(Yes, repairability and standardization are encouraged where feasible.)
Like, the head unit is in control of all that happens on the slow bus of the car, and needs to pass independent safety certifications for a complex system.
People are growingly concerned with both the car manu and Apple/Google control over their car and related extra software goodies.
Laws are really needed when businesses don’t play nicely. I don’t know the legal specifics, but I’m sure glad I don’t need to buy $1000’s of specialty tools to maintain my vehicle, and sure glad that replacement parts are readily available (and will be for decades).
Just image how much worse society would be if car manus did the same thing as Apple and had ID-paired parts. Sorry! Your AC doesn’t work anymore, please install a genuine Honda oil filter at your nearest Authorized Honda Shop, available for a minimum of $500.
It's possible that we get to a place where everyone cooks their own meal (vibe coded app), and only goes out to eat sometimes (official app store). Spreadsheets are the same, you can get a lot of milage, and most still buy and use closed source software.
Reminds me of this: https://www.robinsloan.com/notes/home-cooked-app/
- Buy Pixel, Get Graphene
- Use FDroid, don't sign up for Google Play, download Tor browser
- Censorship resistant access to the internet without handing over your ID.
The squeeze on the free internet happened so quick by the UK (well it took years of indifference and a failure to enshrine protections - but once they started moving the did so super fast)
Realistically we're speed running ID being tied to internet usage - create your escape hatch while you can!
It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work. The next logical step is severely limiting internet traffic.
One dual-boots to a reputable Linux vendor’s signed/sealed OS image with secure boot enabled in BIOS, so that the attestations are valid; financially supports said vendor; contacts them quarterly with check-ins on the status of their lockdown+attestation roadmap and uses professional journalism approaches to highlight their (in/)action; and, contacts one’s relevant governing body to petition for the addition of that vendor’s signed/sealed product line to be added to the authorized signatures list by both government-sponsored apps and to the verification platforms of the competing vendors (in order to balance the necessities of attestations with an appropriate degree of anti-monopolistic protections for consumers).
> It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work
This confidence that ‘attestation doesn’t really work’ is the same sort of confidence that lead the Linux user community to largely scoff at, and ignore, attestation’s threat from when it was ballistically launched three decades ago towards the future. Options are now very limited for stopping it, and largely reduced to ‘getting some Linux into the approval list’. Severe compromises in user freedom will be required for the signed+sealed distro images to receive government approvals.
Imagine if Linux were an app on a video game console and you start to see the outcome: it’s a perfectly great working environment into which all of /usr/local and /opt and /home are writable, but the lockdown prevents you from modifying the OS in any way that could defeat the attestation protections. Apps you install into /opt can only access their own /opt/prefix, apps you install into /usr/local can access $HOME. The apps you install can choose to write session data (such as digital age verification certificates) to a system-protected /data store keyed first by the kernel’s signature, and second by the vendor signature the kernel reads from the app; with the understanding that an attestation latch-forward after an exploit patch will wipe that store, and that dual-booting to a different vendor will suspend access to sessions stored by that vendor.
This is, to climb on my hobby horse for a moment, why I continue to believe that Valve will be the first Linux vendor to receive government attestation approval alongside Apple / Google / Microsoft have previously across the desktop and mobile spaces. I’d really prefer that to be Graphene, Ubuntu, and Valve — but Graphene’s customer base is hostile to this, Ubuntu doesn’t have any incentive to care, and of the Linux vendors out there, Valve has a decade-long head start on the need for a locked-down and attested platform for business reasons. All of the above falls out naturally from considering how to defend one app from another on Android, iOS, Steam Deck, and Xbox. So far as I can tell today, though, Linux intends to be left out in the cold on all this. Oh well.
The "app" they provide is 60% advertisement, 30% features, and I unironically preferred using a Home Assistant connection instead of of it for everything. Even for automations like "when to preheat the car", since that was easier and more intuitive outside of their native function.
This also means, that charge control from the cars side is not possible to automate anymore.
Sure, one could take the position "but it was never officially promised", but for some people, including me, having the api (which is paid btw) was a selling point.
Yes, I registered specifically for this comment.
There's enough of users to start making a difference. Really, even a low effort action raising valid concerns (security theater, a lie, google's monopolistic position, anti-competitive, etc), keywords that will make their response more careful and potential complaint to the regulator more impactful.
In a similar vein, I once met a woman who told me how she would enter every single one of those stupid contests that you'd see printed on cereal boxes and ice cream containers because literally five people enter into those things, so you're odds of winning are surprisingly high. Apparently she won a bunch of them, but her favorite was when got a week long vacation that included going on a fishing trip with Ben and Jerry of "Ben and Jerry's".
I'm not trying to suggest that these sorts of things should be this way, but if there is a server involved in the economics of maintaining that endpoint come into play and can't be ignored. Ideally things were federated and you could point your car or whatever device at and endpoint you maintain, but that comes at a cost as well as maintaining software where both client and server are controlled by the same party is an order of magnitude easier than cases where they aren't the same.
When I talked to the dealers, they said that the speedometers only have to be accurate +/- 10% according to the SAE specifications.
After DieselGate I assumed that the high reading was to game the fuel consumption game.
Never again, VW auto group…
If most would do this, they are not individuals anymore.
If a monopolist can insist on terms (e.g., Amazon mandating lowest price guarantees from sellers, or Google mandating auth / compliance / KYC exclusivity to Google Play Services privileged devices by app devs), then threats to the compelled party (sellers, app devs) will be minimally effective.
Class action lawsuits, regulation, and legislation, are required for effective relief.
Increasingly my vision of retirement is a life of luxury surrounded by hardware from before the internet era, things that do what I tell them, rather than telling me what I am and am not allowed to do.
Nissan sells a ton of cars to subprime borrowers, quality isn’t exactly their focus. Hyundai/Kia and Stellantis also target the same buyers.
Oh, and Android 17 has been released so there is hype for that.
This is the WEF future your conspiracy uncle was telling you about during family gatherings. Well.
"You will own nothing and be happy" - WEF Prime Objective.I got an offer from a dealer three weeks ago and was going to order the car, then the API for the community integration got turned off. I decided to hold back and see what comes from it. Now this, which ultimately - since I am a GrapheneOS user - makes me completely cancel my plans.
I really do not understand VWs thinking here. It would cost them little to nothing to continue not blocking the the inofficial API and not block GrapheneOS (or other non Play Protect androids) users. It would have no adverse effects on the average Joe, but it would gain a lot of support and enthusiasm from heavy users, differentiating from other brands. Not to mention the fact that it is the USERS data in the first place
Vendor lock-in to Play services is ridiculous.
A car is a big purchase, and ideally not something I discard after a few years. I'd like it to not treat me like a second-class citizen and renter who can't make decisions over how to extend the life of my purchase.
Happy voting with your wallet folks. See ya.
Not surprising to me at all that their software is a similar high quality experience, but in general I think it's weird that cars have to be connected to the Internet anyways and I doubt the competition is substantially better.
Toyota's have such a backlog of orders that they're marking cars up above MSRP
Also I have to say, setting charge times remotely is mighty handy, if one pays the market/pool prices for electricity which fluctuate from hour to hour.
There's no way to verify the integrity of the system, and any malicious app can just grab your banking credentials or enable criminals to unlock and drive away with your car.
Play integrity is an anticompetitive tool that ignores this, and artificially limits itself on GrapheneOS. It is not due to any incompatibility.
I still am hoping that at one point they understand the full consequences of remote attestation. There are some signs they start to notice, but it's slow...
GrapheneOS is one of, if not the most vocal organization against the abuse of attestation mechanisms. GrapheneOS and its userbase feel the consequences of play integrity every single day.
Im not sure where you got the idea that all GrapheneOS wants is to be accepted by play integrity, because that is not the case. GrapheneOS has been working with regulators to get play integrity banned. Being accepted by play integrity, but nothing else changing, is not good enough for GrapheneOS. It would only be a small victory along the path of abolishing this nonsense.
So, no, GrapheneOS and its community are definitely against play integrity. The "signs" that they are "starting to notice" are not there. They are already fully aware of what attestation is and how it can be abused. They are definitely not ignorant on the subject.
You might be confusing root based attestation with pinned attestation. Root based attestation is flimsy and allows tools like play integrity to ban operating systems they do not like. Pinned attestation, on the other hand, has real security properties and cannot be abused to block certain operating systems. GrapheneOS uses pinned attestation as a part of their Auditor app, and it has other cool uses we could see in the future.
As a EU citizen, please sign this petition https://www.change.org/p/eu-data-act-durchsetzen-autoherstel...
To me this smells like a cartel. Why is the EU not doing anything?
My feeling is that this change plus the recent API lock for a few days ago are in fact part of a reworking to enable this EU legislation.
I strongly recommend saying that the operating system is one of "Android" (there are many variants), "Android (GrapheneOS)", or "GrapheneOS Android".
But if you say only "GrapheneOS", you are practically telling VW to respond that they do not support that operating system.
I don't know if an AAWireless adapter might operate in a way that could bridge that compatibility gap, but it might be worth a shot if you can borrow one to try it out.
I've been decently happy with it in a ~2020 car. Compared to a direct USB connection, there are some privacy implications with how it's running a low-power access point in the car, but bluetooth etc. are already a risk there.
> Did I miss something by not integrating my phone with my car? I don't think so. I call with Bluetooth and navigate with the screen of the phone.
For me the the main feature for Android Auto (over just a bluetooth connection) is navigation on the car's larger touchscreen that already has a good fixed position.
I've begun rejecting any hardware that depends on some kind of external service. I won't buy anything that requires an app or a remote server anymore because they always kill the app long before the hardware is dead.
- RCS doesn't work at all on non-Owner accounts, switching to the owner account is necessary to receive them (I use a secondary account for my "main" account, the owner is left empty except for a Google Fi associated account)
- Immediate auto-update can cause phone to turn off and not turn on overnight (you can change the setting)
- Google Wallet won't work for payments (in Europe you can instead use Curve)
- The default AOSP app selection is in general worse than the Google provided ones (you can install them, after installing Google Play Services, which is sandboxed)
- Getting Google Fi to work required some fiddling initially, pretty sure it was because of my use of the non-Owner account
- Some banking apps will refuse to work (mine work fine)
- You can get Android Auto working, but by default so many things are sandboxed that applications and TTS won't show up unless you spend the time enabling permissions
Overall I am happy with it. It does feel a bit less polished than stock Android (because of the interaction of apps and more strict sandboxing), but for most people who don't care about Google Wallet and are ok installing Play Services and any necessary Google apps, the experience feels pretty much like a de-Gemini'd/de-bloated Android.
It's not as customizable as Samsung for instance.
It only runs on Pixel phones (next year hopefully some Motorola phones).
A German philosopher had a lot to say about this a couple hundred years ago... I think his name was Karl.
I bought a 2025 Suzuki because it is a manual and there is no firmware update, no internet connection, GOS Android Auto is all I get and only if my phone connects with the car.
It is so weird how companies in 2026 still making such bad mistakes.
Also in the heat of the summer, it's nice to be able to start the air conditioning a few minutes before leaving.
They have an app [0] (which doesn't sync correctly for me, and their support is awful). When working it shows things like where you last parked, fuel efficiency, and allows you to remotely lock the vehicle, so it has internet access.
I sent Suzuki a Subject Access Request as a workaround to gain access to the data, and received months of extremely accurate location, speed, etc data.
There are also software updates, you just have to do them yourself [1]. They also didn't work for me.
Software aside however, they are extremely reliable cars, most of which seems down to their simplicity.
[0]: https://play.google.com/store/apps/details?id=suzuki.app.a02...
It still sucks, but what are they suppose to do, not use the "safer" API and risk getting told that they don't care about security? And for what, pleasing a very small minority of users?
There could be some branding value in targeting more technical users and have them act as brand ambassadors, but for a car I doubt that's worth much.
You don't have to do anything extra to support Grapheneos, just don't add in attestation which does nothing for security and limits user freedom.
This is fundamentally different from not choosing to use Linux servers. It's more similar to not letting a customer enter your store because of the color of their skin saying they aren't regular humans. It's pure discrimination because just as the functionality of android doesn't depend on these extra checks, the customer works the same regardless of how they look.
I have 38 apps on my GOS phone and none have had any issues.
https://www.theregister.com/on-prem/2026/03/10/microsoft-tig...
I rent cars whenever I travel to the US and I've never not been pissed off by a car's software.
If you live in a country that makes it practica/affordable and you don't need too much range, I wonder if buying an old car with a broken engine and paying someone to do an electric conversion is a good choice?
Or maybe generally just buy a ~10 year old car, find a mechanic and say "I want this car to last a really long time, if we can build a trust relationship I will spend a lot of money in your business" and just budget for extensive proactive maintenance? Maybe with this approach you can still save money relative to a new car?
Or, is it possible to buy a newish car and then just rip out and completely replace the infotainment/climate control/etc while still keeping stuff like the parking cameras working?
I am probably the extreme minority, but I prefer cars with as little "tech" as possible. I don't need "drive assist" and sorts.
All my cars are 10+ old benzes, Nissans, Toyotas. All under good maintenance routine so giving me very little headache.
I had all sorts of stupid issues with modern cars while renting. One toyota scared the crap out of me while it imagined some pedestrian and yelled with all signs while I was going 100+ km/h on highway. Horrible crap
- Cruise control.
- Camera for parking. I guess sensors too. These are just unbelievaly useful IMO, it makes parking trivial in cases that used to require quite intense focus. I see the appeal of fully automated parking, but with cameras and a car that you have lots of experience parking I think I am fine Austin-Powers-ing into any space that the car physically fits into.
- I guess, maybe, I kinda like the thing where it automatically watches your blindspot and has a little orange light to remind you that there's a car there.
I dunno, when did cars get all that stuff? (Cruise control was basically universal in the US before I was even born I think, but not sure when the others showed up).
But then there's some non-driving tech that I do want:
- Completely frictionless navigation and media control. Android Auto just seems to be fucking nonfunctional so I think maybe what I want here is actually just a Qi mount and a reliable bluetooth controller?
- I've never had it but I bet remote climate control is really nice (warm up the wheel 5 mins before you set off on a frozen morning / turn on the AC 2 mins before you get into a car that you couldn't park in the shade).
10 out of random 10 drivers out there don't care about the software running in the car.
> Laws are really needed when businesses don’t play nicely. I don’t know the legal specifics, but I’m sure glad I don’t need to buy $1000’s of specialty tools to maintain my vehicle, and sure glad that replacement parts are readily available (and will be for decades).
You drive a self-maintained car. Nothing wrong with that, but I would guess 95 out of 100 drivers on the road don't care about the car at all - they just want reliable transportation from A to B and perhaps some confort.
> Just image how much worse society would be if car manus did the same thing as Apple and had ID-paired parts. Sorry! Your AC doesn’t work anymore, please install a genuine Honda oil filter at your nearest Authorized Honda Shop, available for a minimum of $500.
I don't have to imagine that al all, all premium car manufactures digitally id their components and will not accept 3rd party replacements.
There are already massive problems with people miswiring head units to play videos while driving and updating their ECU to spew pollution into the air. You're not going to convince any significant number of people that it's a good idea to allow arbitrary code to run and control most of the other systems too.
It works in tunnels. It works in cities with tall buildings. It works on Lower Wacker Drive in Chicago.
Is there some technological limitation that precludes using this data to determine whether or not a movie can be played?
(It's not like it's new tech. It's decades-old. Honda started using it over 20 years ago.)
It's also not clear what the purpose of this line of argument is. Some sensor says "car is moving". The operating system in the car/head unit is responsible for enforcing that signal, and it could ignore it equally from either OBD or some pile of gyroscopes. Where that signal comes from has nothing to do with why you will not see cars accepting custom operating systems.
Then that's a poor design that should go the way of the dodo. Someone hacking the entertainment system should not be able to take over control of the engine. The entertainment system on planes do not allow one to hack into the autopilot. There should be no need for a firewall, they should have no shared wires between them.
* Backup Camera
* Turning traction control on/off
* Turning auto hold (maintaining the brake pedal while stopped) on/off
* Window defrosting
Many cars are even more integrated - are there any physical buttons inside a Tesla or is it all through the touchscreen?
If you're going to use the worst example as the comparison, then we'll get no where fast.
<https://www.macstories.net/stories/10-years-of-app-store-a-t...>
HN discussion at the time:
- Apple iPhone SDK Event: iFund - $100 Million for iPhone Devs <https://news.ycombinator.com/item?id=130686>
And some early skepticism: "iPhone SDK And Restrictions: Some Of The Details Aren’t Great" (7 Mar 2008) <https://news.ycombinator.com/item?id=131171> Mostly concerns limitations on the API and what capabilities are exposed.
And for those who care to do more digging, a couple of searches bounded on 5 Mar 2008 -- 6 Mar 2012, the first 4 years of the App store:
"iphone sdk": <https://hn.algolia.com/?dateEnd=1331078400&dateRange=custom&...>
"iphone apps": <https://hn.algolia.com/?dateEnd=1331078400&dateRange=custom&...>
"iOS apps": <https://hn.algolia.com/?dateEnd=1331078400&dateRange=custom&...>
A very cursory eyeball of those shows some interest, but nothing overwhelmingly panglossian or critical. But I've not looked in depth.
https://distrowatch.com/table-mobile.php?distribution=icepac...
My first mobile phone was a Siemens m35i, eventually followed by a Sony Ericsson k500.
Where the Nokia 3310 phone couls receive animated icons via SMS messages that displayed on the background as well as looking at ascii smut via WAP at the age of 15.
So yes, what do you take me for? A disappointed cynical 37 year old who's watched the world burn in to a walled garden of hell that folk enjoy licking the grey walls of.
I do recall the rainbow fences where one could happily jump over if you got bored. Where anxiety wasn't a thing and folk were in touch with nature.
Which is kinda where I'm at with cars. Idk what this stuff about VW supporting a mobile OS means, cause my car can't really talk to any phone unless you count Bluetooth audio.
Literally who?
The rest of us groan when we hear "DOWNLOAD OUR APP" or grocery stores that want you to install their spyware coupon app.
These days, nost apps are just data exflitrators, spyware portals, and surveillance pricing initiatives, wrapped up with a "FREE THINGY" wrapping.
This describes almost every "tech" product
This way we will just have unremovable age verification, spyware, online accounts to use the os, name another bs from other vendors. What's the point of Linux then? The moment big corps and the state can seal spyware into your computer, they'll happily do it.
I'd rather have a separate burn device with whatever os for state services which lives in a faraday cage most of the time and have a proper OS I control on the main device than give somebody control over it.
"Starting anaconda", "Enable Kdump", on anything RedHat.
Debian spews an ancient terminal window of options upon options and who knows how to install Arch.
Linux installations has never been click, click go. Installation wizards are still designed for the tech enabled and not the common user.
We have a helicopter on Mars yet they still can't master a installation wizard.
Unexpectedly, the 'bootable thumb drive' models are actually pretty great — not the installers, but the ones that boot straight into a GUI that works and is usable. I haven't used one as my personal Linux uses predated thumb drives, but I have always (mistakenly?) assumed that once you're booted into a liveCD, you can click 'Install on a drive partition' and it will actually do something coherent and GUI and reasonable. Have I been too optimistic? Probably, yeah :(
When you accept government gift in approval consider it tapped. At any point they can return to the vendor and go "install this". No? Okay bye to your certification.
Call me paranoid.
I bet you would, though, if the built OS image were 100% reproducible except for the signature. Once you have a fully reproducible Linux OS build, you can literally copy paste the cryptosig from the vendor and it will work with the image you built yourself from source that you inspected yourself. Then it’s impossible for the government to tap it without breaking the reproducible image checksum and thus the published cryptosig. It’s a better defense than any warrant canary would be, and it satisfies your concerns fully.
Arch shows only 15 packages left for their core OS to be built reproducibly; what I don’t see at their dashboard is the state of their ISO build reproducibility, but I imagine that’s the same as the core, so maybe it’s just unstated for obviousness. https://reproducible.archlinux.org/
Does GrapheneOS publish their repro build efforts as a dashboard anywhere?
CryptoSecure, depends how it's done but again neither can be trusted. Especially when you have no control over the silicon running the OS.
I don't trust Linux now. Microsoft got its mits with WSL. RedHat sold-out to IBM and Debian got in bed with Canonical. Arch & Valve I might trust slightly more. They've got to make money somehow /shrug.
I use FreeBSD and I don't trust that either unless I can do make install world, even then I have my suspicions.
So, in the scenario posed (quoted above again for context) that I’m responding to, where the government has mandated attestation online, it seems like you’re arguing that Linux should continue to opt-out of attestation, and thus be forced into non-internet uses only. Do I misunderstand your intended outcome to the scenario here? I took for granted that Linux users would want to retain access to the internet as a critical priority, given how strongly they’re objecting to attestation of internet apps (and eventually internet access), but if I’m mistaken then I’m happy to reverse course!
Don't fall for the trap that all of this is inevitable, you have to try and resist it first.
Been resisting for years, since I learned of that first Intel presentation, as best as I knew how at each of the various life phases. At least for the last few years people started to pay attention as it starts to affect them personally, rather than just dismissing it as an implausible scenario back when it could have been stopped by regulations for the first twenty-five. Note that protesting through boycott requires not buying any big-three mobile phone or big-three video game console (each of these is a beachfront for widespread attestation), which is essentially a dealbreaker right out of the gate for most theoretical objectors. I remain hopeful that my cynical outlook will be disproven in outcome, but I also continue honing this high-level plan for any Linux that would ship sealed/signed OS images with gov't approval. One need not simply bet on red or black, after all!
Genuine question. That's news to me and I'm here.
I don’t think that will stop them trying though
- drop wireguard / OpenVPN packets crossing the country border
- analyze https traffic to detect traffic patterns not matching https fully and block such connectionsEDIT: I might be confusing vless/xray/reality but seems like there are no problems to block it based on ip reputation + tls fingerprint + amount of connections https://habr.com/ru/articles/1044396/
Of course this would block some valid websites but when has government cared about that
If you are willing to block browsing all ordinary web sites fronted with a CDN, then yes you can block reality/xhttp. You cannot, however, differentially block it via any of the three things you mentioned.
The government (any government) hates its citizens and the freedoms it had to allow them
It mostly happened already and it's in motion.
[0]: https://www.birminghammail.co.uk/news/midlands-news/new-vpn-...
https://youtube.com/shorts/WvHl3G6KojI
I believe they're "doing research" into it, which basically means they don't understand how any of it works.
“Every time we see a Google Pixel, we suspect it might belong to a drug dealer,” said a police official leading the anti-drug operation in Catalonia.."
Seems like some countries/areas are already targeting the Pixel (really its because of GrapheneOS)
There's really something to be said for greedily signing up for most things and trying to get grandfathered before the zipcuffs tighten.
IRL, though, fuck this. Home depot added flock cams and broad facial recognition, grocery store installed turnstiles, haven't stepped foot in either since. I'm just dropping out of the IRL retail economy left and right.
I really, really, really dont understand why people keep avoiding saying the obvious.
DON'T TREAT YOUR PHONE AS YOUR PRIMARY ENTERTAINMENT DEVICE.
Have two phones. One is the real one. The one you use. The other one is the "cops and bank" phone.
I've slowly but surely been moving away from any service provider of any type who does not allow me to use their service without their often Play Services-dependent app. Changing vehicles would be a lot harder though.
Reasons I could think of for an app: Remotely check battery charge, and that would purely be for interest rather than necessity.
I get why people might like or want remote heating/cooling as well, and I'd probably use it if I had it, but it would be an exceedingly rare occurrence (although I'm more sensitive than most as to becoming a 'soft' human being).
That you know of...
/s
I wonder if this is a result of Rivian writing VW's software or if that effort hasn't yet borne fruit.
[0] https://en.wikipedia.org/wiki/Rivian_and_Volkswagen_Group_Te...
Iroh networking can't become a standard fast enough.
I believe the requirement is only one way - they can read high by a certain % but they cannot read low. Which makes sense. But that means in reality they will usually read a little high.
I guess you just filter it out after a while but it definitely makes me think I need to do some research before getting a new car any time soon.
Positive side effect: No expensive photos will be taken, too.
I'm not arguing that the modem should be mandatory, or that you shouldn't be able to control what it does. But forcing car vendors who want to built in a modem to make this modem do an automatic emergency call by default, that seems quite sensible. Even more sensible would be if the modem did nothing unless you allow it, except when it detects that crash, but... profits.
The eCall functionality isn't exactly trivial, and due to its safety use there are probably some rather strict regulations around it. In practice this has led to many car manufacturers opting to use dedicated off-the-shelf modules for them, which are completely separate from all the connected infotainment stuff.
However, early modules were built around 2G/3G cellular technology, and cars with those were still sold well into 2025. Not a huge surprise, because its application doesn't require 4G/5G data speeds. Buuuut many countries are now actively retiring their 2G/3G networks, leaving those cars unable to place emergency calls, and with a functioning eCall module often being legally required it would mean some 2-year-old cars would no longer be road legal...
- beeps about the speed limit, especially if it misses a sign. For example every time starting on a parking lot it keeps the 5 kph even after multiple turns
- warns about leaving the lane, including trying to stay on the lane by slightly couter steering while ignoring yellow construction lines
- Sometimes when moving off from a standstill in a queue, it triggers all "careful you're about to crash into something"-warnings. I suspect it's detecting exhaust gasses from a car in front?
- You must not, ever, touch the turn signal to announce your will switch lanes soon, while there is still a car next to you. You'll get a loud, obnoxious warning tone. This one is especially annoing as it makes sleeping as a passenger on the autobahn basically impossible.
Which people often do when sharing the driving on long drives. So, another case of it making driving more dangerous, if the spare driver can not rest properly.
My sister-in-law has to reconfigure all of the cars safety settings every time she turns the car on as they reset to their seemingly maximal defaults upon boot.
Absolutely agree! After a few minutes you realise you forgot to disable one of the 'features' and then get distracted trying to do that.
Lane keep assist is broken and dangerous
Auto high beam assist is broken and dangerous
Auto cruise control is broken and dangerous
Collision detection-avoidance is broken and dangerous (thinks you're going to crash quite often in our narrow, built-up areas in the UK)
Speed sign detection is broken
Hell, even automatic wipers, after all these years, is far from perfect. I feel they should have had to prove themselves with that before being given anything more important
But some personal examples:
- Auto high beam assist saw a car at a side junction, turned off high beam, then turned back on, mimicking a 'flash' to let the car out, which they acted on by pulling out. I had to brake hard to avoid them. I was doing 60 mph
- I was on the motorway and a stranded vehicle was on the hard shoulder and the driver decided to exit from the side closest to my lane. I went to move over slightly to give space and avoid him, and the lane assist pushed me back towards him (there was too much traffic for me to change lanes)
- Driving in built-up areas with lots of parked cars and narrow sections, the collision avoidance has pre-activated with huge beeping warnings that massively distracted me, causing me to actually nearly hit something
These were all different modern (but not high end) vehicles
Auto cruise control doesn't take into account vehicles in other lanes etc. It encourages disengagement in dangerous situations/surroundings. It is by definition dangerous
edit: and speed sign detection is probably the most broken. The constant beeping and flashing. I mean, I don't have to explain that do I? Distraction -> danger.
Uh. I guess you've not many US highway miles under your belt. If nothing else, it's a very common nighttime signal to let passing truckers know that they've room to get back in the rightmost lane. I can't imagine that the signalling situation is much different in other places that have a large population of generally-decently-skilled drivers.
> If someone flashes you, you should make your own determination whether it is safe to perform a manoeuvre...
Sure. The operator of a vehicle is ultimately the person who's responsible for its safe operation.
Having said that, few drivers are interested in killing their fellow travelers. Especially at night, determining the "time of arrival" of oncoming traffic, or the distance between the end of your bigass trailer and traffic behind you can be quite difficult. If it's customary in your area to use headlight flashing to indicate to traffic ahead of you that it's safe for them to perform whatever maneuver that they may be uncertain about, then it's not unreasonable to assume that the driver that uses that signal isn't attempting to kill you with misinformation.
Automatic high-beam-togglers don't really care about anything, [0] so that's definitely one piece of malfunctioning tech that makes the roads less safe.
[0] ...yet!
Personally, I just developed a strategy for dealing with too-bright-incoming-lights: just focus on the right edge of the road - that takes my eyes off the lights, and it's where the danger lies anyway. With that, late-commuting vehicles are a lot less of a nuisance than people who just have poorly tuned low beams or simply keep high beams on always. And those problems/ people are unrelated to the "automatic commute" technology - arguably the tech improves things on that front, even in the not-so-great implementations.
The driving aids can be annoying (especially when there are works on highways or similar and you need to drift beyond lines but lane assist wants to keep going in that direction) but they actually saved me from crashing the car in the parking!
I completely did not see a small wall behind the car and the car emergency broke before I made major damage.
The company's have done their thing to ensure that the average guy wouldn't even try escaping their lock-in. So chances are becoming smaller and smaller to hope for a critical mass of users to complain.
specially because no car really supports grapheneos, but it can be used in any car supporting regular android provided google play is installed which ensures google's certification and validation is being preserved. if i get this right bmw is actively blocking this, which would be just a dick move.
You should definitely reevaluate how you constructed your list. VW has a history of being scummy (https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal) and their ICE cars are notorious for being unreliable compared to the Japanese car-makers. To be fair, EVs do change the equation a bit, but given their scandal plagued past, there's no way I would put them at the top of any list.
That is why so many rich fly private jets to environment conferences. People put Greenpeace and similar bumper stickers on their SUVs that never go off road and rarely have more than one person inside. They care about the environment, but only when it doesn't impact anything else in their life.
Emissions scale with performance, and inversely of fuel efficiency. So the environment may not be the most important point, but I'm pretty sure fuel efficiency is high on the list when you're picking a compact or long-range car that is supposed to be fuel efficient.
Also, by advertising as compliant to green specs something that wasn't, means people may have been swayed to purchase irregular cars despite them not being really green, only due to the fact that they may have received rebates and contributions for the purchase, regardless of whether "being greener" ranked high on their decision metrics.
I was lied to. Had I known that was the case there is a good chance I would have gone with a different car.
My car was recalled and reprogrammed and it no longer had the torque it had at first.
Of course now it’s clear that most if not all manufacturers were doing the same trick, they just weren’t caught at it.
It wasn't "more CO2" grade, it was "more NOx" grade. This in urban settings will actually kill more people with respiratory problems.
VW's "clever hack" probably, statistically, killed people.
https://en.wikipedia.org/wiki/Diesel_emissions_scandal https://en.wikipedia.org/wiki/Defeat_device
https://www.theguardian.com/environment/2015/sep/24/uk-franc...
Of course the governments probably lobbied for this stuff because it improves their car industry tax profits/employment numbers.
I always read this online, but my personal experience in EU doesn't match that at all in quite a sample of people and cars over the last ~15 years. At least not for older cards. The reliability after 100k km seems to be somewhat similar.
The repairability of VW-group stuff in 3rd party services is soo much better and cheaper. The WV-group is huge and many models across the brands share same parts and full engines. There exist non-OEM alternatives and people know how to fix those cars.
I have never bought new car. But driving anything but VW got expensive fast.
Toyota cars can have bespoke parts even between different months of the same year for the same model. Continuous improvement isn't really that cool for cars.
Outside Western Europe, VW is priced like a premium upmarket brand (not quite luxury). Maintenance and general upkeep for a VW are easily two to three times the cost of an equivalent Japanese car.
Which wouldn't be an issue if the cars were actually built to their price point. But the VW cars we get here are shittier versions built in nasty factories. They break down if you look at them wrong. The build quality is nonexistent. They are absolutely an awful deal, no matter how you look at them. You also have to personally import parts from wherever they're available, because otherwise only the dealerships have parts and they are absurdly overpriced.
Also, European brands are afraid of exporting EVs. If you want an EV, you buy a Chinese car. There is no other option. It is as simple as that.
Putting these factors aside: they are usually cheaper than their peers in insurance and they have dealerships absolutely everywhere. I've had multiple Skoda and VW EV rentals and the experience has been nothing but pleasant. Hence my priorities.
I checked it out. It seems like the 100th indistinguishable car design in our sea of nearly identical cars.
This to say that the "est" part of ugliest confuses me a little.
If you don’t want/need a new car, the used car market in Germany is pretty active with EQAs and EQBs.
Former colleague had an EQB and I nearly hit another car on the Autobahn because cruise control was not breaking when I got closer. That was really unexpected as that was a standard feature in my Hyundai...
Not quite an SUV, but maybe fits the same use case?
Peugeot is reasonable and works. Charging could be faster and WLTP longer, and once I had the screens restart while on the motorway which thankfully did not affect driving but was pretty terrifying. All that to say - go ahead and buy European. You'll have some issues but for me all better than to get a china car with who knows what data exfiltration and hidden issues, or a Tesla that will lock you in when the car burns. EU companies are too boring to spy and too risk averse to have tesla-like issues..
Obviously, the chances of that are virtually zero. But they'd rather make their product worse than assume with any kind of risk, even if it is virtually zero. That is simply the way in which German enterprises operate.
But the reality is that every once in a while you have a scandal like this or something like Wirecard, and it happens, because the culture is such that absolutely nobody thinks it possible. That includes officials and regulators whose first instinct will often be to come after the people trying to expose the scandal, as has happened in the case of Wirecard.
Only naive laymen or newcomers to Germany think it's not possible. German business leaders, lawyers and politicians know exactly how much corruption and scamming is going on in the business sector, and it's not a little.
>first instinct will often be to come after the people trying to expose the scandal, as has happened in the case of Wirecard.
That was purely malicious to try to protect Wirecard, not because the regulators couldn't possibly imagine corruption and law breaking exists, that was the story they used as cover for their corruption.
Like you're a regulator and instead of doing the thing you were hired for and look at the evidence The Economist showed you, you instead "use your instincts" to decide not to do your job and not look into Wirecard because you can't imagine something bad can ever happen? Come on! All those regulators should have been fired and tried for corruption and/or accessory to crime.
Clearly the engineering team didn't know ahead of time that Electrify America would be the end result of dieselgate. Had they known, perhaps they would have been more eager to do the engineering work though! haha
It was just a fun inside joke, since nobody could have assumed the fines would create Electrify America. Personally I'm glad Electrify America exists, though the way it happened was probably not the best path to get here.
EA even has successfully moved on from just being an org forced into existence and are actively trying to take care of customers and produce a good product now that they have some competition.
In fact, that's how a lot of compliance works in industries where there's little little enforcement and relies a lot on self regulation.
They can, given basic competence in SW engineering, also verify against GrapheneOS' published release keys. The reason they don't is the same reason Google closed my ticket asking them to include Graphene keys in Play Integrity checks: they don't care.
I think the reasons are very different. VW maybe doesn't care. Google does it because it would undermine their stronghold over the platform. If they would allow GrapheneOS, what would block Samsung or another OEM from also sandboxing Play Services and not preinstalling a bunch of Google apps and requesting the same?
This shows why attestation is in the wrong hands. Whether a particular device is attested should be purely based on the security of the device (which would also exclude a bunch of certified devices that Google will happily attest now), not on maintaining a smartphone duopoly.
If their APIs are done correctly, they shouldn't be afraid to expose them.
When they leave the "security" to the platform they can blame them in a lawsuit.
Maybe they rather be lazy and be able to shift blame, even without much legal recourse.
From what I can surmise, the German/EU philosophy is more of a closed world approach - accepting that companies will keep control, then government regulates the companies to stop the companies-with-control from causing harm. If you don't like the harm, your recourse-focus is to petition the government to stop it (eg GDPR). Whereas the US philosophy is more open world - once someone "chooses" to patronize a company, then the company is free to do whatever they want. Your recourse-focus is to stop using that company.
They both have shortcomings and glaring loopholes, of course.
Wow, so they must really want to avoid the liability of spying after their users and keeping all that data, and to be extra sure to comply with the GDPR, they must keep only the absolute minimum of data, right?
Wrong: https://www.theregister.com/security/2025/01/06/data-describ...
https://dailysecurityreview.com/security-spotlight/volkswage...
When a company behaves as your enemy, don't invent wild justifications how they're actually not. At least leave it to their PR team.
It's inconceivable that someone would want to use a car outside of it's specified rules.
On one hand you have: Linux at Volkswagen
"Software development without Linux is no longer possible within automotive environment. Therefore Volkswagen Group IT created and maintains a Linux distribution for our developers. This short talk will highlight our starting goal to integrate into the existing environment, highlight our integration problems and solutions with contributing to upstream. Furthermore we will show where Linux desktop need to improve in future iteration to be a good fitting replacement for other systems."
https://media.ccc.de/v/4486-linux-at-volkswagen
On the other hand you have insecure implementation of telemetry: Wir wissen wo dein Auto steht
"Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
Welche Folgen hat es, wenn VW massenhaft Fahrzeug-, Bewegungs- und Diagnosedaten sammelt und den Schlüssel unter die Fußmatte legt?"
https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-vo...
Compliance is everything, and SAFe (Scaled Agile) is deployed as a blunt instrument.
Management treats software exactly like hardware production lines—everything is just an "engineering process" that can be optimized on a spreadsheet.
The underlying assumption is that individual engineering talent is just an interchangeable commodity. Once you view developers as replaceable cogs, outsourcing the entire infrastructure to the lowest bidder in India becomes the logical conclusion.
It’s a textbook case of process-over-people driving institutional tech debt.
> When the cars were operating under controlled laboratory conditions - which typically involve putting them on a stationary test rig - the device appears to have put the vehicle into a sort of safety mode in which the engine ran below normal power and performance. Once on the road, the engines switched out of this test mode.
>
> The result? The engines emitted nitrogen oxide pollutants up to 40 times above what is allowed in the US.
There's only one reason why they're doing this: it benefits them in some way.
You know how some religious groups will string a rope between two houses, count it as a roof as long as they're within a certain horizontal distance of it, so they can follow the rope on occasions when the religion says they have to stay inside, and they think God enjoys them finding these loopholes?
Germany is like that, but with lawsuits. If anyone with money finds a technicality to sue you on, they will. So you have to be extremely liability averse if you want to be successful in business. Also, liability is almost always unlimited. You can be bankrupted by a single bad lawsuit.
But "unlimited liabilities" gives entirely the wrong impression. German courts do not award punitive damages, and fees are generally capped below that amount in dispute.
a.) a global company in the car-industry being cautious of exposing ANY risk-surface in a product because every issue making it to the field doesn't just bear the risk of very expensive recalls/fines but may also put people's ACTUAL lives in danger, to
b.) the country Germany and its whole society
> If anyone with money finds a technicality to sue you on, they will.
In the car-industry you don't need anyone with money to sue you. If you ship a car which is found to endanger participants of traffic, your company may not recover from the aftermath for years...
And I don't think the liability is the primary problem, they have a problem with freedom and fear that they lose some mechanism for monetisation. This is why you get subscriptions for heating your arse.
Unfortunately, due to the regulations that have blown up in the EU in the last decade, they are right.
It's an easy market to win at this point. The bar has been lowered so much. Already have a nice car? Just don't display utter disdain for your user's privacy and you get our $$.
So understanding why they drop it is IMHO easy. Understanding why they use only attestation based API despite and forcing their third party ecosystem out is stupid. Companies do not understand open communities.
However, VW just seem to make gaff after gaff. Collecting information they shouldn't, exposing information they shouldn't have to hackers via lax security practices.
How many rakes can a company step on?
Now, they're blocking GapheneOS? They've got two hopes of selling me another 'Dub.
(Bob and No).
All of em.
Nobody wanted the crazy touch dashboards, data collection, emissions nonsense, etc.
Just make the damn car you’ve always made. Be reliable.
I have test driven the Kia EV4 and EV3, but I am not a huge fan. I do not enjoy the look of the EV3 and while the EV4 was a nice drive, I kept bumping my leg against the direction selector (which is below the handle for the wipers; But this is a huge nitpick since I am fairly tall, so not really an issue for 99% of drivers).
The main issue with Kia across the board is that their are so darn expensive for insurance. At my current provider, the EV4s insurance would have been 500 EUR more expensive than an roughly equally priced Cupra Born.
Not a huge SUV fan, but the Skoda Elroq and Skoda Enyaq were very nice vehicles as well
Zeekr is getting up there too, but Tesla is going to be leader for ages - most car availability, easiest to service, most hackable software, best in class privacy, tons of third party options.
Beyond the politics involving Tesla, I just do not like the car. I had a Test ride with a Model Y and it just was not a good experience. I hate the touchscreen centered everything, etc. Beyond that, I just want a compact vehicle, which Tesla simply does not offer.
Given Tesla‘s features like the Live camera access and their allegations of employees sharing pictures recorded with the interior cameras of the car, I have as little trust in Teslas privacy promises as with any other manufacturer. They‘re also very expensive in insurance
Make sure that dealers know why you changed your mind.
"Some nerd couldn't use their nerd phone."
What incentive does a dealer have to know or care about this?
I wish that Volkswagen would care about this, but I suspect they have little incentive to do so.
Assuming 25% (might be overinflated) of GrapheneOS are European, that’s 10000 European GrapheneOS users who would buy a Volkswagen car (assuming an unbiased distribution of GrapheneOS users, which is probably not the case though).
I don’t think Volkswagen is in a strong position to say they don’t care about 10000 sales in Europe only.
My buzz loves trying to jerk the steering wheel when it can't figure out how the lanes work.
You are driving the biggest trojan horse of spyware ever created. You voluntarily drive around with that thing spying on you AND me. I hate parking at a parking lot now because every car and its 300 cameras are spying on me, putting my face, car and appearance in a database used to track everyone around you.
I genuinely don't know how people like you sleep at night knowing you're raping everyone around you by enabling mass privacy violations. Grow a spine.
VW is for people that can't afford a BMW or Audi.
BMW/Audi is for people who can't afford a Porsche
Porsche is for people that can't afford a Ferrari.
Once you understand that ladder, just stay off of it, and its all good.
An analogy is trying to make users wear certain clothes when they use your product, and then asking why it doesn't fly.
The pinning you are proposing, does it imply that there is again some certification of the "official" GrapheneOS, versus e.g. the user's own fork of GrapheneOS?
How would any of the existing proponents of remote attestation agree to anything like this, given what we consider abuse is exactly their reason of implementing it in the first place? Here, VW wants to stop use of the API by anything else than their App, in order to stop hobbyists and sell API access to commercial middle men. If the user could pin their own software's attestation or even register an arbitrary public key to cover updates, then the user would as well be able to code his own API client that just emulates the attestation. Is there any write up or discussion of the pinning you propose?
I am really not yet convinced how you want to counter the inevitable abuse that app developers and service providers will subject the user to if the OS security model gives them that kind of power over the user's end device.
GrapheneOS points out how its improved privacy and security should mean that it is accepted in a system like play integrity. But this is just to outline how flawed the logic of play integrity is. It is by no means an endorsement of play integrity. GrapheneOS wants people to know that google is lying and breaking the law, and uses its own exclusion as that evidence. Even if GrapheneOS were accepted into play integrity, it would still exclude any and all forks and self-signed builds of GOS, which is unacceptable. If companies absolutely insist on using this approach despite its flaws, they should use the generic attestation available in android, and permit using 3rd party roots of trust in some form, rather than outsourcing this verification to 3rd parties like google.
As for the pinned attestation approach, that is Trust On First Use, and is used to verify the integrity of a device based on the security of the devices early bootchain. The initial attestation is what future attestation is pinned to. This allows you to verify a device is the same one, it has not been downgraded, has not been tampered with, etc. This is awesome, and lets you do things like what GrapheneOS does with Auditor. But this is not used to restrict what operating systems are used. Root based attestation somewhat tries to resolve the Trust On First Use approach, but is used to arbitrarily ban operating systems in practice. It is super flimsy as any leaked keys can bypass it.
My only concern is your claim that GrapheneOS is for this technology when it is most certainly against it. The nuance is that pinned attestation is a different approach with different properties, and advocating for it does not mean GrapheneOS is not an ally against play integrity.
Auditor also functions as a proof of concept for the potential of attestation, check here for more info: https://attestation.app/about
- Remote attestation is bad, anti-competitive, and reduces privacy.
- Given in a world where remote attestation exists, GrapheneOS should pass attestation, since there are no security reasons not to.
Both battles should be fought at the same time, because if governments do not want to ban remote attestation, you want to make sure that at least it's not in the hands of companies that abuse it to maintain their duopoly.
Focusing on only one of them can lead to worse outcomes.
Has this ever happened?
I do not know the VW app, but other electronic key systems do not require you to have physical access to the car in order to make copies. The keys are meant to be device bound and to have policy (such as I'm giving out access for a week), but that can only be assured via a chain-of-custody attestation system from the boot loader to the app and a hardware attestation that the secure element is proper.
I get that Google doesn't want to be sued for failing to protect its users and indirect users of the mobile phones sold by other companies, but for advanced users there should be an option to update the signing keys used by the bootloader, so that you can unlock, flash your custom ROM, update keys, and relock bootloader. Such a phone should still be considered "trusted" by Google Integrity APIs. But currently there's no way to do this, so basically you don't really own your hardware.
I gave up on custom ROMs trying to extend my devices' lives and bought a Fairphone instead, so I have the assurance from the vendor that I will have software updates for a very long time.
Fairphone doesnt make their own phones, its outsourced to an ODM and Fairphone has very little input on how its designed. They havent "sourced" anything. Fairphone also stops providing kernel updates very quickly and delays userspace/driver/firmware backports for months. They delay yearly updates for years too. This doesnt even touch upon the fact they used public signing keys in the past.
It is not derogatory to say that it is e-waste out of the box, it is simply accurate. Choosing to continue using it despite how unsafe it is does not change the abysmal support it is given. A modern iPhone/android used from launch to the end of its 7 year support time, then properly recycled, would be far better for privacy, security, and for the environment. A support window that long would also provide a strong used market to continue using these devices. Cheap ODM phones with short support windows, and not benefiting from economies of scale, is a waste.
Fairphone 2 came out in December 2015 and saw the last release in March 2023. That's 8 years of software updates when Android devices from that era barely got 3, and you had to pick the flagship.
Kernel updates used to be bound to Android versions because of how the kernel modules development was handled, not really limited by the company or the hardware. I owned a OnePlus 5 and the custom ROM was stuck with older kernels for a while too, until the community stepped up to port it, because there just wasn't an easy way to build kernels with updated custom vendor modules for the hardware. Google addressed at least that part thanks to the Kernel Module Interface (read e.g. https://arstechnica.com/gadgets/2021/09/android-to-take-an-u... ). So newer kernels may still lag a bit based on the manpower available and priorities, but they should be easier to do.
Now that replacement cycles have become longer because hardware is good enough that you don't need to change phone every year, and Android supports KMI and other features that make maintenance easier, more vendors decided to extend support, so at least there's some more choice.
From the environment point of view, I can now finally easily repair my phone. A friend of mine always had bad luck with pixels, so bad that he went through 4 phones in ~5 years (2 bought, 2 replacements). I am at my third phone in 12 years (OP1, OP5, Fairphone).
I don't see how the second half of the sentence follows from the first half.
I think they didn't, so I don't see why them having the responsibility matters.
It completely dismantles your previous goalposts, which were planted firmly on GPS:
>> Not with the necessary precision. GPS doesn't work in tunnels or parking garages and can be wildly inaccurate in city centers with skyscrapers blocking line of sight, for instance.
(I guess we all have the freedom to be as flexible with our goalposts as we wish. I didn't come here for a tireless argument that is motivated by nothing but the desire to argue, though. Have a great day!)
also, what scale of harm do you think exists from those people?
do you really believe that control of one’s own engine should be removed from all vehicle owners if a few people misuse it?
do you understand that vehicle manufacturers use their proprietary systems that control the vehicle to exploit customers?
Serious health complications, particularly to cyclists and pedestrians. Significant pollution surges:
> According to government estimates, the practice can increase nitrogen oxide emissions as much as 310 times, non-methane hydrocarbons 1,400 times, and carbon monoxide 120 times. [https://www.rawstory.com/raw-investigates/rolling-coal-donal...]
> AED estimates that the emissions controls have been removed from more than 550,000 diesel pickup trucks in the last decade. As a result ofthis tampering, more than 570,000 tons of excess oxides of nitrogen(NOx) and 5,000 tons of particulate matter (PM) will be emitted by these tampered trucks over the lifetime of the vehicles. [https://int.nyt.com/data/documenttools/epa-on-tampered-diese...]
I didn’t ask the multiplier of badness of a single individual doing a bad and stinky thing, I asked what you think the _scale_ is. Do you believe that all people with trucks modified to do this are doing it at all times? Or even half the time? How many people do you think are doing it?
In the States, for example: Every state I've looked at has laws that make it illegal to roll coal.
And at least in my own state (Ohio), it's a primary offense. A person can be pulled over and ticketed for this even if they're doing everything else by the book. It's super easy to spot.
It seems that it persists not because of a lack of laws, but because of a lack of enforcement.
We live in a country where freedom is predicated on allowing certain things that others don't like. Being loud and obnoxious is just a natural part of the culture of expressing that freedom. They're not doing it all the time anyway.
They do with enterprise but not the way they do with consumers. There is no point selling data for ads on couple thousand servers for pennies when they make millions with licensing and support.
All the code microsoft, redhat and canonical contribute to linux is open source anyways.
Instructions to fully reproduce a build are here: https://grapheneos.org/build#reproducible-builds (disclaimer: I never tried using them).
But I'm kinda' surprised by the cruise control, I don't think I ever drove a car, even a rental, where cruise control wasn't at least "genuinely useful". Even the non-automatic one. How does it "not take into account vehicles in other lanes"/ what makes it dangerous?
As media piracy and game cheating has shown: no matter how hard you try, there will always be ways around it. You should assume that 3rd-party device you have zero control over is already compromised, so why not use the API as the boundary layer, stop pretending you can secure the app, and open it up to 3rd-party access like it already is in practice?
Unless I overlook something, the worst attack vector for a compromised phone is: you could drain the battery by repeatedly turning on the airco.
Though I guess they are rolling out phone-based car keys, which may be the incentive.
In Dieselgate VW got caught, made the supervisory authorities and politicians look bad, which is why the authorities also weren't inclined to sweep it under the rug completely. They just shielded VW from the financial consequences in Germany (German VW customers got shafted).
Blocking GrapheneOS is the useless "pretending" part of compliance. They don't really want to do security, because that would cost money, so they pick some actions that seem drastic, harsh and don't cost them anything to implement. Later, when there is a security incident, they will point to their huge heap of pretend compliance, whine a bit about state sponsored actors, high criminal intent and other obvious deflecting bullshit. But they will get away with it, because they did the compliance dance, so they are obviously compliant and did nothing wrong. Nobody in authority will look twice als long as they are neither annoyed or made to look bad.
tl;dr: compliance in Germany is performative
And VW didn't single-handedly destroy the diesel market; economics and physics did. Almost every other manufacturer was also fudging the tests results in some way. But more importantly, building a passenger car diesel that meets NOx targets doesn't work; by the time a passenger car diesel meets modern NOx targets honestly, the car contains a ludicrous precious metal loading in the catalyst and is only a few percentage points more efficient in terms of consumption and CO2 emissions than a petrol car and the math doesn't add up. Diesel is just not a practical solution for passenger cars; it never was in most ways, but it took the EU a long time to restrict NOx pollution to a sustainable level and expose the physical issues at hand.
VW knew this but lied to customers and told them they could have both. Dieselgate was their attempt to convince everybody the lie was true.
What VW did was to save money from ThinkBlue systems. Not every manufacturer failed the tests, especially the ones who used exhaust gas treatment did pass, and were more economical than petrol engines. After that, the EU changed emission standards and made them more strict, so VW switched to using dual exhaust treatment. Which made the cars more expensive.
What finally killed diesels was the removal of the tax reduction on diesel fuel. Since it is now taxed the same as petrol, there is no more any advantage that can offset the higher purchasing costs of the cars.
This is... obviously not true?
If you could (somehow) meaningfully damage a car via the app, do you think VW wouldn't be liable because of the Google Play developer ToS?
Same way that banking apps don’t care if you could screw up your account anyway, they will ban rooted phones just to avoid the risk. Because when something happens, what do you think is more likely? That the customer accepts full responsibility for using a rooted device and says that’s on me? Or that they blame the bank for losing all their savings?
Laws mostly don't work like that. The seller of gasoline doesn't have to prove they did everything possible to design the product to prevent anyone from using it for arson, nor should they because that's preposterous.
> Because when something happens, what do you think is more likely? That the customer accepts full responsibility for using a rooted device and says that’s on me? Or that they blame the bank for losing all their savings?
You're making the assumption that rooted phones are more likely to be compromised, but it's entirely the opposite. The stock software on phones regularly goes out of support and has known unpatched vulnerabilities (but will still pass Play Protect) and the only way to get a patched system on that device is to install a newer third party ROM. On top of that, GrapheneOS has better security than stock Android even for the same version.
Moreover, that has nothing to do with liability. When the user with the vendor-supplied firmware still gets pwned and has their account drained, they're still going to go to the bank looking to get their money back. All the bank does by going out of their way to block third party firmware is to make that marginally more likely.
They should be doing this anyways, or else you end up with your Jeep being crashed via wifi [0], and having the blast radius of a corrupt album image [1] restricted to infotainment is probably a really good idea too.
[0]: https://www.kaspersky.com/blog/blackhat-jeep-cherokee-hack-e...
[1]: https://www.theregister.com/software/2022/02/10/radio-statio...
Maybe I have to ask that guy some questions....
That's exactly my observation as well. Classic hardware-producing companies have an immense respect on the step of entering mass-production, as whatever issue that slipped through will be multiplied and physically spread across the world.
So they come from the mindset that the dominant mindset is to minimize the SURFACE-area of potential risk. This makes it really hard for them to compete in software-space, because in software the dominant mindset is to just estimate risk.
Neither is wrong, but applied vice-versa is.
- If you treat software like hardware, you end up cutting out everything that could make your product fit more than your decided main use-case.
- If you treat hardware like software, you're placing a bet on behalf of your customer that the product "will be fine", and a (very expensive) bet that this product won't create an aftermath which may destroy your entire company.
Companies which can't manage the distinction here end up putting hardware in the hands of customers they should have built differently and then spend all their resources on software updates just to somehow keep the core function working.
Pretty much all software products typically talked about on HN are laughable at that scale, they have crashes or weird bugs way more often than the six sigma norm of 99.9999% reliability.
For example, I don’t think it’s even possible nowadays to buy a new iPad and use it with default apps and settings for any significant duration continuously. It’s well under 1 million minutes of uptime before failure and a hard restart is needed.
So anything more complex than the simplest possible use case of an iPad is even more of a joke under hardware norms.
No one said that it shouldn't.
What I wrote is, that the approach of minimizing any SURFACE of risk in software creates the (subjectively good and solid) software of previous car-generations (in Volkswagen terms: MIB2 ~ a bit downhill already in MIB3): A solid, predictable and closed product fulfilling its core use-case.
But it DOESN'T create a user experience with those "fun" niche features, competitive remote-access Smartphone features, exposed API's, sudden new features during lifecycle, funny "ludicrous modes" etc.
And today's customers are demanding those features, it's now a hygiene factor for a premium experience on Smartphones as well as on cars.
A Tesla is not considered a "Premium" car because of its premium hardware or manufacturing quality. They disrupted the car-industry by being the first to apply a software-dev mindset to it, and the consumer perceives this as premium.
https://www.go-parts.com/garage/brake-pedal-tesla-cybertruck...
https://www.tparts.com/blogs/tesla-latest-news/tesla-issues-...
It's bad quality hardware hiding behind an cleaner engine and some software features.
It is EXACTLY the product of a hardware company which keeps treating hardware-production like it's software, as described above.
warkdarrior•1d ago
> Please note that the use of the Volkswagen app is only supported on iOS devices and Android devices with supported operating system versions.
Is it time to mandate app developers support all operating systems for a device?
Arainach•1d ago
If you choose to use something like GrapheneOS, you are signing up for the fact that almost no one will test on your platform and plenty of things will be broken.
queeshonda•1d ago
Fuck that.
warkdarrior•1d ago
Maybe then app developers should be mandated to open fully their server-side protocols, so people can create apps for platforms that are not supported by default. No more undocumented APIs, anybody can get an API key, no API serving limits!
microtonal•1d ago
https://news.ycombinator.com/item?id=48319509
midasz•1d ago
DANmode•1d ago
It can even make you a great/better one…
_factor•1d ago
DANmode•1d ago
esikich•1d ago
tedajax•1d ago
watermelon0•1d ago
microtonal•1d ago
Hypothetically, if GrapheneOS wanted to become a certified Android, it would probably not be blocked on technical reasons, only that becoming certified (last time a contract was leaked) requires running privileged Google Play Services (which is less secure) and pre-installing a bunch of Google apps that should not be uninstallable.
How is that not anti-competitive?
HybridStatAnim8•1d ago
The issue is not that this application isnt tested on GOS, its that an anticompetitive, illegal tool is being used to ban non-certified OSs when these apps would work perfectly otherwise.
_imnothere•1d ago
Obviously VW broke the app for GrapheneOS (or any other custom ROM) on purpose, and ironically, things usually works fine for custom ROMs than some Chinese OEM customized ROMs, and when it works, it means the developer went extra miles to implement workaround to cater the flawed OS.[1]
[1]: ref: Years of Android community experience
dj0k3r•21h ago
queeshonda•1d ago
warkdarrior•1d ago
arkon_hn•1d ago
HybridStatAnim8•1d ago
Dont let their boilerplate responses fool you, tools like play integrity only serve to push anticompetitive practices. The claims about not being able to support GOS are nonsense, and all they did was break existing support.
bossyTeacher•1d ago
chasil•1d ago
I have moved most of the my finance activity to it, along with my license and passport. I would never trust a Google device with this much, and the convenience has been profound in a few circumstances.
I would relegate any intrusive apps here, and happily deny them cross-app tracking privileges.