unfortunately as far as I can tell it only actually stops after the "remote connect" trial period ends one year after you buy a new vehicle that opts you in automatically. There are probably ways to physically disable the data collection modules for this, if you're comfortable tearing apart your car's dash. https://www.tacomaworld.com/threads/2020-data-transmittal.63...
Does the California CCPA apply here? I've only seen it discussed for websites, but does it work for any company doing business in CA? Wondering if California residents could send a delete request to Toyota (and other companies like Samsung for data gathered by smart tvs).
If a lot of people start regularly sending CCPA delete requests to these companies maybe they will stop gathering this data.
Japanese auto completely missed the memo on software. Many of them won't make the ev transition. It's hard to imagine what Japanese economy is going to be like once their auto industry is gutted.
Toyota's hybrid tech is and has been the best and most reliable for a very long time.
I think it's a shame that the EV regulations and incentives (at least in America) are not as friendly for traditional hybrids and plug-in hybrids. They have basically zero downsides compared to full ICE or full EV, and would still make a massive dent in emissions.
PHEVs in particular - most people are going under 100 miles a day, so there would be 0 emissions.
Toyota has only recently put into production PHEVs that seem a lot more practical.
For example, the electric-only range for the 2012 Prius PHEV is 15 miles, not enough for many people's daily commute unless you can plug in at both destinations. The 2023 Prius Prime is around 40, which is much better, so maybe you can just plug in at night at home.
It is only the 5th generation Prius that is truly designed around having a higher capacity battery pack, ditto for the recent RAV4 PHEV model. The 4th gen Prius fits in the larger battery pack as compromise, with reduced cargo area and wasted volume.
I would have bought a Prius Prime in 2017, and tried to get the tax credit, but there were several issues. There weren't many available in my area, the standard 2017s had driving and parking assist, while the Prime did not, reduced cargo area with no spare tire, and the price, because even with the tax credit was a bit too high for my liking. Just went with a standard Prius instead, and definitely have not regretted the choice. Today I'd buy a PHEV RAV4 or 5th gen Prius though.
Toyota just has to extend the range of the various plug-in hybrid "Prime" models to 100+ miles on EV, which is totally doable. Right now it's already 25-40 miles. In the US in particular that's going to be a good compromise for a lot of people.
PHEV sounds like best of both world on paper but actually worst of both worlds in reality. You are hauling a massive dead weight. Very little useful space inside. Most of them don't make past 10yrs due to the cost of complex system and battery replacement.
Japan generally. They tried to pull a great leap forward move with AI a few decades ago, but just ended up wasting billions on dead end approaches right on the cusp of the AI winter. My personal opinion is that really top notch breakthrough software engineering and computer science is susceptible to an exponential cascade butterfly effect.
Yes you need big teams to deliver huge projects. Operating systems, compilers, languages, etc all take huge investment to build out. The thing is though the initial conditions have a massive downstream effect. The core contributions by genius 10x computer scientists and software engineers set the pace for everyone else. Unix, C, Linux, Git, LLVM, Perl, Python, who knows what else. It's the individuals or small dedicated teams doing it the 'wrong' way, or going for a weird untested approach that starts a small speck that snowballs into huge multi-billion industries.
The culture and economic conditions in the US are perfect for this to work. Japan, and for different reasons and certainly not the the same scale Europe, not so much.
I feel like it’s an architectural change, similar to how smartphone transition wasn’t just about touchscreens. Many flip phones in Japan gained touchscreen after iPhone like wings on a dragon, and died anyway.
If you mean battery EVs, it very likely won't happen. I would even go as far as saying it cannot happen. They are highly resource dependent and too expensive to make. Hydrogen EVs make significantly more sense once you realize renewable energy is going to be nearly free and "efficiency" is most a distraction.
I worked for Toyota Infotechnology Center in Sunnyvale in 2016/2017 on a robotics research project involving their HSR robot running ROS.
The robot had odometry from the wheels, though it was a bit noisy due to the construction of the omnidirectional mechanism. They decided to ignore wheel odometry and use only an odometry module based on the planar lidar, essentially visual odometry. This worked fine in most circumstances, but basically completely failed in hallways as they lacked distinctive features. This interfered with my work which involved the robot navigating around the office.
I had worked on this problem before, and ROS has an excellent sensor fusion library for dealing with multiple noisy sensor readings. You just need to combine wheel odometry and laser odometry with a kalmann filter, and the sensor fusion library makes this relatively easy.
However even though I worked at a Toyota office with full time Toyota employees, and the code was pretty much off the shelf ROS code, and the robots were produced in very low volumes and only in use at Toyota, they wouldn't give me the source code. I think maybe they wouldn't even give me root access.
Still, I was able to control the names of ROS topics using the ROS launch files (it has been a while since I worked with ROS and I forget some of the terms). I remapped the lidar odometry topic to an intermediary topic name instead of /odom, then directed the intermediary topic in to the sensor fusion module along with the wheel odometry, then mapped the sensor fusion output to /odom. The system got odometry information but now it did not come from the lidar odometry but from the sensor fusion module, so it was happy.
The fix worked great. It had normal behavior when lidar was good, and had reliable odometry in long hallways. I was finally able to implement my office navigation code.
I did my best to communicate these changes back to Toyota. They had not been very helpful when I was asking for help solving the issue, but I had hoped that since I had it working they would appreciate this. I asked where I could file a git issue or otherwise push the code to some private git repo.
They were not using git. Ultimately I was instructed to email the raw code files I had used along with instructions for how to integrate it. I found this quite surprising. I have no idea if they ever implemented the changes I suggested, but I kind of doubt it. From what I have heard of japanese software practices, they basically do not accept code suggestions from the bottom up.
I know of some people who worked for Toyota Research Institute who said they were trying to get the Toyota folks to integrate silicon valley coding rigor in to their systems. Maybe they had success, I don't know. But certainly 6 years ago things were a total mess.
That's not "silicon valley", that's "anywhere remotely modern" coding rigor. Sounds like they need to get with the times, especially with regards to developing systems with software stacks that are a couple orders of magnitude larger than in the recent past (like 15 years ago).
Do you have any sources for that claim. Because the big 3 are CATL, LG, BYD. Panasonic is the only notable Japanese supplier but it's trending down fast.
Toyota in particular has wasted a ridiculous amount of time and money on consumer-level hydrogen tech. As a result competitors that focused on battery EVs over the last few years have a decent head start.
If the US blocks China, the Chinese government will just kick all the Americans out of the Chinese market and nationalize their Chinese plants. I'm sure the big three won't be happy about that. Since corporations run the US, they will give the US Govt its barking orders and the Chinese cars will be let into the US.
Dear lord. The fact they even had this much data means I'll never even think about buying a Toyota in future no matter how many grovelling apologies they issue now.
I used to have a Ford. Their app was generally good but I think all you need is the VIN to add a new car. Now you have the ability to track that car, lock the doors, remote start it, and so on.
All second-hand car buyers should get their car's app and activate their car on it to lock out all other sessions - hopefully.
I have an Audi from ~2017. Then, a few years ago, the 3G network was shut down in the US. Can't use the app to unlock the doors or check the car status. I think I prefer it like that. Interestingly, on the center console screen, it shows an LTE connection - must be for something else? Then why isn't the unlock/lock function over LTE? Who knows.
Fact of the matter: at this point if you’re buying anything with telemetry or cloud services, the only safe assumption is that your data may become public at some point in the future, with or without your knowledge.
Just once I'd like to see a company like this sued out of existence. It's not just that they are incompetent with customer data, it's that they essentially forced everyone to give them this info in the first place by default. What if you're an expatriate Chinese dissident? Maybe your ability to hide just got harder.
Does anyone have a guide to modding vehicles to prevent them from collecting data? I would be willing to snip the microphone in the cab and remove the gps receiver if I knew where it was.
It is highly dependent on make/model but most of the time the data is transmitted through the telematic control unit (TCU) which often has a cellular modem that can connect to cellular networks and you might be able to remove or disable/cut power to the TCU.
There can also be other devices similar to a black box in the vehicle which record data and store it in case of a crash for forensic purposes. I would leave these alone as long as they don't have network connectivity.
Every major privacy disaster that does not lead to dramatic repercusions convinces CEO's (and the shareholders that pay their salaries and bonuses) that the "move fast and break things" strategy is the winning strategy.
The result is that that we are no more than five years away (at most) from the surveilance economy getting a terminal stranglehold on society.
You will not be able to buy a car that is not always dialing home, the same way you already cannot buy a mobile that is not always dialing home.
In any case you will not be buying a car. You'll be buying a subscription to a car, renewable annualy under certain (small-print) terms of service.
Cars will not work without some insurance conglomerate receiving all information it wants and trading your behavioral data in opaque insurance markets.
Cars could stop working at any point. A digital roadblock is much cheaper and more comprehensive that a physical roadblock.
Taking public transport was never private (its in the name after all) but this mobility mode too is getting deeply integrated in the surveillance economy: you will only be able to pay for a trip using identifying mobile devices.
The argument is that people "don't care" about the direction things are taking. This is the most evil argument ever advanced.
All of this is being done in some level of secrecy so they're conflating not caring with not knowing or even worse people know something is going on but not the full details.
Society only works because there is massive amount of trust. It is mostly implicit trust, people don't sign fully-informed contracts left and right. People operate under the assumption that (during peacetime) they can go about their lives without worrying about a specific other subgroup organizing to systematically and explicitly work against their interests. I.e. they don't feel under attack and so they don't behave as such.
I hope jailbreaking and disabling this data collection becomes the norm in the future. It is obvious companies do not prioritize the security protecting our data.
It's a matter of time before that is legislated away as an option. Drunk driver detection and remote disable for law enforcement and other rights-trampling "safety" features will be always-on, probably by law. If it's not those, always-on comms will be mandated to help go to a self-driving fleet. One way or another, they'll force us to have spyware cars.
yeah i've always thought self driving and autonomous car fleets would be a godsend to governments. One order and you can immobilize a street, neighborhood, city or whatever. I bet it's hard to escape oppression on foot.
As someone who worked for one of the big Japanese auto manufacturers less than five years ago in Infotainment, in the exact domain of what this thread is talking about, I agree wholeheartedly. You all may or may not be surprised about the philosophy behind this. Your data is looked at as their data... In the company I worked for, this was all driven by a small sect of executives in Los Angeles.
This is one of the biggest reasons I left, as I couldn't agree on an ethical level with the decisions around customer privacy.
Look at the really opaque language in the table under 12. DISCLOSURES FOR INDIVIDUALS IN THE UNITED STATES:
Summary of Prior 12-Month Personal Information Handling Practices
For example, under the category:
Sensitive personal information or data, such as precise geolocation data, biometric information for the purpose of uniquely identifying an individual, account login information, driver's license, and financial information.
...
> Purpose of Processing: For location tracking, to identify you, and to provide services to you.
> Other: We may have used and disclosed your Personal Information for other reasons described in the How We Use the Information We Collect and How We Disclose Information sections.
...and the section 'Sensitive Personal Information' for their explanation of limits on what they do with it.
...and:
Your Privacy Rights: 4. Right to Know and Access... You may have the right to request that we provide you with the Personal Information we have collected about you, including the categories of Personal Information; the categories of sources from which the Personal Information is collected; the business or commercial purpose for collecting, selling, or sharing Personal Information; the categories of third parties to whom we disclose Personal Information; and the specific pieces of Personal Information we have collected about you.
>This incident exposed the information of customers who used the company's T-Connect G-Link, G-Link Lite, or G-BOOK services between January 2, 2012, and April 17, 2023.
>T-Connect is Toyota's in-car smart service for voice assistance, customer service support, car status and management, and on-road emergency help.
I'm sorry, what? No one thinks about what data is being sent back to the manufacturer when buying a car. Now I need to know what my car know and what is being transmitted back. It would be nice if I could turn off this functionality.
This is what I think about most when buying a car. This is why I plan on keeping my current car for as long as possible since it was one of the last Toyotas to not be connected to anything.
When I set up my Corolla the app made me go through and enable/disable a bunch of things. I declined most of the connected technology at setup time without any issue.
It would be nice to know if this was a misconfigured AWS S3 bucket.
My money would be on that.
Companies are still learning this lesson, slowly and at all of our expense.
If it is anything after about 2012 it probably does. Also if this hack is out of the software I think it is, I am not surprised. Some of the main devs were more worried about what a function was named than how to make it work correctly and securely.
> The Toyota Production System (TPS) [..] is based on the philosophy of the complete elimination of all waste in pursuit of the most efficient methods [it] has evolved through many years of trial and error to improve efficiency based on the Just-in-Time concept developed by Kiichiro Toyoda, the founder (and second president) of Toyota Motor Corporation.
> It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals unless the attacker knew the VIN (vehicle identification number) of their target's car.
Or their home address? Location data is absolutely PII and easily deanonymized. Am I missing something?
It's bad enough if you know you're being tracked for some kind of "customer service."
But I've asked people who work with automotive computers whether any cars just automatically track you and store the information in some on-vehicle storage. No one seems to know, but they all think if any did, it would be manufacturer- and model-specific.
The only way to prevent this in the future is to dig thru the leak, it will leak sooner or later, and scrub for every Toyota/Lexus driving: politician, judge, higher up executive branch and military personnel, Toyota employee plus their closest families and plaster this data all over the net. Bonus points for additional analytical work finding treasure like mysterious regular trips to a motel just outside of town etc.
My current "solution" to this is driving a 16yo car, before all this stuff became ubiquitous and impossible to opt out of, but obviously it gets harder every year to find cars from that era that still run reliably.
What other options are there? I would SO willingly pay thousands of dollars specifically to have these features disabled on a new car, but it seems like they're actually designed for that to be impossible.
What options are there for acquiring and driving a car with no internet or satellite connections?
(I'm not trying to stop some other-purpose satellite from being able to see my car if it wanted. I'm trying to prevent a car company--which is NOT a security company--from having a record of everywhere my car has been at every moment of every day where someone can steal it.)
That’s my solution too. I love my old cars. I did get a newish (2012) Jeep to build onto an off road rig. It happens to be the one that you can hack by knowing the VIN which is displayed in the windshield. You can connect to the CAN over the air and unlock and start it with a program widely available on the internet. Luckily, because it’s a Jeep the antenna mount rusted and the antenna fell off. I can’t start it over the air since it no longer talks to the network.
I guess that’s a long way of saying that if we ever have to get new cars, all we need to do is find the wireless antenna and disconnect it.
Reason why I still have and use a “dumb” car, no screens, no software, nothing except what CANbus logs, which is still a lot but nothing clouds based or breached unless you physically access the car.
Car companies seem to just not be very good at things other than bending steel, marketing that bent steel on TV, pushing costs and risks into suppliers (and forgetting about it), and running the insurance companies that their corporate entities have become.
I'm sure their internal incentive structure also does not reward people to join/stay at the company who would focus on the problems that this story points out.
You can't really claim something is end to end encrypted if you don't have access to the client source code to verify that this is the case. There is no good reason to trust any company for sticking to their words, especially under pressure from the government.
Very timely as just today we had multiple threads where commenters were decrying the EU for creating laws like the GDPR to protect people from negative consequences just like in this case, arguing that it slows innovation or some such.
I have a 2014 model but the exposed data was between November 14, 2016, and April 4, 2023.
I wonder how long they hold onto the data before erasing it or if they hold onto to it indefinitely. I don't remember seeing specifics in the EULA about the length of time they hold your data - only that they can and will sell it to 3rd parties.
That's not all that Toyota should be held responsible for. Corporate issues service bulletins about parts under warranty and their certified service centers ignore the warranties, charging customers full price for replacement. I caught a local service center doing just that in January of this year.
The thing that’s infuriating me is that some random sweaty dude might have access to imagery taken by my car and I cannot.
I would love to be able to download the whole shebang of telemetry so I could reassess the quality of my driving, but no, no can do, secrets much.
I need to have a whole dashcam of my own to film my trips, run the cables for it myself, while Toyota is just hoarding this data for itself and some random dude on the internets can just view it.
I am so angry that Toyota required me to sign up for their connected services to use remote start. What a joke. The leadership at the company responsible for this should resign.
There needs to be massive lawsuits over this stuff to the point where companies should consider it a serious liability to hold customer data for anything other than material purpose.
I think there are two key aspects to data breaches; privacy and fraud. The solution for the latter is simple; the liability is on the organisation that uses that identity data rather than the one that stores it. If the bank lends money to a criminal using my data, that's on them. I see no reason why any of the random bits of data that identify me should be of any use to someone else claiming they are me. These things shouldn't be considered secrets as they're always shared with at least one other party.
Just this would reduce the value of obtaining such data.
The privacy aspect is harder to deal with, but it's not obviously clear that a majority of people care. GDPR helps focus minds in large corporations s and maybe that's enough.
At this point I'd like reviewers to start disclosing how difficult it is to remove the LTE antennae and whether or not the car degrades itself when you do.
"It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals unless the attacker knew the VIN (vehicle identification number) of their target's car."
Am I dumb or are they? If you know someones home address, then all you need is a geo lookup, and a filter which selects for cars parked near that address at 3AM over some time period. Which then gives you the VIN and the entire location history, right? Sure you might get more than one car if the someone lives in a city and uses street parking but its still going to reduce down to just a handful of cars which can then be cross referenced against place of work, relatives, etc.
And of course home address lookup can be made with any number of public databases with little more than a name and maybe some additional filtering (age, city, phone number, etc).
> its still going to reduce down to just a handful of cars which can then be cross referenced against place of work, relatives, etc.
You are correct, but I can't imagine why anybody would go to that much trouble for a speculative answer. Your idea requires quite a bit of intelligence collection as well (relatives' addresses, addresses of known hangouts, etc. that you have to vet for accuracy).
If you have a confirmed home or work address, just go to their home or work and take a picture of the target VIN through the windshield.
The scammer in the third world country folks may be at threat of this breach being exploited by does not have that ability.
But they do have the internet, and further no meatspace means scams can be automated/scaled.
Honestly, this seems very bad.
6 replies →
Going to everyone's house seems multiple orders of magnitude more trouble than looking at where a car is most often parked, and seeing if you have anybody in your database that lives, works, or has relatives (or facebook friends) that live at those addresses. I bet you'd get a unique hit 99.99% of the time if you have 10 years of data.
I think his point is just because the data in isolation isn't identification, we live in a world where multiple public datasets are easily used to make 99.9% correlation, yet laws still act like these associations are "technically challenging" Most of the problems are from actors who are very specifically motivated and we need to start a less isolated view of data breaches .
I know the VIN on my wife's car. It'd be beyond a few boundaries to track her vehicle and internal cameras if, say, we split up at some point.
You can read the VIN of neighbors and significant others pretty easy.
The VIN on my Toyota is displayed right beneath the windshield. Anyone can walk up to my car and read it.
4 replies →
> Am I dumb or are they
I don't think you're wrong. I wonder what incentive bleepingcomputer has to make it seem not so bad.
Avoiding getting rekt for defamation or a potentially libellous article.
Okay, massive tangent, but it's been bugging me for a while and this has finally tipped me over the edge - why is it called personally identifiable information? That would be information that someone can personally identify surely? Shouldn't it be personally identifying information?
Words mean whatever people who use them intend them to mean.
1 reply →
Because it's information that may be able to identify, but is not necessarily conclusively identifying of, a person.
Yes, all location tracking data is personaly identifiable.
Given any dataset like this it is trivial to pick any entry and trace where is home and where is work thus de-anonymizing it. Conversely given any home or work addreas it's trivial to find all other related entries for the individual.
If an IP-address is PII, then so should be a VIN and chassis number.
Definitely agree. If I have a time series of geo location information, which visits point x,y once per day at 5:00pm I can probably conclude they probably live at this location.
Of course it would all be incredibly boring to analyze. We can conclude that people live at a certain location, (dumbly for no good reason) drive to another one 5 times per week and go a few other places.
Sure you might be able to find the odd person that is doing something weird or illegal but if you already know location x1, y1 contains bad guys might as well just go there and arrest them instead of creepily analyzing data that you know you shouldn’t have.
Also, among these 2M customers there are surely a few high-profile ones that have implications for politics/crime/forensics/espionage ?
Also, just looking into the window of the car at the dashboard is usually all you need to get the VIN for a car.
Yes people can finally see if their spouse was cheating. Or learn when a target is typically not at home. Or what church they go to. You are not dumb. The statement in the article is dumb however.
If you commute from home to a job I think even with somewhat coarse information it’s easy to figure out who you are. The NYT did a story like this based on advertiser data.
In my state you can look up the vehicle property tax records of anyone by name or VIN.
Their privacy policy is wild and every customer is opted into the connect services by default.
Interior images, exterior images, facial geometry, voice recordings, location/driving data, "multimedia screen data",
https://www.toyota.com/privacyvts/
https://web.archive.org/web/20230512182022/https://www.toyot...
All car shrink-wrap licenses that I have looked at are similar. That's why I think it is funny when people freak out about Android Automotive. The Android Automotive terms are much, much better for customer privacy.
The EULA for my Honda says that Honda can and will share all available data with itself and third parties, named and unnamed, for any or no reason.
How does these EULA’s work if you buy a used car? I suppose manufacturer doesn’t really know if the car has been sold and the new owners haven’t accepted the terms?
19 replies →
Funny, I looked around and couldn't find an equivalent for Honda motorcycles. Perhaps Honda understands their customers better than we think. Honda seems perfectly willing to build tracking-free products when the customer base cares enough. I have never met any sportbike rider willing to share one iota of ongoing GPS data with anyone.
16 replies →
... I do wonder whether this was related to GMs plans to do their own thing?
> Interior images, exterior images, facial geometry, voice recordings,
This is an absolutely unbelievable level of privacy intrusion IMO. I 100% support very heavily fining this sort of behavior, otherwise it will continue to proliferate.
We need stronger laws about protecting user data. Like HIPAA but for everything. Storing millions of hours of video of people driving and their GPS should be a liability. I did not consent to any of this, but I'm certainly on recordings for drivers who did, that should also be an enormous fine.
1 reply →
Where would the support for fines come from? When government understands these issues at all, they only want more control and restriction. The only thing I can imagine legislators getting upset about is they the car manufacturers are not sharing all the info with government by default. Next steps will be mandating tracking, not fining for it.
7 replies →
Voice recording without explicit consent of all recorded parties is illegal under wiretapping laws in my state, and my state is pretty aggressive about it.
I wonder how that factors into this.
1 reply →
When you look at the specific uses, I think it's a bit less unbelievable. I think the important piece is that they should more clearly stipulate how the data is used and what controls are in place to protect it. Even more importantly, opt out by default if there's any chance of the data leaving your vehicle and a clear mechanism for wiping all collected data.
> Your Facial Geometric Features will only be stored on your vehicle.
> Vehicles equipped with Teammate use sensor and/or image data from the vehicle’s interior and exterior to evaluate the vehicle’s surroundings
It will never get fined because it’s how the people who legislate fines are making (and keeping) their money and control.
10 replies →
I've purchased a few Toyota models, with the first having the connect service being a 2014 model. The sales rep asked for my phone so they could download the app that works with their system. The manner in which it was asked was interesting to me in that they clearly had not had someone so much as flinch as to giving them their unlocked phone and access to an app store. Maybe I was the first person not a grandparent they had worked with, but they obviously were not handed my unlocked phone. Since it was my first car with a connected system, I tried it out but was very unhappy with it. Their GPS required you to use your phone to enter a location and provide GPS. The in car system was basically just a screen for the services your device provided. The next time I purchased a car, I never even connected a phone to it.
That sounds perfect. How could a car system be better than just be a screen and interface for the functionality your phone provides? It's literally the dream.
If it's a particularly cheap car I wouldn't even mind if it doesn't have a screen or interface, and just supplies an API to the phone and a holder for it.
Either way would be a million times better than any car made between 2005 and 2015 has to offer.
2 replies →
Totally different than the one for their Europe market: https://www.toyota-europe.com/legal/privacy-policy
US lawmakers : you suck.
if you own a car from 2008 or newer the government essentially mandates it to be a privacy nightmare. If you care about privacy don't buy a modern car. Throw in the Vault 7 CIA leaks about how they explicitly had programs to research how they could hack modern cars remotely
https://en.wikipedia.org/wiki/Vault_7
you have to wonder how many vehicle 0-days nation state actors have saved up for when they need them, even just displaying the ability would grind the country to a halt because people would be afraid to even drive
Thanks!! I didn't know about these leaks.
> This Privacy Notice DOES NOT apply to: >[...] > Any Toyota vehicles equipped with Connected Services located outside of the continental United States, Alaska and Hawaii.
Ah, so only Americans are getting shafted.
Americans probably have the fewest legal protections of their various markets.
This needs to be made illegal.
If companies want to collect such personal data it should not be by default, and each clause should have to be independently validated by the customer including what data, how it's used, where stored, for how long, who it's shared with.
Nobody will accept basically so that says something about the asymmetry here.
The privacy policy looks really reasonable and mostly only collecting the data that it needs to provide the services. And the most cloud-based / privacy concerning stuff (e.g. external video capture, and usage-based auto insurance) is listed as opt-in.
I'm not sure the location data aspects are great but yeah, there is some discrepancy between what the parent post was claiming and the policy states:
> Certain vehicles equipped with an interior, driver-facing camera [...] If you opt-in and link your user profile using the in-vehicle “Setup Face” process, the Face Identification feature may use your Facial Geometric Features and Profile Data... Your Facial Geometric Features will only be stored on your vehicle.
> External Vehicle Video Capture. Owners of certain vehicles equipped with [...] may also opt-in to participate in External Vehicle Video Capture...
> To use the App Suite, you must download the application and accept the End User License Agreement... We will use Voice Recordings to improve our responses and voice recognition. To facilitate functionality of your App Suite and linked third party services, your vehicle may share your Location Data and Voice Recordings transcriptions with your third party services...
(Emphasis mine)
Owners may want to disable this in hardware rather than relying on a sketchy opt-out mechanism. The relevant part is the "data communications module". It has an LTE modem and a backup battery, so it's able to transmit even if the car battery is disconnected. It requires a little bit of dashboard disassembly to access. You can either remove it or disconnect the LTE and GPS antennas. Toyota has technical documents available for $25 at https://techinfo.toyota.com.
It would be great if there was some website that collected all the detailed instructions for removing the spy devices from different car models.
do you know if there are easy equivalents for other car brands? when I bought my new car in 2019 I also wanted to disable any built in GPS/Data connection but it was hard to find any instruction if nobody else had done it or documented it yet. subaru if you happen to know!
edit: hah, should have just googled it first. looks like people are trying it out more now
https://www.ascentforums.com/threads/disabling-the-starlink-...
in Europe, eCall is part of the homologation and must not be deactivated, by law.
https://en.m.wikipedia.org/wiki/ECall
Do you have a source for it being illegal for an owner to disable it on their own vehicle? Your link talks about it being required in new cars but I didn't see anything that said you couldn't deactivate it.
3 replies →
"tracker detection and removal" would be a great service for a local service garage to offer.
Vinyl wrap with Faraday cage on the inside layer? A modern "cone of silence"
1 reply →
In many cases this isn’t viable. On my car for for instance - a 2016 Subaru - removing the telematics module also disables all front speakers because the audio signal is routed through it.
2 replies →
And you would want to do it before you take your new car home, or create a pattern of PII.
I removed the DCM from my RAV4. The annoying part is that it disables the front-right speaker.
> It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals
The data included timestamped GPS data, which has been demonstrated to be easy to de-anonymize.
Yeah, companies seem to think that "personally identifiable information" is basically just your name. That's clearly wrong because GPS data and VIN make it extremely straightforward to figure out who a car owner is.
As far as I'm concerned, this is PII. That statement is a bald-faced lie and a state AG should bring charges over this - it's extraordinarily irresponsible for Toyota to collect this data and then leak it for TEN YEARS.
"Personally identifiable information" is a legal term with a legal definition[1], and location data is not PII. Companies think that PII is basically just your name because that's literally true: PII means name and government-issued ID number. That's it. Everything else is not PII.
Relatedly, PII sucks as a basis for privacy law. The laws enshrining PII were made in response to identity theft[2], and that's the "threat model" those laws are protecting against. They do a reasonable job protecting against that threat model, but are very narrowly-focused on that threat model.
Fine-grained location data is absolutely sensitive data, and any non-braindead privacy legislation would consider it as such. The US lacks such legislation. It would be considered Personal Data under GDPR, and Personal Information under CCPA.
[1] Actually like 400 definitions in 400 different laws, but there's a lot of similarity.
[2] Specifically, the first data breach notification law was made in response to lawmakers being the victims of identity theft. This is a common thread in US privacy laws. See also Robert Bork.
5 replies →
But the VIN number was available, as it says right below that
I mean does anyone think there HASN'T been a leak of VIN numbers and owners that would be trivial to join with this?
It's also kind of staggering how long this was a problem
Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
In my state, anyway, vehicle registrations are public information. If you have a VIN or license plate #, you can get the identity and address of the person the car is registered to, and if you know the name and address of a person, you can get the VINs/plate #s of the vehicles registered to them.
I don't think it's any indicative of how long this problem has been here? Unless I misunderstood, because after re-reading I guess I see how you did read it.
1 reply →
All of five seconds. Where does the car park at night? Put the address into https://www.fastpeoplesearch.com/address
This is why I park in front of my neighbor's house. :)
While I don't do that, I do always use a nearby neighbor's address for my Google Maps directions. I'm sure Google isn't fooled but it amuses me.
1 reply →
Can't believe that this stuff is legal.
It is clear that automakers are utterly failing at technology.
In-vehicle control systems are typically garbage.
Several hacks have been shown where vehicle data is exposed over cellular links, in some cases with remote attackers being able to actually control elements of the vehicle (eg: Jeep).
Software updates are rare, with manufacturers often trying to charge exorbitant amounts for basic updates.
Data breaches of various customer data, credentials, PII, etc. are repeated.
IMO we are at the point where in-vehice technology is a thing that is never going away. Auto manufacturers need to become bona-fide software developers and take development, QA, cyber security, etc. far more serious than they have so far.
So I don't work in automotive domain, but I work in Controls Engineering. Basically everything you just said relates to my work as well, and based on tidbits of anecdotal info I've picked up through various technical forums it sounds like automotive & controls are quite similar in that regard.
The dirty truth is often times these domains were designed and chiefly operated by non-software people. Not to say a mechanical engineer or electrical engineer can't program, it's just that their focus is on their work, and the software is but a tool to accomplish those means. So the world of software has leapfrogged over PLC and automotive design and gone to run laps around it several times since the 90s. It's only in say the last 5 years or so that I've seen a cultural shift in controls towards embracing the modern realities of software, networking, security, version control, databases, etc.etc.etc.
I'm not going to go too much further into this, but this is why Software Engineering as a regulated profession is going to be a necessity as much as civil engineering or electrical engineering has been. The digital world is just too vast and complex now with so many pitfalls for those who only ride the edges can handle. And people's lives are starting to matter. It is no longer safe to treat security as secondary with an "oopsy" anymore. We don't tolerate bridge collapse or electrical design that can destroy livelihoods, why do we still tolerate hacks governing data and safety of public?
> Software Engineering as a regulated profession is going to be a necessity as much as civil engineering or electrical engineering has been
Wouldn’t it be easier to regulate the quality of software used in critical products?
AFAIK similar regulatory standards and certifications exist for aerospace software.
2 replies →
this is why Software Engineering as a regulated profession is going to be a necessity as much as civil engineering or electrical engineering has been
Unfortunately the challenge with this is still the same as always: do we even know how to engineer software, in the sense that established engineering disciplines use the term, yet?
If we started permitting only “qualified” software engineers to make the big technical decisions, who would decide on the required qualifications? Would it be the few experts who really have spent whole careers successfully developing genuinely high-reliability software in industry or researching innovative techniques for improving quality in academia? Or would it be people like career consultants who write popular books on “best practices” and give keynote speeches at conferences with big name sponsors?
The dominant trend in the software industry for years has been towards short-termism and ad-hoc everything. That often makes sense as a business strategy, at least given the current financial incentives, but it’s not necessarily the best way to promote robustness, predictability and longevity. Prematurely trying to codify accepted practices for engineering software might end up entrenching the status quo, when what is really needed as software eats the world is disruption by people who have demonstrably figured out better ways to do it.
So while I strongly agree that we need to raise standards in parts of the industry where Very Bad Things can happen when software fails, I don’t think regulating software engineering in the same way as more established engineering disciplines is a viable way to do that. Not yet, at least.
ICYMI, this piece is a really good conversation starter about software safety that was sadly mostly ignored on HN recently.
- https://news.ycombinator.com/item?id=35885982
1 reply →
> Auto manufacturers need to become bona-fide software developers and take development, QA, cyber security, etc. far more serious than they have so far.
Follow the money.
Their core business depends on the sale of a manufactured good, software is not the product. Software in Automotive is a cost centre.
They will absolutely contract out to the lowest bidder (coincidently probably the least capable). Cost downs in BOMs/features are trimmed to the cent because they are manufacturing in volume so manufacturing cost per unit is King.
What we define as sane Software best practices™ is a result of an industry were Software or services via software are in fact the product.
Also people won't vote with their wallet because we absolutely post-rationalize features and UX in a car. Most people don't realize or won't admit how reptilian their decision process goes in buying a car it's 80% "do I like the looks of it" and 20% the price tag.
I was looking into getting a new toyota, but was hesitant because of this tracking "feature."
I searched online for how to disable it, and found this question:
https://carkiller.com/scottykilmer/qa/how-to-permanently-dis...
These responses are typical:
"But you're still going to be traceable by your phone."
"...everyone, EVERYONE, on the planet has their information out there. There is no such thing as "off the grid." "
"your phone has sent more than enough info about you to every advertiser on Earth mord than the DCM will ever do."
Many people just don't care....
I hope regulators fine the hell out of these companies. Enough to make them think twice about offering these upload everything to the cloud services no one really asks for.
It's a simple equation:
Revenue = (value of data per person) x (number of customers) - (probably of data loss) x (probability of fine) x (cost of fine).
If that number is greater than zero, they'll do it, if it's less than zero, they won't.
This is how engineers think executive decisions are made and it is just not accurate.
The CEO of Toyota plays golf with the uncle of the head of the “we track you forever” group. They both feel like the nephew has a big future and there is a ton of money to be made over the next 5 years before the CEO plans to retire.
Plus, according to their marketing team, Volkswagen is worse. Much worse.
There is way less science and way more emotion at play.
2 replies →
A simple equation but no one actually operates that way. Except for maybe auto manufacturers from late-90s books-turned-movies starring Brad Pitt and Edward Norton.
Most variables are impossible to accurately predict. e.g. "Cost/probability of fine" -> how do you model the cost of brand tarnishment?
1 reply →
I am Jack’s complete lack of surprise
I think for a lot of tech products, it's more that the profit margins are tight and competition is fierce, such that spyware integration is needed to subsidize what would otherwise be a money-losing product. At which point the only remedy may be to impose regulations telling companies that no, you can't sell customer's private data without their permission -- and then the price of electronic goods should stabilize at a somewhat higher price but without the user-hostile features.
So fine them 100x the value they have obtained. Now unless they are 99% sure they can keep it private then they won't do it.
Although I still don't want them doing it if they think they can keep it safe, so may be make fines for just collecting it without opt-in consent.
Which company do you work for?
This is from fight club lol
Government >> regulators. And the government is owned by these corporations.
There's some really active community discussions around disabling the Data Collection Module, discussing everything from simply pulling the DCM fuse to disabling only the antenna.
If you pull the DCM fuse, you'll loose the microphone and potentially one of the right-hand speakers - these can be fixed by jumping the wires in/out of the DCM.
What's concerning to me are reports of the car still uploading all the collected data if you attach a cell phone to the radio's bluetooth. Apparently the car just relays all the info.
I kinda want to snoop that data and see what it is, at least collect the encrypted packets... but my car is from 2007 and has no connected features, so...
> What's concerning to me are reports of the car still uploading all the collected data if you attach a cell phone to the radio's bluetooth
This must be if you have the car manufacturer's app installed. I can't think of any other way for it to phone home from DCM via buetooth if the cellular module is disabled.
Doesn't doing things like this void your car's warranty (at least to those units that are hooked to said wires you're cutting/bypassing?) I'm sure the fuse removeal is fine though. You should put up a dislaimer for unknowing people that this will make their warranty reimbursement tough or impossible. If it's out of warranty of course it doesn't matter.
Toyota owners: you can opt out of this data collection in their app or by calling them. https://support.toyota.com/s/article/Can-I-optout-of-Toyot-1...
Unfortunately as far as I can tell it only actually stops after the "remote connect" trial period ends one year after you buy a new vehicle that opts you in automatically. There are probably ways to physically disable the data collection modules for this, if you're comfortable tearing apart your car's dash. https://www.tacomaworld.com/threads/2020-data-transmittal.63...
Does the California CCPA apply here? I've only seen it discussed for websites, but does it work for any company doing business in CA? Wondering if California residents could send a delete request to Toyota (and other companies like Samsung for data gathered by smart tvs).
If a lot of people start regularly sending CCPA delete requests to these companies maybe they will stop gathering this data.
Japanese auto completely missed the memo on software. Many of them won't make the ev transition. It's hard to imagine what Japanese economy is going to be like once their auto industry is gutted.
Toyota's hybrid tech is and has been the best and most reliable for a very long time.
I think it's a shame that the EV regulations and incentives (at least in America) are not as friendly for traditional hybrids and plug-in hybrids. They have basically zero downsides compared to full ICE or full EV, and would still make a massive dent in emissions.
PHEVs in particular - most people are going under 100 miles a day, so there would be 0 emissions.
Toyota has only recently put into production PHEVs that seem a lot more practical.
For example, the electric-only range for the 2012 Prius PHEV is 15 miles, not enough for many people's daily commute unless you can plug in at both destinations. The 2023 Prius Prime is around 40, which is much better, so maybe you can just plug in at night at home.
It is only the 5th generation Prius that is truly designed around having a higher capacity battery pack, ditto for the recent RAV4 PHEV model. The 4th gen Prius fits in the larger battery pack as compromise, with reduced cargo area and wasted volume.
I would have bought a Prius Prime in 2017, and tried to get the tax credit, but there were several issues. There weren't many available in my area, the standard 2017s had driving and parking assist, while the Prime did not, reduced cargo area with no spare tire, and the price, because even with the tax credit was a bit too high for my liking. Just went with a standard Prius instead, and definitely have not regretted the choice. Today I'd buy a PHEV RAV4 or 5th gen Prius though.
1 reply →
Toyota just has to extend the range of the various plug-in hybrid "Prime" models to 100+ miles on EV, which is totally doable. Right now it's already 25-40 miles. In the US in particular that's going to be a good compromise for a lot of people.
10 replies →
> They have basically zero downsides
They need oil changes. Some don't mind, but I do. It's a downside.
16 replies →
PHEV sounds like best of both world on paper but actually worst of both worlds in reality. You are hauling a massive dead weight. Very little useful space inside. Most of them don't make past 10yrs due to the cost of complex system and battery replacement.
1 reply →
Hybrid vehicles are the most likely to catch fire.
1 reply →
Japan generally. They tried to pull a great leap forward move with AI a few decades ago, but just ended up wasting billions on dead end approaches right on the cusp of the AI winter. My personal opinion is that really top notch breakthrough software engineering and computer science is susceptible to an exponential cascade butterfly effect.
Yes you need big teams to deliver huge projects. Operating systems, compilers, languages, etc all take huge investment to build out. The thing is though the initial conditions have a massive downstream effect. The core contributions by genius 10x computer scientists and software engineers set the pace for everyone else. Unix, C, Linux, Git, LLVM, Perl, Python, who knows what else. It's the individuals or small dedicated teams doing it the 'wrong' way, or going for a weird untested approach that starts a small speck that snowballs into huge multi-billion industries.
The culture and economic conditions in the US are perfect for this to work. Japan, and for different reasons and certainly not the the same scale Europe, not so much.
> Many of them won't make the ev transition.
It's still not clear when (and if) the ev transition will happen. There are many unknowns.
I feel like it’s an architectural change, similar to how smartphone transition wasn’t just about touchscreens. Many flip phones in Japan gained touchscreen after iPhone like wings on a dragon, and died anyway.
If you mean battery EVs, it very likely won't happen. I would even go as far as saying it cannot happen. They are highly resource dependent and too expensive to make. Hydrogen EVs make significantly more sense once you realize renewable energy is going to be nearly free and "efficiency" is most a distraction.
I worked for Toyota Infotechnology Center in Sunnyvale in 2016/2017 on a robotics research project involving their HSR robot running ROS.
The robot had odometry from the wheels, though it was a bit noisy due to the construction of the omnidirectional mechanism. They decided to ignore wheel odometry and use only an odometry module based on the planar lidar, essentially visual odometry. This worked fine in most circumstances, but basically completely failed in hallways as they lacked distinctive features. This interfered with my work which involved the robot navigating around the office.
I had worked on this problem before, and ROS has an excellent sensor fusion library for dealing with multiple noisy sensor readings. You just need to combine wheel odometry and laser odometry with a kalmann filter, and the sensor fusion library makes this relatively easy.
However even though I worked at a Toyota office with full time Toyota employees, and the code was pretty much off the shelf ROS code, and the robots were produced in very low volumes and only in use at Toyota, they wouldn't give me the source code. I think maybe they wouldn't even give me root access.
Still, I was able to control the names of ROS topics using the ROS launch files (it has been a while since I worked with ROS and I forget some of the terms). I remapped the lidar odometry topic to an intermediary topic name instead of /odom, then directed the intermediary topic in to the sensor fusion module along with the wheel odometry, then mapped the sensor fusion output to /odom. The system got odometry information but now it did not come from the lidar odometry but from the sensor fusion module, so it was happy.
The fix worked great. It had normal behavior when lidar was good, and had reliable odometry in long hallways. I was finally able to implement my office navigation code.
I did my best to communicate these changes back to Toyota. They had not been very helpful when I was asking for help solving the issue, but I had hoped that since I had it working they would appreciate this. I asked where I could file a git issue or otherwise push the code to some private git repo.
They were not using git. Ultimately I was instructed to email the raw code files I had used along with instructions for how to integrate it. I found this quite surprising. I have no idea if they ever implemented the changes I suggested, but I kind of doubt it. From what I have heard of japanese software practices, they basically do not accept code suggestions from the bottom up.
I know of some people who worked for Toyota Research Institute who said they were trying to get the Toyota folks to integrate silicon valley coding rigor in to their systems. Maybe they had success, I don't know. But certainly 6 years ago things were a total mess.
> ... silicon valley coding rigor ...
That's not "silicon valley", that's "anywhere remotely modern" coding rigor. Sounds like they need to get with the times, especially with regards to developing systems with software stacks that are a couple orders of magnitude larger than in the recent past (like 15 years ago).
> silicon valley coding rigor
This was refreshing to read. Within my bubble in tech, it's often easy to get jaded about how _unrigorous_ our "engineering" often is.
1 reply →
Where are all these American companies getting their batteries from? Mostly Japan... Rivian, Tesla, Lucid, Gravity, Ford, GMC.
Do you have any sources for that claim. Because the big 3 are CATL, LG, BYD. Panasonic is the only notable Japanese supplier but it's trending down fast.
Mostly China. But the Korean and American contributions are also very significant. Cell source is not a geopolitical monopoly at all.
> Many of them won't make the ev transition.
What exactly makes u come to this conclusion?
I think that's a little hyperbolic, but the Japanese are way behind. There was a decent analysis (as always) in the Economist recently.
https://www.economist.com/asia/2023/04/16/how-japan-is-losin...
4 replies →
Toyota in particular has wasted a ridiculous amount of time and money on consumer-level hydrogen tech. As a result competitors that focused on battery EVs over the last few years have a decent head start.
3 replies →
I would never bet against the Japanese or Korean auto makers lol
japan is a US protectorate. when china starts marketing their EV's abroad the US will just sanction them. don't worry, japan is safe.
If the US blocks China, the Chinese government will just kick all the Americans out of the Chinese market and nationalize their Chinese plants. I'm sure the big three won't be happy about that. Since corporations run the US, they will give the US Govt its barking orders and the Chinese cars will be let into the US.
Dear lord. The fact they even had this much data means I'll never even think about buying a Toyota in future no matter how many grovelling apologies they issue now.
I used to have a Ford. Their app was generally good but I think all you need is the VIN to add a new car. Now you have the ability to track that car, lock the doors, remote start it, and so on.
All second-hand car buyers should get their car's app and activate their car on it to lock out all other sessions - hopefully.
I have an Audi from ~2017. Then, a few years ago, the 3G network was shut down in the US. Can't use the app to unlock the doors or check the car status. I think I prefer it like that. Interestingly, on the center console screen, it shows an LTE connection - must be for something else? Then why isn't the unlock/lock function over LTE? Who knows.
Fact of the matter: at this point if you’re buying anything with telemetry or cloud services, the only safe assumption is that your data may become public at some point in the future, with or without your knowledge.
Just once I'd like to see a company like this sued out of existence. It's not just that they are incompetent with customer data, it's that they essentially forced everyone to give them this info in the first place by default. What if you're an expatriate Chinese dissident? Maybe your ability to hide just got harder.
Does anyone have a guide to modding vehicles to prevent them from collecting data? I would be willing to snip the microphone in the cab and remove the gps receiver if I knew where it was.
It is highly dependent on make/model but most of the time the data is transmitted through the telematic control unit (TCU) which often has a cellular modem that can connect to cellular networks and you might be able to remove or disable/cut power to the TCU.
There can also be other devices similar to a black box in the vehicle which record data and store it in case of a crash for forensic purposes. I would leave these alone as long as they don't have network connectivity.
GSM and GPS jammer is the only reliable way.
Isn't unplugging the antenna lead significantly easier?
[dead]
Every major privacy disaster that does not lead to dramatic repercusions convinces CEO's (and the shareholders that pay their salaries and bonuses) that the "move fast and break things" strategy is the winning strategy.
The result is that that we are no more than five years away (at most) from the surveilance economy getting a terminal stranglehold on society.
You will not be able to buy a car that is not always dialing home, the same way you already cannot buy a mobile that is not always dialing home.
In any case you will not be buying a car. You'll be buying a subscription to a car, renewable annualy under certain (small-print) terms of service.
Cars will not work without some insurance conglomerate receiving all information it wants and trading your behavioral data in opaque insurance markets.
Cars could stop working at any point. A digital roadblock is much cheaper and more comprehensive that a physical roadblock.
Taking public transport was never private (its in the name after all) but this mobility mode too is getting deeply integrated in the surveillance economy: you will only be able to pay for a trip using identifying mobile devices.
The argument is that people "don't care" about the direction things are taking. This is the most evil argument ever advanced.
All of this is being done in some level of secrecy so they're conflating not caring with not knowing or even worse people know something is going on but not the full details.
Society only works because there is massive amount of trust. It is mostly implicit trust, people don't sign fully-informed contracts left and right. People operate under the assumption that (during peacetime) they can go about their lives without worrying about a specific other subgroup organizing to systematically and explicitly work against their interests. I.e. they don't feel under attack and so they don't behave as such.
I hope jailbreaking and disabling this data collection becomes the norm in the future. It is obvious companies do not prioritize the security protecting our data.
It's a matter of time before that is legislated away as an option. Drunk driver detection and remote disable for law enforcement and other rights-trampling "safety" features will be always-on, probably by law. If it's not those, always-on comms will be mandated to help go to a self-driving fleet. One way or another, they'll force us to have spyware cars.
yeah i've always thought self driving and autonomous car fleets would be a godsend to governments. One order and you can immobilize a street, neighborhood, city or whatever. I bet it's hard to escape oppression on foot.
2 replies →
Stop buying new cars, fix old ones instead. If they start preventing that too, I hope there's a mass revolt.
As someone who worked for one of the big Japanese auto manufacturers less than five years ago in Infotainment, in the exact domain of what this thread is talking about, I agree wholeheartedly. You all may or may not be surprised about the philosophy behind this. Your data is looked at as their data... In the company I worked for, this was all driven by a small sect of executives in Los Angeles.
This is one of the biggest reasons I left, as I couldn't agree on an ethical level with the decisions around customer privacy.
Luckily we are already seeing a market with jailbreaking Tesla firmware to have more control over this sort of thing.
Why does Toyota even have this data?
Checkout their privacy policy, it includes biometrics and facial scans, and microphone data. It's absolutely wild.
https://www.toyota.com/support/privacy-notice/
https://web.archive.org/web/20230512181415/https://www.toyot...
Look at the really opaque language in the table under 12. DISCLOSURES FOR INDIVIDUALS IN THE UNITED STATES: Summary of Prior 12-Month Personal Information Handling Practices
For example, under the category: Sensitive personal information or data, such as precise geolocation data, biometric information for the purpose of uniquely identifying an individual, account login information, driver's license, and financial information.
... > Purpose of Processing: For location tracking, to identify you, and to provide services to you.
> Other: We may have used and disclosed your Personal Information for other reasons described in the How We Use the Information We Collect and How We Disclose Information sections.
...and the section 'Sensitive Personal Information' for their explanation of limits on what they do with it.
...and:
Your Privacy Rights: 4. Right to Know and Access... You may have the right to request that we provide you with the Personal Information we have collected about you, including the categories of Personal Information; the categories of sources from which the Personal Information is collected; the business or commercial purpose for collecting, selling, or sharing Personal Information; the categories of third parties to whom we disclose Personal Information; and the specific pieces of Personal Information we have collected about you.
Some vehicular services require location data.
>This incident exposed the information of customers who used the company's T-Connect G-Link, G-Link Lite, or G-BOOK services between January 2, 2012, and April 17, 2023.
>T-Connect is Toyota's in-car smart service for voice assistance, customer service support, car status and management, and on-road emergency help.
s/have/keep/g
I'm sorry, what? No one thinks about what data is being sent back to the manufacturer when buying a car. Now I need to know what my car know and what is being transmitted back. It would be nice if I could turn off this functionality.
> No one thinks about what data is being sent back to the manufacturer when buying a car.
Well, at least one does. Me. The risk of that is the primary thing that is in my mind, over literally every other aspect of the car.
I also wouldn't trust that any controls to not send data would actually stop all data from being sent.
This is what I think about most when buying a car. This is why I plan on keeping my current car for as long as possible since it was one of the last Toyotas to not be connected to anything.
> No one thinks about what data is being sent back to the manufacturer when buying a car.
Chevrolet has had OnStar since 1996, and has sold data related to it for probably just as long -- this isn't some new phenomenon.
I remember these same arguments echoed back then -- but at least it was a unique happening at the time.
1 reply →
When I set up my Corolla the app made me go through and enable/disable a bunch of things. I declined most of the connected technology at setup time without any issue.
It would be nice to know if this was a misconfigured AWS S3 bucket. My money would be on that. Companies are still learning this lesson, slowly and at all of our expense.
good lord. i'm so glad my toyota doesn't have any of those features. shout out to the lean method.
If it is anything after about 2012 it probably does. Also if this hack is out of the software I think it is, I am not surprised. Some of the main devs were more worried about what a function was named than how to make it work correctly and securely.
This is, effectively, a list of which cars and when:
https://www.toyota.com/audio-multimedia/support/3g-faq/
1 reply →
Depends on where the data comes from.
A bunch of Toyotas have a telemetry module (basically an LTE modem tied into the can bus and the head unit), but the introduction date varies.
Tacomas for example didn’t have it until 2020.
I’m not sure though if this data is/was getting pushed through that or something else.
how do i know if it's enabled? i've never done any sort connectivity thing in my vehicle.
1 reply →
What is the lean method in this case?
https://global.toyota/en/company/vision-and-philosophy/produ...
> The Toyota Production System (TPS) [..] is based on the philosophy of the complete elimination of all waste in pursuit of the most efficient methods [it] has evolved through many years of trial and error to improve efficiency based on the Just-in-Time concept developed by Kiichiro Toyoda, the founder (and second president) of Toyota Motor Corporation.
I'd assume the Toyota Production System and their method of lean manufacturing.
toyota invented the lean method
> It is important to note that the exposed details do not constitute personally identifiable information, so it wouldn't be possible to use this data leak to track individuals unless the attacker knew the VIN (vehicle identification number) of their target's car.
Or their home address? Location data is absolutely PII and easily deanonymized. Am I missing something?
It's bad enough if you know you're being tracked for some kind of "customer service."
But I've asked people who work with automotive computers whether any cars just automatically track you and store the information in some on-vehicle storage. No one seems to know, but they all think if any did, it would be manufacturer- and model-specific.
The only way to prevent this in the future is to dig thru the leak, it will leak sooner or later, and scrub for every Toyota/Lexus driving: politician, judge, higher up executive branch and military personnel, Toyota employee plus their closest families and plaster this data all over the net. Bonus points for additional analytical work finding treasure like mysterious regular trips to a motel just outside of town etc.
Privacy doesnt exist .. until its Politicians privacy on the line https://edition.cnn.com/2022/06/14/politics/house-vote-supre...
My current "solution" to this is driving a 16yo car, before all this stuff became ubiquitous and impossible to opt out of, but obviously it gets harder every year to find cars from that era that still run reliably.
What other options are there? I would SO willingly pay thousands of dollars specifically to have these features disabled on a new car, but it seems like they're actually designed for that to be impossible.
What options are there for acquiring and driving a car with no internet or satellite connections?
(I'm not trying to stop some other-purpose satellite from being able to see my car if it wanted. I'm trying to prevent a car company--which is NOT a security company--from having a record of everywhere my car has been at every moment of every day where someone can steal it.)
That’s my solution too. I love my old cars. I did get a newish (2012) Jeep to build onto an off road rig. It happens to be the one that you can hack by knowing the VIN which is displayed in the windshield. You can connect to the CAN over the air and unlock and start it with a program widely available on the internet. Luckily, because it’s a Jeep the antenna mount rusted and the antenna fell off. I can’t start it over the air since it no longer talks to the network.
I guess that’s a long way of saying that if we ever have to get new cars, all we need to do is find the wireless antenna and disconnect it.
Reason why I still have and use a “dumb” car, no screens, no software, nothing except what CANbus logs, which is still a lot but nothing clouds based or breached unless you physically access the car.
Mine doesn't even have a CANbus ;-)
Note that if your car is new enough to have CANbus, it surely has software too.
By default, our Mazda CX-30’s “Telematics Control Unit” transmits vehicle history up to MazdaUSA every time you turn the engine off.
However, you can disable this by following a procedure explained in the owner’s manual (basically, you call Mazda and give them your VIN.)
I’ve also seen similar “opt-out” procedures listed in a Toyota GR86 owner’s manual.
I’d prefer to just pull the car’s SIM card to be absolutely sure :-)
Car companies seem to just not be very good at things other than bending steel, marketing that bent steel on TV, pushing costs and risks into suppliers (and forgetting about it), and running the insurance companies that their corporate entities have become.
I'm sure their internal incentive structure also does not reward people to join/stay at the company who would focus on the problems that this story points out.
This is going to be really interesting when(not if) someone gets Apple or Google's phone tracking history of all their device holders.
For Apple, Significant Locations are end-to-end encrypted, and Find My locations are only sent when requested and deleted after 24 hours.
Please don’t say “they’re tracking your location anyway” unless you have evidence. This is Hacker News not Conspiracy News.
You can't really claim something is end to end encrypted if you don't have access to the client source code to verify that this is the case. There is no good reason to trust any company for sticking to their words, especially under pressure from the government.
What evidence do we have that these locations are deleted after 24 hours and not backed up or shared elsewhere?
2 replies →
Very timely as just today we had multiple threads where commenters were decrying the EU for creating laws like the GDPR to protect people from negative consequences just like in this case, arguing that it slows innovation or some such.
I have a 2014 model but the exposed data was between November 14, 2016, and April 4, 2023.
I wonder how long they hold onto the data before erasing it or if they hold onto to it indefinitely. I don't remember seeing specifics in the EULA about the length of time they hold your data - only that they can and will sell it to 3rd parties.
That's not all that Toyota should be held responsible for. Corporate issues service bulletins about parts under warranty and their certified service centers ignore the warranties, charging customers full price for replacement. I caught a local service center doing just that in January of this year.
File a complaint with your state Attorney General if you are in the US.
The thing that’s infuriating me is that some random sweaty dude might have access to imagery taken by my car and I cannot.
I would love to be able to download the whole shebang of telemetry so I could reassess the quality of my driving, but no, no can do, secrets much.
I need to have a whole dashcam of my own to film my trips, run the cables for it myself, while Toyota is just hoarding this data for itself and some random dude on the internets can just view it.
Won’t nobody think of GDPR these days?
And this is why I'm going to disconnect the DCM in my new car. :/
I believe Toyota began installing DCM radios since model year 2016 — so 2015 (and older) vehicles come tracker free.
I am one of those loons who doesn't carry a cell phone, so this is important to me =D
Driving old junk wins again.
I am so angry that Toyota required me to sign up for their connected services to use remote start. What a joke. The leadership at the company responsible for this should resign.
There needs to be massive lawsuits over this stuff to the point where companies should consider it a serious liability to hold customer data for anything other than material purpose.
I bought a new car in 2018 and it was purposefully one which has no connectivity built into it, for exactly this reason.
Also, why should Toyota store location data in the first place?
I think there are two key aspects to data breaches; privacy and fraud. The solution for the latter is simple; the liability is on the organisation that uses that identity data rather than the one that stores it. If the bank lends money to a criminal using my data, that's on them. I see no reason why any of the random bits of data that identify me should be of any use to someone else claiming they are me. These things shouldn't be considered secrets as they're always shared with at least one other party.
Just this would reduce the value of obtaining such data.
The privacy aspect is harder to deal with, but it's not obviously clear that a majority of people care. GDPR helps focus minds in large corporations s and maybe that's enough.
Wow, bring on the lawsuits! Important to bring this to light to protect ourselves. Will be more informed on my next car purchase coming up this year.
I'm curious which company you think isn't doing this? A modern car is just as much of a spyware platform as a modern cellphone.
From 2014: "Ford Exec: 'We Know Everyone Who Breaks The Law' Thanks To Our GPS In Your Car"
https://www.businessinsider.com/ford-exec-gps-2014-1
Automotive EE here.
You know what wasn’t a problem before some idiots decided to hook cars to the internet?
None of this. Unbelievably stupid choices top to bottom.
God damn it Toyota, I love Toyota
Still going to keep my cars
As long as they don’t start trying to charge me for the seat warmer
I mean... they've already started charging a subscription fee for using your KEY FOB auto start after their trial period ends.
Enough to make me not buy a new Toyota ever again.
Where can I download these data? I would like to know what was exposed for my car.
I'm also interested in this data
This sounds like there should be a massive class action lawsuit against Toyota.
Can you buy a new car without a data plan anymore?
At this point I'd like reviewers to start disclosing how difficult it is to remove the LTE antennae and whether or not the car degrades itself when you do.
Yes, but you cannot finance it (i.e. you have to own it outright before you can disable the transmitter).
So: CASH purchases, only.
In the EU: cannot disable (legally)
This is weirdly good news for current owners, in the same way that 9/11 was weirdly good news for surviving a flight.