To combat fundamental attribution error, whenever you read an article about Tesla, try replacing the word 'Tesla' with your least favorite car or consumer product company.
'Brand X' has a bunch of data about accidents, and they are motivated to not share all of it with authorities. When they do share data they are motivated to share the data that presents them in the best light. How would it feel if there was data about a crash you were involved in that you could not get access to?
It’s a good question, because in reality it depends on where the data is going.
E.g. in China they don’t trust parents with data on the gender of their child from ultrasounds due to the prevalence of sex-selective abortions. In other countries there are parties about the data. Data is always in a cultural context.
I'm not sure folks understand the comm arch in a Tesla. CAN probably still is the main way data are slogged around between ECUs (this info is five years old). CAN works by broadcasting data values at some periodic rate (1 PPS, 10 PPS, 100 PPS usually) and there is no 'publish/subscribe' except that all data are 'published' and any ECU can listen. What the other ECU does with the data, the originator doesn't know. If one of those ECUs listening is the 'gateway' then it can pluck off the main CAN bus anything it likes, and store it for as long as it likes, and upload whatever it wants. New GW FW can be OTA loaded to save and upload different types of data.
In Teslas, there are two main CAN busses: the regular one and the 'secure' one that does the brakes and other safety stuff. There is NO connection between the two; but there is a secured path where the gateway can listen & get data from the secure one. The point here is that vehicle safety CAN bus is likely unhackable remotely, as there simply is no RF path writing onto that bus. (all bets are off if you have the vehicle, physically). I believe all previous exploits have been fixed.
And one more thing: ECUs have some amount of on-board flash that is used during a crash/power loss scenario. The "dump important stuff to flash" CAN command causes the ECU to take an NMI-style interrupt and do it. Also, if the ECU's own power monitor notices the ECU is about to lose power, there is enough energy storage on board to operate for maybe a few hundred ms. The important stuff is saved.
Every ECU must have a way to OTA its code. E V E R Y O N E, including some door lock or whatever (essentially LIN to CAN gatewaying). There are no, as in ZERO, exceptions to this rule. (or, there weren't as of five years ago, ymmv)
If every ECU has OTA update capability then how could the secure bus possibly be air gapped? You could attack it remotely via OTA updates to an ECU on that bus.
It can if the only ECU on both buses has read only access (e.g. uses a receive only transceiver or if the TX pin of that transceiver is grounded). Also signed updates aren’t rocket science and work well enough if you keep the verification code minimal, well reviewed and formally verified if possible.
Car crashes are taken very seriously in The Netherlands. It's refreshing to hear investigation into systemic problems vs personal responsibility regarding crashes, common in many other countries (see link).
To save others from having to pass a cookie wall to even see what you're talking about, the link is (predictably) from Not Just Bikes: why there are fewer vehicles crashing into buildings in the Netherlands versus USA.
Can someone provide some color on why a state actor would advertise such a feat? Now that this is public, I imagine Tesla can and likely will work to block access.
> You wouldn't know that it would be possible to ask for more information, unless you knew they were collecting it.
Totally. I've played this game with FOIA (public records requests). It's exhausting. Of course they had the data. But as a private citizen, I had to prove they had the data before I could request it.
> You wouldn't know that it would be possible to ask for more information, unless you knew they were collecting it.
Only if Tesla purjured themselves during discovery. That's not the way court cases work. You can ask "Do you guys record the accelerometer data anywhere else but on the MCU?" and they have to answer truthfully.
What you write here mostly amounts to a conspiracy theory. You're taking the idea that Tesla is "hiding something nefarious" as a prior and then taking evidence that their storage was reverse engineered as evidence for that prior.
The access is already blocked, it says in the article that they had to decrypt the data in the data-storage system. It's not like Tesla can prevent a state actor from having access anyway, that's just a law away.
> The vehicles also record speed, accelerator pedal position, steering wheel angle and brake usage, and depending on how the vehicle is used, that data can be stored for over a year.
Tesla really seems to have an extreme amount of personal data capture combined with always-on remote access.
It’s fascinating to watch people swear off Amazon Echo and delete their Facebook over privacy concerns but then proudly drive around in a vehicle that records everything, stores everything, and gives opaque data access to the parent company. In this case, a parent company with a reputation for bending the rules to suit their needs.
Really goes to show how much the computing privacy debate is a matter of brand loyalties and each company’s position on the hype cycle more than anything else.
I feel like there's only a very small intersection between the Facebook-avoiding, home assistant-eschewing crowd and the Tesla driving crowd.
Anecdotal I know, but most people I know who drive Teslas have multiple home assistants, Instagram/Facebook accounts, and little regard for personal privacy.
Most people I know in the social media/home assistant avoiding crowd talk about how they wish they could buy a car with 90s tech (but 2021 safety tech) to make it simpler and cheaper to repair, since they don't care about CarPlay or Android Auto or the million "convenience" features that don't work reliably.
I’d agree with that. We own Teslas but have no home assistants, use Facebook as little as possible, and buy Apple products because of their privacy stance. Nuance is important. I trust Tesla and Apple with my data, but not Facebook, Google, or Amazon.
Contributing in small part to the electrification of transportation is more important to us than any benefit I’d enjoy from Tesla collecting less or no data from our vehicles.
Not just most Tesla drivers, but most people in general have these things.
The recurring theme is just how terrible high tech people are at estimating what’s normal in the world.
The overwhelming majority of people don’t think or care about the privacy concerns of either. The overwhelming majority of Tesla drivers are not privacy oriented tech nerds.
2021 safety tech includes back-up camera and associated LCD display, auto braking, lane keeping, LED headlight advancements, blind spot monitoring and numerous air bags, auto wipers and lights etc etc. plus structural improvement.
The car they want sounds like less well made 2021 car with 1990s fuel economy and performance and a drivetrain that is easier to maintain but needs more maintenance.
Those data items, speed and control position, don't seem equivalent to the data Google, Amazon and Facebook collect. They do seem like legitimate telemetry on a machine operated by a human though. If my pedal position differs from someone else's, that tells you nothing about me other than that was where the pedal was.
Those tell Tesla nothing about my personal habits, my political leanings, who my friends are, what organizations I donate to or participate in, etc.
Could be used to calculate the price of your car insurance.
If the data is distinct enough, it could be used to identify the driver (with some degree of probability). It then could be shared with car insureres / law enforcement agencies / private investigators / random concerned citizens.
While Tesla knows more info about how you use or operate the car, the big piece that matters to your privacy is arguable the vehicle location and that is not at all unique to Tesla. Many (most?) vehicles produced in the last decade have a GSM modem that pretty much continuously leaks your data at least to the cellular networks, and likely the vehicle manufacturer/operator. I used to physically remove the modem from my cars were possible.
> It’s fascinating to watch people swear off Amazon Echo and delete their Facebook over privacy concerns but then proudly drive around in a vehicle that records everything, stores everything, and gives opaque data access to the parent company.
How does this give anyone more data on me than is already out there based on the cellphone in my pocket and the use of my credit/debit cards? Even if Tesla didn't collect it the LTE signal of the car is enough to track me when I leave my phone at home.
And if you don't have Tesla and your car has something like OnStar it can do this too.
All I see are people making a mountain out of a mole hill. The data on my accelerator pedal is not a threat to my privacy or freedom.
The massive number of safety features in this car are a net benefit for my physical safety, though. The number of times I've avoided collisions because the car took action when people I couldn't see were about to hit me is worth every penny.
I will never buy another car without the Tesla standard set of features ever again. I used to avoid doing things because of a long drive as I hate the fatigue. Now I don't even blink at the idea of going 300 miles for an event.
I've definitely been hesitant to buy a Tesla for exactly this reason. It's not clear if you can turn it off or avoid it by not using FSD either. It's a shame, would love to own one some day. But I'm guessing the option of buying a car that doesn't have this is slowly dying unfortunately. Consumers never win with this sort of stuff. The really ironic thing is that it is tied in with a more environmentally friendly car. Want to avoid being spied on? Then you need to use dirty fossil fuels.
I will continue to repair my ‘70s and ‘80s era vehicles, because newer models that incorporate electronics are all total garbage. Reason: embedded engineer for 30 years who has worked on automotive software.
The really ironic thing is that it is tied in with a more environmentally friendly car. Want to avoid being spied on? Then you need to use dirty fossil fuels.
I see similar parallels with software. Want a sane UI with the functionality you need, or avoid being spied on? Then you have to use "insecure" older software.
There's an option in one of the menus for data sharing which should restrict some of the individualized data being generated. They'll still collect data on certain aspects off vehicle operation for diagnostic/monitoring purposes though.
I agree with your general comment, but I don't think any of those things can be classified as "personal data". How are you gonna identify a user based on values from those parameters?
GDPR, while not perfect, describes "personal data" to be:
> The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons.
Given enough of that data you should be able to trace which roads most users drive on and where they park their car. That seems like personal data to me. Don’t forget they should have a full database of VIN numbers they can already look up a list of owners.
Fingerprinting? There is research around identifying users purely based on their keystroke patterns which are apparently fairly unique. I wouldn't be surprised if driving (and probably a lot of other activities involving physical movements) has the same potential for fingerprinting.
Is it not a necessary condition to collect that data in order to build and refine eventual FSD? I'm not making a blanket statement about bulk data collection but in Tesla's case, that data will eventually trickle back to the consumer in the form of car upgrades.
Readit News
To combat fundamental attribution error, whenever you read an article about Tesla, try replacing the word 'Tesla' with your least favorite car or consumer product company.
'Brand X' has a bunch of data about accidents, and they are motivated to not share all of it with authorities. When they do share data they are motivated to share the data that presents them in the best light. How would it feel if there was data about a crash you were involved in that you could not get access to?
E.g. in China they don’t trust parents with data on the gender of their child from ultrasounds due to the prevalence of sex-selective abortions. In other countries there are parties about the data. Data is always in a cultural context.
First extension I see: do this with people :D
I'd be angry that data was recorded in the first place. No data should be recorded without the driver's explicit consent.
Why do you think they had all those sensors in the early models without the software to use it?
Deleted Comment
In Teslas, there are two main CAN busses: the regular one and the 'secure' one that does the brakes and other safety stuff. There is NO connection between the two; but there is a secured path where the gateway can listen & get data from the secure one. The point here is that vehicle safety CAN bus is likely unhackable remotely, as there simply is no RF path writing onto that bus. (all bets are off if you have the vehicle, physically). I believe all previous exploits have been fixed.
And one more thing: ECUs have some amount of on-board flash that is used during a crash/power loss scenario. The "dump important stuff to flash" CAN command causes the ECU to take an NMI-style interrupt and do it. Also, if the ECU's own power monitor notices the ECU is about to lose power, there is enough energy storage on board to operate for maybe a few hundred ms. The important stuff is saved.
Every ECU must have a way to OTA its code. E V E R Y O N E, including some door lock or whatever (essentially LIN to CAN gatewaying). There are no, as in ZERO, exceptions to this rule. (or, there weren't as of five years ago, ymmv)
Except if there is some kind of encryption, I suppose.
https://youtu.be/Ra_0DgnJ1uQ?t=209
The issue was that Tesla was only providing certain data that was being asked for.
You wouldn't know that it would be possible to ask for more information, unless you knew they were collecting it.
Now they know Tesla has this information they should be able to get it from them regardless if they have to decrypt it themselves or not.
(Unless Tesla decides to stop collecting data for some reason.)
Totally. I've played this game with FOIA (public records requests). It's exhausting. Of course they had the data. But as a private citizen, I had to prove they had the data before I could request it.
Only if Tesla purjured themselves during discovery. That's not the way court cases work. You can ask "Do you guys record the accelerometer data anywhere else but on the MCU?" and they have to answer truthfully.
What you write here mostly amounts to a conspiracy theory. You're taking the idea that Tesla is "hiding something nefarious" as a prior and then taking evidence that their storage was reverse engineered as evidence for that prior.
But that's not how engineering works either.
Tesla really seems to have an extreme amount of personal data capture combined with always-on remote access.
It’s fascinating to watch people swear off Amazon Echo and delete their Facebook over privacy concerns but then proudly drive around in a vehicle that records everything, stores everything, and gives opaque data access to the parent company. In this case, a parent company with a reputation for bending the rules to suit their needs.
Really goes to show how much the computing privacy debate is a matter of brand loyalties and each company’s position on the hype cycle more than anything else.
Anecdotal I know, but most people I know who drive Teslas have multiple home assistants, Instagram/Facebook accounts, and little regard for personal privacy.
Most people I know in the social media/home assistant avoiding crowd talk about how they wish they could buy a car with 90s tech (but 2021 safety tech) to make it simpler and cheaper to repair, since they don't care about CarPlay or Android Auto or the million "convenience" features that don't work reliably.
Contributing in small part to the electrification of transportation is more important to us than any benefit I’d enjoy from Tesla collecting less or no data from our vehicles.
The recurring theme is just how terrible high tech people are at estimating what’s normal in the world.
The overwhelming majority of people don’t think or care about the privacy concerns of either. The overwhelming majority of Tesla drivers are not privacy oriented tech nerds.
The car they want sounds like less well made 2021 car with 1990s fuel economy and performance and a drivetrain that is easier to maintain but needs more maintenance.
Those tell Tesla nothing about my personal habits, my political leanings, who my friends are, what organizations I donate to or participate in, etc.
If the data is distinct enough, it could be used to identify the driver (with some degree of probability). It then could be shared with car insureres / law enforcement agencies / private investigators / random concerned citizens.
How does this give anyone more data on me than is already out there based on the cellphone in my pocket and the use of my credit/debit cards? Even if Tesla didn't collect it the LTE signal of the car is enough to track me when I leave my phone at home.
And if you don't have Tesla and your car has something like OnStar it can do this too.
All I see are people making a mountain out of a mole hill. The data on my accelerator pedal is not a threat to my privacy or freedom.
The massive number of safety features in this car are a net benefit for my physical safety, though. The number of times I've avoided collisions because the car took action when people I couldn't see were about to hit me is worth every penny.
I will never buy another car without the Tesla standard set of features ever again. I used to avoid doing things because of a long drive as I hate the fatigue. Now I don't even blink at the idea of going 300 miles for an event.
I see similar parallels with software. Want a sane UI with the functionality you need, or avoid being spied on? Then you have to use "insecure" older software.
We are learning that humanity can learn a lot about how to treat diseases with enough understanding (data).
It’s entirely foreseeable that level 5 FSD isn’t possible without data.
GDPR, while not perfect, describes "personal data" to be:
> The data subjects are identifiable if they can be directly or indirectly identified, especially by reference to an identifier such as a name, an identification number, location data, an online identifier or one of several special characteristics, which expresses the physical, physiological, genetic, mental, commercial, cultural or social identity of these natural persons.
https://gdpr-info.eu/issues/personal-data/
> Personal data are any information which are related to an identified or identifiable natural person.
Tesla already knows who you are so any data they capture is personal data.
That's easy. The driver sets the autopilot follow distance.
When you engage the adaptive cruise control on any car brand, you are still very much responsible to not crash in the front car.
(Obviously I'm excluding all the non-street-legal "EVs" like golf carts and the like, as well as the truly antique and rare EVs that did exist around a century ago: https://en.wikipedia.org/wiki/Category:Electric_vehicles_int... )