You can't, it's required for eCall which is a mandatory feature in Europe.
Unfortunately, it's fraught with issues, especially for the very first eCall modules where the hardware supported only 3G (HSPA)... which is being phased out across Europe together with GPRS (1G)/EDGE (2G), leaving these cars without a working eCall system - and no upgraded hardware modules in many cases.
I mean we can also change laws again in europe (in favour of that) - but we could also keep it as a separate module. So the LTE chip only gets used for an emergency call and nothing else. No remote control.
Unlikely to happen, but possible (not 100% safe, but good enough).
If you don't turn on the LTE chip, it can take a while to get registered or a network in order to perform an emergency call. If the LTE module is turned on (the same applies for mobile phones) the network operator will know your coarse location because of the LTE specification itself. Furthermore, all communication equipment is legally required to support Lawful Interception; and LTE is no exception to this.
Was my sentence that unclear? I constructed it as a OR. Either change the laws (my favourite solution as I don't like enforced modification of my car) - or use a technical solution to just meet the law.
Can you explain why these protections are not sufficient for privacy?
> 112 eCall is not a black box. It does not record constantly the position of the vehicle, it records only a few data to determine the position and direction of the vehicle just before the crash and these data are only transmitted to emergency call centers if there is a serious crash.
> eCall cannot be used to monitor motorist's moves. The SIM-card used to transmit the eCall data is dormant, i.e. it is only activated in case the vehicle has a serious accident (e.g. the airbag is activated).
>112 eCall is not a black box. It does not record constantly the position of the vehicle, it records only a few data to determine the position and direction of the vehicle just before the crash and these data are only transmitted to emergency call centers if there is a serious crash.
That statement is factually inconsistent. Either 112 eCall incorporates a time travel device or it must constantly record the position and direction of the vehicle and other data. In theory, that data is then deleted, but you have no way to verify that it is - and it would only require a trivial, unnoticeable software update to modify this.
Thankfully, we're safe. Car software is notoriously high quality and rarely hacked. All governments are fully trustworthy, especially around espionage and privacy, and have a perfect track record of never lying to the public.
Look, the European Commission stated that it cannot be hacked; "hackers cannot take control of it", from ec.europa.eu. They built an unhackable device. I am not sure what you could be worried about. If the government tells you something cannot be hacked, then it cannot be hacked. Furthermore, none of the EU member states have been found using other infrastructure to violate privacy laws.
It's not. It just stores the last speed/wheel position/brake state data that it receives when the "collision imminent" condition activates. In some cars this can be literally the same signal that deploys the airbags.
> Look, the European Commission stated that it cannot be hacked
Pretty much. It's just a normal LTE radio, that is normally inactive. It technically is hackable, but I'm not aware of any hacks of baseband firmware of this severity.
Sorry, that's incorrect. I have actually read the law and its relevant standards. The standard requires at least two pre-accident locations to increase accuracy and other fields with pre-crash data are encouraged.
And come on. Car manufacturers, which are notorious producers of insecure software, are legally mandated to make an inexpensive device which includes an LTE radio and a connection to the vehicle buses, and you think that is... unhackable? I can't tell if you're trolling me, but your average blackhat only needs 1 of (shitty car OEM software/LTE radio/vehicle bus connected device) to break into a system. This system is a trifecta of hackable crap. To call that, of all devices, "unhackable" is priceless.
The MSD (minimum set of data) is defined in: "CEN 15722 ESafety - ECall - Minimum Data Set".
The original standard version defined only one location datapoint, the more recent version defines two additional _optional_ points ("recentVehicleLocationN1", "recentVehicleLocationN2"). It also allows specifying the number of passengers.
The mandatory datapoints include the location and direction of the vehicle, but they can be acquired as needed.
> I can't tell if you're trolling me, but your average blackhat only needs 1 of (shitty car OEM software/LTE radio/vehicle bus connected device) to break into a system.
I'm not aware of black hats hacking into a modem that is passively tracking the mobile networks. It's theoretically possible, but I'm not aware of such feats.
Sorry, your comment is incorrect again. The most recent version of CEN 15722 requires the two most recent locations before the incident location.
The modem does not have to passively track the mobile networks; it can do what it wants. The common OEM implementation these days is that the physical device that does eCall does several things, including eCall, over the same cellular radio. There's nothing stopping the OEM from connecting to a random website and eval()ing the result.
You seem confident in the security of this unhackable system so I will point out some of its other security weaknesses. Several eCall device implementations include Bluetooth modules (both "unused" as part of hardware and implementations that use Bluetooth.) Bluetooth is as secure as a wet cardboard box, so you could take BlueBorne or one of the six million other Bluetooth exploits that work on a non-discoverable device just sitting on the shelf, get in that way and boom, you can transmit whatever you want over the cellular radios. Vehicle infotainment systems are pretty insecure on average and are frequently hacked, so you could take over the infotainment system, get into the CAN bus that way and then send bad data to the eCall system, which is in the business of processing and responding to CAN data.
But those are just a few of the million ways; you could write up attacks all day long and you wouldn't scratch the surface. The facts are: this is a system with cellular radio(s), a CAN bus connection, sensors that constantly listen and interpret data; this is a large attack surface, built by OEMs that write notoriously insecure software. It is, by any reasonable judgment of those facts, a pretty hackable system. And yet, the European Commission goes around telling people that it "cannot" be hacked.
Anyway, this will be my third comment in a row here telling people that their comment is plain incorrect, so I'm going to have to leave the discussion here. I hope that my words provide some food for thought - for the next time that a system that could track you becomes legally mandatory.
> Sorry, your comment is incorrect again. The most recent version of CEN 15722 requires the two most recent locations before the incident location.
I have the standard open, and I don't see it.
> The modem does not have to passively track the mobile networks; it can do what it wants.
Sure. So just choose an automaker that doesn't provide data subscription services and/or don't pay for them. The eCall requirement in itself doesn't require tracking.
I can't believe I'm still responding to this, but your comment is incorrect. Again. If you are reading a version of CEN 15722 where the two most recent locations before the incident location are not required, then you are reading an outdated version from over a decade ago, which has been withdrawn in favor of a more recent version for some years now. The year is displayed prominently on every page of the standard, and the validity is _required_ to be indicated before you even open it, so I have some doubts if this is a genuine mistake.
It's been a while since I've seen the pro-surveillance argument of "well, you can just do this uncommon or difficult thing if you want to evade surveillance!" In several European markets, for several vehicle types, there _are_ no vehicles without OEM-connected cellular radios. Some OEMs don't even advertise it; it is used for activating features, or "security." Other OEMs will not _fully_ disable cellular connectivity even if you stop paying. If you're an OEM mandated by EU law to include a cellular modem and a location recording device, you might as well make some use of that - and they do.
Your privacy should not rely on the government's "trust me bro" and it's like we forgot about China owning SS7 last year lol. No, it is plainly obvious to me that the mandate for eCall and the lack of an owner off switch for it is for nannying and surveillance FULL STOP. No option to opt out must be treated the same as the violations to privacy they are attempting to pre-construct the conditions for.
Well, for starters, the SIM card in the eCall system is only needed to receive a callback from the 112 service if the call drops, which the system automatically picks up. You can actually dial 112 without a SIM card in your phone, as a GSM device without one can still connect to nearby radio towers in a "limited-service set," better known as "emergency calls only."
I know some carriers have strange quirks in their SIM provisioning systems. For instance, it may take more than a few minutes or require a specific type of coverage (like UMTS) for an otherwise "dormant" SIM card to activate from limited service on short notice.
And naturally of course you don't carry a cellphone with you while you drive...you know, that device with accelerometers, GPS and an LTE chip that you leave powered on all the time on your person?
You are also free not to use a mode of transportation. You can, for example, buy an old car, register it on a historical number plate, and you’re good. There is no retrofit requirement. If you want a new car, suck it up.
I'm always amused at people who deem future and freedom of choice incompatible and effectively stating that the end game of all progress is absolute slavery and obedience.
Other than having some vested interest in denying people's right to choose between positive and negative aspects of progress, or having a Stockholm syndrome towards those who have such interest, I got no plausible explanations to this psychological phenomenon
Ah yes, brilliant reasoning. "You carry one device that can be tracked as long as you're carrying it so what's the problem with having tracking baked into your vehicle?"
I can actually remove my number plate. One tool, five minutes, car still drives.
And of course it's a tracker. It reports my location to a third party. There is no other definition for it. That it purportedly only does this during an "emergency" is not something I can verify nor trust.
I’m certain you aren’t that important for anyone to care.
Yes: it reports your location to a third party. When you have an accident. So you can get help.
And of course it can be verified. At the end of the day it’s a sim card in a passive mode. Maybe you don’t know how to verify it. There are millions of them driving around. I’m sure someone more qualified than you would have already reported if they were tracking in real-time. The system is nearly a decade old.
> I’m certain you aren’t that important for anyone to care.
Storage is cheap. We know the NSA hoovers up everything it can and puts in a database. This is facile reasoning.
> So you can get help.
How many accidents resulted in fatalities because 911 couldn't find the victim? What's the percentage on that you think? Is there _no other way_ to get help other than this system?
> I’m sure someone more qualified than you would have already reported if
You're just full of confidence. Pray tell where it comes from. What makes you believe this is true?
> You're just full of confidence. Pray tell where it comes from. What makes you believe this is true?
I trust in people who look for this stuff as a daily job, or because „they’re here to get you”. Because you know a sim card in the open is really easy to verify. And there are thousands of them driving around but also easily approachable sitting targets in every possible setting.
But you double down. I find this discussion pointless.
> How many accidents resulted in fatalities because 911 couldn't find the victim?
You’re missing the point of the eCall system. Think out of the box. What if there is no witness? What if everyone in the car cannot get help
Everyone who could reach out for help, received it. Can you tell the same about those who weren’t able to contact first responders in time? Maybe they’re still missing! It’s called survivorship bias.
Almost like sometimes people get seriously injured in car accidents and can't get to their phone, assuming it's where it was left prior to the accident.
Let people decide if their fear of death warrants all kinds of surveillance on them and not shove that down their throats as in "we know that many of you would opt-out of being tracked so we made it mandatory", alright?
There's nothing at all sensible about legally mandating that all cars must have a device which can be used for surveillance. Still less so for something which is at best a marginal gain in safety.
You can't, it's required for eCall which is a mandatory feature in Europe.
Unfortunately, it's fraught with issues, especially for the very first eCall modules where the hardware supported only 3G (HSPA)... which is being phased out across Europe together with GPRS (1G)/EDGE (2G), leaving these cars without a working eCall system - and no upgraded hardware modules in many cases.