A Stern Warning About In Car Technology and Privacy
Summary
TLDRThis video serves as a PSA on automotive security and privacy, highlighting the risks of over-sharing personal data and the vulnerabilities of modern, connected cars. It emphasizes the importance of understanding how technology works and the potential long-term consequences of data retention. The narrator shares personal anecdotes and industry insights to stress the need for consumer awareness and caution when using connected car services, urging viewers to take control of their privacy and security.
Takeaways
- 🔒 The video serves as a PSA on automotive security and privacy, emphasizing the importance for car owners and manufacturers to be aware of user privacy and potential liability.
- 📱 It discusses the oversharing of personal information on social media and the lack of understanding or concern about how data is used, stored, and potentially exploited over time.
- 💡 The speaker highlights the connection between free technology services and data mining, where user data is often the product being sold to advertisers.
- 🚗 The script draws a parallel between the security of modern cars and the security of personal data, noting that cars are becoming more reliant on internet connectivity and cloud services.
- 🛠️ It shares a personal anecdote about the longevity of older, non-connected equipment versus the vulnerability of newer, internet-dependent devices to security threats.
- 🔗 The video points out that modern cars are increasingly designed with constant internet connectivity, which can be a double-edged sword in terms of convenience and security.
- 📊 The speaker argues that the lack of understanding about how technology works leads to a lack of concern about privacy and security, which can be detrimental in the long run.
- 📆 The script raises concerns about the future support of older car models and the potential security risks that arise when manufacturers stop supporting older software.
- 🛡️ It suggests that car owners should be proactive in understanding what data their cars collect and how to manage their privacy settings within their vehicle's connected services.
- 🗝️ The video describes a scenario where a car's previous owner retained access to the vehicle's tracking data due to a lack of proper reset by dealerships, illustrating a real-world privacy risk.
- 🏢 Lastly, it emphasizes the need for individuals to be their own advocates for privacy, as companies and manufacturers may not always prioritize the security and privacy of their users' data.
Q & A
What is the main theme of the video?
-The main theme of the video is automotive security and privacy, focusing on how modern cars are connected to the internet and the potential risks associated with data sharing and storage.
Why does the video mention the conversation with a 22-year-old female?
-The conversation with the 22-year-old female serves as a starting point for the video, highlighting the general lack of understanding and care about how personal data is shared and used on social media platforms.
What is the relationship between free technology and data mining?
-The video explains that many free technologies are supported by advertising, data mining, and selling user information, which is then stored and potentially exploited over long periods.
How does the video relate the issue of data privacy to automotive technology?
-The video connects data privacy to automotive technology by discussing how modern cars are increasingly reliant on internet connectivity, which raises concerns about data retention, security, and potential hacking.
What does the video suggest about the longevity of older, non-connected automotive equipment?
-The video suggests that older, non-connected automotive equipment tends to last longer because it does not require software updates and is not exposed to internet-based security threats.
Why did the video creator's company want to disable the network connection in their older cars?
-The company wanted to disable the network connection because the cellular band that supported the internet connection was no longer supported, and they were willing to pay customers to have it disabled to avoid potential security issues.
What is the potential risk of always-on internet connectivity in modern cars?
-The potential risk of always-on internet connectivity in modern cars is that it provides a constant avenue for hackers to exploit the vehicle's systems, and there is no option to disable this connectivity, leaving the vehicle vulnerable.
How does the video illustrate the importance of understanding and caring about data privacy?
-The video uses examples of how data can be tracked and stored without the user's knowledge or consent, such as the case with the Volvo connected services, to emphasize the importance of being educated and proactive about data privacy.
What is the video's stance on the role of car manufacturers in data security?
-The video suggests that car manufacturers may not always prioritize the long-term security of their older models, potentially leaving them vulnerable to exploits as they focus on newer products.
What advice does the video offer to car owners regarding connected services?
-The video advises car owners to be aware of what data they are sharing, to understand what is being tracked, and to opt out of or disable services they do not want or need to minimize their exposure to privacy risks.
Outlines
🚗 Automotive Security PSA
This paragraph introduces the video as a public service announcement on automotive security and privacy, addressing modern car owners, prospective buyers, dealerships, and manufacturers. It highlights the importance of understanding how personal data is collected, stored, and potentially exploited through various digital platforms and services. The speaker shares a conversation with a young woman about social media sharing habits, noting the lack of awareness and concern for personal data privacy among different generations. The video aims to raise awareness about the potential long-term consequences of oversharing personal information and the interconnectedness of technology in our lives.
📱 The Downfall of Disconnected Tech
The speaker recounts a personal experience from a corporate job where they were tasked with reducing costs. They discovered that older, disconnected equipment was more reliable than newer models, which frequently failed. This led to the realization that the older devices' longevity was due to their lack of internet connectivity, which protected them from software vulnerabilities and attacks. The story serves as a metaphor for the potential risks of modern, always-connected cars, which may face similar issues in the future when software support is discontinued or becomes outdated.
🔒 The Risks of Connected Cars
This paragraph delves into the complexities of modern cars' connected services, which rely on constant internet access for features like navigation, updates, and remote control. The speaker discusses the financial incentives for manufacturers to maintain these services, but also the potential security risks when support for older models is discontinued. They highlight the importance of being aware of the data being shared and the need to take control of privacy settings. The speaker shares specific examples, such as a BMW service that offered to disable connectivity and a Toyota portal for managing connected services, emphasizing the need for vigilance in protecting personal information.
🕵️♂️ Privacy Breaches in Car Connectivity
The final paragraph discusses a personal experience with a Volvo's connected services, which allowed tracking of the car's movements and data even after the car was sold. The speaker points out the privacy implications of not resetting the infotainment and security profiles when a car changes ownership. They also touch on the broader issue of data privacy, or lack thereof, in the United States, and the responsibility of individuals to protect their own information. The video concludes with a call to action for viewers to be educated about technology and to take personal responsibility for their digital privacy.
Mindmap
Keywords
💡Automotive Security
💡Privacy
💡Data Mining
💡Cloud Storage
💡Legacy Devices
💡Over-the-Air Updates
💡Subscription Services
💡Cellular Connectivity
💡Infotainment System
💡Data Retention Policies
💡Network Security
Highlights
The video serves as a PSA on automotive security and privacy for modern car owners and those in the automotive industry.
The importance of understanding user privacy and potential liability reduction through awareness of data retention and disaster recovery policies.
The revelation that many people overshare personal information due to a lack of understanding or a 'we don't care' attitude.
The connection between free technology services and data mining, where user information is sold and exploited for advertising.
The potential long-term storage of personal data in the cloud, raising concerns about data privacy and exploitation.
The story of an energy consumption study revealing the longevity of legacy devices disconnected from the internet.
How the lack of internet connectivity can contribute to the durability and reliability of older equipment.
The contrast between older cars that function without software concerns and newer models with constant internet connectivity.
Manufacturers offering incentives to disable network connections in older models due to unsupported cellular bands.
The shift towards cloud storage in new cars, raising questions about data privacy and long-term support for software.
The potential for subscription services to generate residual income for manufacturers through connected car services.
Concerns about the security of always-connected cars and the possibility of future exploits due to outdated software.
The inability for users to disable internet connectivity in some new car models, raising privacy concerns.
The responsibility of users to understand what data they are sharing and how to manage privacy settings in car services.
An example of how a previous car owner retained access to a vehicle's tracking data due to unreset security profiles.
The potential for data breaches in car companies, especially as they may lack the resources to protect against sophisticated hacks.
The lack of privacy laws in the United States and the implications for how companies can use personal data.
A call to action for individuals to educate themselves and take control of their digital privacy.
Transcripts
[Music]
this video is a little bit different by
design consider it to be a psa on
automotive security and privacy
now if you are an owner of a modern car
this may help you if you're thinking
about buying a car if you run a car
dealership or work at one this may help
enlighten you to user privacy and
potential reducing your own liability
same thing with the manufacturers you
may have thousands of pages of documents
and procedures but a lot of that may
fall through the cracks when your
product goes out in the wild
so this concept for this video started
when i had a conversation with a 22 year
old female who i know through a family
member and we're talking about like
sharing content on social media and what
you upload and what you don't and in all
of the usage of that
and it kind of is mind-boggling because
you have multiple generations that have
grown up with phones in your hand
computer tablets you understand where
all this stuff goes where all your data
is all that information is public
and you know this and my question was
why do people over share all their
information from photos to now videos
even intimate details of their life
through messaging apps that are also
owned by these major social media
corporations that are also free to you
and the reason a lot of this technology
is free is because
advertising ids data mining selling your
information and then harvesting it even
down to the point of logging keystrokes
or logging what you're typing and this
is all getting stored on server
infrastructure cloud storage
and in many cases most of the users of
this don't have any idea how long it's
being stored where it's being stored but
data retention policies disaster
recovery policies mean that it could
potentially be in the cloud or in
storage for 10 to 20 years that's a long
time and it's a long time for that data
to be exploited and sifted through so
the question was why do you put all of
that information out there knowing it
that you have no control over what
happens to it
and the answer was really simple it was
two things
one we don't know as a generation how
any of this stuff works the second
response was
we don't care
and i think in united states especially
this is you can apply that mentality
across a lot of disciplines but
basically over everything
and i can understand the not caring part
because you get caught up in your life
either work school uh you you're a slave
to the system of working to pay back
student loans are working to get things
and all of that i get it family you can
make a million excuses why you don't
care about every single thing but the
the one that i don't particularly
understand is we don't know how all of
this works and i'm not gonna lie it is
complicated even working in this
industry i don't have a clear picture of
why and how all of everything works it's
just impossible and
you get to a place where you're so
inundated with everything that you just
don't care and they're connected to each
other they truly are connected and i'm
going to tell you right now if you
understood even half of how this stuff
works
you would care because you would realize
by not caring you're going against your
own best interest not only for today but
in the future
you may ask what the hell does this have
to do with cars and i understand
so here's a story
back in a previous life my corporate job
had asked us all as a personal goal to
figure out a way to save the company
money big surprise and if you were able
to achieve this goal of cost reduction
we would get a bonus so it was kind of a
win-win
so my plan was to do
an energy consumption study on all of
our equipment that was plugged into the
walls thousands of devices to see how
much energy and power they were
consuming i was shocked at the amount of
legacy or old equipment either the test
equipment or computers that was still
there in the wild like 15 year old
computers plugged in
in some cases they didn't even have
working cpu fans or power supply fans
and somehow they were still operating
properly and the craziest things is a
lot of those that were on a ups hadn't
been rebooted in six years can you
imagine having your computer or your
phone and never restarting it in that
lot that amount of time
so this is what i was discovering along
with the fact that they took up a lot of
power compared relative to some of the
newer equipment how is it that these
devices were still operating 15 years
later and a lot of our new equipment was
failing like non-stop
and as it turned out all this test
equipment was supporting legacy devices
where the software did not need to be
updated and most importantly they were
not plugged into the local area network
or the internet no wi-fi no physical
cable connection and then it made sense
why so many of these things were lasting
forever and then we realized oh they
hadn't been backed up either nobody even
knew about them mostly only the people
that worked on them every day but they
didn't care about backups so i
physically clone the drives and then i'm
like okay we need to do some updates on
these things
within five minutes of plugging that
network cable in the systems froze up
crashed or never rebooted again and
that's because
none of the software the operating
system was supported the
any security stuff on the computer was
so archaic or the software companies
that we had or software that was on
these computers no longer existed the
companies were out of business so as
soon as that thing hit the internet all
the port scanners started all the
malware was acting up like oh look at
all these exploits attacking this
computer to the point where it just was
completely unusable after 15 years all
it took was a network cable to destroy
it
so the point is is you look at a lot of
these older automobiles right again in
my old honda all to do is get in the car
as long as it has a charged battery some
fuel in the tank and a decent oil change
it's going to start and work i don't
have to worry about software at all in
fact it doesn't even matter then we get
to a newer car that had some
connectivity usually for like a
concierge service like hey uh can you
get me tickets to the ballet which
nobody ever does or you get in a car
accident you hit the sos button that
requires a cellular connection in the
case of my e92 m3 or bmw which was from
2013 they sent me a letter in the mail
saying we will pay you to come into the
dealership to have your network
connection disabled or your com box
disabled because our cellular
connectivity or that band that the the
internet connection was or the cellular
connection was no longer supported
so that's kind of the middle ground but
the car still worked fine i didn't need
internet connection to use infotainment
but now when we look at all the new cars
that's where things get very interesting
because like our toyota connected video
that entire infotainment was designed
around hybrid connectivity meaning
connected to the internet all the time
to download maps and updates and then
some local storage so you could still
use it if a network connection dropped
but the core concept was always
connected and almost every single
manufacturer is going the same way
cloud storage so your data goes up to
the storage so you can connect with this
you can see the state of your car where
it's at turn it on and off and that's a
selling feature
but a part of that is once it leaves the
dealer lot
the manufacturer's not making any more
money off your car unless you're
bringing it in for service
so now that they have a connected
service or essentially an online
computer in the car that they have to
update
they're gonna get residual money from
you paying for these subscription
services that helps to pay their
employees hundreds if not thousands of
employees to update it add new features
to do security patches to do
over-the-air updates to maybe fix even
software or drivability problems with
the car if they've enabled that
and that's great in this time period of
this middle ground car that is very
technology heavy
but here's where it gets complicated in
10 years when this stuff no longer
exists and the company has either moved
on or been sold or their their
priorities change and they no longer
want to
support these older pieces of software
that they have in cars
they kind of just
leave it to die because you can't keep
supporting the stuff until the end of
time
so what this will do is it will allow
back doors for people to start to
exploit these types of services
and because they're always connected to
the internet there's always a way and
you would think well you people would
know if you're getting hacked and if you
spend five minutes doing any research on
network security and seeing all of the
ransomware the hijacking even like
computer or student loan databases
getting
compromised like these big companies the
biggest companies in the world can't
even stay ahead of all the exploits and
hacks that are happening to them and
your data what's to think that some
smaller car company is going to have the
resources to protect your car and your
data and your information like 15 years
from now
and the scary part to me is in the case
of like stalantis when they released
their new version of uconnect which was
android automotive i asked can the end
user when i buy a brand new car can i
turn off the network connection to the
internet can i turn off my cellular
connection through a menu and they told
me no it always has to be on it's not
even an option and most car companies
are treating this the same way
so what you have to do unfortunately is
go and make sure that you understand
what data you're sharing
what is it tracking what are you doing
are you using the app is that service
active and if you don't want it don't
subscribe to it make sure you uncheck
the box during your subscription sign up
or in the case of toyota go to the
portal and turn off all these things you
don't want
so this bmw i can pick up my phone and i
can see where this car is at at any time
with somebody driving it literally know
exactly where this person's at so if
somebody borrows my car oh they're going
to arby's or they're going to the strip
club i can see that it's always there so
you're like okay that's that's kind of
neat
all right what about my old volvo my old
volvo their connected services allowed
you to do a driving journal where you
can see where the car was at point a to
point b although you couldn't see it
where it was at in real time i could see
every trip the car made during the day
up to 100 days
so i could see fuel economy i could see
how many miles was driven per trip and
the interesting part was when i sold
that car back to the dealership
they tried to resell it as a certified
used vehicle so a volvo dealership took
it back in and they couldn't sell it so
then they sold it probably to auction to
another dealer
then that dealership sold it to a new
new customer and through all that
process nobody ever reset the
infotainment nobody ever reset the
security profile so i'm still the
registered owner of that car in terms of
volvo connected i can log in to my app
and i can see every single place that
new owner has gone from the school their
kids go to to the church to where they
work to where their house is physical
address right in the driveway i know
everything about them all i have to do
is an address search and i know exactly
who lives there
and the scary thing is is if the basics
like that fall through the cracks the
dealership didn't reset it the next
dealership didn't reset it the end user
has no idea about any of this and i'm
sitting here in the background just i
can look at it at any time and see what
they're doing not only that i've never
had to reset my username and password on
the volvo side
that's a pretty big oversight and this
is just on the basic level and if
if it falls through the cracks like that
what's to say that it wouldn't be easy
for somebody to get into these databases
to get simple credentials to figure out
advertiser ids to figure out user ids
vin numbers addresses to to connect to
these cars maybe not today maybe in five
years
maybe when the security guard has been
let down in terms of older product as we
know the focus is always on new stuff
they don't care about older stuff so
it's about being educated it's about
understanding how some of this stuff
works
caring about it
for your own best interests
not having so much trust in the
companies or the manufacturers of the
dealerships or the
the people that you're working with
especially if it's free don't be giving
out every single piece of your
information and trusting that you're
going to be safe in america we do not
have privacy laws in fact it does
favor a lot of these companies to
ethically do with your data and things
that they want but the reality is on the
back end
things like our isps can actively see
where we go and they're they're it's
okay to sell some of that data off it's
also okay for law enforcement to to
track advertiser ids there's all these
loopholes in security and it's really up
to you to defend yourself against it i'm
not saying text bad i'm not saying these
companies are bad but at the end of the
day nobody cares about you but you and
that's my point thanks for watching i'll
see you next time
[Music]
you
Voir Plus de Vidéos Connexes
Four Reasons to Care About Your Digital Footprint
5 Ways to Protect Your Internet Privacy
How tech companies deceive you into giving up your data and privacy | Finn Lützow-Holm Myrstad
Internet Safety Pitfalls and Dangers
Why Privacy Matters in Cybersecurity | Ep 32
Datenschutz einfach erklärt (explainity® Erklärvideo)
5.0 / 5 (0 votes)