We know where your car is

by uxhackeron 12/29/2024, 2:54:30 PM with 14 comments
  • by uxhackeron 12/29/2024, 3:33:12 PM

    TDLR: The data was held by VW subsidiary Cariad. The location data was available for Volkswagen 460,000 vehicles in Amazon cloud. It was 300.000 cars in Germany, 80,000 in Norway, 70,000 in Sweden, 60,000 in the UK, 61,000 in the Netherlands, 50000 in France, etc

  • by riiiion 1/2/2025, 10:01:36 AM

    GPS car data was used to find a crossbow killer in the UK few years ago.

    The killer torched the car but the car had already uploaded GPS and black box data.

    https://www.bbc.co.uk/news/uk-wales-65985341

    I recommend the referenced podcast there, the whole story is crazy.

  • by amatechaon 1/2/2025, 10:23:55 AM

    You can watch the recording of the presentation at https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-vo... , including with translated audio tracks (!)

  • by cjrpon 1/2/2025, 10:16:18 AM

    That level of telemetry-upload used to be easy enough to disable as there was a physical SIM card (usually in the glovebox); without that there was no remote connection. But I suspect it's a lot harder now, thanks to eSIMs etc.

  • by mikewaroton 1/2/2025, 12:14:26 PM

    This isn't the only way they know where you are. WAMI systems[1] are rumored to be deployed worldwide by many 3 letter agencies. (Much in the same way general surveillance of the public was rumored before Snowden's revelations)

    [1] https://en.wikipedia.org/wiki/Wide-area_motion_imagery

  • by m2f2on 1/2/2025, 11:24:02 AM

    Is this another instance of "my external contractors need access my data but I cannot ask them to install an authenticator app on their BYOD mobiles"... Nor manage proper authentication for my randomly built BI suite?

  • by chimo777on 1/2/2025, 10:52:58 AM

    Privacy doesn't exist in this 21st century.

  • by isaiahwpon 1/2/2025, 12:16:06 PM

    It's scary how surveillant car companies now. Next thing you know, the companies will track what you do in your car.

  • by lifestyleguruon 1/2/2025, 10:33:36 AM

    I'm so sick of everyone frivolously requiring mobile phone number and email address and there doesn't seem to exist much resistance from general user base.

  • by chvidon 1/2/2025, 11:42:05 AM

    Rmeinds me of these two tweets by Elon Musk on the Cybertruck explosion at a Trump hotel:

    https://x.com/elonmusk/status/1874579547452269054

    We have now confirmed that the explosion was caused by very large fireworks and/or a bomb carried in the bed of the rented Cybertruck and is unrelated to the vehicle itself.

    All vehicle telemetry was positive at the time of the explosion.

    https://x.com/elonmusk/status/1874558969802547611

    The whole Tesla senior team is investigating this matter right now.

    Will post more information as soon as we learn anything.

    We’ve never seen anything like this.

    ---

    It is obvious that car companies have a lot of access to the modern "highly connected" cars they are making. And perhaps also more than what they say officially and are sharing with authorities under normal circumstances.

  • by tietjenson 1/2/2025, 9:43:59 AM

    Was it in an S3 bucket?

  • by BlueTemplaron 1/2/2025, 9:52:20 AM

    (de)

  • by LightBug1on 1/2/2025, 12:19:49 PM

    [flagged]