If you never connect these to wifi you never get collected
this post was submitted on 18 Apr 2025
18 points (82.1% liked)
Privacy
5800 readers
2 users here now
A community for Lemmy users interested in privacy
Rules:
- Be civil
- No spam posting
- Keep posts on-topic
- No trolling
founded 2 years ago
MODERATORS
My car WiFi is turned off. I didn't pick up anything at all from my car while doing the wardrive.
If you never connect these to wifi you never get collected
That's not true. I didn't connect to these cars, I was just doing passive scans. These vehicles are constantly sending out their SSID, as is the case with all WiFi.
These vehicles are constantly sending out their SSID, as is the case with all WiFi.
Untrue. Your hotspot can be configured not to advertise. Clients can then only connect to it if they already know the SSID and enter it manually.
Yeah, but hardly anyone does that - as was made apparent by my 20 minute wardrive. By default, WiFi is constantly shouting "here I am!"
Where or how did you see that? As bluetooth clients?
Bluetooth radios have unique mac addresses, so adding a relatively common first name to it doesn't mean much, if someone wants to track you via this, it doesnt really matter if it's 04:ad:22... or Geodad's car
I don't know why the car has the persons name, but it's the same thing with most peoples smartphones. People usually never turn off bluetooth when not in use and it's always blasting their name. Though it is of course easier to see who Oscar is when there's a whole car model to match it to.
For car's, I wonder why they can't only blast a device name while in pairing mode. Dunno of it's just not a possibility, but that seems smort.
All these cars had cell modems and shared it as WiFi hotspots.
There's also Bluetooth radios all over, and those tire pressure monitoring systems, which I understand are legally-mandated on new cars, broadcast a unique identifier.
https://askmyauto.com/are-tire-pressure-sensors-required-by-law/
Are Tire Pressure Sensors Required by Law? A Comprehensive Guide
October 15, 2024
Yes, tire pressure sensors (TPMS) are required by law in several countries. In the United States, TPMS has been mandatory for all new passenger vehicles since 2007 under the TREAD Act. Similarly, the European Union mandates TPMS in new cars sold after 2014.
https://medium.com/@doctoreww/day-2-your-car-is-trackable-by-law-1d5f74388850
To prevent TPMS systems from mixing up which tire goes to which vehicle, each TPMS sensor has a unique ID. The transceiver module in the car is told which sensor ID’s go to which tire and displays tire pressure accordingly. TPMS sensors can be forced to immediately send the tire pressure (and thus their ID) when the receive a particular signal. This signal is used in products like this to send pair the TPMS to the car.
Problem
Although a unique ID can be used to avoid other TPMS sensor’s messages on the road, this unique ID can also be used by an attacker to track a vehicle’s movements. This ID is broadcasted unencrypted and, therefore can be used to track when a particular vehicle has passed nearby.
Silly question but what are you talking about?
Where did you see names?
There are a few pieces of war-driving software available on F-Droid. I just started one up to log my trip home for Flock cameras, and caught a ton of vehicle WiFi chatter.
Water diving?
Anyway I don't really see Wifi as much of a privacy risk. There are way more concerning things than Wifi. For Wifi to be attacked you need very specific conditions one of those being close proximity.
In the past you could've used Wifi for physical tracking when people visited a place but now MAC address randomization is a thing and modern devices do not broadcast discover frames for Wifi.
I don't really see Wifi as much of a privacy risk.
When you put your name on the WiFi, and combine that with your license plate being visible to everyone. That's a lot of personal information that you're leaking.
Water diving?
That was an Auto-Incorrect.