Privacy

39887 readers

282 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

268

I can track my old lease car (lemmy.ml)

submitted 1 week ago* (last edited 1 week ago) by kcweller@feddit.nl to c/privacy@lemmy.ml

26 comments fedilink hide all child comments

So, I still receive telemetry information from my old lease car, a Kia e-Niro, to my app. A huge, HUGE privacy issue.

I made sure to remove my profile from the car before turning it in, and doing a factory reset of the car's software.

I can see everything, AC, whether there are doors open, odometer, and above all, location.

Also tried to see if I can turn off the AC, but any commands throw an error, so disabling my account on the car at least did something 😅

I had it in the Netherlands, it's in Poland, and it looks like it's on its way to Ukraine.

Kia, you need to check your security.

Edit:

Holy shit it gets real bad. I can lock and unlock the car.

you are viewing a single comment's thread
view the rest of the comments

[–] nonagonOrc@lemmy.world 34 points 1 week ago* (last edited 1 week ago) (3 children)

Cybersecurity professional here, I'd read up on Kia's responsible disclosure policy, to avoid any potential trouble, and for guidelines on how to disclose it to them and handle this ethically.

https://www.kia.com/eu/vulnerability-disclosure/

Unfortunately they don't do bug bounties, which is too bad.

Edit: I wouldn't listen to people telling you to lock the car, exploit it in other ways or disclosing it to the media first. That is unethical at best and illegal at worst.

[–] otter@lemmy.ca 8 points 1 week ago* (last edited 1 week ago) (2 children)

This comment is being reported. Did you mean to post a different link?

[–] nonagonOrc@lemmy.world 12 points 1 week ago* (last edited 1 week ago) (1 children)

Oh wow this is very embarassing very sorry about that. Edited to include the proper link.

[–] otter@lemmy.ca 5 points 1 week ago* (last edited 1 week ago)

Thanks!