Chaos Communication Congress is such a cool event… 🇩🇪🇩🇪🇩🇪
Last year, they hacked a train to prove that the manufacturing company wrote code that fully locks the train when it arrives at rival repair shops.
What models have they tracked?
Hard to know as the whole presentation hasn’t been released yet, for now only people who were in the conference room would know.
Let’s be real, any VW cars with a head unit with maps capabilities and a SIM card are certainly tracked down. Why would it be limited to electric drivetrain cars only? There’s no GPS in the motors… It’s in the head unit
This echoes my thought. A friend of mine had a petrol driven Golf from like 2019 or so with an app he could use to access it. I think it had a GPS built in, so I don’t see why VW wouldn’t have been able to record that.
Car manufacturers don’t face nearly enough scrutiny or regulation as they ought.
In the now-released video, he mentions that it’s all the cars that use the MED-platform, which happens to be electric cars.
Specifically, he mentions these models:
- VW ID.3, ID.4, ID.5, ID.7
- Skoda Enyaq
- Audi Q4 e-tron
- Seat Cupra Born
I don’t know, if this is a comprehensive list.
It’s mentioned around 3:30 in the video.
Ah, thank you!
So the Leon is not included, thank you for clearing that up (:
They do actually mention the Leon on one slide at 13:48 and then another at 16:35. The first is related to enrollment data, which is basically whether you’re using their app + some metadata. The second one relates to their fleet management solution, which does allow them to collect position data, apparently. But I think, the Leon is not part of this leak, at least. At 22:26, they show the list of models that are part of the leak and the Leon is not mentioned.
Pretty much all objects with Internet connections that aren’t running FOSS top-to-bottom.
I just watched the video. It is again a great and understandable talk, even for someone who has little technical knowledge. They also subtitle all their videos in English. I recommend it to everyone.
Video-Link with English dub: https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen#l=eng
Is there a company yet that let’s me pay them to internet disconnect and rip out sensors on a modern car?
I recognize that its a tricky process, but since the Mozilla report, it seems like there’s a market for it. I’d happily pay $5k for a privacy-mod to an electric vehicle.
You misspelled: “I will happily re-elect and maybe donate to someone that will vote against this bullshit use of people’s data.”
Edit: my point is no one should be subject to this BS regardless of how much they can pay.
No
I don’t want this data to exist
That’s different from controlling use
Either way, it’s better not to force people to pay to keep their privacy.
It’s a well known privacy issue to those who care about privacy. It’s Official: Cars Are Terrible at Privacy and Security
The good news is that it this information will eventually reach the insurance companies. That should help with terrible car drivers getting some incentives and disincentives to not suck so much.
Automakers Are Sharing Consumers’ Driving Behavior With Insurance Companies - The New York Times
If you want freedom, you get a bicycle.
Nah, it’ll just make insurance more expensive and allow them to have more excuses to deny claims. Giving insurance companies more data to work with is never a good thing.
Deny claims and raise the premium.
Don’t want to deal with car insurance? Help end car dependency.
Slow!=good, slow is just slow. Driving 25 in a 35 doesn’t make you a better driver.
But lowering the speed limit to 25 and redisigning the street so 25 feels fast does increase safety.
Putting digital GPS governors in all the cars to limit them to the speed limit also increases safety. If e-bikes are dangerous enough to require governors, then cars certainly need them as well.
Neither of these ideas are remotely related to the topic. There’s probably arguments for and against both of your points, but that doesn’t matter.
Isn’t this very illegal in the EU?
Can we please start criminally punishing the execs that signed off on this?
There is an enormous problem with companies just knowingly and willingly breaking the law, taking the fines as cost of business
For your own good, boy
You can probably assume every device with satnav and an internet connection is doing this.
And those 20 pages of text you scrolled to the bottom of without reading in order to click the OK button to get the directions to the nearest McDonalds gives them every right to do so.
Das Dumbass
They collect every single thing from how many times you open your door to how fast you drive
hahahaha toldya x50
Surprisingly little in Turkey
Same in Spain
Somebody made it public explicitly because S3 buckets are private by default. So I guess some of their components needed to be able to read it and they didn’t have the skills or time/money to do it in a more fine-grained way.
I am so glad my car was made just before all this massive enshittification.
Teaching sand to think was a mistake
