U/eightsix1811 spitting car privacy facts on r/privacy

I thought this was a great read for those not on /r/privacy.

Source: Reddit - The heart of the internet

The bluetooth hardware in your Ford has a unique, permanent MAC address that is used for hands free calling and audio streaming. This address is almost always static and doesnt change because your phone relies on that specific ID to “recognize” the car and auto connect every time you get in.

Many departments of transportation install bluetooth “sniffers” at intersections and along highways to track vehicles. They deploy a small, ruggedized computer (often a brand like BlueTOAD or Iteris) and mount them on a traffic signal pole or highway sign. It has a high gain antenna that scans for Bluetooth and wifi mac addresses within a range of about 300 feet. As you drive by sensor A, it logs your vehicle’s unique bluetooth mac address and a precise timestamp. When you drive by sensor B (perhaps two miles down the road), that sensor also logs your mac address and timestamp. Measuring the time and number of devices seen at a time helps them measure realtime congestion.

Even if you disabled wifi and bluetooth, each of the four tires has a sensor with a unique 8 character hexadecimal code (like A1B2C3D4). This ID allows the car’s computer to know which tire is which, ensuring that if your “front left” tire is low, the dashboard correctly identifies it. It then broadcasts its unique ID, pressure, and temperature roughly every 60 seconds in the 300mhz band. The car companies know what sensor ids came with your vehicle. To my knowledge, there’s no publicly documented commercial receiver that understands all tpms protocols and bands. But because Ford’s TPMS signals are unencrypted and unauthenticated, anyone with a relatively inexpensive Software Defined Radio (SDR) and a laptop can intercept the signal from 40 to 120 feet away with a standard antenna. Less chatty pings, but you still are identifiable.

Even if you say fuck it and disable TPMS, many tire manufacturers embed RFID right in the tire now for inventory and like bluetooth/wifi/TPMS all is tied to your VIN. So even your old classic <= 90s car will need tires again eventually. ​Tire techs can use handheld scanners, walk past your car with a wand and scan all four tires in seconds from about 3-10 feet away. Systems like Michelin quick scan use pads on the ground (often found at truck stops or fleet depots). As you drive over them, the system reads the RFID tags and measures tread depth simultaneously. Commercial “gate” readers can pick up these IDs at speeds up to 20-30 mph from a distance of about 25 feet. Right now, there is no “city-wide” grid of RFID tire readers like there is for Bluetooth. The hardware is currently too expensive and the range too short for highway speed government tracking, but it certainly could start to appear at toll roads or regular gas stations.

and then later regarding why visual cameras aren’t as good for car tracking:

Vision has the most value right now because of license plates but honestly RF is a way more reliable identifier since its omnidirectional and doesn’t care about line of sight. i agree ALPR is huge but when you combine it with RF surveillance it makes it basically impossible to hide. even with crazy machine learning vision stuff falls short when you have five identical white f-150s with no plates driving in a pack but the RF signatures from those cars will all be unique.

​Even the “random” mac rotation on phones for wifi and bluetooth is pretty weak and retailers are already exploiting that like crazy. Places like home depot or target use enterprise gear from cisco meraki or aruba that has location analytics built right into the access points. They’re just sitting there listening for your phone to send out “probe requests” trying to find your home wifi.

​It gets even worse because google and apple keep massive databases of about every wifi ap in the world for location services. Your phone will literally leak the unique names of saved networks it’s looking for and it’s super easy for even a hobbyist to pick that up, where those unique ap names are, and identify you and where you frequent.

​Then you have the “hidden” stuff like ble beacons from companies like estomate or gimbal tucked away on store shelves. They track your “dwell time” in the aisle by watching your signal strength. the real high end stuff like retailnext uses “virtual sniffers” that stitch the video feed of you walking together with your phone’s rf so they have a 100% lock on who you are and where you’re standing. Mac randomization doesn’t matter.

I’m going back to horses now, thank you.

As it turns out, the Amish were the OG privacy enthusiasts.

I’ve definitely heard of how Android accelerates geolocation finding by having your phone scan for local BT devices since they’ll have unique MAC addresses that can be mapped to a location. I never imagined that I or my vehicle could be tracked with BT. I turned off the BT on my phone after reading that thread, but not sure how to do that on my car.

OOP didnt touch the abomination of RFID toll tags. Over the past few years, Ive started seeing tolls without a cash lane. Drivers can either install an RFID tag, or trust some random company to reliably mail a bill some weeks later, under threat of penalty if this state-sponsored third party doesnt handle it perfectly

So the only choice I have is to gut the car, and find tires that don’t have trackers built in?

As an Umamusume user I approve of this message

Been chewing on this for a few more hours, here’s a thought: can one even hope for a reasonable expectation of privacy when driving?

Roads are public, cars need thorough government inspection & registration to use them. Thats built off a legal infrastructure that’s been unchallenged for 100 years. Sad as it sounds, it may just be unreasonable to expect privacy on the roads

theres an expectation that the car manufacturer doesnt have to collect any data let alone my ****** sexual orientation or sexual whatever im looking at you nissan

thats the problem it is not the govermental system

If you buy a sets of wheels, they don’t come with sensors in them.

Here we have winter tires mandatory by law, when you buy another set for winters, (tire + wheels hubs) you no longer have TPMS working with you car. That’s why, some people will pay extra to have TPMS sensors add to theirs valves rims.

Most modern cars have a telematics/GPS/bluetooth module that you can simply remove. It takes more or less effort depending on the car and dealer will generally refuse to do this under thread of voiding the warranty (if applicable), but you can DIY or find an independent shop that will do it for you. It is the first thing that I would do upon taking delivery of a new car.

Obviously this won’t prevent tracking by road cameras and other means, but it prevents the most egregious form of snooping by the manufacturer, dealer and third parties such as insurance companies that buy the data collected by the car itself.

Is this still true with modern iphones and androids? I thought probe requests on up to date phones no longer contained info on your saved wifi networks unless they are hidden SSIDs.

Can someone listening with a radio get the SSID or BSSID of my home wifi network if I’m using a modern iphone and I’m away from home and not connected to it?

damn bro ima just walk I guess

Quite annoying.

Some guide/source on how to buy a car privately (and also dismantle all of the nonsense from it later on) in EU would be quite welcome.

Biking/Cycling could be a real viable alternative on roads that are safe to use it.

You also get bonus health in the way of doing cardio everyday.

Body hugging Spandex

Cons are you could be very sweaty when you arrive on work.

Some countries do that well with proper roads/gear and have even showers at the offices planned for that.

Or, depending on where it is located, an electric magnet can be used to fry the gps module.

All things considered, we’re two minutes away from them calling it an illegal modding.

Man, to me this is the most interesting guide that PG could create. It would be great, but I’m not holding my breath when there are so many potentially legal and technical barriers to doing this. I have a 2013 Mercedes that’s pretty dumb, but I’d be interested to know how to disconnect its BT.

Not sure it’s illegal to teach how to do that.
Just like a P2P client can be used just to download Linux .iso.