This is why I stopped talking to my wife six months ago and only send her fully encrypted messages through my Freedom Phone. She doesn't know how to read them, but I wasn't gonna let big tech mine our data and ruin our marriage. She ended up sleeping with Elon Musk. But at least my data is safe.
Tesla can access all Tesla cars and download the stored Surround video footage. In case of crimes this is nice.... But... If there is footage of you sleeping with Elon Musk's wife next too the car, you have a problem.
But a car isn't free, unless there exists a company that gives out free cars, I would love to know about them. Another privacy related video, another "hurr durr you are ze product" comment that tried way too hard to sound cool.
It’s not just cars. It’s in everything. I was shopping for a new refrigerator and my response to the salesman was “ why would I want my refrigerator connected to WiFi?”
I've been beating the privacy drum for over 20 years, but my biggest takeaway after dozens of papers and articles about invasive tech is that nobody cares.
He ordered unpatched computers connected to the open internet (not even LAN?) and he thinks that a computer not getting rebooted for 3-6 years is somehow.... amazing? Or bad? Edit: Clarification comment below. Having malware already "living" on your LAN which then attacks unpatched machines is a major screw-up by corp-o IT. This is something you have to assume is already getting handled with routine scans because you're not gonna get anywhere by questioning every single foundation block.
@@SomeRandomIndvl no he is just a troll. He has a few other comments making fun of people wanting to stop allowing previous owners from accessing their location information.
@@AB0BA_69 He probably didn't order them. Ironically, the "upper management" at his company probably did all that before he even joined, if I had to guess.
There is little to no privacy regulation in the U.S. so your data and habits are harvested. Add consumer ambivalence plus poor corporate IT security and you have makings of a perfect storm. Thank you for raising this issue!
It’s not even lack of security as much as our data is a commodity. Our data is literally being auctioned off to anybody and everybody who wants it. If some Albanian mobster wants your identity he just legally buys it no hacking needed.
Don't expect any, specially in the US. Apparently americans learned nothing from Snowden and many other people who tried to warn the public about such practices. Big Tech companies doing it is nothing when the whole government is based on doing it. Today's US was built on public surveillance around the entire world.
Your Volvo story reminded me of my own horror story. When I bought my used TLX. The dealer hyped up its telematics a lot. But never actually bothered walking me through the process of setting it up. Few months later. I get around to wanting to set it up. And Acura tells me it’s still registered under the previous owner and they can see my location in real time. And I had to fax… yes fax was the only way. A copy of my registration and drivers license to prove it was my vehicle now. That was the only way to stop the previous owner from seeing my location. I about lost it.
Terrifying, i will purchase myself a total dog and dumb véhicule and feel great when I will turn the key in the dash looking at my analog shitty dials,
Painful lessons to punish neglect of the pressing issues; bad priorities. Old German saying: Those who don't want to listen will have to feel. (I have been urging people for decades, but they had their priorities set more selfishly-shortsighted.) Apart from that, it is a work professional principle and especially in IT that even an expert system has to be hardened against mistakes by those experts. So if an employee forgetting to implement a procedure leads to (especially irreversible) damage caused, that is unacceptable and another way needs to be found to prevent that.
I work in data privacy operations for one of the biggest tech companies in the world. Y'all should care way more about privacy; maybe then we could get some more overarching protections in the US. This video definitely helps you understand about a small portion of it.
See, this is the typical "fix it with a law" mentality. The problem isn't the lack of a law but the apathy of the masses. If people refused to participate into these "services" they would go away. Instead they're conditioned to see everything as a shiny new "feature" and to believe they have no choice but to drive a new car or buy a new phone. This is certainly a mess but it is one that we made ourselves and only we can really fix it.
@@willstikken5619 The tech is architected in a way that you cannot opt out. This isn’t a phone. I’ve worked in IT security and privacy for a long time. Consumer awareness will put pressure on companies, but cannot change this at the individual level.
@@willstikken5619 while having a law will not automatically "fix" it, Not having any legal precedents puts the consumer on the losing side. E.g my car had a "feature" to share my drving score" with insurance companies as a guise to get your better rates... no thanks... but The legalnese on the opt-out only states that it will stop sharing with 3rd parties. Could not get a rep tha can clearly state or disable if it is still capturing data. The convo would be much quicker if we have similar privacy laws as EU.
@@aroundomaha See, you're missing the point and misrepresenting what I said. i agree they are absolutely designed to be mandatory from a product perspective. What isn't mandatory is purchasing the product. It's not like it's health insurance... i agree this wont be fixed at the individual level. That's why i said the apathy of the masses is what has to be overcome. Markets are not individual actions but collective actions. As long as enough people buy the products companies will sell them. Even the "there outta be a law" crowd should recognize that you wont fix this without public support. Most of these "features" exist through a mixture of regulatory requirements and consumer demands. Without addressing the consumer demand you're never going to resolve this issue regardless of product type. The only point i think we really disagree on is the idea that government force is the best way to solve a market based issue. New laws will not make people less ignorant or apathetic.
As someone who has only owned 90s beaters and works in IT the amount of unnecessary tech in new cars is starting to worry me. Even cheap base model cars have cellular/gps radios and push button start fobs that constantly transmit. Anyone looking to track you doesn't even need access to the car, they can just see what towers you've pinged and triangulate your location.
@@user59371 cringe comment lol. You are the problem. What he is doing is none of your business. Whether he is donating to a homeless shelter, or maybe murdering someone in an alley. The fact you are tracked constantly like a chipped dog is odd. And the fact you are chill with it is even more odd. But hey, more power to you since its already favoring your point of view
@@user59371 the easy answer to whenever this question comes up is, in societies that are heavy on surveillance, private or gov't (which is basically all of them that have internet access these days), what you do today might not be illegal, but it might be illegal depending on who gets elected or installed next, so being safe now can affect you in the future.
@@user59371 ok, then you should be fine with them knowing all of your internet searches, activities, things you buy, your address, banking and card info, all without knowing if it’s going to be safe and they’ll be transparent when it isn’t 100% of the time. sounds reasonable, right?
It'd be much appreciated if you guys included some basic privacy review as a part of your normal car reviews. I'm not sure how feasible that would be time or effort wise, but I and many others would truly appreciate that information.
Geese hinted at privacy laws being weak in the US in general, at the federal level presumably, at least compared to the EU.There are terms and conditions that vary for each manufacturer. So I think reviewing privacy laws isn't all that simple because it depends on model and country the car is sold in.
Savagegeese is a diamond in a pile of poo on RUclips. The quality of reviews and commentary is head and shoulders above the average channel. This video is a masterpiece.
It's ironic how we look at the situation in Cuba where they continue to keep cars that are half a century old still running. The situation behind that circumstance is different, but the notion of old "dumb" cars could start having a lot more merit in other nations for the reasons given here.
This trend needs to start yesterday. Sadly, in this cynical world, it seems the only way that can happen is through political madness ruining the world and pushing us back into a medieval-tech era through violent means.
I subscribed to SavageGeese and I sold my fixed gear bicycle, shaved my mustache, grew a full beard, bought a Toyota Tacoma and started hanging out at craft breweries instead of "ironic" dive bars. Thanks SG!
I've been following them for a couple of years and I think this is the first time I've ever seen an upload on a Saturday. These geese are up to something.
Truth. I'm a professional networking firmware engineer. It has become so complex over the past 30 years that even with the best of intents, even if completely regulated, mistakes will be made and lead to bad results.
I'm glad someone with a little reach could shed some light on this situation. The last few Ford's that I've owned, the system was never reset. I could track both of my vehicles through the app. Initially I thought it was a glitch. So just for the hell of it I tried to starty old truck and sure enough it worked. At that moment I was thinking why the hell is there not a factory reset required every time the vehicle has changed owners. I can track everywhere it goes, lock, unlock, start and so on. All through my phone. On the other hand a new owner can see everywhere I went, search and home. I deleted both vehicles from my app since then however I still get notifications via email that the vehicle is in need of service or if there's a mechanic issue. That I'm not sure how to stop. I tried for the longest to not be quote unquote connected/plugged in but so many services essentially require you to be or your SOL. Great video and as always thanks.
Among the main lesson conveyed with this, this also demonstrates the need of the principle of error-proof expert systems. Experts can make mistakes, too, so reliance on them not making them is not good enough, especially when it can cause damage that is irreversible.
I think we should have an annual "Start Your Old Car Day". If everyone used their app to start a car they no longer owned and left it running wherever it was, there would soon be a public outcry and maybe more than a few house fires. Imagine if a car was started and it decided that a DPF regen was needed, while parked in a closed garage...
The addition of connected features is the car companies raising the temperature of the boiling water car buyers are in. All companies want 'Devices as a Service' Tesla started it, and BMW followed. Soon we won't own any products, just have monthly fees for everything.
I've worked in IT for 30+ years and part of my job includes server and end user security. The thing most regular folks don't realize is that IT organizations spend just as much time planning for WHEN they get hacked as they do trying to prevent being hacked. With the way things are these days, it's become impossible to be 100% secure. As such when I watch Mark and Jack review a new car loaded with superfluous infotainment or using your phone to start/steer/summon the car or "self driving" features, it makes me throw up in my mouth. Your cell phone or laptop getting hacked is an inconvenience. Your car getting hacked can get somebody killed....and I know full well there's nothing you or the manufacturer can do to 100% prevent it from happening.
Yep been in it 15 years myself, just as much time spent trying to implement security measures and disaster recovery. I say disaster recovery because being hacked is honestly more so like a disaster than a security event and not a matter of if but when. Which also helps convince clients to actually investment in the improvements. That said most hacking is done with monetary gains in mind, not bodily harm so I think that is part of the reason why it won’t be as common.
Hopefully I can keep finding vehicles with manual transmissions in the future, those won't go anywhere on their own. But that won't stop someone from turning the brakes off remotely while I drive. This isn't the future I wanted y'all.
Well said. I used to work in auto telematics engineering, and among the tech-savvy and even the engineers working on this stuff, people still don't care about privacy. It's hard to tell the risks of privacy because it does not hurt us in ways we can see or feel. Users want the experience, and whenever they hear about the problems, they think "It won't happen to me". I'm afraid of the day where these tech features are too useful to ignore. Could you imagine your future EV not letting you charge at full capacity or locking out safety features because you're not signed in?
Safety thing has already happened. There's an inflatable air bag riding jacket for motorcyclists that relies on a subscription service to deploy. If you don't make your monthly payment it won't deploy if you fly off the bike.
I too work in IT...IT security, specifically. Average users aren't going to care ANY time soon. No chance. The amount of personal info they share is eye-watering and they literally couldn't care less.
The lack of respect for consumer privacy (including the lack of respect by consumers for their own privacy) is very frustrating to me. Same with the subscription crap. I'll keep my old cars.
Kudos to you, but now governments are slowly trying to push the ban on old cars and they use environmentalism as an excuse. They will either put a ridiculous tax or force insurance companies to slowly reject older cars (in most places around the world insurance is mandatory). The Green Agenda is actually about control and surveillance. In Cali soon many people will be asked to choose: you get an EV (which you won't be able to charge) or go 100miles to work by bicycle.
“You are the customer and also the product” I’m so glad you guys are bringing attention to this. It blows my mind when people don’t think about their digital footprint and security.
I bought a 3 year old car recently. It was Opel and I bought it from an Opel dealer in Germany. Car still had 2 phones of previous owner in memory, their home and work places in map. Dealer did great job preparing car for sale, everything was perfect: new brakes, new oil, new filters, clean interior, but they didn't touch computer.
It’s all fun and games until a Nation State-sponsored Threat Actor hijacks Karen’s self driving Nissan Altima and remotely drives it straight through the entrance of your local Wendy’s.
Don't give them ideas. Drunk Karen is going to crash through the wall of a local orphanage like the fucking koolaid man one day and blame it on Hackers.
Nah it would be a dead give away it was hacked, we all know it would be a mustang spinning out and crashing into the Wendys. If it was an Altima it would have gotten stuck on a wall at the mid axle or In a position that makes no sense. Lol
Have you heard of Privacy4Cars? In Quebec Canada there are new rules that require dealers to reset/remove the information. I sell 1000+ cars a year and we are also implementing a data removal process before the resale of the fleet vehicles I sell. Thanks for the videos.
Wise words! I'm taking my security+ course now and if people knew how complex the Internet was and how many threats to their data were out there ......they still might not care, but i definitely do!
@@user-ki8zf1rp1e I'm in the air force, so I got sent to school for it but yes, it is a CompTIA test. I'm not sure if there is an official CompTIA course though. There are a lot of option such as Professor Messer and the Dion school
@10:30 I actually had that happen when I traded in my CX-30. I totally forgot about the Mazda connected services, and when I logged back into the app I was able to see the new owner's address because the car was sitting in their driveway. In fact, you can actually see my old CX-30 in the new owner's driveway on Google Streetview now. I had to manually go into the app and unregister the car. Thankfully I had no malintent, but it's definitely worrying that the connected services relies purely on the kind heart of the previous owner to de-register a vehicle from the service.
100% on point. The car owner should definitely have a way to disable the network connection via software (and hardware) and the ability wipe or delete them as the owner along with the associated data. The more you know about technology, the more you want to disconnect from it.
As someone who has worked in IT professionally over a decade (and tinkered with it far prior to that) new cars absolutely terrify me. People do not understand the security risk, let alone the massive headache a failed update can cause, etc. Let alone the privacy concerns. Thank you for covering this, it's so important and people don't seem to care at all...
Yep a dealership was doing firmware updates to an ECU on my buddies car and they were doing it over wifi! You better bet that it crashes in the middle and bricked the ECU, all of us working in IT at the time had some choice words for them. Hah
Right, you just gave me an idea for an HR data targeted data mining company. What we do is assess individuals data - especially internet searches , social media etc for the use of putting the data thru an algorithm that spits out a "hireability score". This Corp wouldn't be the hiring entity (directly) but instead hiring entities would buy the data on former drivers data (plus lots more) as tool to assess potential hires. Actually there are literally 100s of companies doing this ri8ght now with the data you supposedly "don't care" about
By now bred sheeple are probably afraid of the thought of not being hooked in all the time. It's the deep psychology of being scared of their inner world because it is so much in pain, so they need constant distraction from that.
I think that Tesla is so connected that it's obvious, and easy to clear data etc (eg if you sell). It's when it's not that obvious then it's a problem.
I traded in my 2019 Ranger and specifically didn't delete myself from the infotainment linked to the app, just to see what would happen. I was delighted a couple days after trading in to see that during PDI, they factory reset the system and booted me out. Good on that dealer.
This is precisely what scares the living hell out of me about this big push towards electrification. Suppose I’m a high ranking military officer and my personal car is an electric (as if I had a choice) and my car gets hacked by a state actor. Or say I’m a journalist who criticized a company or a government then, the next thing that happens is that suddenly my car won’t start or worse, an error message pops up and that my brakes don’t work going down a steep hill.
Ivory Hecker did a recent video about a very suspicious car accident from someone releasing a "sensitive documentary" and the idea of a possible hack was discussed
I can see a cottage industry of de-connecting aka modem removal springing up. I can also see car manufacturers doing what video game developers are doing now; releasing a buggy, unfinished piece of crap then promising to fix it with patches.
Thank you for this video Mark. I work heavily in data architecture and data privacy is something that people just don't grasp how important it is. Name the arena and companies are taking any opportunity to mine your data, so glad to hear you share your input on this with your big audience!
I sold my Subaru that had the telematics system, and I was aware of this and wanted to do the right thing… so I removed it from my app and reset the infotainment. Even after doing that I still get alerts in my email when the new owner has let the washer fluid run low. Car companies need to have an “erase all data and unlink” button either in the infotainment or the app IMO
That is a big oversight and a huge potential lawsuit of the owners of your previous XC90 if they found out you could see where they go and what they’re doing in the car. It feels like the manufacturers are just pumping out these newer more technologically advanced cars but giving the dealer networks zero guidance on what to do when cars transfer owners. The days of just handing over the keys are title are long gone with new vehicles.
If you think the dealerships don't know or couldn't find out you're living in a fantasy world. Any dealerships that don't know are as willfully ignorant as their customers. Also if the auto manufacturers made the dealerships explicitly aware then that would have to be disclosed during the sale as they have assumed part of the responsibility rather than something that at best gets buried in the fine print. The onus is on the buyer rather than your poor, innocent middlemen simply selling cars and begin exploited by the big bad corporations.
Great video Mark.. My 2000 Ranger is going to the shop today for a repair. It hasn't needed many over the past 17 years. It's been extremely reliable and I will continue to keep it on the road for the rest of my life. I'm not playing these tech games. I'm also writing this comment from my desktop computer from 2006. All original except for Windows 7 which was added in 2009, every update has been disabled years ago.. Still works flawlessly. Simple and reliable beats new and flashy any day. Keep up the good work. 👍
You have made a great point! I recently sold my 2022 BMW M4 and I was still able to track every location it's been at. I called the dealership, so they could reboot the system and let them know it should be mandatory to reboot. It is not safe for the new owner of the car to have every movement tracked.
One of the many reasons that separates Marks content from the rest of he automotive RUclipsrs. Not afraid to be the canary in the coal mine, going in depth on the stuff we all really need to be aware of as consumers. Thanks for doing these type of videos.
Yup scary AF stuff! I work at a local car dealer and could see the writing on the wall years before any of this happening. Because of this my newest car is a 99 Olds Intrigue, basically a ghost in the technology aspect. Because of this video when i do a used car check now im FOR SURE going to hard reset the infotainment. That totally slipped my mind! Thank you!
This is indeed a very real concern I have going forward. I love technology almost as much as I love cars, but not everything needs to be internet connected, especially not a car imo.
I bought a 2022 Kawasaki motorcycle, and am happy it essentially has 90s tech. It has fuel injection, an LCD screen and black box, but no internet or gps connection and even a cable operated throttle.
Thank you for this video, my illusion of my privacy is very important to me. I'm glad we all saw this coming 2 years ago and were able to stand up for our rights as consumers and not have our cars spy on us and send telematics to the manufacturers who would then sell the data to insurance companies who would then raise our premiums due to our driving data. Phew!
I really appreciate this type of content from you guys. Specially since I started studying for my cybersecurity cert. How accessibility brings a privacy factor.
Not even joking, my dad sold his Range Rover and still can connect to it through the app even though he sold it years ago. The car ended up in the Middle East, and till this day, we can still unlock the car, start it, turn on the lights, and honk the horn, from the app.
Thank you so much for bringing up this topic with regard to cars. Im not against newer cars overall, but this is one of the top reasons I’m hesitant to buy a modern car and why I will NEVER own a Tesla.
As someone in tech, I really enjoyed your explanation. I bet some people who have 3g in their cars are happy and hope planned obsolescence doesn't kick in. ALSO, you can disable 4G in your car. Its connected to that nice sharkfin antenna that you have to remove the headliner in order to disconnect.
11:00 literally exactly what happened to me after I sold my G70. Genesis didn’t even care, I called them and told them I could turn on this person’s engine if I wanted to. Really stupid.
Great and sorely needed video. When i bought my Audi used I discovered that the first owner was a doctor. He sync’d his work phone with the car and didn’t clear it before selling and neither did Audi. As a result I had his full contact list including some patient records. It was scary.
This is a great video. As an auto enthusiast, what is one to do? Do you just buy "dumb" cars? Or do you just make sure you wipe everything on the infotainment after you buy it before you sell? This reminds me of the ridiculous BMW seat heater subscription. I'm learning even more about this while trying to make my home smart.. all these companies want to turn everything into a subscription and I just can't stand it.
Keep as much stuff as you can analog. Reject digital. Reject connection. Do your homework, listen to what people like Edward Snowden and Julian Assange tried to warn you all about (and got persecuted/killed for doing it). Big Tech and the government are no different on this cause, they are few, powerful individuals working to stay and grow in power even more. By having everyone's data they can control it. They can change the way people see stuff, their opinions. They can hide what they are doing when they prevent it from showing up on your news feed. They can check your interests and enable only what they want to appear on your twitter and facebook feed. It is much much more than "generating targeted advertising"...
Another scary thing is the previous owner may still have a key, and could wait until after you've been to the jewelery store, daycare, or whatever and steal your precious cargo or whole vehicle. They can even see if they'll have enough fuel to make a getaway.
Would love to see this information incorporated into future reviews of individual models and their infotainments. I'm glad my 2019 Mazda 3 (Canadian spec) isn't connected. Was a selling point for me.
Thank you for putting this info out there. Out of the hundreds of cars I've sold and taken in on trade as a salesman, only one customer has ever asked me & watched me delete their information when they traded it in. And that was back in 2014! People are hideously unaware when it comes to this stuff. I appreciate your efforts in sharing some insight on this subject.
Preach it, preach it, preach it, PREACH IT! I don't understand how so many "don't care". How can someone not care? I believe it's got to be lack of understanding. I support this video 💯💯💯
You and your partner are about the smartest guys making RUclips car videos. What you describe is actually much bigger than privacy, it is the end of the mechanical world as everything becomes electronic. These kinds of tectonic technology shifts are the pivot points of history (wheels, writing, movable type, mechanization, steam power, electric power, etc.) For a full inventory of these effects I highly recommend "The Gutenberg Galaxy, the Making of Typographic Man. Though written 60 years ago, it describes exactly the issues you raise in this video. Keep up the great work!
This channel is GOLD!!! Not only the car reviews but behind the scenes. Other car reviewers aren’t talking about. Thanks Mark and Jack for all you guys do!
Thank freaking God I've been seeing more people talk about this. Verizon recently launched a new enhanced user experience clause in their privacy policy. Windows is even worse. My Phillips Hue lights try to connect to an IP address in China every 30 seconds.
Great video. A number of years ago I worked for a tech R&D firm and none of the engineers and techs drkve new cars, and that was by choice. Another area that is forgotten is rental cars, how many people connect their phones to the cars, grant access to their contact list and then forget to clear the data at the end of the term.
This is a great video. The day they started installing trackers and offering GPS in our cars I knew we're in trouble. There has to be greater controls in place if you're packing in such computing power. Scotty Kilmer is right about all this infotainment stuff being crap.
I can't tell you how many times I have rented a newer car and gone into the Bluetooth of the car and could see the phone books and last called numbes of the prior personas. This is a very enlightening video as I am about to purchase a vehicle that is connected. Thanks for the heads up!
Most car journalists not old enough to only care for established metrics such as ride comfort or performance only publicize the uncontroversial bright side of the technological innovations as recommended by the companies' marketing copy, and generally don't dare criticize anything meaningful about the products they're reviewing (read: advertising to potential buyers).
@@xXxNoisemaker Even older journalists are quite happy to play along the established play book. What Geese does here is go byeond traditional auto reviews and talk about the societal impact of autos. It's why this is such a great channel among other things. It's not just about reviewing cars and that makes this channel all the more refreshing. I can't stand most auto channels anymore, Geese is different in a very good way.
I agree with everything in this video. People really need to be more careful, and the point you made about the Volvo is scary because that’s 100% possible. I’m a locksmith, and in today’s age with technology its possible to duplicate keys from an app on your phone. So if you happen to have your car valeted parked and give the driver your house keys (on the same ring as your car key since who’s taking off keys from the key ring) now this attendant can copy you house key from simply taking a photo of it on their cell phone, look in your glove box at your vehicle registration or insurance card and have your address. So at this point they have a copy of your house keys and address without you even knowing. Scary stuff.
Good point what's worse is you need the insurnce and regerion in the car and that has always been that way... It's just gotten easier to take advantage of it.
I always give the valet only the car key. My house and other keys stay with me. House keys should have "DO NOT DUPLICATE" stamped into the key and any reputable key smith won't duplicate.
@@kennixox262Unfortunately that’s not always the case. In NY (not sure about other states) you aren’t required to have any license to duplicate keys so there is no guidelines that key makers (or locksmiths) need to follow. I personally am licensed and working in the trade for about 22 years so I wouldn’t duplicate a key that had a do not duplicate stamp without a letter and copy of a state issued ID.
Nice job and you're absolutely right--the implications of the right now are pretty deep, but the implications of this new tech 5 or 10 years from now? Wow. All car companies will have to be like tech companies, but tech companies tied to legacy products for 20+ years. What happens on that old car when it gets a vulnerability and doesn't get over the air updates anymore? What if its display and basic control software breaks and you end up with a bricked car? Sounds like we are overdue for some legislation to set some parameters in this wild west playing field, much like right to repair, which is long overdue.
I was talking to my sister the other day about this same exact situation. You don’t realize how expensive data mining is, but, we give away info every time we scroll or make a comment like this one. Data sharing and data collection is the most rising industry in the US by now. One should be aware.
It annoys me that with all of the automotive RUclipsrs out there, Savagegeese might be the only ones actually addressing this issue. Good on them for not always drinking the Kool aid like so many other automotive RUclipsrs
Phantasy Star fan huh? Ending is from PS1, music at the shop. You make a compelling case for us all to be vigilant about the data we share. Thank you SG.
When I was buying my new car a couple of years ago, I asked the dealership to disable to disable the dcm and they acted like I was crazy. They told me that many of the infotainment features wouldnt work without the dcm but I reassured them that I was okay with that. After I threatened to buy from another dealership that would do what I wanted, they finally did it. People act like youre crazy if you care even a little about privacy.
I got a similar reaction from a car insurance employee a few years ago, when I refused installing their OBD-II black box in exchange for sightly lower rates. I just don't like the idea of always being observed, having my driving style telemetered and judged, and having my position tracked and made visible in real time on a map. I understand there are beneficial aspects to some of that data collection (automatic call for help in case of accident, reduction in insurance fraud), but I won't agree to it until the whole thing is made mandatory (like it is going to be in the EU) and the privacy aspect starts being taken much more seriously and possibly better regulated.
@@willstikken5619 I actually saw a guy on a VW forum talking about doing it and how to get them to do it before I bought the car, so I knew they were able to. I guess the threat of going to another dealership was enough to get them to do it but now with the market the way it is I doubt they would comply.
I have always taken a hammer to my old computer Hard Drives, Apple phones and iPads when no longer needed. You would be amazed how many people sell their old tech with all the data intact. Very insightful show.
My old drives were chucked into the water near an airport landing strip (no witnesses for obvious reasons). Nearby signs clearly posted "RESTRICTED AREA NO TRESPASSING" so no one is gonna be looking down there any time soon.
Great stuff Marc....but sadly as someone who teaches Cyber Security it often falls on deaf ears as the attitude seems to be ...what's the worst that can happen?
To find out the worst that can happen we can ask ourselves if the Nazis or communists would have wanted access to a technology that allows tracking of all their citizen's movements.
The attitude is always "well I have nothing to hide" but it's more about those in power having access to said data/surveillance and using it to silence dissent.
Your: Credit could be fucked up Mortgage could be erased Car Payments.. car be repoed Power / Utilities Shut off Could be tracked from facebook, hunted down and killed.. while your home is burned to the ground.
This "hypothetical" leak has already happened. An electric motorcycle company called SuperSoco fitted GPS modules to most of their models that would allow users to track their bike, check the battery, in some cases even get a live feed of an in-built dashcam. People found a vulnerability in the app that allows anyone to see the live location and status of every GPS enabled SuperSoco in the continent. This had led to hundreds of bikes being stolen, and potentially dozens of break-ins, as thieves can see exactly when the owner is away, and see where the bike is, and if the alarm is active. SuperSoco still has not patched, or even acknowledged the issue despite being made aware of it.
When I added my wife’s Defender to our Land Rover account for remote locking, start, etc. I found out I still have access and control of a Range Rover Sport SVR I sold 5 years ago. I could unlock, lock it, or start it…wherever it is. Seems like an oversight to not remove it from my account when I traded it in half a decade ago.
I think oversight is too modest a word. If you traded your car in to a dealership I'd call that negligence towards the new owner on the part of the dealership.
At this rate, I will not be surprised that there is some car(s) out there that would get bricked if they don't receive a internet connection after some time.
@@thereissomecoolstuff My Mustang would and any of it's brethren in 2022... Or even all Totayas to my knowledge which the only car I have my doubts is Telsa.
We need an updated video for this topic. I would love a detailed review of each car manufactures car privacy and what data they take from you. Also, what (if any) rights you have. The more car reviewers that call this garbage out the better.
Traded a es300h 2021 to the dealer, I am still registered to the car, so all the new owner’s trip detail is presented to me. I know their home and work address, and this feels very very wrong and disgusting:(
...is the dealer punishable for this? Can you take the dealer to (small claims) court? Through them not sanitizing the car, your personal information is at risk and/or the new owners information is at risk...
@@K03sport I think my data is safe since I try to delete all the traces, but the biggest issue is that as the previous owner, I do not have the responsibility and time to go through all the hoops to delete the account. when I registered my Lexus account, it took half an hour to do it in the dealer, so there was no incentive for me to cancel it. There truly should be law governing these second-hand trades that forces the previous account to be deleted, but since every manufacturer implements different sh*tty versions of their connected services, I don't expect second-hand dealer CarMax to be able to cancel any service even if the law is in place. It is just so fragmented and confusing.
@@limitedreach4446 The rabbit hole goes deep. Never connect to the wifi at work. Never take home a company device. For the love of all that is good never install software on your personal device or login to anything with a corporate account. If you must have a computer at home for work physically disconnect the webcam and microphone and strictly never use it for anything other than work. Don’t even check the weather on it. Never get comfortable.
@@markm0000 My work equipment at home is in the back corner, facing the wall (so when I sit at the desk i face the room and the door), of a store room in the basement. when the camera activates it sees the wall. the mic hears almost nothing but the air handler and boiler. And I have my own camera in the opposite corner watching the work equipment. All the work equipment is on an isolated subnet where I monitor the network traffic. I'm not paranoid. I'm a professional.
Your car reviews are top notch, but information like this is invaluable to people that may overlook how they interact with their cars and devices, information people NEED to hear and think about whenever using tech. Great video SG!!! This could be used as a Security Awareness Training video in any company, and should be! That Volvo Connect real life story is some scary stuff.
People need to read the user agreement for tic toc , I heard they want access to your photos and practically everything else on your device.... thumbs up you two..
![Seungmin "그렇게, 천천히, 우리(As we are)" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/kAzmhLHePqU/mqdefault.jpg)
This is why I stopped talking to my wife six months ago and only send her fully encrypted messages through my Freedom Phone. She doesn't know how to read them, but I wasn't gonna let big tech mine our data and ruin our marriage.
She ended up sleeping with Elon Musk. But at least my data is safe.
Tesla can access all Tesla cars and download the stored Surround video footage. In case of crimes this is nice.... But... If there is footage of you sleeping with Elon Musk's wife next too the car, you have a problem.
Congratulations on the new kid!
🤣🤣🤣🤣🤣
😂😂😂 Freedom Phone!
🤣🤣🤣
If a service is free, you're the product.
But a car isn't free, unless there exists a company that gives out free cars, I would love to know about them. Another privacy related video, another "hurr durr you are ze product" comment that tried way too hard to sound cool.
@@t.k3579 The connectivity app is free. With Mazda they claim it's only a free trial period but they keep extending that over and over again.
Spot on
Cars ain't free though
💯
It’s not just cars. It’s in everything. I was shopping for a new refrigerator and my response to the salesman was “ why would I want my refrigerator connected to WiFi?”
It's the same thing even with a washer / dryer, you can connect it to wifi and have a tech do a remote check to see if something's wrong!
I have a LG vacuum that has WiFi
@@RayNLA Well that just sucks ...
@@tapper701 😂😂😂
The joke "You can run Linux on a toaster" didn't age well.
I've been beating the privacy drum for over 20 years, but my biggest takeaway after dozens of papers and articles about invasive tech is that nobody cares.
A subsection of humanity is going to make this mistake. A subsection is not. Just try to be on the right boat.
The rich care.
Ditto.
A few of us care. Not enough, but... well, it's something.
This is why Savagegeese is the essential automotive content creator.
He ordered unpatched computers connected to the open internet (not even LAN?) and he thinks that a computer not getting rebooted for 3-6 years is somehow.... amazing? Or bad?
Edit: Clarification comment below. Having malware already "living" on your LAN which then attacks unpatched machines is a major screw-up by corp-o IT. This is something you have to assume is already getting handled with routine scans because you're not gonna get anywhere by questioning every single foundation block.
@@AB0BA_69 you sound like a guy who insists on running Windows 7 because he can't do without some program or the other.
@@SomeRandomIndvl no he is just a troll. He has a few other comments making fun of people wanting to stop allowing previous owners from accessing their location information.
@@AB0BA_69 He probably didn't order them. Ironically, the "upper management" at his company probably did all that before he even joined, if I had to guess.
@@jonathanb1987 What? What were you smoking when you were reading these comments??
There is little to no privacy regulation in the U.S. so your data and habits are harvested. Add consumer ambivalence plus poor corporate IT security and you have makings of a perfect storm. Thank you for raising this issue!
Luckily you. Here you have to click about 9000 popups consenting for your data to be mined here and it's annoying af.
It’s not even lack of security as much as our data is a commodity. Our data is literally being auctioned off to anybody and everybody who wants it. If some Albanian mobster wants your identity he just legally buys it no hacking needed.
This is an old issue that’s now expanding to new markets
Don't expect any, specially in the US. Apparently americans learned nothing from Snowden and many other people who tried to warn the public about such practices. Big Tech companies doing it is nothing when the whole government is based on doing it. Today's US was built on public surveillance around the entire world.
oag.ca.gov/privacy/ccpa - some states like CA have laws.
Your Volvo story reminded me of my own horror story. When I bought my used TLX. The dealer hyped up its telematics a lot. But never actually bothered walking me through the process of setting it up. Few months later. I get around to wanting to set it up. And Acura tells me it’s still registered under the previous owner and they can see my location in real time. And I had to fax… yes fax was the only way. A copy of my registration and drivers license to prove it was my vehicle now. That was the only way to stop the previous owner from seeing my location. I about lost it.
Wow
Terrifying, i will purchase myself a total dog and dumb véhicule and feel great when I will turn the key in the dash looking at my analog shitty dials,
Did you also pull out the antenna or 3G chip afterwards so that Acura would stop getting your metrics? If not, then why not?? Lmao
Painful lessons to punish neglect of the pressing issues; bad priorities. Old German saying: Those who don't want to listen will have to feel. (I have been urging people for decades, but they had their priorities set more selfishly-shortsighted.)
Apart from that, it is a work professional principle and especially in IT that even an expert system has to be hardened against mistakes by those experts. So if an employee forgetting to implement a procedure leads to (especially irreversible) damage caused, that is unacceptable and another way needs to be found to prevent that.
The real joke is when China goes to war with the US and with a press of a button, all the Volvo stop working.
I work in data privacy operations for one of the biggest tech companies in the world. Y'all should care way more about privacy; maybe then we could get some more overarching protections in the US. This video definitely helps you understand about a small portion of it.
As a CISO I 100% agree. I posted this to LinkedIn to try and help drive traffic.
See, this is the typical "fix it with a law" mentality. The problem isn't the lack of a law but the apathy of the masses. If people refused to participate into these "services" they would go away. Instead they're conditioned to see everything as a shiny new "feature" and to believe they have no choice but to drive a new car or buy a new phone. This is certainly a mess but it is one that we made ourselves and only we can really fix it.
@@willstikken5619 The tech is architected in a way that you cannot opt out. This isn’t a phone. I’ve worked in IT security and privacy for a long time. Consumer awareness will put pressure on companies, but cannot change this at the individual level.
@@willstikken5619 while having a law will not automatically "fix" it, Not having any legal precedents puts the consumer on the losing side. E.g my car had a "feature" to share my drving score" with insurance companies as a guise to get your better rates... no thanks... but The legalnese on the opt-out only states that it will stop sharing with 3rd parties. Could not get a rep tha can clearly state or disable if it is still capturing data.
The convo would be much quicker if we have similar privacy laws as EU.
@@aroundomaha
See, you're missing the point and misrepresenting what I said.
i agree they are absolutely designed to be mandatory from a product perspective. What isn't mandatory is purchasing the product. It's not like it's health insurance...
i agree this wont be fixed at the individual level. That's why i said the apathy of the masses is what has to be overcome. Markets are not individual actions but collective actions. As long as enough people buy the products companies will sell them.
Even the "there outta be a law" crowd should recognize that you wont fix this without public support.
Most of these "features" exist through a mixture of regulatory requirements and consumer demands. Without addressing the consumer demand you're never going to resolve this issue regardless of product type.
The only point i think we really disagree on is the idea that government force is the best way to solve a market based issue. New laws will not make people less ignorant or apathetic.
As someone who has only owned 90s beaters and works in IT the amount of unnecessary tech in new cars is starting to worry me. Even cheap base model cars have cellular/gps radios and push button start fobs that constantly transmit. Anyone looking to track you doesn't even need access to the car, they can just see what towers you've pinged and triangulate your location.
So? What are you doing that you didn’t want anyone to see?
@@user59371 cringe comment lol. You are the problem. What he is doing is none of your business. Whether he is donating to a homeless shelter, or maybe murdering someone in an alley. The fact you are tracked constantly like a chipped dog is odd. And the fact you are chill with it is even more odd. But hey, more power to you since its already favoring your point of view
@@user59371 the easy answer to whenever this question comes up is, in societies that are heavy on surveillance, private or gov't (which is basically all of them that have internet access these days), what you do today might not be illegal, but it might be illegal depending on who gets elected or installed next, so being safe now can affect you in the future.
@@user59371 ok, then you should be fine with them knowing all of your internet searches, activities, things you buy, your address, banking and card info, all without knowing if it’s going to be safe and they’ll be transparent when it isn’t 100% of the time. sounds reasonable, right?
@@shanec9672 driving to work or the grocery store or a restaurant will be illegal in the future?
It'd be much appreciated if you guys included some basic privacy review as a part of your normal car reviews. I'm not sure how feasible that would be time or effort wise, but I and many others would truly appreciate that information.
Great idea!
Yes I’d love that
That would be consequential and very good!👍 An influential signal for change.
Agreed. That would be an excellent and unique statement from the channel moving forward.
Geese hinted at privacy laws being weak in the US in general, at the federal level presumably, at least compared to the EU.There are terms and conditions that vary for each manufacturer. So I think reviewing privacy laws isn't all that simple because it depends on model and country the car is sold in.
Savagegeese is a diamond in a pile of poo on RUclips. The quality of reviews and commentary is head and shoulders above the average channel. This video is a masterpiece.
+1
It's ironic how we look at the situation in Cuba where they continue to keep cars that are half a century old still running. The situation behind that circumstance is different, but the notion of old "dumb" cars could start having a lot more merit in other nations for the reasons given here.
In Mexico, some car models were made, without any changes, for 30 years. That's resilience.
This trend needs to start yesterday.
Sadly, in this cynical world, it seems the only way that can happen is through political madness ruining the world and pushing us back into a medieval-tech era through violent means.
What do you think Cash for Clunkers was for? Crush those old analog cars!
I subscribed to SavageGeese and I sold my fixed gear bicycle, shaved my mustache, grew a full beard, bought a Toyota Tacoma and started hanging out at craft breweries instead of "ironic" dive bars. Thanks SG!
I've been following them for a couple of years and I think this is the first time I've ever seen an upload on a Saturday. These geese are up to something.
We got no Friday video, so this was probably meant to be uploaded yesterday.
Truth. I'm a professional networking firmware engineer. It has become so complex over the past 30 years that even with the best of intents, even if completely regulated, mistakes will be made and lead to bad results.
I agree. This is far too important an issue to leave to legislators and bureaucrats.
I'm glad someone with a little reach could shed some light on this situation.
The last few Ford's that I've owned, the system was never reset. I could track both of my vehicles through the app. Initially I thought it was a glitch. So just for the hell of it I tried to starty old truck and sure enough it worked. At that moment I was thinking why the hell is there not a factory reset required every time the vehicle has changed owners. I can track everywhere it goes, lock, unlock, start and so on. All through my phone. On the other hand a new owner can see everywhere I went, search and home. I deleted both vehicles from my app since then however I still get notifications via email that the vehicle is in need of service or if there's a mechanic issue. That I'm not sure how to stop.
I tried for the longest to not be quote unquote connected/plugged in but so many services essentially require you to be or your SOL.
Great video and as always thanks.
Same with my old fords.
Among the main lesson conveyed with this, this also demonstrates the need of the principle of error-proof expert systems. Experts can make mistakes, too, so reliance on them not making them is not good enough, especially when it can cause damage that is irreversible.
I think we should have an annual "Start Your Old Car Day". If everyone used their app to start a car they no longer owned and left it running wherever it was, there would soon be a public outcry and maybe more than a few house fires. Imagine if a car was started and it decided that a DPF regen was needed, while parked in a closed garage...
The addition of connected features is the car companies raising the temperature of the boiling water car buyers are in.
All companies want 'Devices as a Service' Tesla started it, and BMW followed. Soon we won't own any products, just have monthly fees for everything.
Tesla didn't start it. They certainly normalized it, made it popular and more attractive but they were far from the first to attempt it.
"Own nothing and be happy"
Tesla started it? On cars, I believe GM started it with "On Star"! Overall, Bill Gates started it with Windows. I remember every version of Windows.
@@dennyj8650 >paying for windows
Just like they did with software programs. Use to could buy your programs on a disc...now it's all subscription based...an eternal pit hole.
I've worked in IT for 30+ years and part of my job includes server and end user security. The thing most regular folks don't realize is that IT organizations spend just as much time planning for WHEN they get hacked as they do trying to prevent being hacked. With the way things are these days, it's become impossible to be 100% secure.
As such when I watch Mark and Jack review a new car loaded with superfluous infotainment or using your phone to start/steer/summon the car or "self driving" features, it makes me throw up in my mouth. Your cell phone or laptop getting hacked is an inconvenience. Your car getting hacked can get somebody killed....and I know full well there's nothing you or the manufacturer can do to 100% prevent it from happening.
Yep been in it 15 years myself, just as much time spent trying to implement security measures and disaster recovery.
I say disaster recovery because being hacked is honestly more so like a disaster than a security event and not a matter of if but when.
Which also helps convince clients to actually investment in the improvements.
That said most hacking is done with monetary gains in mind, not bodily harm so I think that is part of the reason why it won’t be as common.
@@BigHeadClan Wait until the first ransomware attack on a car... Sorry your 100k car will not start. Pay up
Cars should definitely be air gapped systems
Hopefully I can keep finding vehicles with manual transmissions in the future, those won't go anywhere on their own. But that won't stop someone from turning the brakes off remotely while I drive. This isn't the future I wanted y'all.
That is why I drive an 80s tech car with carburetor. I don't want ecu's etc. None of the NWO business.
Well said. I used to work in auto telematics engineering, and among the tech-savvy and even the engineers working on this stuff, people still don't care about privacy. It's hard to tell the risks of privacy because it does not hurt us in ways we can see or feel. Users want the experience, and whenever they hear about the problems, they think "It won't happen to me".
I'm afraid of the day where these tech features are too useful to ignore. Could you imagine your future EV not letting you charge at full capacity or locking out safety features because you're not signed in?
Safety thing has already happened. There's an inflatable air bag riding jacket for motorcyclists that relies on a subscription service to deploy. If you don't make your monthly payment it won't deploy if you fly off the bike.
You'll have to have a subscription with variable rates based on charging hours.
Or you upset the marxist governments.
Elon musk already bricks Teslas from superchargers if the owner has it serviced by other than Tesla
I too work in IT...IT security, specifically. Average users aren't going to care ANY time soon. No chance. The amount of personal info they share is eye-watering and they literally couldn't care less.
The lack of respect for consumer privacy (including the lack of respect by consumers for their own privacy) is very frustrating to me. Same with the subscription crap. I'll keep my old cars.
Kudos to you, but now governments are slowly trying to push the ban on old cars and they use environmentalism as an excuse. They will either put a ridiculous tax or force insurance companies to slowly reject older cars (in most places around the world insurance is mandatory). The Green Agenda is actually about control and surveillance. In Cali soon many people will be asked to choose: you get an EV (which you won't be able to charge) or go 100miles to work by bicycle.
@@Sayua-chan That's where people have to grow a spine and say no. Or at the very least leave Looney Tune states like CA
“You are the customer and also the product” I’m so glad you guys are bringing attention to this. It blows my mind when people don’t think about their digital footprint and security.
I bought a 3 year old car recently. It was Opel and I bought it from an Opel dealer in Germany. Car still had 2 phones of previous owner in memory, their home and work places in map. Dealer did great job preparing car for sale, everything was perfect: new brakes, new oil, new filters, clean interior, but they didn't touch computer.
Well, what are you doing with that information?
@@DoctorSkillz Absolutely nothing. Removed it from computer, but it should have been done at dealership.
I bought a 15yr old car, 8yrs ago. Still got it, got no tech bs issues.
It’s all fun and games until a Nation State-sponsored Threat Actor hijacks Karen’s self driving Nissan Altima and remotely drives it straight through the entrance of your local Wendy’s.
Don't give them ideas. Drunk Karen is going to crash through the wall of a local orphanage like the fucking koolaid man one day and blame it on Hackers.
Karen's assault suv becomes a genuine one.
Nah it would be a dead give away it was hacked, we all know it would be a mustang spinning out and crashing into the Wendys.
If it was an Altima it would have gotten stuck on a wall at the mid axle or In a position that makes no sense. Lol
Have you heard of Privacy4Cars? In Quebec Canada there are new rules that require dealers to reset/remove the information. I sell 1000+ cars a year and we are also implementing a data removal process before the resale of the fleet vehicles I sell.
Thanks for the videos.
In Quebec, you remove it and then sell to the bikers, right? 😂
Wise words! I'm taking my security+ course now and if people knew how complex the Internet was and how many threats to their data were out there ......they still might not care, but i definitely do!
I'm also trying to get into cyber security. Are you taking the course through compTIA?
@@user-ki8zf1rp1e I'm in the air force, so I got sent to school for it but yes, it is a CompTIA test. I'm not sure if there is an official CompTIA course though. There are a lot of option such as Professor Messer and the Dion school
@@gladdy02 good luck. Study study study! We had many students leave Kessler and get reclassified because of Sec+
@10:30 I actually had that happen when I traded in my CX-30. I totally forgot about the Mazda connected services, and when I logged back into the app I was able to see the new owner's address because the car was sitting in their driveway. In fact, you can actually see my old CX-30 in the new owner's driveway on Google Streetview now. I had to manually go into the app and unregister the car. Thankfully I had no malintent, but it's definitely worrying that the connected services relies purely on the kind heart of the previous owner to de-register a vehicle from the service.
100% on point. The car owner should definitely have a way to disable the network connection via software (and hardware) and the ability wipe or delete them as the owner along with the associated data.
The more you know about technology, the more you want to disconnect from it.
So true, there is useful tech and tech that controls you. Knowing which one is which is very important but too many people are just sheep.
As someone who has worked in IT professionally over a decade (and tinkered with it far prior to that) new cars absolutely terrify me. People do not understand the security risk, let alone the massive headache a failed update can cause, etc. Let alone the privacy concerns. Thank you for covering this, it's so important and people don't seem to care at all...
Yep a dealership was doing firmware updates to an ECU on my buddies car and they were doing it over wifi!
You better bet that it crashes in the middle and bricked the ECU, all of us working in IT at the time had some choice words for them. Hah
Great content, as always! Unfortunately, even though you made it simple and have concrete examples, many folks still won't get it.
Some choose ignorance
Russell understands because Russell Silverstein is smart. Russell is the man 👍
"The sheep's mere sheep.."
- Some old English guy (insert malt liquor photo)
Right, you just gave me an idea for an HR data targeted data mining company. What we do is assess individuals data - especially internet searches , social media etc for the use of putting the data thru an algorithm that spits out a "hireability score". This Corp wouldn't be the hiring entity (directly) but instead hiring entities would buy the data on former drivers data (plus lots more) as tool to assess potential hires. Actually there are literally 100s of companies doing this ri8ght now with the data you supposedly "don't care" about
When you test drive a Tesla, they will spend 15 mins brag about how your car is always connected to the internet and how awesome for you that is
By now bred sheeple are probably afraid of the thought of not being hooked in all the time.
It's the deep psychology of being scared of their inner world because it is so much in pain, so they need constant distraction from that.
I think that Tesla is so connected that it's obvious, and easy to clear data etc (eg if you sell). It's when it's not that obvious then it's a problem.
They can get lost!
As an IT security person, well said.
I traded in my 2019 Ranger and specifically didn't delete myself from the infotainment linked to the app, just to see what would happen.
I was delighted a couple days after trading in to see that during PDI, they factory reset the system and booted me out. Good on that dealer.
I wish some car company would bring back double DIN replaceable radios.
This is precisely what scares the living hell out of me about this big push towards electrification. Suppose I’m a high ranking military officer and my personal car is an electric (as if I had a choice) and my car gets hacked by a state actor. Or say I’m a journalist who criticized a company or a government then, the next thing that happens is that suddenly my car won’t start or worse, an error message pops up and that my brakes don’t work going down a steep hill.
Ivory Hecker did a recent video about a very suspicious car accident from someone releasing a "sensitive documentary" and the idea of a possible hack was discussed
I can see a cottage industry of de-connecting aka modem removal springing up. I can also see car manufacturers doing what video game developers are doing now; releasing a buggy, unfinished piece of crap then promising to fix it with patches.
Thank you for this video Mark. I work heavily in data architecture and data privacy is something that people just don't grasp how important it is. Name the arena and companies are taking any opportunity to mine your data, so glad to hear you share your input on this with your big audience!
Everyone I know that works in networking or software is at least mildly paranoid about privacy.
I sold my Subaru that had the telematics system, and I was aware of this and wanted to do the right thing… so I removed it from my app and reset the infotainment. Even after doing that I still get alerts in my email when the new owner has let the washer fluid run low. Car companies need to have an “erase all data and unlink” button either in the infotainment or the app IMO
That is a big oversight and a huge potential lawsuit of the owners of your previous XC90 if they found out you could see where they go and what they’re doing in the car.
It feels like the manufacturers are just pumping out these newer more technologically advanced cars but giving the dealer networks zero guidance on what to do when cars transfer owners. The days of just handing over the keys are title are long gone with new vehicles.
If you think the dealerships don't know or couldn't find out you're living in a fantasy world. Any dealerships that don't know are as willfully ignorant as their customers. Also if the auto manufacturers made the dealerships explicitly aware then that would have to be disclosed during the sale as they have assumed part of the responsibility rather than something that at best gets buried in the fine print.
The onus is on the buyer rather than your poor, innocent middlemen simply selling cars and begin exploited by the big bad corporations.
Great video Mark.. My 2000 Ranger is going to the shop today for a repair. It hasn't needed many over the past 17 years. It's been extremely reliable and I will continue to keep it on the road for the rest of my life. I'm not playing these tech games. I'm also writing this comment from my desktop computer from 2006. All original except for Windows 7 which was added in 2009, every update has been disabled years ago.. Still works flawlessly. Simple and reliable beats new and flashy any day. Keep up the good work. 👍
You have made a great point! I recently sold my 2022 BMW M4 and I was still able to track every location it's been at. I called the dealership, so they could reboot the system and let them know it should be mandatory to reboot. It is not safe for the new owner of the car to have every movement tracked.
The moment you give permissions to link your phone, it jacks all your information, contacts, messages, gps, call logs.. EVERYTHING
Can’t thank you guys enough for bringing awareness to this issue.
One of the many reasons that separates Marks content from the rest of he automotive RUclipsrs. Not afraid to be the canary in the coal mine, going in depth on the stuff we all really need to be aware of as consumers. Thanks for doing these type of videos.
Yup scary AF stuff! I work at a local car dealer and could see the writing on the wall years before any of this happening. Because of this my newest car is a 99 Olds Intrigue, basically a ghost in the technology aspect. Because of this video when i do a used car check now im FOR SURE going to hard reset the infotainment. That totally slipped my mind! Thank you!
This is indeed a very real concern I have going forward. I love technology almost as much as I love cars, but not everything needs to be internet connected, especially not a car imo.
You can pull a fuse for the LTE modem on Ford S550 mustangs I believe. You can upgrade Ford sync via the USB port.
Thanks!
thank you for posting a vid on such an important and overlooked topic in regard to modern cars. i love owning a "dumb" car for reasons like this
I bought a 2022 Kawasaki motorcycle, and am happy it essentially has 90s tech. It has fuel injection, an LCD screen and black box, but no internet or gps connection and even a cable operated throttle.
Cipher hacking into cars in F8 convinced me to keep a 2011 vehicle running as long as possible
Thank you for this video, my illusion of my privacy is very important to me. I'm glad we all saw this coming 2 years ago and were able to stand up for our rights as consumers and not have our cars spy on us and send telematics to the manufacturers who would then sell the data to insurance companies who would then raise our premiums due to our driving data. Phew!
I really appreciate this type of content from you guys. Specially since I started studying for my cybersecurity cert. How accessibility brings a privacy factor.
SCARY. thanks for the wake up call.
Not even joking, my dad sold his Range Rover and still can connect to it through the app even though he sold it years ago. The car ended up in the Middle East, and till this day, we can still unlock the car, start it, turn on the lights, and honk the horn, from the app.
Thank you so much for bringing up this topic with regard to cars. Im not against newer cars overall, but this is one of the top reasons I’m hesitant to buy a modern car and why I will NEVER own a Tesla.
Can't wait for the era of jailbreaking cars. Already happening with paid-subscription heated seats
The UK government is drafting proposals to ban all car modification in response to this. Always finding a way to make lives worse.
@@C.I... That's not what theyre doing. They're looking at making it illegal to break emissions systems.
Switzerland already heavily restricts modification.
@@spacetoast7783 The MOT test already exists. Every year a car already has to pass the emissions test.
@@C.I... Cool.
As someone in tech, I really enjoyed your explanation. I bet some people who have 3g in their cars are happy and hope planned obsolescence doesn't kick in. ALSO, you can disable 4G in your car. Its connected to that nice sharkfin antenna that you have to remove the headliner in order to disconnect.
11:00 literally exactly what happened to me after I sold my G70. Genesis didn’t even care, I called them and told them I could turn on this person’s engine if I wanted to. Really stupid.
Great and sorely needed video. When i bought my Audi used I discovered that the first owner was a doctor. He sync’d his work phone with the car and didn’t clear it before selling and neither did Audi. As a result I had his full contact list including some patient records. It was scary.
Did you blackmail the doctor for free pills? 😂😂
This is a great video. As an auto enthusiast, what is one to do? Do you just buy "dumb" cars? Or do you just make sure you wipe everything on the infotainment after you buy it before you sell?
This reminds me of the ridiculous BMW seat heater subscription.
I'm learning even more about this while trying to make my home smart.. all these companies want to turn everything into a subscription and I just can't stand it.
Keep as much stuff as you can analog. Reject digital. Reject connection.
Do your homework, listen to what people like Edward Snowden and Julian Assange tried to warn you all about (and got persecuted/killed for doing it).
Big Tech and the government are no different on this cause, they are few, powerful individuals working to stay and grow in power even more.
By having everyone's data they can control it. They can change the way people see stuff, their opinions. They can hide what they are doing when they prevent it from showing up on your news feed.
They can check your interests and enable only what they want to appear on your twitter and facebook feed.
It is much much more than "generating targeted advertising"...
Well stated. What I see as the saving grace for cars data transmission is the cellular connection again gout as in your BMW.
Another scary thing is the previous owner may still have a key, and could wait until after you've been to the jewelery store, daycare, or whatever and steal your precious cargo or whole vehicle. They can even see if they'll have enough fuel to make a getaway.
Would love to see this information incorporated into future reviews of individual models and their infotainments.
I'm glad my 2019 Mazda 3 (Canadian spec) isn't connected. Was a selling point for me.
This is why I keep my 1978 MGB handy. Stealth mode. I do still have that car, but seriously, I don’t have anything newer than 2015.
You can downgrade the tech in new cars. Most N/A engines will run just fine with a carb and automatics can have a standalone controller.
Thank you for putting this info out there. Out of the hundreds of cars I've sold and taken in on trade as a salesman, only one customer has ever asked me & watched me delete their information when they traded it in. And that was back in 2014! People are hideously unaware when it comes to this stuff. I appreciate your efforts in sharing some insight on this subject.
Thank you for this video. One thing that scares me is for someone (previous owner) to be able to remote start a vehicle. CO
Preach it, preach it, preach it, PREACH IT! I don't understand how so many "don't care". How can someone not care? I believe it's got to be lack of understanding. I support this video 💯💯💯
You and your partner are about the smartest guys making RUclips car videos. What you describe is actually much bigger than privacy, it is the end of the mechanical world as everything becomes electronic. These kinds of tectonic technology shifts are the pivot points of history (wheels, writing, movable type, mechanization, steam power, electric power, etc.) For a full inventory of these effects I highly recommend "The Gutenberg Galaxy, the Making of Typographic Man. Though written 60 years ago, it describes exactly the issues you raise in this video. Keep up the great work!
This channel is GOLD!!! Not only the car reviews but behind the scenes. Other car reviewers aren’t talking about. Thanks Mark and Jack for all you guys do!
Thank freaking God I've been seeing more people talk about this. Verizon recently launched a new enhanced user experience clause in their privacy policy. Windows is even worse. My Phillips Hue lights try to connect to an IP address in China every 30 seconds.
It's the oem firmware phoning home to calculate data. Phillips outsources those to some Chinese company to save cost.
Great video. A number of years ago I worked for a tech R&D firm and none of the engineers and techs drkve new cars, and that was by choice. Another area that is forgotten is rental cars, how many people connect their phones to the cars, grant access to their contact list and then forget to clear the data at the end of the term.
This is a great video. The day they started installing trackers and offering GPS in our cars I knew we're in trouble. There has to be greater controls in place if you're packing in such computing power. Scotty Kilmer is right about all this infotainment stuff being crap.
I can't tell you how many times I have rented a newer car and gone into the Bluetooth of the car and could see the phone books and last called numbes of the prior personas. This is a very enlightening video as I am about to purchase a vehicle that is connected. Thanks for the heads up!
Excellent video, most car journalists don't even dare to touch the subject. I do not like the integrated / synchronized / always connected nonsense.
Most car journalists not old enough to only care for established metrics such as ride comfort or performance only publicize the uncontroversial bright side of the technological innovations as recommended by the companies' marketing copy, and generally don't dare criticize anything meaningful about the products they're reviewing (read: advertising to potential buyers).
@@xXxNoisemaker Even older journalists are quite happy to play along the established play book. What Geese does here is go byeond traditional auto reviews and talk about the societal impact of autos. It's why this is such a great channel among other things. It's not just about reviewing cars and that makes this channel all the more refreshing. I can't stand most auto channels anymore, Geese is different in a very good way.
I agree with everything in this video. People really need to be more careful, and the point you made about the Volvo is scary because that’s 100% possible. I’m a locksmith, and in today’s age with technology its possible to duplicate keys from an app on your phone. So if you happen to have your car valeted parked and give the driver your house keys (on the same ring as your car key since who’s taking off keys from the key ring) now this attendant can copy you house key from simply taking a photo of it on their cell phone, look in your glove box at your vehicle registration or insurance card and have your address. So at this point they have a copy of your house keys and address without you even knowing. Scary stuff.
Good point what's worse is you need the insurnce and regerion in the car and that has always been that way... It's just gotten easier to take advantage of it.
I always give the valet only the car key. My house and other keys stay with me. House keys should have "DO NOT DUPLICATE" stamped into the key and any reputable key smith won't duplicate.
@@kennixox262Unfortunately that’s not always the case. In NY (not sure about other states) you aren’t required to have any license to duplicate keys so there is no guidelines that key makers (or locksmiths) need to follow. I personally am licensed and working in the trade for about 22 years so I wouldn’t duplicate a key that had a do not duplicate stamp without a letter and copy of a state issued ID.
Nice job and you're absolutely right--the implications of the right now are pretty deep, but the implications of this new tech 5 or 10 years from now? Wow. All car companies will have to be like tech companies, but tech companies tied to legacy products for 20+ years. What happens on that old car when it gets a vulnerability and doesn't get over the air updates anymore? What if its display and basic control software breaks and you end up with a bricked car? Sounds like we are overdue for some legislation to set some parameters in this wild west playing field, much like right to repair, which is long overdue.
I was talking to my sister the other day about this same exact situation. You don’t realize how expensive data mining is, but, we give away info every time we scroll or make a comment like this one. Data sharing and data collection is the most rising industry in the US by now. One should be aware.
It annoys me that with all of the automotive RUclipsrs out there, Savagegeese might be the only ones actually addressing this issue. Good on them for not always drinking the Kool aid like so many other automotive RUclipsrs
yup, instead they whine about how the infotainment screen is not the size of a damn tablet.
Phantasy Star fan huh? Ending is from PS1, music at the shop. You make a compelling case for us all to be vigilant about the data we share. Thank you SG.
When I was buying my new car a couple of years ago, I asked the dealership to disable to disable the dcm and they acted like I was crazy. They told me that many of the infotainment features wouldnt work without the dcm but I reassured them that I was okay with that. After I threatened to buy from another dealership that would do what I wanted, they finally did it. People act like youre crazy if you care even a little about privacy.
I got a similar reaction from a car insurance employee a few years ago, when I refused installing their OBD-II black box in exchange for sightly lower rates. I just don't like the idea of always being observed, having my driving style telemetered and judged, and having my position tracked and made visible in real time on a map. I understand there are beneficial aspects to some of that data collection (automatic call for help in case of accident, reduction in insurance fraud), but I won't agree to it until the whole thing is made mandatory (like it is going to be in the EU) and the privacy aspect starts being taken much more seriously and possibly better regulated.
I'm surprised they not only agreed to but were able to.
"i have nothing to hide"
this mentality is what leads to people losing control over their lives.
@@dafff08 That is because they do not know who is looking or what they are looking for.
@@willstikken5619 I actually saw a guy on a VW forum talking about doing it and how to get them to do it before I bought the car, so I knew they were able to. I guess the threat of going to another dealership was enough to get them to do it but now with the market the way it is I doubt they would comply.
I have always taken a hammer to my old computer Hard Drives, Apple phones and iPads when no longer needed. You would be amazed how many people sell their old tech with all the data intact. Very insightful show.
My old drives were chucked into the water near an airport landing strip (no witnesses for obvious reasons). Nearby signs clearly posted "RESTRICTED AREA NO TRESPASSING" so no one is gonna be looking down there any time soon.
Great stuff Marc....but sadly as someone who teaches Cyber Security it often falls on deaf ears as the attitude seems to be ...what's the worst that can happen?
To find out the worst that can happen we can ask ourselves if the Nazis or communists would have wanted access to a technology that allows tracking of all their citizen's movements.
The attitude is always "well I have nothing to hide" but it's more about those in power having access to said data/surveillance and using it to silence dissent.
Your:
Credit could be fucked up
Mortgage could be erased
Car Payments.. car be repoed
Power / Utilities Shut off
Could be tracked from facebook, hunted down and killed.. while your home is burned to the ground.
Thank you for this video. This needs to be shared everywhere. So true, and well put together!
This "hypothetical" leak has already happened. An electric motorcycle company called SuperSoco fitted GPS modules to most of their models that would allow users to track their bike, check the battery, in some cases even get a live feed of an in-built dashcam. People found a vulnerability in the app that allows anyone to see the live location and status of every GPS enabled SuperSoco in the continent. This had led to hundreds of bikes being stolen, and potentially dozens of break-ins, as thieves can see exactly when the owner is away, and see where the bike is, and if the alarm is active. SuperSoco still has not patched, or even acknowledged the issue despite being made aware of it.
When I added my wife’s Defender to our Land Rover account for remote locking, start, etc. I found out I still have access and control of a Range Rover Sport SVR I sold 5 years ago. I could unlock, lock it, or start it…wherever it is. Seems like an oversight to not remove it from my account when I traded it in half a decade ago.
I think oversight is too modest a word. If you traded your car in to a dealership I'd call that negligence towards the new owner on the part of the dealership.
I will never buy a car with a network connection. If I really have to, I will rip the aerial out or any hardware needed to get rid of it.
At this rate, I will not be surprised that there is some car(s) out there that would get bricked if they don't receive a internet connection after some time.
The car won't run tough guy...that shipped has sailed.
@@thereissomecoolstuff My Mustang would and any of it's brethren in 2022... Or even all Totayas to my knowledge which the only car I have my doubts is Telsa.
Saying what needs to be said. RESPECT.
For those OGs wondering what happened to Turbowski and Todd, Big Tech Privacy got to them.
We need an updated video for this topic. I would love a detailed review of each car manufactures car privacy and what data they take from you. Also, what (if any) rights you have. The more car reviewers that call this garbage out the better.
Traded a es300h 2021 to the dealer, I am still registered to the car, so all the new owner’s trip detail is presented to me. I know their home and work address, and this feels very very wrong and disgusting:(
...is the dealer punishable for this? Can you take the dealer to (small claims) court? Through them not sanitizing the car, your personal information is at risk and/or the new owners information is at risk...
@@K03sport I think my data is safe since I try to delete all the traces, but the biggest issue is that as the previous owner, I do not have the responsibility and time to go through all the hoops to delete the account. when I registered my Lexus account, it took half an hour to do it in the dealer, so there was no incentive for me to cancel it. There truly should be law governing these second-hand trades that forces the previous account to be deleted, but since every manufacturer implements different sh*tty versions of their connected services, I don't expect second-hand dealer CarMax to be able to cancel any service even if the law is in place. It is just so fragmented and confusing.
Mark. We appreciate all you do for us.
I got out of IT because I figured this out and it scared me pale white. I don’t want to have blood on my hands.
It’s scary knowing that IT guys can really do anything. Imagine a crazy stalkerish IT guy.
@@limitedreach4446 The rabbit hole goes deep. Never connect to the wifi at work. Never take home a company device. For the love of all that is good never install software on your personal device or login to anything with a corporate account. If you must have a computer at home for work physically disconnect the webcam and microphone and strictly never use it for anything other than work. Don’t even check the weather on it. Never get comfortable.
@@markm0000 My work equipment at home is in the back corner, facing the wall (so when I sit at the desk i face the room and the door), of a store room in the basement. when the camera activates it sees the wall. the mic hears almost nothing but the air handler and boiler. And I have my own camera in the opposite corner watching the work equipment. All the work equipment is on an isolated subnet where I monitor the network traffic. I'm not paranoid. I'm a professional.
Mark you make some great points. Very scary, but good example of what happened with your Volvo.
you somehow got an arby's joke in such a serious video. you goddamn genius.
Your car reviews are top notch, but information like this is invaluable to people that may overlook how they interact with their cars and devices, information people NEED to hear and think about whenever using tech. Great video SG!!!
This could be used as a Security Awareness Training video in any company, and should be!
That Volvo Connect real life story is some scary stuff.
I'm not too worried about my '72 K20 ratting me out.
You guys are the man, love your videos, probably the first video I’ve seen shedding light on this topic, great work 🙏🏼
Mark and Jack. Please if you can, bring back the funny endings with that crazy corvette dude lol
People need to read the user agreement for tic toc , I heard they want access to your photos and practically everything else on your device.... thumbs up you two..