this post was submitted on 08 Nov 2023
425 points (98.6% liked)
Privacy
31934 readers
587 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Seriously, these cases seem like giant nothingburgers.
Did you expect that your car wouldn’t have your text message when it’s displaying it on the screen or reading it out loud?
Now, is there malicious intent? Can they be retrieved by technicians at the dealership if your phone isn’t plugged in? Is it forwarding them back to Honda Corporate or Zuck himself? If so, that’s a significant problem that would probably belong to Android Auto and Apple CarPlay…they should be storing them encrypted and only be able to decrypt them when the phone is connected. But I don’t see any mention of that in the article.
I expect to have access to all of my data that the system retains. I expect them to not share my text messages with anyone else. I expect to have the ability to manually delete data.
I prefer that it doesn't retain information any longer than I have use for it.
That's not asking much.
But tons of stuff would have to get sync’s every time you connect your phone. Better to have them cached, encrypted at rest, decrypted by key stored in the phone, and just do a diff-sync.
This should be very easily possible with CarPlay and Android Auto. I have no idea if it does or not. But as Apple and Android both control both their respective app and the OS of the attached phone, there’s no reason it can’t (and even pre-compile diff packages for known cars, or expire and purge both sides after X days without a connection)
That may not be true for regular old Bluetooth though…which likely has more to gain in performance from caching the resources due to BTs limited throughput, but also has to conform to standards.
There's really no reason to cache anything more than a day old. And if you're using Android Auto, the car shouldn't need to store anything. It all goes through your phone.
And it says that they are selling your personal data, including your personal conversations to target ads and to law-enforcement
What would even need to be cached? Text is text, you shouldn't need MMS besides maybe voice, media is streaming anyway, and maps are, again, text. Anything else, your phone is easier and faster, and probably works better.
From the article (did you read it ?)
"Many car manufacturers are selling car owners’ data to advertisers as a revenue boosting tactic, according to earlier reporting by Recorded Future News. "
So yeah at least some of them collecting it are then selling it
Their citation for that is their own article, which doesn’t mention anything about selling data from phones, but does talk about cars generating upwards of 25GB per hour of raw telemetry data. Again, mostly uncited.
The point of that line is to drive intra-site clicks and mislead you into getting more upset and drive the ever important “engagement”. Unfortunately a common theme in modern media.
Here you go bro
https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/