Comment by grepfru_it
1 year ago
Teehee
I wrote about this after my gag order expired. GM was shipping all telematics data to a big data cluster processing 100gbps of data (with double the data once Cisco released 400gbps support). Originally it was to help price their used cars. A noble effort I supported. I didn’t know about the sales to insurance brokers, but should have assumed that was coming.
Anyway cat is out of the bag, they won’t undo this feature they will pay a fine, offer an opt-out to 5% of users who take up the offer and in 10 years time everyone will assume their driving habits are being monitored by their insurance company.
How do I know this? It’s been 10 years since the hoopla about realtime location data being sold. Last night I saw my home IP address reports my location with .25 mile accuracy. Guess that $5 check from Verizon was the fine they had to pay!
> I wrote about this after my gag order expired.
Some time last year I wrote a comment here on HN about my Bolt EUV and OnStar. I can’t remember exactly what I wrote and don’t want to dig for it, but I said something like being happy with the vehicle and had disabled all of the OnStar features/tracking soon after I purchased it. Somebody replied that they were intimately familiar with the OnStar/GM project, having worked on it, and that it was still tracking me despite not being subscribed to any of their services and having turned off all the features in the car that I could. They couldn’t elaborate further, I assume because of an NDA or something. I bet dollars to donuts that this is what they were talking about now.
Edit: thanks to Stavros for finding the comment below. It looks like you were in fact the person I was talking to 11 months ago. Small world!
This is sorta unrelated, but in your previous comment you mentioned:
> least right now using CarPlay they aren’t getting all the data about which books or music I’m listening to.
CarPlay absolutely reports currently playing audio metadata back to the car. I've driven multiple cars that display the currently playing song, etc in the driving instruments cluster.
> currently playing audio metadata
Plain old Bluetooth has supported track/caller data for many years now (ex: AVRCP 1.3) so it should be no surprise that cars were made that read and display that information.
That said, if my car persisted that information I'd be rather suspicious.
P.S.: It's also not unknown to have a certain level of address-book contact sharing over BT, since people were making hands-free calls in their car long before CarPlay/Android-Auto came around.
Yeah, I noticed that at some point last year. This is my first vehicle with CarPlay, so I’m not sure how it works in other vehicles, but with mine the CarPlay interface completely replaces the infotainment display. The car will also show the current media in the cluster, but it’s a few clicks away and not what I had configured. I finally realized that the car was still able to see what I was listening to with CarPlay when I navigated back to the car’s default Home Screen while idling one day and saw the name of my book playing in the car’s native media app.
https://news.ycombinator.com/item?id=35391090
There it is, thank you! That’s exactly the conversation I was thinking of. And I see now that the person I was talking to was in fact the very person I replied to here in this thread.
2 replies →
I purchased a Bolt as well. Literally the day after I drove it off the lot, I found and modified the electrical connections to the Onstar antenna system, as I'm fairly handy with electronics and work on all my own cars. If you yank the fuse you'll also lose hands free bluetooth calling and some other features, so you have to use it.
Anyway, told this story to many people, and they looked at me like I'm a conspiracy nut. Well this will be the 1000'th conspiracy I worried about that turned out to be completely true, imagine that.
I own a Bolt (bought used) and have never activated OnStar, and I'm extremely unhappy to learn that it might be spying on me.
I did some reading when the NYT article came out, and found this, which explains how to install a terminator on the antenna to disable the cell connection: https://imgur.com/gallery/n00QKnH. If you go that route, it's probably prudent to make sure your car isn't connected to wifi, either. (Edit: looks like that guide came from here: https://www.reddit.com/r/BoltEV/comments/16h91a6/i_made_a_st...)
Apparently some Bolts newer than mine have a different fuse configuration that puts Bluetooth and OnStar on separate fuses: https://www.chevybolt.org/threads/remove-mobile-data-chip.33...
^ that Bolt forum thread also talks about some of the downsides of disabling the antenna (e.g. GPS won't work so your home/away charging settings don't work anymore).
Phone meta data is tracked. Car meta data is tracked. Supplement with credit card data, browsing history, the Rings in your neighborhood, etc., etc., etc.
Per, "Stand Out of Our Light", we don't stand a chance.
https://www.theguardian.com/us-news/2019/jul/20/stand-out-of...
https://m.youtube.com/watch?v=MaIO2UIvJ4g
3 replies →
Guess we live in different worlds. Pretty much everyone around me, friend, family, coworker, or neighbor is fully aware and expecting any and all devices around them to be spying. Not all care or think it's nefarious though.
1 reply →
You should request your LexisNexis Risk consumer disclosure report.
Edit: please report back!
I just did! Very interested in seeing what’s in it.
Time to find the ATT SIM card and gut it from both of my vehicles.
Most cars have an integrated SIM. You can either pull the fuse, and lose a bunch of functionality, or if you're clever, throw an attenuator on the antenna rendering it useless but preserving the functionality of the rest of your car.
4 replies →
Time to pop it in a data usage heavy device for free data.
The bbc or someone has had at least one article about a bird tracking device that operated via cellular and a sim that expected 5k or less data a month suddenly started charging gigs a month in their home continent just after the last natural looking flight of the bird ended, the ornithological society involved had a few shock bills.
3 replies →
> Anyway cat is out of the bag, they won’t undo this feature they will pay a fine, offer an opt-out to 5% of users who take up the offer and in 10 years time everyone will assume their driving habits are being monitored by their insurance company.
So can't the plaintiffs just request an order compelling GM and others to remove the feature forever as part of the remedies?
Specific Performance. A court can order as the equitable remedy that one of the parties does a specific thing. Yes, in principle. But no in practice.
The real world use of Specific Performance is mostly in Real Property ie the ownership of land and this is because land is very obviously not fungible. The square meter of land I need to get my cows from the grazing field to the nearby milking shed is not in any way equivalent to an otherwise similar square meter of land on the far side of the field leading nowhere, and having the wrong one can't meaningfully be compensated with money whereas the court can just order Specific Performance (ie the wrongful owner hands over the land) to fix the problem.
But even beyond that in practice class actions are primarily about the lawyers getting a healthy pay day. $1M each for us as lawyers and each individual "participant" in the class action gets $1 and a 5% discount coupon that expires in six weeks? Sounds good. For the lawyers the incentive is that pay day and the only reason to care about their participants is that if they're treated too poorly a judge may not sign off on the deal.
We really need something with fangs that actually hurts companies. These “kid gloves” solutions in the USA do not incentivize good behavior.
1 reply →
Specific performance is a contractual remedy. It is rarely granted because contracts are usually about business arrangements, and you can solve most of those problems with money. So for contracts the usual remedy is monetary damages.
Courts are more than able to order parties to do things without invoking specific performance via injunctive relief, which you’ll see from the complaint is what is being sought by the plaintiffs.
2 replies →
> in 10 years time everyone will assume their driving habits are being monitored by their insurance company.
And even if there continues to be an opt-out, those plans will become so prohibitively expensive that you're essentially forced to allow your insurer to spy on you. Privacy is always priced out in the free market. Regulation is the only way. It's not a net benefit to society, just outlaw egregious data collection.
How does the data leave the device? I tried to route traffic from the infotainment system into a WiFi network I was wiresharking, and I saw a lot of GM traffic but I couldn’t install a cert to MitM because I couldn’t figure out how to access the Android settings for the dash OS.
Is the traffic through there or is it totally within the CANBUS and never hits the WiFi outbound? In that case do you need to hijack the 4G?
Not that I support any of this, but why would networking speed be the bottleneck in that system? Telematics seems very much like an OLAP situation where data ingest and querying can be asynchronous.
I read it as they are continually generating so much telemetry data that they’re saturating the link to the storage layer.