Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nissan LEAF Leaks Speed & Location To RSS Feed

Posted by Soulskill on from the gotta-watch-those-hippies dept.

thecarchik writes "An intrepid tinkerer has discovered yet another security issue with the Nissan Leaf: it could be revealing your location and speed to websites around the globe. The issue stems from CARWINGS, the telematics system that Nissan devised for the Leaf. '... when Leaf owners use Nissan's RSS reader to access sites like CNN, the New York Times, or this one, CARWINGS supplies ... the exact location of the vehicle — latitude and longitude — and even the speed at which the vehicle is traveling at the time of the request.'"

21 of 180 comments (clear)

  1. So ... by WrongSizeGlass · · Score: 3, Funny

    So Nissan's LEAF is just a driveable iOS device? ;-)

  2. What if I'm reading a porn RSS feed? by bigjocker · · Score: 5, Funny

    Porn site RSS log:

    speed: 60 mph
    speed: 40 mph
    speed: 60 mph
    speed: 40 mph
    speed: 60 mph
    speed: 40 mph
    speed: 60 mph
    speed: 40 mph
    speed: 60 mph
    speed: 100 mph
    speed: 0 mph
    connection lost

    --
    Life isn't like a box of chocolates. It's more like a jar of jalapenos. What you do today, might burn your ass tomorrow.
  3. Nisaan Leaf violates the laws of physics by CajunArson · · Score: 5, Funny

    the exact location of the vehicle â" latitude and longitude â" and even the speed at which the vehicle is traveling at the time of the request.

    Heisenberg says NEIN!

    --
    AntiFA: An abbreviation for Anti First Amendment.
  4. Re:Law enforcement will love that by Culture20 · · Score: 2

    Original intent be damned! Since anyone can see how it can be easily abused, it needs revision or needs never exist.

  5. WTF? by boristdog · · Score: 2

    Why is a car reading RSS feeds?

    1. Re:WTF? by treeves · · Score: 2

      It gets bored while waiting at red lights?
      Automatically updating its drivers? Ba-dum ching!

      --
      ...the future crusty old bastards are already drinking the Kool-Aid.
  6. Leak? by amicusNYCL · · Score: 2

    Where's the leak? According to the data I see in the article this feature looks like it's specifically designed in. It's not "leaking" anything, it's specifically disseminating that information.

    --
    "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    1. Re:Leak? by NFN_NLN · · Score: 2

      Where's the leak? According to the data I see in the article this feature looks like it's specifically designed in. It's not "leaking" anything, it's specifically disseminating that information.

      It's not a leak, that's just the way it was designed. Similar to a condom with a hole in it.

      Wait, that's inseminating not disseminating, never mind.

  7. RSS Reader? by SerpentMage · · Score: 2

    Ok here is my question, why on earth does a car have an RSS reader? I thought the idea was to avoid crashes and avoid driver distraction?

    --

    "You can't make a race horse of a pig"
    "No," said Samuel, "but you can make very fast pig"
  8. Enables route-specific feeds by danhuby · · Score: 2

    Probably to allow RSS feeds specific to your journey - for example 'travel issues affecting my journey', or 'coffee shops en route'.

    The oversight is that it isn't asking before sending that information.

  9. What if you take the SIM card out? by Jah-Wren+Ryel · · Score: 4, Interesting

    The LEAF has a SIM card to do its stuff wirelessly. What happens if you take the SIM out? Will it just queue up all the tracking info and upload it as soon as it gets reconnected, or is it a shoot-and-forget thing where the local copy gets binned regardless of if the transmission was successful or not?

    I've been looking at the LEAF (and Tesla's line-up, yes I know the prices are vastly different, that's not an issue for me) and the whole "phone home" thing is a deal-breaker. I won't buy a car with OnStar or the equivalent unless I can be 100% sure that it is disabled. I don't need that level of hand-holding and I won't spend my money in support of such a product unless it has a 100% provable "off switch."

    --
    When information is power, privacy is freedom.
    1. Re:What if you take the SIM card out? by Black+Gold+Alchemist · · Score: 3, Interesting

      It might be time for a classic electric RAV4. They do everything a LEAF does and can be had for prices similar to a LEAF (now a bit lower) with out the spy stuff. They have virtually indestructible batteries. Sadly, I can't afford one.

      --
      Responsibility is an addiction
      Virtue is a temptation
      Community is a cartel
    2. Re:What if you take the SIM card out? by Jah-Wren+Ryel · · Score: 2

      No, I want something that makes uses of the massive over-capacity of solar-panels I installed on my roof. My intent was to use the excess to power my car rather than sell it back to the electric co at wholesale rates.

      --
      When information is power, privacy is freedom.
    3. Re:What if you take the SIM card out? by Jah-Wren+Ryel · · Score: 2

      I have difficulting believing a car lover ...

      What gave you that idea?

      I can think of neater things to do with power, like making the entire home wireless.

      Uh I don't really give a damn about how its transmitted around my house, I care about how it is consumed.

      --
      When information is power, privacy is freedom.
  10. As cars get more tech... by SuperCharlie · · Score: 2

    I appreciate my 72 Ford F100 more every day. Thank God I work from home and only need it to haul things every once ina while. Yes, the mileage is hideous, but being able to wrench around on it without a batcave of scopes an electronics as well as the lack of tracking/gps/logs etc is priceless.

    1. Re:As cars get more tech... by Anonymous Coward · · Score: 2, Insightful

      if the socialists would stop placing tracking electronics in modern more efficient cars people would have one less reason to avoid them.

  11. Re:What if I just want a car? by 0123456 · · Score: 2

    Nissan should seriously consider a package without the GSM radio, carwings..etc... some people who would otherwise purchase a leaf may be disinclined to do so due to all the creepy unecessary features.

    But they probably make at least a 50% profit margin on those 'creepy unnecessary features'.

  12. Re:MPG? by Ossifer · · Score: 2

    He's got an original Insight, the weird looking ones with the narrower rear axle, and the original MPG rating, before the EPA changed how Hybrids' ratings were calculated.

  13. Re:Duh...... by CohibaVancouver · · Score: 2

    I don't want to "compare my mileage against that of other Leaf owners". What is this, the 8th grade locker room? No idea what information about the speed of your vehicle could be used for?

    My sister is considering a Leaf, so I've been reading up on it. In a nutshell, all this 'telematics' is about crowdsourcing performance data on the car, so Nissan (and others) can get an accurate sense of battery life and other performance factors under a variety of conditions over the lifespan of the vehicles. So someone in Quebec can know that "At -5C with a 68% charge on batteries that have cycled 376 times the Leaf will go for 65 kilometers at 110 kph." (Sorry I'm too lazy to convert those to imperial units. Virtually no one uses Imperial any more anyway.)

    They will learn who is charging with 110V, who is on 240, how often charges happen... on and on.

    Over time, with more and more owners participating, Nissan gets a pool of data that can help improve the car, tweak the computer software etc.

  14. Re:I own one of these... by n2rjt · · Score: 4, Interesting

    And the vehicle NAV screen displays an annoying message EVERY SINGLE TIME you start the car, explaining that it will be transmitting your location data and requires you to press a button on the screen to "agree" or "disagree." I assume if you disagree it won't send anything.

    Mod parent up.
    The LEAF has an RSS reader that reads (text to speech) the selected feed. I don't have any idea why they provide the location data to RSS feeds, but it is an opt-in system.

  15. With a little shell script by craighansen · · Score: 2

    One could spoof Carwings as a Nissan Leaf doing laps around all police stations at Mach 0.99. Sweet. And that'll play hell with the platinum ratings, especially as the battery condition will be charging instead of discharging.