[HN Gopher] What does this button do? - My new car has a mysteri...
___________________________________________________________________
What does this button do? - My new car has a mysterious and
undocumented switch
Author : Koenvh
Score : 167 points
Date : 2024-11-29 19:59 UTC (3 hours ago)
(HTM) web link (blog.koenvh.nl)
(TXT) w3m dump (blog.koenvh.nl)
| Rygian wrote:
| I wonder what should be the GDPR implications for the car
| dealership, selling cars that track their owner's location and
| not being able to confirm it, explain why it exists, or who
| receives the data.
|
| Unless the whole thing is disabled in absence of a registered
| fleet tracker key on the magnet on the right.
| spydum wrote:
| While I'm sure they discontinued the service on whatever
| cellular device transmits the data back it is a curious
| question about the legality of if they left the service in
| place and continue to track the vehicle long after they sold it
| K0balt wrote:
| While you do own the hardware, you probably don't own the data,
| licenses, and software in the SIM so you might not be entitled to
| the data it transmits once it hits the carriers network.
| Rygian wrote:
| Well,[the data it transmits] it's personal information, so the
| owner of the car has a very explicit right to it. (Car plates
| are from an EU country.)
| K0balt wrote:
| I don't know how that would work, since that data is the
| personal information of whoever is in the car at the time of
| collection, so I would guess that the applicant to get the
| info would have to substantiate that they were in the car at
| the time, regardless of the ownership of the car.
|
| Or maybe just ownership of the car is enough? I kind of
| suspect it might not be though.
| robin_reala wrote:
| Other way around. The person processing the data has a duty
| to make sure that they have a legal basis.
| Rygian wrote:
| The car belongs to the individual named Koen Van Hove (as
| stated in the blog). He holds GDPR rights to any location
| data that gets sent out.
|
| Before that, if the system allowed for any correlation of
| location data to who was driving at that point, the exact
| same rights apply too for each involved driver.
|
| Only if the data controller (the entity who made the choice
| to put a gps tracker on the car) took specific steps to
| ensure the location data could _not_ be correlated to an
| individual (and can prove those steps were taken), is the
| data safe from GDPR.
| lukan wrote:
| It might be your smartphone, but all the data it collects,
| including recording audio and video is now mine, when I send it
| to my server. Don't you dare tamper with or even look at it!
|
| (When did crazy things like this start becoming a real thing?)
| jeroenhd wrote:
| Legally speaking the data was recorded without consent so if
| the company receiving this data tries to claim ownership,
| they'll need to delete it anyway.
|
| However, because the author lives in a country covered by the
| GDPR, they have a right to receive, correct, and adjust the
| personal information collected on them. No need to capture the
| data transmitted by the system, the company is legally
| obligated to hand over every bit of personal information they
| have on the author, including any pseudomised information, in a
| format that's machine readable.
|
| In theory you'd be liable for racking up a bill if you use
| their SIM card, but I doubt it still works.
| pomian wrote:
| That was a fun read. It's interesting to think that they would
| leave it attached. Indeed, what could you do with that? Did you
| find the unit that the wires go to? Then you could open that up
| and see what chips, sensors etc are in there.
| neuralRiot wrote:
| Used car dealers install those as per bank requirement to find
| the car in case it needs to be repoed, if the customer finishes
| the payment it just stays in the car but the account is
| disabled (the dealer pays a monthly fee for nothing otherwise).
| So basically it's sending location data to nobody.
| justahuman74 wrote:
| Aftermarket GPS tracker, for those who just want the answer
| quickly
| ImPostingOnHN wrote:
| The metal thing looks like an ibutton / 1-wire reader, which
| matches the functional description given:
|
| https://www.atrack.com.tw/en/product/1-wire-ibutton-tag-read...
|
| If you have a flipper zero, maybe you could poke at it.
| janstice wrote:
| I wonder if it's a tracking off switch or a panic button? I used
| to work for a fleet tracking SaaS, and some customers with
| unionised workforces needed a way to disable tracking, and panic
| buttons were common too (although less so in Europe).
| caseyohara wrote:
| What would a panic button do in this context?
| semi-extrinsic wrote:
| Signal to HQ "I'm being robbed" or something like this, I
| would guess.
|
| Around here, such a button in this place would be for the 20
| 000 lumen extralights. Typically for cars with xenon
| headlights, like this Opel, the extralights are powered via a
| relay that takes control signal from a can-bus adapter that
| extracts the high beam signal, via a manual switch like this.
| hoistbypetard wrote:
| > "can I get free data from the SIM card embedded in the device
| that I now technically own?"
|
| That seems like the next-most-interesting question now that
| you've determined what the device is. Possibly followed closely
| by "can I use that free-to-me data in a fun way that might teach
| the people who installed the SIM to deactivate their devices when
| they sell them?"
|
| i.e. Could you send and receive enough on the connection using
| that SIM to cost them enough money that they'd notice it?
| TomK32 wrote:
| Even though the SIM was part of the car they bought, the SIM's
| contract is not in their name which means using the contract
| would be theft.
| Arainach wrote:
| Is there case law on this? I don't see any way in which this
| is legally theft by the OP (admittedly my knowledge is more
| US-centric than Euro-centric). If I let someone tether a
| device to my cell phone (or loan my phone to them), are they
| committing theft?
|
| The company on the contract voluntarily gave the SIM to OP.
| taeric wrote:
| Imagine it was a credit card found in the car, what are the
| material differences? Note the suggestion is to willfully
| use the device in a way.
| JTyQZSnP3cQGa8B wrote:
| Well, one is tied to a private bank account, the other is
| a privacy-violation device tied to no one.
| staticautomatic wrote:
| IAALBNYL it's not theft because they've been abandoned and
| are in the new owner's possession. If the prior owner can't
| be reached and the security company which claims to own
| them won't take them, they're probably fair game.
| 3eb7988a1663 wrote:
| I do not see any way in which this property could still
| be considered the previous owners. Let's say the camera
| was in the bathroom pointed directly at the shower. You
| just have to suck it up forever? In fact, I could imagine
| it being a criminal charge for trying to capture people
| in the nude. What if someone has a child who bathes
| there? Now you were trying to create CP.
| cyberpunk wrote:
| You better believe if I buy a property in Germany which has
| security cameras inside the absolute first thing that's
| happening is those are getting smashed to absolute bits and
| if anyone even tries to complain I'll sue them.
|
| I may even consider filing against the previous tenants for
| not removing them and so my being filmed destroying them
| was without my consent, it's a clear crime to me to record
| someone on their private property without their permission
| ..
|
| This is absolutely not normal anywhere.
| JTyQZSnP3cQGa8B wrote:
| Same thing in France and I don't understand some answers
| in this thread. My home -> my cameras, and you can be
| sure they will be removed and thrown away ASAP. It's at
| least a violation of my privacy and wouldn't be tolerated
| where I live.
| Xenoamorphous wrote:
| This can be difficult to grasp.
|
| I bought an aparment 3.5 years ago and it had an alarm
| installed.
|
| I called the security company to transfer ownership but that
| couldn't be done without authorisation from the previous
| owner, which probably makes sense. The problem is, they were
| unreachable, and I was living on a house that I now owned,
| and which had cameras _the previous owner could take pics
| from at any time_.
|
| My patience was running out so I threatened the security
| company with removing the cameras installed in the house I
| owned, but I was told that they owned them even if they were
| inside my house.
| hedora wrote:
| At that point, you could point out that you have no
| contract with them, and that they've abandoned their
| property on your place.
|
| The last time I checked, US property rights made it clear
| that you cannot just store stuff on other people's land
| without permission, and then complain when they throw it
| away.
|
| They could try to argue that whatever contract the previous
| owner signed still applies, but for that to be the case,
| they would have had to amend the deed to the property, and
| that should have been noticed by your title agency.
| Xenoamorphous wrote:
| FWIW this was not in the US.
| jhugo wrote:
| Regardless I would have carefully taken these down and
| put them in a box on the day I moved in. And then called
| them (or better, written to them) and given them a
| reasonable amount of time (maybe a couple months) to
| collect their property, making it clear that I would
| dispose of it after that time expired.
| sidewndr46 wrote:
| Why? After cutting the power to them I'd tell the company
| if they wanted them back I can take them down and ship
| them back at my standard rate of $500/hr
| JTyQZSnP3cQGa8B wrote:
| > given them a reasonable amount of time (maybe a couple
| months) to collect their property
|
| Why waste your own time with this? If it's your house,
| you own everything inside. I would put all the cameras in
| the trash and forget about it.
| cosmotic wrote:
| I think the sheriff's practice of putting stuff in the
| street during an eviction would be a possible course of
| action there.
| superb_dev wrote:
| Do you still have the cameras or did you remove them?
| Xenoamorphous wrote:
| They were able to contact the previous owner in a matter
| of days and now the contract is with me, not him.
| bean-weevil wrote:
| They own the cameras. You can still take them down and give
| them back if requested.
| Xenoamorphous wrote:
| The thing is, first of all I'm hardly a handyman, I
| wouldn't have known where to start. Second, I was dealing
| with moving to a new place, which can be very stressful
| (to add to that, my girlfriend was 6 months pregnant and
| my dad had passed away unexpectedly less than 2 months
| earlier). And third, I wanted the alarm, just with me in
| the contract and with the access to the cameras, not the
| previous owner.
|
| I simply covered them. The threat was just me running out
| of patience.
| cyberpunk wrote:
| I can't believe this is true. How can you have so little
| care over the privacy of your family? They have
| microphones too.
| theodric wrote:
| So you uninstalled them and FedExed them to the company
| along with a bill for the deinstallation work, right?
| cyberpunk wrote:
| Sorry. But I have to ask.
|
| What the actual fuck?! Why would you have cameras _inside
| your house_ to begin with, let alone ones that upload to
| "the cloud" and let alone ones that upload to users you
| don't control?
|
| I'm totally shocked by this.
| devmor wrote:
| This is a disturbingly common practice - I have seen
| videos on Reddit, YouTube and the like that show moments
| captured from cameras obviously mounted inside
| _children's bedrooms_ with a cloud service company's logo
| on the feed.
| thaumasiotes wrote:
| > I called the security company to transfer ownership but
| that couldn't be done without authorisation from the
| previous owner, which probably makes sense.
|
| No, that's how ownership of internet accounts works.
| Ownership of real estate is based on completely different
| principles; there is no earthly reason you'd need the
| previous owner to be involved. Who owns what real estate is
| a matter of public record.
| cosmotic wrote:
| The contract would likely say something to the effect of "I
| promise to pay for the data sent to or from this device" and
| nothing about the owner of the device. If anything was said
| about the owner, it would be that the responsibility of the
| original contract holder is to ensure the contract was
| terminated when the sale took place.
| realityking wrote:
| It's surprisingly common for SIMs in IoT devices to not be
| locked down. If the data usage spikes enough above the noise
| it'll probably be detected & deactivated.
|
| Here's an example from a few years ago:
| https://scootertalk.org/forum/viewtopic.php?t=1370
| nlawalker wrote:
| Nice. Thought this was going to be
| https://news.ycombinator.com/item?id=22085089
| Kiro wrote:
| How do these things send the position? Don't they need their own
| cellular connection for that?
| mikestew wrote:
| From TFA: _and "can I get free data from the SIM card embedded
| in the device that I now technically own?"_
| bouke wrote:
| The switch is probably for tax reasons, to record whether you're
| making a business vs personal trip. Personal trips go towards the
| 500 km allowance before the car is seen as indirect salary and
| should be taxed as such. Setting it to personal might also
| disable the tracking for privacy reasons.
| JSDevOps wrote:
| That was an interesting read
| gr33nq wrote:
| At first glance this reminded me of some Ford Crown Victoria
| Police Interceptor models which had similar unlabeled buttons.
| One would disable all exterior lights, including brake lights,
| for going into stealth/surveillance mode. An adjacent button was
| used to be able to remove the key and keep the engine running,
| while preventing the car from being shifted out of park until the
| key was inserted again. I haven't seen either feature re-
| introduced in the newer Explorers or Fusions though.
| jagged-chisel wrote:
| > ... used to be able to remove the key and keep the engine
| running, while preventing the car from being shifted out of
| park ...
|
| I'm pretty sure (not 100%) that new cars with contactless keys
| have this feature by default. You can get out (with the key)
| and leave it running, but the shifter won't work until you
| return with the key.
| kccqzy wrote:
| Mine didn't. My contactless key needs to be nearby when
| starting the car. The shifter is independent and does not
| need the key.
| gr33nq wrote:
| I think you're right, although I've noticed that there's a
| timeout where newer cars automatically turns off if the key
| fob doesn't come back within range after so many minutes.
| Probably a safety feature to avoid accidental walkaways,
| whereas the button required a deliberate two-step action
| (hold down while turning and removing the key) to activate
| the feature.
| jonah wrote:
| Many modern ambulances have a similar shifter disable switch so
| that it can be left running and someone can't take off with
| your ambulance while you're off collecting your patient.
| gweinberg wrote:
| I think I'll pwess... the wed one.
| afh1 wrote:
| The scary part is not the GPS installed by the fleet company that
| previously owned the car, which in all likelihood was just
| forgotten there, but the GPS and eSIM that comes with most (all?)
| new cars and that in most (all?) new cars cannot be disabled.
|
| Apart from privacy concerns of your data being used or sold by
| the car vendor, government outreach is also a concern. There was
| a bill announced in the US for all new cars to be equipped with
| "driver impairment" tech which was called a "kill switch". Media
| rushed to say it's not really a kill switch, just "sensors or
| cameras to monitor the driver's behaviors, head or eye movements"
| and "block the driver from operating the vehicle". So... a kill
| switch. https://apnews.com/article/fact-checking-402773429497
|
| Anyway, I'm staying with my old gas Honda until it dies which is
| probably never with proper maintenance and eventually
| restoration. I'll never go electric. Modern cars are just
| smartphones on wheels at this point, and smartphones are just
| spying devices at this point.
| pixl97 wrote:
| The longevity of our car not only on how good you drive, but
| how bad others drive.
| dclowd9901 wrote:
| I'm with you here. I have an 89 BMW (which is old enough to
| have an actual servo motor attached to the intake manifold for
| cruise control) and an 83 Land Cruiser (whose most advanced
| feature is that it controls its emissions using vacuum
| controlled pneumatic circuitry).
|
| I'm very glad I've put in the time to learn how to work on cars
| because I have zero interest in the tech direction of modern
| vehicles.
| WarOnPrivacy wrote:
| > 89 BMW ... and an 83 Land Cruiser
|
| I'm with you. Our daily drivers are 2011 Mitsu, 96 Toyota, 92
| Buick and a 63 Dart. Also a 61 Sunliner for when it's not-
| summer.
| mitthrowaway2 wrote:
| What does any of that have to do with a car being electric?
| sellmesoap wrote:
| Let's find a list of electric cars without some form of
| network connection!
| IshKebab wrote:
| Found it:
| Etheryte wrote:
| Electric cars are essentially black boxes. When you take it
| apart, you have largely no idea what any of the chips do,
| even if you chase down what they're connected to. Is this the
| infotainment system or is it the infotainment system and a
| data gathering system that sends all my data off seas?
| There's no way to know. Old cars don't have that problem.
| Here's an engine, here's a gearbox, add a radio if you'd
| like, but by and large it's possible to grok what's in your
| car. With newer vehicles in general, and electric cars
| especially, it's near impossible to tell.
| josephcsible wrote:
| But that's not a gas vs. electric distinction, but rather
| an old vs. new one. Modern ICE cars have all of those
| problems too.
| snowwrestler wrote:
| Yes but the point is, this technology is a blocker for
| people who might otherwise be interested in an electric
| powertrain vehicle.
|
| If you want an old car without all this crap, you can get
| one. But it pretty much has to be an ICE.
| rcpt wrote:
| > a kill switch
|
| The funny thing is that's what cars do to other people because
| we don't have enough monitoring.
|
| My e-bike is limited to 20 because "safety". Your car should be
| to.
| jonah wrote:
| My car came with a similar toggle switch under the dash. I
| figured out it was to fully disable the ABS system. (The previous
| owner was a fan of taking his car two track days.)
|
| I kept accidentally toggling it off with my knee, so I replaced
| it with a nice flush push button. I haven't tracked the car yet
| though.
| RajT88 wrote:
| > I now know my car is being tracked still, and that they know I
| did try out what the car's acceleration is like at full throttle.
|
| At 101hp, I am sure noisy, but not thrilling.
| ilikeatari wrote:
| So this was a gps tracker that was installed by a fleet and never
| removed. The larger issue is that most car companies in the US
| are reselling your data on newish vehicles (2016+) anyway. I am
| still amazed that this is not a larger issue.
| ziddoap wrote:
| > _The larger issue is that most car companies in the US are
| reselling your data on newish vehicles (2016+) anyway._
|
| A fun read related to this: _" Privacy Nightmare on Wheels:
| Every Car Brand Reviewed by Mozilla - Including Ford,
| Volkswagen and Toyota - Flunks Privacy Test"_
|
| https://foundation.mozilla.org/en/blog/privacy-nightmare-on-...
|
| Small excerpt:
|
| > _The very worst offender is Nissan. The Japanese car
| manufacturer admits in their privacy policy to collecting a
| wide range of information, including sexual activity, health
| diagnosis data, and genetic data -- but doesn't specify how.
| They say they can share and sell consumers' "preferences,
| characteristics, psychological trends, predispositions,
| behavior, attitudes, intelligence, abilities, and aptitudes" to
| data brokers, law enforcement, and other third parties._
| _aavaa_ wrote:
| Meanwhile this is coming as a standard feature on many new cars,
| and all your data goes straight to LexisNexis.
| Ccecil wrote:
| Back around 2004 a friend of mine worked at a car dealership in
| the Bronx that sold high end used cars. They were putting GPS
| trackers in all of the cars they financed so they could repossess
| them when the customer didn't make their payment. This was/is
| (from my understanding, IANAL) very illegal. They never told the
| customers either. The financing was ridiculous and they preyed on
| the people who had just enough down and didn't care what they
| were signing so they had a large percentage of repossessions.
|
| Made me wonder how many other shops were doing the same
| thing...even 20 years ago.
| watersb wrote:
| https://dogsonthe4th.com/mystery-solved/
| bitwize wrote:
| It's the magic/more magic switch.
| kleiba wrote:
| As long as privacy-related misconducts are considered petty
| offenses, these things will just continue. Governments fail to
| see the implications because the virtual world is too difficult
| for them to understand. As long as there are no laws that
| actually get enforced, your privacy isn't worth anything.
| imiric wrote:
| The problem isn't with governments. It's with people.
|
| Most people don't care about their privacy. Even if they do,
| the majority of that group don't care enough to give up the
| conveniences they get in exchange for it. This leaves a small
| group of people to fight for protecting their privacy, as well
| as of those who don't care about it. This is an uphill battle
| against trillion-dollar corporations and the governments
| they're in symbiosis with.
|
| Some governments do make an effort, but it's too little, and
| too ineffective to matter in the grand scheme of things. I
| wouldn't expect this to improve, and can easily see it getting
| worse. I hope I'm just being pessimistic.
| spike021 wrote:
| A lot of used cars have something like this. I'm honestly more
| surprised OP apparently bought the car either sight unseen or
| without questioning this before signing any paperwork.
| londons_explore wrote:
| Most of those GPS trackers for corporate use require a data
| connection, which is probably costing someone $EURPS 10/month for
| the line at least.
|
| Usually when you stop paying for that subscription, the line gets
| deactivated.
|
| So probably nobody is getting that GPS trace.
| milesvp wrote:
| I work in this space, and I've seen advertised components (most
| likely SOCs) that had "lifetime" cell data included in the
| price, costing, on the order of, $50. It is becoming
| increasingly cheap to have low bandwidth cellular connectivity.
| orliesaurus wrote:
| Anyone that has a Tesla knows what data they track? Or is it
| dependant on the features you have active ...
| ChrisMarshallNY wrote:
| I remember reading a similar article, here, in the last year or
| so.
|
| It was about a mysterious box. Turned out to be some kind of
| remote disabler.
___________________________________________________________________
(page generated 2024-11-29 23:00 UTC)