Comment by nurple
19 hours ago
> Even after the modem is removed, if you connect your phone to the car via Bluetooth then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota. However, if you use a wired USB connection then it does not do that (see the discussion here and elsewhere), so I exclusively use CarPlay via USB.
The problem with this is that both carplay and android auto capture their own vehicle telemetry. So even though the car is not able to use your phone as a general data pipe, Google and Apple still get access to this data when you're connected.
They are both very cagey with how they talk about this (or don't).
And once you've gotten rid of Google and Apple, your telecom company tracks you, your CC payments help track you and even cameras in public do.
It's hard to not want to throw your hands in the air screaming "whatever" when almost everything you use in public is somehow used to track you either as you move around, or in the future.
This is one of those things that can't ever be solved with individual solutions but needs to be solved through legislation and standards, and ideally a fundamental right to privacy (and a fundamental redefinition of what privacy means when it comes to corporate surveillance of individuals).
Needless to say, cars in the UK/EU have no such privacy invading features without an explicit opt-in thanks to sensible data protection legislation; including the GDPR.
The FUD spouted on here by the scummy adtech industry about legislation to protect YOUR privacy is mind boggling. These are the people doing the digital equivalent of sniffing your underwear to work out what you had for breakfast.
(And before somebody shouts FUD about the UK/EU vehicle eCall 112 system, that certainly doesn't track you or seek to invade your privacy on any level!)
27 replies →
[flagged]
14 replies →
Its quite easily solved. Stop buying them. There's lots of cars out there that don't have these fun features. Buy them.
> your CC payments help track
Not only that. Them and the point-of-sale vendors (aptly shortened PoS), sell that data. They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.
The websites (and even their retail locations) you buy from send your purchase data to meta and other advertisers directly via APIs so they can better track their marketing conversion rates. You can browse their APIs [1][2] to see what kind of data they like to get, but it tends to be every piece of identification they have on you. Rewards programs make this a much richer data set. You don't need to be a user of Google/Meta for them to build a marketing profile based on this. Google links your physical conversion from ads based on your maps data. Facebook does the same if you give them your location data. Many retailers attempt to use the bluetooth/wifi signals from your phone to track the same data even if you pay in cash [3].
There's no legal framework preventing this outside of the EU and California.
1: https://developers.facebook.com/documentation/ads-commerce/c... 2: https://developers.google.com/google-ads/api/docs/conversion... 3: https://www.nytimes.com/interactive/2019/06/14/opinion/bluet...
> They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.
Yeah I think the big thing to push or talk about is that there is no such thing as "anonymized".
There's only such as a thing as "can only be identified as X many people". Like for a given dataset you can make any data point correlated to 1 of say 50 people. If somebody is anonymizing data and they don't provide a k-anonmizity [1] you should just assume it's 1:1 and effectively not anonmized.
[1]: https://en.wikipedia.org/wiki/K-anonymity
1 reply →
> They tend to attempt to do this anonymized. How successful they are in anonymizing that is very much so up for debate.
In the good old days, if you were found to be informing on your neighbors to hostile powers, you were liable to find yourself in a mass grave when the political winds shifted, or even sooner.
But now it's so convenient and discreet and common, we think nothing of it. Plus, Google and Apple and Facebook and their partners and everyone they sell data to are our friends, not enemies :)
True, but we must not let the perfect be the enemy of the good. I don't own a smartphone, so neither google nor apple track anything about me that way. I leave my dumbphone at home when I'm out and about, so it basically works like a traditional landline phone, again, no data there (except for phone calls and textmessages of course).
My car is old, so no gps/trackers there, but this is troubling of course. I think that if/when I buy a new one, it has to be either some vintage car, or I have to find a workshop who can rip out all the tracking.
CC payments can be mitigated by paying cash, when available. But yes, CC and bank are a concern and so is CCTV.
Nonetheless I'll still try to maintain what privacy I can.
You do you, John C. Calhoun of Minerva Road, Springfield, CO.
An agent will be shortly with you to assist in that endeavor.
2 replies →
A friend used to work in ad tech years ago. The telecoms sell real time location data to digital billboard companies which are targeted at whoever is nearby. It's basically minority report. I can definitely imagine they're now using visual processing and face recognition on the billboards.
> And once you've gotten rid of Google and Apple, your telecom company tracks you, your CC payments help track you and even cameras in public do.
Maybe, but what happens without the mod described is that Google and Apple track you in addition to the telecom company. That, of course, assumes that you carry a cell phone tied to your identity. Some people refuse to carry cell phones altogether because of the privacy implications, or use them mostly in airplane mode with an anonymous SIM for backup.
It’s still worth minimising how many companies get your data, and minimising the data itself. I’m not sure what data Apple and Google get specifically out of their car thingies, but it’s very easy to avoid using their car thingie.
I use a googleless flip phone and just don't do anything important on it, and leave it behind often. We didn't always carry tracking devices with us, you can choose not to.
You can also buy an older car that doesn't come with a SIM card installed.
This is the way! But note that telcos are working hard to ban dumbphones from their networks. There is a clear push to force people to dump dumbphones and accept the digital surveillane device.
Should that happen, I will move to a VoIP provider. Not perfect, but better than a smartphone.
At least you can shut your cellphone off and pay in cash.
RE .... company tracks you ..... [ somewhat off topis ]
Did you know ... in many countries government tracks car number plates and the data is stored for many years.
Exactly, and more and more places are removing cash as a payment option :(
Cash handling isn't free, and for smaller businesses might actually end up being more expensive than accepting electronic payments.
19 replies →
1987 4runner, no phone, use cash.
I have heard whispers at times that people who operate 'off grid' like this end up being viewed heavily as persons of interest.
Anecdotally via friends in law enforcement.
1 reply →
Perhaps it's time to give up some convenience for old ways, eh?
[dead]
Is there any information about precisely what vehicle telemetry they capture and retain?
I know the laws are far from perfect, but isn't there some legislation compelling them to disclose what they collect?
What specifically would be the most relevant law/regulation? (If it varies by geography, pick any major market, eg. California, that is big enough to impact their engineering design and the content of published material). You mentioned they're cagey, and my aim is to examine if there's a gap between what they're supposed to disclose and what they do, which could be rectified by litigation. Eg. If they just say "vehicle telemetry" that doesn't tell you much, and I'd happily contribute to an EFF effort to get them to elaborate.
Alternatively someone who works close to this code could provide some examples of what a "typical" smartphone OS platform collects these days.
GDPR should work to get a copy of the data, also it would only be allowed to be collected with explicit permission -- I'm assuming that data about your car is PII about you.
Generally speaking the author seems to wave a bunch of conspiracies around without the evidence to support it, or frankly, much technical knowledge.
The author seems unaware that in iOS you can uncheck nearly every single location usage the OS and Apple Apps themselves collect.
On iOS not only can you shut off things like traffic reporting while using Maps and cellular/WiFI/Bluetooth data collection...unlike Google, Apple will let you use those services without requiring you contribute to them.
> the author seems to wave a bunch of conspiracies around without the evidence to support it
The author provides links at the top to credible reporting on relatively well-known privacy concerns.
> They are both very cagey with how they talk about this (or don't).
No, not really - at least not apple. They are very clear on what CarPlay’s privacy stance is, and they’ve got privacy white papers on pretty much everything:
Eg. https://www.apple.com/privacy/docs/Location_Services_White_P...
Again, at least on the apple front this comes off as a ton of “stated without evidence “
What does a user see when enabling CarPlay on their iPhone, and not browsing apple.com for random .pdfs?
You need GrapheneOS to sever the link to Google. You can also deny specify apps and services Internet access.
Is android auto still available with Graphene? AA is genuinely one of the few life-changing features introduced in the last decade that I'd prefer not to go without.
Mostly works, some stuff doesn't. The worst thing that doesn't work is alternative maps (e.g. OsmAnd).
Yep and works flawlessly via USB for me. That was a deal breaker for me for the longest time too.
Allowing it to connect over Bluetooth requires granting AA plenty of additional permissions which I didn't want to do (but hey, on GOS at least you can muzzle that thing).
I like the idea of graphene, but I worry my banking / brokerage apps wouldn't work anymore and that'd be a deal breaker
The Graphene community maintains a list of compatible banking apps.
Another possibility is to keep an old/cheap, stock Android phone at home with WiFi only for apps like this.
1 reply →
Standard Carplay is essentially an additional screen for your phone - your existiing privacy settings carry across. What's your concern?
Unfortunately that's not quite true, since the "app screen" on the media display during Android Auto use has an additional "Toyota" icon that AFAIK isn't coming from my phone.
What's more concerning is that it's entirely unclear exactly what information is shared over the Android Auto link, in my case, over Bluetooth.
There's a protobuf-based API for two-way communication between the Android Auto app and the head unit [0]. It depends on what the headunit supports, but this includes data such as GPS location, steering wheel button activation, accelerometer data, parking brake activation, gear selection, touch screen input, dimmer switch position, odometer, and much more.
A lot of this has obvious use within the AA interface; for example, the parking brake position is used to prevent scrolling too far through lists, and the car's GPS is usually much more accurate than the phone's and better on the phone battery.
0: https://github.com/f1xpl/aasdk/tree/development/aasdk_proto (pretty old reverse-engineering effort)
6 replies →
That icon is a "close Carplay/Auto" button. My Subaru has a Subaru button; my wife's Mazda has a Mazda button.
>if you connect your phone to the car via Bluetooth then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota
Source? Can bluetooth devices do that without the user's knowledge?
I assume that the original article statement is referring to connecting to CarPlay/Android Auto wirelessly, not simply connecting via Bluetooth for a speaker-type setup. But I do not know that this is the case. Certainly, I would assume all privacy bets are off if you connect CarPlay/Android Auto in any manner.
> then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota
How?
They are probably confusing google auto with bluetooth.
On Android there is an option called "Bluetooth tethering - Share phone's internet connection via Bluetooth" . If it is On and you are connected to the car's bluetooth it will have internet access via your phone.
3 replies →
A 12v bluetooth to FM transmitter can at least give you tunes and a speaker phone feature.
In a perfect world they wouldn't collect it either, but I'd rather Apple have it than the car manufacturer (or rather, only Apple vs both Apple and the car manufacturer)
I use android auto through grapheneos thankfully! this is crazy!
this sounds like donning a TNT vest to diffuse a bomb
Can you clarify? Does it feed it bullshit data? Because android auto expects car telemetry data which it streams to Google's servers. Which is a big no-no for me for obvious reasons.
It doesn't stop Android Auto from doing whatever with the car data, but it's sandboxed to have no more default privileges than a regular app, so it can be denied access to your phone's data by default (apps, contacts, etc.). Wireless AA will only work if you grant it extra privileges; wired AA does not need them.
You can also "firewall" AA via something like TrackerControl, this would let you block connections to eg. Google Analytics servers without denying network access altogether (which would likely cause AA to stop working). I've only used AA with short-term rentals so I didn't spend too much time exploring these options.
2 replies →
> The problem with this is that both carplay and android auto capture their own vehicle telemetry. So even though the car is not able to use your phone as a general data pipe, Google and Apple still get access to this data when you're connected.
Do you have evidence or a citation for this? Or is it just the sort of statement that’s made in the pretty certain expectation of upvotes on HN?
I would have liked to have seen this citation too instead of seeing you get downvoted.
What about if it's just paired as an audio device rather than through an app?
Don't get CarPlay/Android Auto that way though, so no navigation/maps for example.
Sure -- I'm not asking a general question, but thinking about my wife's phone, which is paired as an audio device. It sounds like we're probably in good shape.
Are there any cars that support CarPlay/Android Auto that don't have built-in navigation/maps?
6 replies →
I trust Apple more than I trust Toyota.
You shouldn’t. Apple preserves backdoors in iCloud encryption to enable warrantless government surveillance. They have no other option.
It's weird to hang up on this specific item because they do actually offer an E2EE icloud option. Lose your key: lose your data.
https://support.apple.com/en-us/108756
2 replies →
Yeah, but at least for now they don’t have the power to remotely disable my car or jack up my insurance prices and I trust Apple 1000% more than any of the other random car companies do not sell my data.
> then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota [...] so I exclusively use CarPlay via USB.
I would be concerned that a passenger connecting their phone to it while I was driving.
In other cars I've been successful picking up the relevant modules for peanuts from surplus/scrap then just desoldering the RF-active components (like bt radios, etc) and swapping them in. YMMV but if it doesn't work you're just out the cost of a junk part.
Even if some radio feature is benign its existence means that its hard to be confident that there isn't some other telemetry feature you missed. With no connectivity at all you don't need to worry that you missed something because you can monitor the car with a spectrum analyzer and observe its never transmitting.
Unfortunately in some newer cars you can't swap any modules without a dealer tool to pair the module to the car, presumably in a bid to prevent third parties from fixing the car (presumably preventing people from lobotomizing their surveillance isn't on their radar yet).
They are cagey because they get nearly $100k upfront with crazy interest rates, and then they make a ton of money through their spyware.
Honest question: what do you mean?
You pay inflated prices for the car and then they still steal and sell your data. This isn't hard to understand, same thing smart TV mfg do.
7 replies →