Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound

Re: Why so hard?

The point is, there IS a button you need to hold for 10 seconds inside the car to register as the new keeper of the vehicle, along side having to set up an online account etc. which requires the VIN. The problem arises when the seller of the vehicle fails to un-register their old account/vehicle association when they sell it.

Re: Why so hard?

There IS a button you need to hold for 10 seconds inside the car to register as the new keeper of the vehicle, along side having to set up an online account etc. which requires the VIN. The problem arises when the seller of the vehicle fails to un-register their old account/vehicle association when they sell it. Just having a button inside held for 10 seconds to dis-associate the old owner from the system would be great for a car thief that had stolen your key to nick your car.

"I am assuming that whoever set it up mis-typed their email and here we are. It just goes to show however how hard it is to control information"

I'm surprised stuff like that doesn't happen more often. I recently started getting emails to one of my live accounts about fund raisers for a school in the US asking "the committee members" to confirm attendance at fetes and things. No amount of replying to them would stop it. And I was very nice and polite about it too. Eventually I tracked down the school website only to find no email contact details other than to the "school district office", whatever that is. I sent them an email and slightly lied by saying the emails contained personal information regarding students. I never got a reply from them either, but the emails stopped almost immediately.

Re: A least mine is fine

i quite like JLR using ford engines, it means i can get updates on my ford mondeo for free and JLR technicians get the full ETIS computer. I have a mate who works in a dealership....

Re: As long as they're still using Lucas...

With a Land Rover the only GDPR related issue should be checking that the previous owner hadn't left a couple of sheep dogs in the back

Re: As long as they're still using Lucas...

Mine has a Lucas engine ECU. Other ECUs from other companies.

Re: As long as they're still using Lucas...

Land Rover: Inventors of the self-releasing seatbelt.

That's in preparation for your hasty exit as flames start to lick around the edges of the bonnet.

Re: This capability is fraught with danger

"Getting into someone's car to push a button for 10 seconds isn't a high bar at all if you know the person"

Or even if you don't. Gaining access to a locked car is unbelievably easy, as numerous car thieves and roadside service companies demonstrate on a daily basis.

Re: This capability is fraught with danger

At a certain point you just have to hope that people are trustworthy. If you let someone into your house, how long would it take them to find the spare keys? Or to perform an 'evil-maid' type attack on your computer, or to surreptitiously leave a window open so they can get back in later?

I agree entirely. If it's some sort of authorized dealer sale, then yes, LRJ, Volvo, and others do bear responsibiliy to make sure ownership "truly" changes hands, but if I'm selling my Rover to Charles, here, who's job is it to make sure I hand over *all* the keys? Is it his, having researched the vehicle and deciding to buy it? Is it mine, having owned the POS and having become familiar with all its quirks bugs? Is it in fact LRJ's having no idea I've become disillusioned with their vision of luxury and instead selling my RR and buying a fleet of old-lady gold colored 1990 Toyota Camary's and not looking back?

Should it be easy enough for someone, presumably almost anyone, to defeat the "connectedness" of a modern car just to prevent someone else from taking over our 2.5-ton lethal projectile and causing embarrassment, inconvenience, or worse? Is there really some way to prevent some occurrence without constantly phoning home to Nanny? Or should we decide that out car really does not need to talk to our toaster or alarm clock, and that carrying a keyfob with the traditional "lock, unlock, panic" buttons is really not all that hard or traumatic. I know El Reg's readership tends to turn a more critical eye towards such things than readers of say Ars Technica's "Oh! Shiny Phone App until Privacy Breach!", but I suspect that even even Gitlin would prefer security and safety to adding yet another mostly useless app to their iTimepiece.

Then again, there is a reason the Rover (14,000 hard-fought miles) is saved for Friday nights and trips to the Cities and the 18 year old 940 Turbo (536000 miles) is driven daily. Not to mention that I live in northern Minnesota- the Swedes, at least at one time, knew how to make a car for our climate.

Re: Good reason not to buy

So what happens when (not if) ALL card are connected...by law?

Car makers like everything else in tech it seems

They lust after the analytics, just none of the responsibility.

Em, sounds like something else with similar consequences!

Re: I would just like to say something futile...

Odds are Facebook will rebound quickly. They're still top of the heap in social media; nothing else comes close. Unless someone suddenly comes along who can out-Facebook Facebook, we still can't fix Stupid.

Re: Don't care who the maker is...

So, a Miata then?

Re: It's no different from any other tech

The guy bought the car in a private sale that didn't involve the dealer, and the guy was a curious techie so he poked around.

So, how do you solve this situation without the government making it worse such as requiring resales to the dealer complete with markup? Since dealers can't psychically see every private sale, where can they possibly fit in? And don't expect the tech to go away; in fact, expect it to be mandatory in future for safety and environmental considerations.

Re: Ho hum

"One would have expected it to be a simple "Bring it into your local dealer with your paperwork. They'll reset everything for free while you enjoy a complementary cup of tea. And here's a nice glossy brochure and a voucher for 20% off your next service. Welcome to the JLR family"."

No.

Firstly, the vast majority of private buyers never want to visit a 'stealer' - even for free stuff like safety recalls, and would never be in the market for a new or 'approved used' vehicle so as far as the dealer network and manufacturer are concerned, they are not and never will be a potential revenue stream.

Secondly, who is going to pay for this reset? the manufacturer? nope, they don't care about out-of-network sales, see above. The dealer? nope, they haver to assign tech's time to something, can't be sales, as they didn't sell it and cant be workshop as no-one to bill, can't be internal work as the tech's will kick up a stink over lost productivity & bonus (and rightly so) - just to 'log in' to a vehicle with DoIP, SPA or Flexray takes ~20 mins...

20% discount on a service? 10% is the limit even if you push really hard, because they know that you'll then want a price match on all the stuff identified on the eVHC - or just take it to a local indy to have it bodged for a third of the price with the nastiest possible aftermarket parts.

There's vehicles in dealers compounds that have been sat there for years waiting for work to be done because the owners have taken it there as a last resort after every other option has been exhausted and they haven't the funds to get it fixed, so the cheapest option is to SORN it and park it for free at the 'stealers' until they can be arsed to do something about it - which is usually get the local scrappie to tow it away after the fourth quarterly letter from the service manager threatening to charge them storage!.

So no, getting private buyers into a dealers isn't ever going to generate another customer for life.

What might work is registering your 'newly purchased' vehicle on the manufacturers portal, which would then generate a message to the existing registrant, if not answered within a week or two or answered with a 'no, don't change the owner' type response, the new owners details would default over to the online service.

When you sell a phone with your data still on it, the buyer gets access to your data. In this case the seller gets access to information about the buyer such as location data, with the added ‘bonus’ of being able to remotely control the vehicle they sold.

Mainly because you *can* wipe a PC or mobile just by being in possession of the device.

The problem in the case discussed is purely that you *can't* wipe the data collected by the vehicle manufacturer, even if you have the car keys.