I wonder what happens if you disable the e-SIM (in the US) and then a safety recall appears via software update - do dealers have any way to update control modules besides OTA?
This is a huge unresolved issue with EVs IMO; ICE cars are required to provide emissions-relevant updates over software which can operate using a J2534 passthrough device, which effectively means powertrain modules have to allow (potentially signed) updates over CAN using software that can be obtained by an end user (a lot of people don't know this; for almost any ICE car in the US, you can buy a 3-day or 1-week subscription to the dealership level diagnostic software for a somewhat reasonable fee and use it with a J2534 device).
But for EVs, there's no such rule and as far as I can tell it's entirely a gray area in the US now; the NHTSA require a "remedy" for recalls but nobody seems to have pushed back to determine whether OTA is truly a remedy. The traditional autos all offer dealerships as a backup option, but Tesla and Rivian have several recalls with only OTA remedies already. This seems sketchy.
I would assume so. Even on older cars, service techs can typically manually push firmware updates over the OBD-II / J2534 port. Rivian's OBD-II port actually hides an Ethernet signal inside of it - so the interface is certainly there.
Fun fact: You can buy an Ethernet adapter directly from Rivian here to connect to the car's internal network: https://rivianservicetools.com/Catalog/Product/TSN00535-300-...
Nice. This is really normal now, for what it's worth - all of the European makes have moved this direction as well (DoIP over ENET). There's shockingly little documentation about Rivian online, though, probably because emissions regulation doesn't mandate it.
https://automotivevehicletesting.com/vehicle-diagnostics/doi...
Edit: I eventually recovered most of the cost via a settlement court.
Kia's engines are known to fail predictably even within first 100K miles. They extended their warranty because of it. But then they weasel out of it unless you hire an attorney and go to war.
If this were a widespread policy I bet class action lawyers would be all over it without you having to pay for it.
As if I needed another reason to keep my 2014 skoda.
If i ever have to get a new car, i will disable telemetry, and i will buy it either without telemetry, or with the agreement that i do not consent to telemetry.
(read the fine print before getting a new car. the shit they can do that can go wrong and you have to pay for.. no wonder old cars cost as much as new ones.)
They're worried about the cost of a new car, and the cost of all the electronics, should they go bad.
I get some updates OTA, but the dealer has to install some others, and when I took it there they updated it with a USB stick.
Rivian are probably the only major manufacturer I've never had a chance to look at in any RE capacity and I'm getting more curious by the second. The reaction their vehicles had to the infamous bricked-infotainment update actually represented a pretty good adherence to safety guidelines (the drivetrain as well as the speedometer and warning lights on the cluster still worked in a degraded format even when the infotainment was bricked) IMO, so they do seem to apply a reasonable degree of care.
What if they did the EV equivalent of Dieselgate[1]? Say it has a dangerous amount of torque or something, but you like that.
Could you just turn off the network and keep it in the desired (unsupported) state?
[1]: https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal
Whoa, didn't know that. Well the caveat is finding a decent J2534 device, right? There are a lot of cheapo knockoffs. Then actually knowing how to use the software with it.
https://www.crvownersclub.com/attachments/tsb-15-086-crv-tra...
My car needed another key. The stealership quoted me >$400 for it. I took it as a personal insult and did the research and ordered an OBD device and also discovered you can order replacement keys on aliexpress, and they'll even cut them for you with a good picture of your existing key. It was actually a fun project and very satisfying when I was able to successfully program and link the RFID chip to the ECU to start the engine.
May not be feasible with more locked-down modern cars which I wouldn't touch with a ten-foot pole, but I was able to fix it for about $150, not including my time of course. But I have the OBD device to use next time now as well.
The other reason i did it is because the dealership and other shops quoted me over 10 times the cost of parts, and I literally did not have the money to take them up should i have wanted to. Car maintenance is expensive, _especially_ at the dealership.
Of course they do. It would be absolutely silly not to. And in the case of safety recalls, their duty to inform you would entail a more traditional and substantiated disclosure i.e. a letter.
Yes.
You get a letter in the mail asking you to take your car to the dealer so they can install the update.
Been there. Done this.
> do dealers have any way to update control modules besides OTA?
Yes.
I believe the truly concerned/paranoid will not want to take their car to the dealership for updates at all. Which would, IMHO, be a mistake: having known security holes in your car's software is more likely to lead to a privacy invasion (via getting your car hacked at some point) than letting the dealership get their hands on it for a few hours.
(I should note that all of this is theoretical for me: I drive a car that's old enough it doesn't have any software).
EDIT to add this P.S.: Actually, I can think of one category of people who would be concerned enough to turn off the car's ability to connect to the Internet, but feel fine about taking it to a dealer for updates. That would be people who want to turn off the car's Internet connectivity not because of privacy concerns, but because they don't want anyone to be able to disable the car (either via hacking or via "legitimate" means, i.e. the manufacturer does it) while they're driving. Such a person would care a lot about the car's Internet access being completely off while they are driving, but not care about it being turned on while it is at the dealership.
(https://www.mozillafoundation.org/en/privacynotincluded/arti...)
>Nissan earned its second-to-last spot for collecting some of the creepiest categories of data we have ever seen. [Their privacy policy] includes your “sexual activity.” Not to be out done, Kia also mentions they can collect information about your “sex life” in their privacy policy. Oh, and six car companies say they can collect your “genetic information” or “genetic characteristics.”
Some laws require discussing very specific lists of categories of information they might have. I'm guessing this is a completionist CYA lawyer accounting for this.
There's another post on this article asking for an EV that doesn't: "need internet connectivity via wifi/esim at all? I'm looking for something really simple. A chassis, four wheels, an engine, airbags. Basically my current ICE car, just electric."
I'm hoping that they get a lot of good suggestions, but I'm not holding my breath.
Someone with the requirements you outline is not in the market for any new car, regardless of powertrain.
Glad it's an option be it for regulatory compliance, security, privacy, or any combination of the three.
So if being VC funded puts you off an editor, being VC funded may also put you off ycombinator.com
Same, same.
Nothing made me skeptical about the tech industry like working for a VC-backed startup. Ugh.
Fully agree. I also feel like a lot of companies do not need to be on the stock market, especially if they're reasonably profitable, feels like the stock market is where you go to let go of more of your company just to get rid of the VCs whom you owe a lot of money to.
Knowledge of this setting has shifted my perspective considerably.
edit: not enough to ditch Sublime, however.
Sources:
https://news.ycombinator.com/item?id=46501220
https://code.visualstudio.com/updates/v1_104#_hide-and-disab...
Kudos to Rivian for making this a supported user privacy feature.
I do distinctely remember strongly disliking the user agreement I signed for the "internet connected" features of the car when I bought it. 100% rubbed me the wrong way and I couldn't' find a way to opt out, and I wasn't so motivated to physically remove it from my new car. Thankfully.
Shouldn't have to trade privacy for safety.
You shouldn't have to, and yet...
https://www.ftc.gov/news-events/news/press-releases/2026/01/...
My phone does this now. Most phones do it now.
This is the company whose flagship voice assistant, in 2026, can’t tell the intended recipient in a sentence like “Text Bob Mary signed the deal.” And if my phone happens to be thrown into the back of the car by the crash, I doubt anyone will be able to hear me.
Not to mention that OnStar has operators who talk to first responders. the cell phone thing will just call 911 and hope for the best.
I pay for OnStar, and think it’s worth it.
That lasted about 6 hours before I figured out how to switch back to Assistant.
1. For years "Navigate Home" has done exactly what you'd expect, then one morning it decides traveling to Home Depot is the only possible interpretation.
2. A bog-standard timed alarm goes off, and half the time "Silence Alarm" leads to it insisting that there are no alarms going off right now.
What stings is that these aren't issues with ambiguous grammar or unusual phrasings, these are extremely predictable commands for features I would expect in the minimum viable product.
You can be using CarPlay to navigate at that moment to a destination, and because of the way my fiancee has Siri set up, if she says "Get me directions to the nearest Starbucks", Siri will say, "I'm sorry, I don't know where you are."
Only if it hasn't been crushed, damaged, or otherwise flung out of the vehicle that crashed so violently that it's actually upside down, as noted in the original comment.
Same. This is the first thing that I've ever read that makes me think I might be willing to buy a modern vehicle.
A: never once installed the app or registered an account, which flummoxxed the salesman so much he argued with me for 10 minutes trying to say that I had to set up the app to even take delivery, even though I paid cash in full. He even cried to mama (the manager) to find out what to do about this impossible situation. In the end, of course you do not actually need to install the app, even temporarily just for a one-time setup, or even register an account. But MAN do they want you to.
B: Within a few weeks found that someone makes a kit that lets you completely disconnect the telemetry & internet functionality module while providing some pass-through connections that normally go through that box.
Apparently in this case all the bad stuff is conveniently in one box you can disconnect, and still have normal bluetooth for android auto, apple car play, or plain bluetooth headset & media. So still have gps & media on the console stcreen. I can only assume that this won't stay so convenient. They could have anything require anything else any time they want.
They do offer an official way to disable all internet features (remote start from your phone from any distance, remote vehicle monitor, tracking/shutdown, etc), but all that does is disable the useful functions for you, while not disabling any of the functions they use for themselves. It's still actively logging and uploading data, and they still have the ability to remotely track and even disable the vehicle.
I've been to the dealer (different from purchase) once for a free oil change and they didn't say anything. So idk if they even tried to do any updates, or they have some other way to do it or what.
But don't worry, the FTC is out to protect you. Their settlement with GM says that can only sell your name attached to zipcode resolution location data and only sell your precise location trace attached to an opaque ID rather than your name.
The gen 1 system uses cameras primarily. It’s not awesome lidar or AI. It needs up to date road information.
I’ve been driving down I-5, a major interstate and had it turn off on me, presumably because I hit a dead spot, as conditions were fine and I5 is one of the most popular routes there is.
I’m fine with all of this. I prefer that it hand back control to me rather than make me another statistic like Tesla’s system.
I'm very curious at what level the restrictions operate. With every other manufacturer I've looked at, they're extremely coarse-grained; it's more like "is there a known long-time-horizon hazard in this area that is known to impair the system" than a "we mapped every lane and you need a database." I wonder if your I5 issue was a weeks or months-old construction area, for example. I haven't looked at Rivian much, though, and it could be totally different or extremely fine grained, there's no reason to suggest otherwise either.
But maybe that’s what you meant?
I think that's only for the speed limit alarms. Wouldn't have that if people would stick to limits, I guess...
That is a desirable outcome.
I have driven about half a dozen vehicles with this feature, and it has been annoying 100% of the time, and never helpful at all. In the company van I drive (Citroën Berlingo) I have to disable it every time I start the car. The lane keeping gets confused all the time by snow or dirt or when merging onto the motorway, or fucking background radiation - I dunno. It always shocks me when it pulls on the steering wheel. This crap should be forbidden. In the same car I also have to disable the start-stop system so as not to destroy the engine. Aside from that it's a nice enough van for a diesel, but I've been ruined by electrics.
In my own car (Nissan Leaf 2021), it stays disabled. But then it shows me a lawyer screen on every start asking me to consent to handing over my first born son etc.
Imagine if proper EV's had been invented in 2005 - we would have had some awesome cars.
Did you also disable ABS and refuse to use smart cruise control?
My friend's 10-year-old Toyota will chirp annoyingly if you drift over a lane line but that's all it does. It doesn't have any ability to steer the car back into the center of the lane. Is that "lane keeping"?
I can imagine it can save a life someone dozing off and drifting.
Smart cars can record street views, location of WiFi access points and GSM towers, and this data is useful for guiding missiles and drones when GPS is being jammed.
And how can we deal with this? Inspections on import? Country-level DPI to block data exfiltration? But DPI is not perfect because there are obfuscation and VPNs. And today we have Starlinks as well, which are difficult to block. Except from banning foreign smart cars altogether, there seems to be no simple solution. Or maybe oblige the manufacturer to use local computer boards and software when importing cars?
> In the EEA, Windows will always use customers’ configured app default settings for link and file types, including industry standard browser link types (http, https).
https://blogs.windows.com/windows-insider/2023/11/16/preview...
Cell connected vehicles are unnecessary and a danger for so many reasons.
For anyone in the same situation, https://web.archive.org/web/20260430234304/https://rivian.co... leads to the correct page.
https://en.wikipedia.org/wiki/Slate_Truck
Unlike most vehicles sold in the United States, the Slate Truck is not expected to have any in-car entertainment system; instead, customers are expected to use their own mobile device for audio streaming, navigation, and over-the-air updates for their trucks.
I have a garmin watch which is great for overland hiking, multiple day expeditions etc
I download the maps and the watch has GPS to plot where I am on that map. My watch doesn’t have an eSIM at all.
Rivian is an adventure brand so if they wanted to design a maps system like that, where I am not continually downloading tiles from open maps or google and sending my location to them and others, they probably could
I just don’t think they have space for those types of features most people don’t care about while they are trying to compete in a rough industry and deliver new vehicles
The experience was even comparable to today's experience - I've been auto-routed around a road closure, like, twice in 5 years? And it _failed_ to route me around a road closure probably twice as well?
Curious why lane keeping assistance would need to communicate externally. Isn’t all this processed in the vehicle?
Lane keeping assist likely (a) shares data back to Rivian, and (b) depends on GPS and (live) map data to know location specific settings.. that there are 4 lanes on this road and the left 2 lead somewhere else (etc). Line detection (on-device) isn't always reliable (snow, rain, ice, mud, gravel, construction)
And at least the object-on-road feature is one I'm glad they have. I once saw a truck ahead of me in my lane suddenly swerve hard onto the shoulder, which alerted me to danger. (The truck driver remained in control of the truck, thankfully). And there was a wooden pallet lying squarely in the right lane of the highway. I avoided it by moving into the left lane, then once I spotted a mile marker I pulled over and called 911 to report the traffic hazard. About ten minutes later, as I was driving on, I saw a police car on the opposite side of the highway, heading towards where I had reported the pallet on the highway. No way of knowing whether that car was the one responding to my call, but the timing suggests it was. Hopefully nobody had an accident before the pallet got cleared away. These days Google Maps would be able to alert people to the hazard before they got close, so nobody will be in the situation I was where the vehicle in front of them blocked their view of the hazard until they were quite close.
Long story short (yeah, yeah, I know: "too late"), some Internet-required features of modern navigation are ones I'm glad they have.
Why is that? I really don't want to bring it to the shop to turn off the radio. In Canada it's a toggle in the settings. Is there Canadian legislation mandating this or something?
This was decades and decades ago, imagine now??
When I bought a 2025 Suzuki Jimny XL, I wanted a car, not a computer on wheels.
- physical buttons everywhere
- head unit is the only touch screen
- Non-invasive safety features
- No firmware update
- No internet connection
- No enshitification
It is what cars used to be back in the day with minor modern touch like LED headlight. Its headlight does not have direct connection to the ECU.
Toyota cars, especially the new ones can be stolen by breaking the headlight and using its harness to talk with the ECU. Virtually speaking, all Toyota cars are being stolen like hotcake in Australia.
People buying these EVs do not understand how deep it goes buying a car you do not own.
Testa has done this over and over, removed features from the car via OTA update. Car was never meant to be a computer on wheel.
Edit: and mad
hmm. not sure who this 'rest of us' is. is it a free-range organic bot farm?
I see your type of people on Twitter all the time, they complain that someone was critical of Elon (and in this circumstance he wasn't even calling out Elon. He literally commented on a known flaw with the Cybertruck) yet people like you come out of the woodwork and defend everything. You've got yourself worked up about something that has nothing to do with Elon. I always like checking out those peoples profiles and their whole life revolves around Elon. That is a bigger disorder in my opinion.
Maybe your the problem?
I certainly appreciate that disabling network connectivity is even possible, but a bit scummy that non-Canadians have to make an in-person service appointment.
Is there some Canadian law at play here that requires they permit Canadians to disable this easily from the GUI? Would love legislation like that in the US.
Can someone provide what needs these feature covers? Like, what are some reason to disable all internet connectivity?
I am genuinely curious.
Having ranted a bit though, in the world of car companies an official policy on how to turn data off is amazing. The bar is so low right now that it is crazy to think this terrible implementation riddled with dark patterns is a 'win'. These companies need to be shut down.
It’s not such a stretch to believe that there’s some aspect of this that is specific to a driver or to a vehicle, and so requires that they collect your data. Even if this is not accurate, I can see a business making the decision that, given they need more and more data to improve the model, they would not allow customers to opt-out of that training cohort and still use the feature. Incentives etc.
Directionally though, I am with you on auto telematics data collection; I am not sure you can even buy a new car in the US that doesn’t ship with tracking, and many manufacturers (like the one who makes my car) don’t allow opt out at all. Fcking Stellantis
I'd much rather side with the company that was willing to allow the user to disable net connectivity...
- I already pay for internet on my phone, I'm not interested in paying for another cellular service just to get maps and music streaming on the screen in my car. GM ditched CarPlay specifically to push customers to their subscription service. I know some electric automakers are offering it "for free", but I do not trust that it will remain free, and that's important when spending tens of thousands of dollars on something you plan to use for a decade+.
- Third party app ecosystem means I can use the maps and music player I want, and not just what my car manufacturer decides is worth including.
- Auto manufacturers suck at software. I've yet to use an infotainment system that wasn't a stark downgrade from CarPlay.
Basically, my car shouldn't need an internet connection because my smartphone already does all the same things but better.
Instead, Rivian adds a purely performative toggle that makes the car's navigation largely useless and doesn't provide a good alternative.
Automotive power relays are at least a thing, but they're expensive consumables that have significant power draw.
In either case they would have had to add the components at design time and do the physical validation/testing, not ship it as a software update.
Cars were made for 100 years without an internet connection. Even for an EV there is no need for network connectivity or constant software updates. The first time a prominent figure is assasinated with a remote take-over of their vehicle people may start to see this issue a bit differently.
New definition of "absurd" just dropped...
(https://discuss.privacyguides.net/t/rivian-allows-you-to-dis...)
Disabling a SIM card almost certainly means no connection to the network.
(https://grapheneos.org/faq#cellular-tracking)
Whether there is a sim enabled/disabled/installed is irrelevant. The question is whether this feature is Airplain Mode or if it is just disable cellular.
Instead you are referring to the fact that the radio may remain on even if it has no active SIM card.
Given that the primary concern of connected vehicles is changes over time and manufacturer control, I don’t see any reason to make that distinction for most people.