My 2025 Mazda Miata has a CAN connected Telematics Control Unit that sends a bunch of data to Mazda on ignition off. Among this data is acceleration and velocity data along with coordinates sampled for where you were. It is also used as a gateway for the Mazda app to start your car, query your vehicle's tire pressure, etc. It is claimed that you can opt out of this by calling Mazda and being persistent.
The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board and a can transceiver to enable writing a two way filter capable of blocking the traffic that didn't raise any DTCs (that I observed) and could be turned on/off by the user. I preferred this approach to complete disconnection of the module (which is noticeable via errors at the diagnostic port) or trying to faraday cage or disable the antennae on the TCU so it can't remotely send/receive. I can also turn off my module or completely remove it before I sell it.
I fear the next version of Miata will be an encrypted CAN like most other cars have moved to and even with my expertise I won't be able to access the latest safety features from new cars without surrendering what little privacy I've been able to claw back.
I opted to try the "beg the manufacturer to turn off the panopticon" approach[1]. The first time I got 2 hours of elevator music before hanging up, the second I went through 3 levels of customer support before they claimed it was done (3 days later). Might have to steal your approach to verify that though...
Have you posted any writeups or other information about how you built this? I'm eyeing a Mazda as a next car (I've never owned a car newer than a 2014, and outside of that one, any newer than 2006, but family safety needs may lead to getting a newer car soon), and telemetry seems like one of the few downsides to an otherwise good carmaker. Would be very interested to learn more!
> (I've never owned a car newer than a 2014, and outside of that one, any newer than 2006, but family safety needs may lead to getting a newer car soon)
I don't know much about automotive safety, but has much actually changed since 2014 in terms of safety standards? I had thought that by the 2010s, basically everyone big had already figured out how to build a relatively safe car from a structural standpoint. Or are you only talking about electronic assistive features, like proximity sensors or lane assist?
> The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board
And you didn't poison their databases and statistics with fake data?? OMG, I'm thinking of buying one of these cars just for this opportunity! (No, I'm not.)
I suspect this data is made "anonymous" and sold to insurance companies and misc data brokers. If it's linked to my insurance company, I don't want to jack my rates. Further, I've thus far avoided a CFAA conviction and I'd like to keep it that way.
I see absolutely no reason not to completely unplug the cellular modem. The only thing that would stop me is an annoying error message or warning light in the gauge cluster. My car does not display any of these, but unplugging the modem results in losing the right speaker and microphone, unless a bypass harness is used.
The modem is usually in the sharkfin with the XM radio chipset and GPS. If you can unplug it at the sharkfin that's usually the best course of action. Some cars may bark at you, but mine just says it can't detect GPS if I attempt to use it (which I never use anyway).
They don’t want people modifying ADAS systems mostly, and the main requirement is SecOC, which is cryptographic authentication but the message is still plaintext. Basically they don’t want third party modifications able to randomly send the “steer left” message to the steering rack, for example.
Remove the antennas. Do not give in to the mirage of convenience.
Use a stand alone generic GPS. Vehicle GPS devices are anti privacy for so many reasons.
Listen to stored music from an SD card if terrestrial radio (NO SATELLITE). Did you know almost ALL late model cars can play a <128gb FAT32 USB drive with non- vbr mp3s? 64gb filled with 168kb mp3 audio would take roughly 3 years at 4 hours a day to listen to.
TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
Disable autonomous driving hardware by unplugging the cables from the interior cameras. If your car needs to see and feel you in order to do it's job, it's co-dependent; break up with it.
Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
> Did you know Orange dash error lights are non critical?
Your car will happily display an orange light while a bad fuel mixture is poisoning your catalytic converter to the point where it needs replacing to meet any kind of emissions test. Same with other signs of engine stress.
Don't ignore dash lights unless you know what they mean or you're willing to pay the cost of disposing of your car.
Of course many places won't even allow you to disconnect all the antennae as a non-functional TPMS makes your car unroadworthy in various jurisdictions. You could quickly reconnect everything and clear the error codes before testing, but I'm not sure if the hassle is even worth the illusion that of being untraceable.
>TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
All phones nowadays have bluetooth/wifi mac address randomization, so it's basically useless for tracking, not to mention google/apple conscripting every phone into a wardriving network will kill battery life. Moreover all this effort in avoiding being tracked doesn't really mean much when all cars have a very visible and unique identifier that's mandated by law (ie. license plate).
> Moreover all this effort in avoiding being tracked doesn't really mean much when all cars have a very visible and unique identifier that's mandated by law (ie. license plate).
I agree with the first half, but not this. The difference between people seeing your license plate and your car/phone/etc systematically recording and storing your exact position is the same as the difference between someone on the street seeing my face vs. a facial recognition camera identifying me and storing that data point forever. People don't memorize or care about your plates. The police could take note of them or even put it on some record, but the number of cops is so low (and the number of cops that would care about my license plates is even lower) that whatever scraps of data are recorded would probably be pretty useless - and besides, that data isn't sold off to private entities, at least where I am.
But in exchange for being tracked we've been saved from the scourge of occasionally checking our tire pressure. Why, I'd give up almost anything just to be slightly more comfortable.
Yeah that's terrible advice. Learning to ignore safety warnings is an amazing way to wind up stranded or with a destroyed car because you decided to ignore a warning light
Yeah that’s great if you’re a CIA intelligence officer but what normal person can do this and still function in the modern world? Do the people who say this stuff leave their homes regularly?
And what’s the benefit of it all? Fewer targeted ads?
I sympathise. However, being able to start de-icing my car while still in bed at 5:30 on a January morning is a powerful feature. And I'm the kind of person who wraps his tin foil hat no less than 10 layers thick.
Ideally this shouldn't involve the internet, because the car is in wifi range, but what can I do about it?
You could probably get a 3rd party remote starter, however that is going to certainly cost you extra and probably won't be as simple as old school remote starters.
People are suggesting all over these threads what we can do about it, but we (as a population) aren't. When my 2009 car dies, I'm going to deliberately NOT buy a new trackingmobile, and try to find another 2009 car to keep running. Yea, that means I occasionally need to take 30 seconds to scrape ice off the windshield. Big deal.
>Did you know Orange dash error lights are non critical?
That's not even remotely true for most cars. One of the most critical alarms you can get in a car is a flashing check engine light, which are usually orange.
Actually I wonder if cars will just adopt "oh-you-need-anti-theft" like phones do. To prevent auto theft, all cars will be tracked and all parts must match serial numbers.
What's wrong with GPS in vehicles? If it's not connected to the internet, there is no issue.
What's wrong with playing music from the phone on Bluetooth or Aux? Did you also know you can ride a horse instead of a car?
Bluetooth and WiFi isn't running if you turned them off. Bluetooth also isn't really used for tracking unless someone is looking for you or you're part of some service like AirTags.
> Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
I won't mince words. This is criminal and should be dealt with that way. It is obvious I don't want my information collected and sold. I make it clear every reasonable chance I get. This goes beyond abuse of my privacy, this is digital assault and the company officers that allowed these 'features' should be thrown in jail for it.
Disabling the hardware can be really hard, my 2025 Toyota Sienna is always connected. You can't just pull a fuse or rip out an antenna, I have to take the entire dashboard apart to reach the Data Communication Module (DCM) module. If anyone's curious what that looks like, it's a little bit easier on the Toyota Tacoma, here are some pictures of the process: https://www.tacoma4g.com/forum/threads/disabling-dcm-telemat...
It's complex enough that I haven't done it yet in my Sienna, but I plan to!
On a 2021 Camry there is an below-dash fuse labeled "DCM" which you can remove (and it does disable OnStar/telemetry, but not sat.radio[0]) — it also disables one of the speakers (used for phone calls), which there is a bypass to resolve (but it still requires removing infotainment, so at that point just unplug it there.?!).
[0] It was my understanding that, like GPS-receivers, Sirius/XM was one-way streaming, only..?
There are GPS antennas that land on that DCM and the data from that is forwarded over carplay/android auto. Phones fall back to their onboard GPS but it's a much worse experience than we're accustomed to. If you share the car with someone expect complaints. Pulling the cell antenna(s) is the most elegant solution. People shouldn't be afraid of a little work.
IIRC, Massachusetts passed a right-to-repair law a few years ago. Based upon the text of the law, all new cars purchased there have the spying disabled because they did not want to give up their proprietary info.
There have been a lot of court cases about that law by the manufacturers, so I do not know the status at this point.
So I wonder if that is still the case. If it is and an out of state person buys new there, will that "spying" remain disabled when they bring the car home ?
as a professional diesel mechanic for a small chain of midwest shops, this "telematics" feature is on long-haul trucks as well as tractors (john deer is notorious for using it to send mail marketing about services.)
generally its not hard to disable.
- identify the telematics module in your car
- pull the fuse (not always an option, sometimes this disables bluetooth)
- alternatively: identify the 1-2 SMC connectors on the telematics device. this is the LTE and low/alt channel for the cellular communications. disconnect these 1-2 connectors and connect the ports instead to a 50 ohm terminator. the vehicle will simply continue to collect data but never be able to send it anywhere. the system will assume it just cant find a tower.
I tried this with a wifi setup on a car charger. I connected a 50-ohm dummy load in place of the antenna using the mmcx connector.
It didn't work - there was an on-module antenna that it switched to. Might not have worked as well, but it did work and the wifi access point still showed up.
On the other hand, some cars have a self-contained telematics module like you said and you can just unpower the whole thing.
I remember looking at a ford owners manual for a 2019. The fusebox section had a fuse with description "Telematics control unit - modem." I assume you can just pull that fuse.
The Toyota community has been far down that road with the DCM module in the new gen cars and found that the car still managed to get updates out to Toyota even with 50 ohm terminating resistors in the antenna connectors: https://www.tacomaworld.com/threads/simpler-solution-for-dis... (see the posts by user "Disgruntled Scientist").
Unfortunately simply cutting power to the telematics module also disables the in-car microphone for handfree calling. Fully disabling telematics involves making a bypass harness that re-routes the microphone and speaker signals past the disabled DCM module.
I found the vehicleprivacyreport.com site awfully misleading. The "Vehicle Privacy Label" only lists what the manufacturer's current policies are, not what applies to my vehicle. It makes it seem like Toyota is somehow remotely collecting and sharings tons of information about my...2007 Prius. But this car came out in 2006, well before people assumed easy internet connectivity everywhere. Shy of having physical access to my vehicle, they can't read anything, but it's not easy to find that explanation on the site.
Amazingly but perhaps not surprisingly, cars in the EU do similar amounts of spying on you, but the EU is silent. Car manufacturers pretty much run the EU.
Readit News
The CAN traffic is unencrypted. It was pretty easy to MITM this module with a cheap arm Linux board and a can transceiver to enable writing a two way filter capable of blocking the traffic that didn't raise any DTCs (that I observed) and could be turned on/off by the user. I preferred this approach to complete disconnection of the module (which is noticeable via errors at the diagnostic port) or trying to faraday cage or disable the antennae on the TCU so it can't remotely send/receive. I can also turn off my module or completely remove it before I sell it.
I fear the next version of Miata will be an encrypted CAN like most other cars have moved to and even with my expertise I won't be able to access the latest safety features from new cars without surrendering what little privacy I've been able to claw back.
[1] https://www.mazdausa.com/site/privacy-connectedservices
I don't know much about automotive safety, but has much actually changed since 2014 in terms of safety standards? I had thought that by the 2010s, basically everyone big had already figured out how to build a relatively safe car from a structural standpoint. Or are you only talking about electronic assistive features, like proximity sensors or lane assist?
And you didn't poison their databases and statistics with fake data?? OMG, I'm thinking of buying one of these cars just for this opportunity! (No, I'm not.)
As I understand it, they're required to do that now if they want to sell in the EU. They emphatically do not want anyone tinkering with their cars.
I have been canceling that stupid warning message it presents when leaving it off, every day for several years now.
Deleted Comment
Use a stand alone generic GPS. Vehicle GPS devices are anti privacy for so many reasons.
Listen to stored music from an SD card if terrestrial radio (NO SATELLITE). Did you know almost ALL late model cars can play a <128gb FAT32 USB drive with non- vbr mp3s? 64gb filled with 168kb mp3 audio would take roughly 3 years at 4 hours a day to listen to.
TURN YOUR PHONE OFF. Your phone does more than track you - the Bluetooth and wifi beacon scanners are always running. When you come across another person, most phones track the intersection of your beacon with theirs making a new data point that compromises both individuals privacy. Now consider sitting at a stoplight; you and and the 10 phones around you have now correlated the time and position you were sitting there. The person jogging by with no phone(but a set of Bluetooth headphones) is also tracked by their Bluetooth signature. Terrifying.
Disable autonomous driving hardware by unplugging the cables from the interior cameras. If your car needs to see and feel you in order to do it's job, it's co-dependent; break up with it.
Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
Your car will happily display an orange light while a bad fuel mixture is poisoning your catalytic converter to the point where it needs replacing to meet any kind of emissions test. Same with other signs of engine stress.
Don't ignore dash lights unless you know what they mean or you're willing to pay the cost of disposing of your car.
Of course many places won't even allow you to disconnect all the antennae as a non-functional TPMS makes your car unroadworthy in various jurisdictions. You could quickly reconnect everything and clear the error codes before testing, but I'm not sure if the hassle is even worth the illusion that of being untraceable.
All phones nowadays have bluetooth/wifi mac address randomization, so it's basically useless for tracking, not to mention google/apple conscripting every phone into a wardriving network will kill battery life. Moreover all this effort in avoiding being tracked doesn't really mean much when all cars have a very visible and unique identifier that's mandated by law (ie. license plate).
See also (222 points, 19 comments, 14 days ago):
https://news.ycombinator.com/item?id=45945960
I agree with the first half, but not this. The difference between people seeing your license plate and your car/phone/etc systematically recording and storing your exact position is the same as the difference between someone on the street seeing my face vs. a facial recognition camera identifying me and storing that data point forever. People don't memorize or care about your plates. The police could take note of them or even put it on some record, but the number of cops is so low (and the number of cops that would care about my license plates is even lower) that whatever scraps of data are recorded would probably be pretty useless - and besides, that data isn't sold off to private entities, at least where I am.
Source?
"Tire pressure low" is one you should probably check out on a regular basis.
And what’s the benefit of it all? Fewer targeted ads?
Nope.
I sympathise. However, being able to start de-icing my car while still in bed at 5:30 on a January morning is a powerful feature. And I'm the kind of person who wraps his tin foil hat no less than 10 layers thick.
Ideally this shouldn't involve the internet, because the car is in wifi range, but what can I do about it?
later vehicles "helpfully" removed this in favor of online remote starting (with added telematics)
>Did you know Orange dash error lights are non critical?
That's not even remotely true for most cars. One of the most critical alarms you can get in a car is a flashing check engine light, which are usually orange.
ERROR: unable to start engine.
Actually I wonder if cars will just adopt "oh-you-need-anti-theft" like phones do. To prevent auto theft, all cars will be tracked and all parts must match serial numbers.
What's wrong with GPS in vehicles? If it's not connected to the internet, there is no issue.
What's wrong with playing music from the phone on Bluetooth or Aux? Did you also know you can ride a horse instead of a car?
Bluetooth and WiFi isn't running if you turned them off. Bluetooth also isn't really used for tracking unless someone is looking for you or you're part of some service like AirTags.
> Ignore your car's complaints and error messages. Did you know Orange dash error lights are non critical?
What? Worse advice out there regarding cars.
The GPS module is usually on the same board as the cellular module. Disconnecting the board (usually in the shark fin) disconnects the GPS module too.
BT and WiFi are running when turned off, at least on Android without extra opting out.
It's connected to the Internet. Every car has a SIM card now.
It's complex enough that I haven't done it yet in my Sienna, but I plan to!
[0] It was my understanding that, like GPS-receivers, Sirius/XM was one-way streaming, only..?
There have been a lot of court cases about that law by the manufacturers, so I do not know the status at this point.
So I wonder if that is still the case. If it is and an out of state person buys new there, will that "spying" remain disabled when they bring the car home ?
How would they know you're no longer in Massachusetts, without the spying enabled while within Massachusetts?
It doesn't mean "the car's gps is disabled"
generally its not hard to disable.
- identify the telematics module in your car - pull the fuse (not always an option, sometimes this disables bluetooth)
- alternatively: identify the 1-2 SMC connectors on the telematics device. this is the LTE and low/alt channel for the cellular communications. disconnect these 1-2 connectors and connect the ports instead to a 50 ohm terminator. the vehicle will simply continue to collect data but never be able to send it anywhere. the system will assume it just cant find a tower.
It didn't work - there was an on-module antenna that it switched to. Might not have worked as well, but it did work and the wifi access point still showed up.
On the other hand, some cars have a self-contained telematics module like you said and you can just unpower the whole thing.
I remember looking at a ford owners manual for a 2019. The fusebox section had a fuse with description "Telematics control unit - modem." I assume you can just pull that fuse.
Unfortunately simply cutting power to the telematics module also disables the in-car microphone for handfree calling. Fully disabling telematics involves making a bypass harness that re-routes the microphone and speaker signals past the disabled DCM module.
Deleted Comment
Dead Comment