I got an offer from a dealer three weeks ago and was going to order the car, then the API for the community integration got turned off. I decided to hold back and see what comes from it. Now this, which ultimately - since I am a GrapheneOS user - makes me completely cancel my plans.
I really do not understand VWs thinking here. It would cost them little to nothing to continue not blocking the the inofficial API and not block GrapheneOS (or other non Play Protect androids) users. It would have no adverse effects on the average Joe, but it would gain a lot of support and enthusiasm from heavy users, differentiating from other brands. Not to mention the fact that it is the USERS data in the first place
Obviously, the chances of that are virtually zero. But they'd rather make their product worse than assume with any kind of risk, even if it is virtually zero. That is simply the way in which German enterprises operate.
On one hand you have: Linux at Volkswagen
"Software development without Linux is no longer possible within automotive environment. Therefore Volkswagen Group IT created and maintains a Linux distribution for our developers. This short talk will highlight our starting goal to integrate into the existing environment, highlight our integration problems and solutions with contributing to upstream. Furthermore we will show where Linux desktop need to improve in future iteration to be a good fitting replacement for other systems."
https://media.ccc.de/v/4486-linux-at-volkswagen
On the other hand you have insecure implementation of telemetry: Wir wissen wo dein Auto steht
"Bewegungsdaten von 800.000 E-Autos sowie Kontaktinformationen zu den Besitzern standen ungeschützt im Netz. Sichtbar war, wer wann zu Hause parkt, beim BND oder vor dem Bordell.
Welche Folgen hat es, wenn VW massenhaft Fahrzeug-, Bewegungs- und Diagnosedaten sammelt und den Schlüssel unter die Fußmatte legt?"
https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-vo...
If their APIs are done correctly, they shouldn't be afraid to expose them.
When they leave the "security" to the platform they can blame them in a lawsuit.
But the reality is that every once in a while you have a scandal like this or something like Wirecard, and it happens, because the culture is such that absolutely nobody thinks it possible. That includes officials and regulators whose first instinct will often be to come after the people trying to expose the scandal, as has happened in the case of Wirecard.
And I don't think the liability is the primary problem, they have a problem with freedom and fear that they lose some mechanism for monetisation. This is why you get subscriptions for heating your arse.
> When the cars were operating under controlled laboratory conditions - which typically involve putting them on a stationary test rig - the device appears to have put the vehicle into a sort of safety mode in which the engine ran below normal power and performance. Once on the road, the engines switched out of this test mode.
>
> The result? The engines emitted nitrogen oxide pollutants up to 40 times above what is allowed in the US.
You know how some religious groups will string a rope between two houses, count it as a roof as long as they're within a certain horizontal distance of it, so they can follow the rope on occasions when the religion says they have to stay inside, and they think God enjoys them finding these loopholes?
Germany is like that, but with lawsuits. If anyone with money finds a technicality to sue you on, they will. So you have to be extremely liability averse if you want to be successful in business. Also, liability is almost always unlimited. You can be bankrupted by a single bad lawsuit.
It's inconceivable that someone would want to use a car outside of it's specified rules.
Wow, so they must really want to avoid the liability of spying after their users and keeping all that data, and to be extra sure to comply with the GDPR, they must keep only the absolute minimum of data, right?
Wrong: https://www.theregister.com/security/2025/01/06/data-describ...
https://dailysecurityreview.com/security-spotlight/volkswage...
When a company behaves as your enemy, don't invent wild justifications how they're actually not. At least leave it to their PR team.
Unfortunately, due to the regulations that have blown up in the EU in the last decade, they are right.
And VW didn't single-handedly destroy the diesel market; economics and physics did. Almost every other manufacturer was also fudging the tests results in some way. But more importantly, building a passenger car diesel that meets NOx targets doesn't work; by the time a passenger car diesel meets modern NOx targets honestly, the car contains a ludicrous precious metal loading in the catalyst and is only a few percentage points more efficient in terms of consumption and CO2 emissions than a petrol car and the math doesn't add up. Diesel is just not a practical solution for passenger cars; it never was in most ways, but it took the EU a long time to restrict NOx pollution to a sustainable level and expose the physical issues at hand.
Make sure that dealers know why you changed your mind.
"Some nerd couldn't use their nerd phone."
What incentive does a dealer have to know or care about this?
The company's have done their thing to ensure that the average guy wouldn't even try escaping their lock-in. So chances are becoming smaller and smaller to hope for a critical mass of users to complain.
Vendor lock-in to Play services is ridiculous.
A car is a big purchase, and ideally not something I discard after a few years. I'd like it to not treat me like a second-class citizen and renter who can't make decisions over how to extend the life of my purchase.
specially because no car really supports grapheneos, but it can be used in any car supporting regular android provided google play is installed which ensures google's certification and validation is being preserved. if i get this right bmw is actively blocking this, which would be just a dick move.
However, VW just seem to make gaff after gaff. Collecting information they shouldn't, exposing information they shouldn't have to hackers via lax security practices.
How many rakes can a company step on?
Now, they're blocking GapheneOS? They've got two hopes of selling me another 'Dub.
(Bob and No).
Nobody wanted the crazy touch dashboards, data collection, emissions nonsense, etc.
Just make the damn car you’ve always made. Be reliable.
All of em.
Peugeot is reasonable and works. Charging could be faster and WLTP longer, and once I had the screens restart while on the motorway which thankfully did not affect driving but was pretty terrifying. All that to say - go ahead and buy European. You'll have some issues but for me all better than to get a china car with who knows what data exfiltration and hidden issues, or a Tesla that will lock you in when the car burns. EU companies are too boring to spy and too risk averse to have tesla-like issues..
If you don’t want/need a new car, the used car market in Germany is pretty active with EQAs and EQBs.
Not quite an SUV, but maybe fits the same use case?
So understanding why they drop it is IMHO easy. Understanding why they use only attestation based API despite and forcing their third party ecosystem out is stupid. Companies do not understand open communities.
VW is for people that can't afford a BMW or Audi.
BMW/Audi is for people who can't afford a Porsche
Porsche is for people that can't afford a Ferrari.
Once you understand that ladder, just stay off of it, and its all good.
An analogy is trying to make users wear certain clothes when they use your product, and then asking why it doesn't fly.
You should definitely reevaluate how you constructed your list. VW has a history of being scummy (https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal) and their ICE cars are notorious for being unreliable compared to the Japanese car-makers. To be fair, EVs do change the equation a bit, but given their scandal plagued past, there's no way I would put them at the top of any list.
I always read this online, but my personal experience in EU doesn't match that at all in quite a sample of people and cars over the last ~15 years. At least not for older cards. The reliability after 100k km seems to be somewhat similar.
The repairability of VW-group stuff in 3rd party services is soo much better and cheaper. The WV-group is huge and many models across the brands share same parts and full engines. There exist non-OEM alternatives and people know how to fix those cars.
I have never bought new car. But driving anything but VW got expensive fast.
Toyota cars can have bespoke parts even between different months of the same year for the same model. Continuous improvement isn't really that cool for cars.
Outside Western Europe, VW is priced like a premium upmarket brand (not quite luxury). Maintenance and general upkeep for a VW are easily two to three times the cost of an equivalent Japanese car.
Which wouldn't be an issue if the cars were actually built to their price point. But the VW cars we get here are shittier versions built in nasty factories. They break down if you look at them wrong. The build quality is nonexistent. They are absolutely an awful deal, no matter how you look at them. You also have to personally import parts from wherever they're available, because otherwise only the dealerships have parts and they are absurdly overpriced.
Also, European brands are afraid of exporting EVs. If you want an EV, you buy a Chinese car. There is no other option. It is as simple as that.
Putting these factors aside: they are usually cheaper than their peers in insurance and they have dealerships absolutely everywhere. I've had multiple Skoda and VW EV rentals and the experience has been nothing but pleasant. Hence my priorities.
https://en.wikipedia.org/wiki/Diesel_emissions_scandal https://en.wikipedia.org/wiki/Defeat_device
https://www.theguardian.com/environment/2015/sep/24/uk-franc...
Of course the governments probably lobbied for this stuff because it improves their car industry tax profits/employment numbers.
My buzz loves trying to jerk the steering wheel when it can't figure out how the lanes work.
No clue how much vehicle generations affect this performance tho. Since they were rentals, all the vehicles were pretty new
It's an easy market to win at this point. The bar has been lowered so much. Already have a nice car? Just don't display utter disdain for your user's privacy and you get our $$.
I have test driven the Kia EV4 and EV3, but I am not a huge fan. I do not enjoy the look of the EV3 and while the EV4 was a nice drive, I kept bumping my leg against the direction selector (which is below the handle for the wipers; But this is a huge nitpick since I am fairly tall, so not really an issue for 99% of drivers).
The main issue with Kia across the board is that their are so darn expensive for insurance. At my current provider, the EV4s insurance would have been 500 EUR more expensive than an roughly equally priced Cupra Born.
Not a huge SUV fan, but the Skoda Elroq and Skoda Enyaq were very nice vehicles as well
You are driving the biggest trojan horse of spyware ever created. You voluntarily drive around with that thing spying on you AND me. I hate parking at a parking lot now because every car and its 300 cameras are spying on me, putting my face, car and appearance in a database used to track everyone around you.
I genuinely don't know how people like you sleep at night knowing you're raping everyone around you by enabling mass privacy violations. Grow a spine.
- Buy Pixel, Get Graphene
- Use FDroid, don't sign up for Google Play, download Tor browser
- Censorship resistant access to the internet without handing over your ID.
The squeeze on the free internet happened so quick by the UK (well it took years of indifference and a failure to enshrine protections - but once they started moving the did so super fast)
Realistically we're speed running ID being tied to internet usage - create your escape hatch while you can!
It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work. The next logical step is severely limiting internet traffic.
One dual-boots to a reputable Linux vendor’s signed/sealed OS image with secure boot enabled in BIOS, so that the attestations are valid; financially supports said vendor; contacts them quarterly with check-ins on the status of their lockdown+attestation roadmap and uses professional journalism approaches to highlight their (in/)action; and, contacts one’s relevant governing body to petition for the addition of that vendor’s signed/sealed product line to be added to the authorized signatures list by both government-sponsored apps and to the verification platforms of the competing vendors (in order to balance the necessities of attestations with an appropriate degree of anti-monopolistic protections for consumers).
> It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work
This confidence that ‘attestation doesn’t really work’ is the same sort of confidence that lead the Linux user community to largely scoff at, and ignore, attestation’s threat from when it was ballistically launched three decades ago towards the future. Options are now very limited for stopping it, and largely reduced to ‘getting some Linux into the approval list’. Severe compromises in user freedom will be required for the signed+sealed distro images to receive government approvals.
Imagine if Linux were an app on a video game console and you start to see the outcome: it’s a perfectly great working environment into which all of /usr/local and /opt and /home are writable, but the lockdown prevents you from modifying the OS in any way that could defeat the attestation protections. Apps you install into /opt can only access their own /opt/prefix, apps you install into /usr/local can access $HOME. The apps you install can choose to write session data (such as digital age verification certificates) to a system-protected /data store keyed first by the kernel’s signature, and second by the vendor signature the kernel reads from the app; with the understanding that an attestation latch-forward after an exploit patch will wipe that store, and that dual-booting to a different vendor will suspend access to sessions stored by that vendor.
This is, to climb on my hobby horse for a moment, why I continue to believe that Valve will be the first Linux vendor to receive government attestation approval alongside Apple / Google / Microsoft have previously across the desktop and mobile spaces. I’d really prefer that to be Graphene, Ubuntu, and Valve — but Graphene’s customer base is hostile to this, Ubuntu doesn’t have any incentive to care, and of the Linux vendors out there, Valve has a decade-long head start on the need for a locked-down and attested platform for business reasons. All of the above falls out naturally from considering how to defend one app from another on Android, iOS, Steam Deck, and Xbox. So far as I can tell today, though, Linux intends to be left out in the cold on all this. Oh well.
When you accept government gift in approval consider it tapped. At any point they can return to the vendor and go "install this". No? Okay bye to your certification.
Call me paranoid.
“Every time we see a Google Pixel, we suspect it might belong to a drug dealer,” said a police official leading the anti-drug operation in Catalonia.."
Seems like some countries/areas are already targeting the Pixel (really its because of GrapheneOS)
Genuine question. That's news to me and I'm here.
[0]: https://www.birminghammail.co.uk/news/midlands-news/new-vpn-...
https://youtube.com/shorts/WvHl3G6KojI
I believe they're "doing research" into it, which basically means they don't understand how any of it works.
It mostly happened already and it's in motion.
There's really something to be said for greedily signing up for most things and trying to get grandfathered before the zipcuffs tighten.
IRL, though, fuck this. Home depot added flock cams and broad facial recognition, grocery store installed turnstiles, haven't stepped foot in either since. I'm just dropping out of the IRL retail economy left and right.
I really, really, really dont understand why people keep avoiding saying the obvious.
DON'T TREAT YOUR PHONE AS YOUR PRIMARY ENTERTAINMENT DEVICE.
Have two phones. One is the real one. The one you use. The other one is the "cops and bank" phone.
I'm not arguing that the modem should be mandatory, or that you shouldn't be able to control what it does. But forcing car vendors who want to built in a modem to make this modem do an automatic emergency call by default, that seems quite sensible. Even more sensible would be if the modem did nothing unless you allow it, except when it detects that crash, but... profits.
The eCall functionality isn't exactly trivial, and due to its safety use there are probably some rather strict regulations around it. In practice this has led to many car manufacturers opting to use dedicated off-the-shelf modules for them, which are completely separate from all the connected infotainment stuff.
However, early modules were built around 2G/3G cellular technology, and cars with those were still sold well into 2025. Not a huge surprise, because its application doesn't require 4G/5G data speeds. Buuuut many countries are now actively retiring their 2G/3G networks, leaving those cars unable to place emergency calls, and with a functioning eCall module often being legally required it would mean some 2-year-old cars would no longer be road legal...
When I talked to the dealers, they said that the speedometers only have to be accurate +/- 10% according to the SAE specifications.
After DieselGate I assumed that the high reading was to game the fuel consumption game.
Never again, VW auto group…
I believe the requirement is only one way - they can read high by a certain % but they cannot read low. Which makes sense. But that means in reality they will usually read a little high.
I guess you just filter it out after a while but it definitely makes me think I need to do some research before getting a new car any time soon.
Positive side effect: No expensive photos will be taken, too.
- beeps about the speed limit, especially if it misses a sign. For example every time starting on a parking lot it keeps the 5 kph even after multiple turns
- warns about leaving the lane, including trying to stay on the lane by slightly couter steering while ignoring yellow construction lines
- Sometimes when moving off from a standstill in a queue, it triggers all "careful you're about to crash into something"-warnings. I suspect it's detecting exhaust gasses from a car in front?
- You must not, ever, touch the turn signal to announce your will switch lanes soon, while there is still a car next to you. You'll get a loud, obnoxious warning tone. This one is especially annoing as it makes sleeping as a passenger on the autobahn basically impossible.
Which people often do when sharing the driving on long drives. So, another case of it making driving more dangerous, if the spare driver can not rest properly.
Absolutely agree! After a few minutes you realise you forgot to disable one of the 'features' and then get distracted trying to do that.
Lane keep assist is broken and dangerous
Auto high beam assist is broken and dangerous
Auto cruise control is broken and dangerous
Collision detection-avoidance is broken and dangerous (thinks you're going to crash quite often in our narrow, built-up areas in the UK)
Speed sign detection is broken
Hell, even automatic wipers, after all these years, is far from perfect. I feel they should have had to prove themselves with that before being given anything more important
But some personal examples:
- Auto high beam assist saw a car at a side junction, turned off high beam, then turned back on, mimicking a 'flash' to let the car out, which they acted on by pulling out. I had to brake hard to avoid them. I was doing 60 mph
- I was on the motorway and a stranded vehicle was on the hard shoulder and the driver decided to exit from the side closest to my lane. I went to move over slightly to give space and avoid him, and the lane assist pushed me back towards him (there was too much traffic for me to change lanes)
- Driving in built-up areas with lots of parked cars and narrow sections, the collision avoidance has pre-activated with huge beeping warnings that massively distracted me, causing me to actually nearly hit something
These were all different modern (but not high end) vehicles
Auto cruise control doesn't take into account vehicles in other lanes etc. It encourages disengagement in dangerous situations/surroundings. It is by definition dangerous
edit: and speed sign detection is probably the most broken. The constant beeping and flashing. I mean, I don't have to explain that do I? Distraction -> danger.
The driving aids can be annoying (especially when there are works on highways or similar and you need to drift beyond lines but lane assist wants to keep going in that direction) but they actually saved me from crashing the car in the parking!
I completely did not see a small wall behind the car and the car emergency broke before I made major damage.
There are already massive problems with people miswiring head units to play videos while driving and updating their ECU to spew pollution into the air. You're not going to convince any significant number of people that it's a good idea to allow arbitrary code to run and control most of the other systems too.
Then that's a poor design that should go the way of the dodo. Someone hacking the entertainment system should not be able to take over control of the engine. The entertainment system on planes do not allow one to hack into the autopilot. There should be no need for a firewall, they should have no shared wires between them.
* Backup Camera
* Turning traction control on/off
* Turning auto hold (maintaining the brake pedal while stopped) on/off
* Window defrosting
Many cars are even more integrated - are there any physical buttons inside a Tesla or is it all through the touchscreen?
People are growingly concerned with both the car manu and Apple/Google control over their car and related extra software goodies.
Laws are really needed when businesses don’t play nicely. I don’t know the legal specifics, but I’m sure glad I don’t need to buy $1000’s of specialty tools to maintain my vehicle, and sure glad that replacement parts are readily available (and will be for decades).
Just image how much worse society would be if car manus did the same thing as Apple and had ID-paired parts. Sorry! Your AC doesn’t work anymore, please install a genuine Honda oil filter at your nearest Authorized Honda Shop, available for a minimum of $500.
10 out of random 10 drivers out there don't care about the software running in the car.
> Laws are really needed when businesses don’t play nicely. I don’t know the legal specifics, but I’m sure glad I don’t need to buy $1000’s of specialty tools to maintain my vehicle, and sure glad that replacement parts are readily available (and will be for decades).
You drive a self-maintained car. Nothing wrong with that, but I would guess 95 out of 100 drivers on the road don't care about the car at all - they just want reliable transportation from A to B and perhaps some confort.
> Just image how much worse society would be if car manus did the same thing as Apple and had ID-paired parts. Sorry! Your AC doesn’t work anymore, please install a genuine Honda oil filter at your nearest Authorized Honda Shop, available for a minimum of $500.
I don't have to imagine that al all, all premium car manufactures digitally id their components and will not accept 3rd party replacements.
(Yes, repairability and standardization are encouraged where feasible.)
Like, the head unit is in control of all that happens on the slow bus of the car, and needs to pass independent safety certifications for a complex system.
> Please note that the use of the Volkswagen app is only supported on iOS devices and Android devices with supported operating system versions.
Is it time to mandate app developers support all operating systems for a device?
I have moved most of the my finance activity to it, along with my license and passport. I would never trust a Google device with this much, and the convenience has been profound in a few circumstances.
I would relegate any intrusive apps here, and happily deny them cross-app tracking privileges.
If you choose to use something like GrapheneOS, you are signing up for the fact that almost no one will test on your platform and plenty of things will be broken.
Hypothetically, if GrapheneOS wanted to become a certified Android, it would probably not be blocked on technical reasons, only that becoming certified (last time a contract was leaked) requires running privileged Google Play Services (which is less secure) and pre-installing a bunch of Google apps that should not be uninstallable.
How is that not anti-competitive?
The issue is not that this application isnt tested on GOS, its that an anticompetitive, illegal tool is being used to ban non-certified OSs when these apps would work perfectly otherwise.
Obviously VW broke the app for GrapheneOS (or any other custom ROM) on purpose, and ironically, things usually works fine for custom ROMs than some Chinese OEM customized ROMs, and when it works, it means the developer went extra miles to implement workaround to cater the flawed OS.[1]
[1]: ref: Years of Android community experience
Maybe then app developers should be mandated to open fully their server-side protocols, so people can create apps for platforms that are not supported by default. No more undocumented APIs, anybody can get an API key, no API serving limits!
There's no way to verify the integrity of the system, and any malicious app can just grab your banking credentials or enable criminals to unlock and drive away with your car.
Play integrity is an anticompetitive tool that ignores this, and artificially limits itself on GrapheneOS. It is not due to any incompatibility.
I still am hoping that at one point they understand the full consequences of remote attestation. There are some signs they start to notice, but it's slow...
GrapheneOS is one of, if not the most vocal organization against the abuse of attestation mechanisms. GrapheneOS and its userbase feel the consequences of play integrity every single day.
Im not sure where you got the idea that all GrapheneOS wants is to be accepted by play integrity, because that is not the case. GrapheneOS has been working with regulators to get play integrity banned. Being accepted by play integrity, but nothing else changing, is not good enough for GrapheneOS. It would only be a small victory along the path of abolishing this nonsense.
So, no, GrapheneOS and its community are definitely against play integrity. The "signs" that they are "starting to notice" are not there. They are already fully aware of what attestation is and how it can be abused. They are definitely not ignorant on the subject.
You might be confusing root based attestation with pinned attestation. Root based attestation is flimsy and allows tools like play integrity to ban operating systems they do not like. Pinned attestation, on the other hand, has real security properties and cannot be abused to block certain operating systems. GrapheneOS uses pinned attestation as a part of their Auditor app, and it has other cool uses we could see in the future.
I get that Google doesn't want to be sued for failing to protect its users and indirect users of the mobile phones sold by other companies, but for advanced users there should be an option to update the signing keys used by the bootloader, so that you can unlock, flash your custom ROM, update keys, and relock bootloader. Such a phone should still be considered "trusted" by Google Integrity APIs. But currently there's no way to do this, so basically you don't really own your hardware.
I gave up on custom ROMs trying to extend my devices' lives and bought a Fairphone instead, so I have the assurance from the vendor that I will have software updates for a very long time.
I don't see how the second half of the sentence follows from the first half.
Has this ever happened?
I do not know the VW app, but other electronic key systems do not require you to have physical access to the car in order to make copies. The keys are meant to be device bound and to have policy (such as I'm giving out access for a week), but that can only be assured via a chain-of-custody attestation system from the boot loader to the app and a hardware attestation that the secure element is proper.
The "app" they provide is 60% advertisement, 30% features, and I unironically preferred using a Home Assistant connection instead of of it for everything. Even for automations like "when to preheat the car", since that was easier and more intuitive outside of their native function.
This also means, that charge control from the cars side is not possible to automate anymore.
Sure, one could take the position "but it was never officially promised", but for some people, including me, having the api (which is paid btw) was a selling point.
Yes, I registered specifically for this comment.
There's enough of users to start making a difference. Really, even a low effort action raising valid concerns (security theater, a lie, google's monopolistic position, anti-competitive, etc), keywords that will make their response more careful and potential complaint to the regulator more impactful.
In a similar vein, I once met a woman who told me how she would enter every single one of those stupid contests that you'd see printed on cereal boxes and ice cream containers because literally five people enter into those things, so you're odds of winning are surprisingly high. Apparently she won a bunch of them, but her favorite was when got a week long vacation that included going on a fishing trip with Ben and Jerry of "Ben and Jerry's".
I've slowly but surely been moving away from any service provider of any type who does not allow me to use their service without their often Play Services-dependent app. Changing vehicles would be a lot harder though.
I wonder if this is a result of Rivian writing VW's software or if that effort hasn't yet borne fruit.
[0] https://en.wikipedia.org/wiki/Rivian_and_Volkswagen_Group_Te...
Iroh networking can't become a standard fast enough.
It's possible that we get to a place where everyone cooks their own meal (vibe coded app), and only goes out to eat sometimes (official app store). Spreadsheets are the same, you can get a lot of milage, and most still buy and use closed source software.
Reminds me of this: https://www.robinsloan.com/notes/home-cooked-app/
Literally who?
The rest of us groan when we hear "DOWNLOAD OUR APP" or grocery stores that want you to install their spyware coupon app.
These days, nost apps are just data exflitrators, spyware portals, and surveillance pricing initiatives, wrapped up with a "FREE THINGY" wrapping.
Oh, and Android 17 has been released so there is hype for that.
You don't have to do anything extra to support Grapheneos, just don't add in attestation which does nothing for security and limits user freedom.
This is fundamentally different from not choosing to use Linux servers. It's more similar to not letting a customer enter your store because of the color of their skin saying they aren't regular humans. It's pure discrimination because just as the functionality of android doesn't depend on these extra checks, the customer works the same regardless of how they look.
I have 38 apps on my GOS phone and none have had any issues.
I think they didn't, so I don't see why them having the responsibility matters.
Toyota's have such a backlog of orders that they're marking cars up above MSRP
I rent cars whenever I travel to the US and I've never not been pissed off by a car's software.
If you live in a country that makes it practica/affordable and you don't need too much range, I wonder if buying an old car with a broken engine and paying someone to do an electric conversion is a good choice?
Or maybe generally just buy a ~10 year old car, find a mechanic and say "I want this car to last a really long time, if we can build a trust relationship I will spend a lot of money in your business" and just budget for extensive proactive maintenance? Maybe with this approach you can still save money relative to a new car?
Or, is it possible to buy a newish car and then just rip out and completely replace the infotainment/climate control/etc while still keeping stuff like the parking cameras working?
I am probably the extreme minority, but I prefer cars with as little "tech" as possible. I don't need "drive assist" and sorts.
All my cars are 10+ old benzes, Nissans, Toyotas. All under good maintenance routine so giving me very little headache.
I had all sorts of stupid issues with modern cars while renting. One toyota scared the crap out of me while it imagined some pedestrian and yelled with all signs while I was going 100+ km/h on highway. Horrible crap
- Cruise control.
- Camera for parking. I guess sensors too. These are just unbelievaly useful IMO, it makes parking trivial in cases that used to require quite intense focus. I see the appeal of fully automated parking, but with cameras and a car that you have lots of experience parking I think I am fine Austin-Powers-ing into any space that the car physically fits into.
- I guess, maybe, I kinda like the thing where it automatically watches your blindspot and has a little orange light to remind you that there's a car there.
I dunno, when did cars get all that stuff? (Cruise control was basically universal in the US before I was even born I think, but not sure when the others showed up).
But then there's some non-driving tech that I do want:
- Completely frictionless navigation and media control. Android Auto just seems to be fucking nonfunctional so I think maybe what I want here is actually just a Qi mount and a reliable bluetooth controller?
- I've never had it but I bet remote climate control is really nice (warm up the wheel 5 mins before you set off on a frozen morning / turn on the AC 2 mins before you get into a car that you couldn't park in the shade).
Increasingly my vision of retirement is a life of luxury surrounded by hardware from before the internet era, things that do what I tell them, rather than telling me what I am and am not allowed to do.
Nissan sells a ton of cars to subprime borrowers, quality isn’t exactly their focus. Hyundai/Kia and Stellantis also target the same buyers.
Also I have to say, setting charge times remotely is mighty handy, if one pays the market/pool prices for electricity which fluctuate from hour to hour.
I'm not trying to suggest that these sorts of things should be this way, but if there is a server involved in the economics of maintaining that endpoint come into play and can't be ignored. Ideally things were federated and you could point your car or whatever device at and endpoint you maintain, but that comes at a cost as well as maintaining software where both client and server are controlled by the same party is an order of magnitude easier than cases where they aren't the same.
I don't know if an AAWireless adapter might operate in a way that could bridge that compatibility gap, but it might be worth a shot if you can borrow one to try it out.
I've been decently happy with it in a ~2020 car. Compared to a direct USB connection, there are some privacy implications with how it's running a low-power access point in the car, but bluetooth etc. are already a risk there.
> Did I miss something by not integrating my phone with my car? I don't think so. I call with Bluetooth and navigate with the screen of the phone.
For me the the main feature for Android Auto (over just a bluetooth connection) is navigation on the car's larger touchscreen that already has a good fixed position.
I've begun rejecting any hardware that depends on some kind of external service. I won't buy anything that requires an app or a remote server anymore because they always kill the app long before the hardware is dead.
If a monopolist can insist on terms (e.g., Amazon mandating lowest price guarantees from sellers, or Google mandating auth / compliance / KYC exclusivity to Google Play Services privileged devices by app devs), then threats to the compelled party (sellers, app devs) will be minimally effective.
Class action lawsuits, regulation, and legislation, are required for effective relief.
I bought a 2025 Suzuki because it is a manual and there is no firmware update, no internet connection, GOS Android Auto is all I get and only if my phone connects with the car.
It is so weird how companies in 2026 still making such bad mistakes.
They have an app [0] (which doesn't sync correctly for me, and their support is awful). When working it shows things like where you last parked, fuel efficiency, and allows you to remotely lock the vehicle, so it has internet access.
I sent Suzuki a Subject Access Request as a workaround to gain access to the data, and received months of extremely accurate location, speed, etc data.
There are also software updates, you just have to do them yourself [1]. They also didn't work for me.
Software aside however, they are extremely reliable cars, most of which seems down to their simplicity.
[0]: https://play.google.com/store/apps/details?id=suzuki.app.a02...
Also in the heat of the summer, it's nice to be able to start the air conditioning a few minutes before leaving.
This is the WEF future your conspiracy uncle was telling you about during family gatherings. Well.
"You will own nothing and be happy" - WEF Prime Objective.- RCS doesn't work at all on non-Owner accounts, switching to the owner account is necessary to receive them (I use a secondary account for my "main" account, the owner is left empty except for a Google Fi associated account)
- Immediate auto-update can cause phone to turn off and not turn on overnight (you can change the setting)
- Google Wallet won't work for payments (in Europe you can instead use Curve)
- The default AOSP app selection is in general worse than the Google provided ones (you can install them, after installing Google Play Services, which is sandboxed)
- Getting Google Fi to work required some fiddling initially, pretty sure it was because of my use of the non-Owner account
- Some banking apps will refuse to work (mine work fine)
- You can get Android Auto working, but by default so many things are sandboxed that applications and TTS won't show up unless you spend the time enabling permissions
Overall I am happy with it. It does feel a bit less polished than stock Android (because of the interaction of apps and more strict sandboxing), but for most people who don't care about Google Wallet and are ok installing Play Services and any necessary Google apps, the experience feels pretty much like a de-Gemini'd/de-bloated Android.
It's not as customizable as Samsung for instance.
It only runs on Pixel phones (next year hopefully some Motorola phones).
Not surprising to me at all that their software is a similar high quality experience, but in general I think it's weird that cars have to be connected to the Internet anyways and I doubt the competition is substantially better.
I've had VWs where the center console catches on fire whenever you turn on an indicator. (The obvious answer was to stick on some BMW badges so no one expects me to use indicators.)
It still sucks, but what are they suppose to do, not use the "safer" API and risk getting told that they don't care about security? And for what, pleasing a very small minority of users?
There could be some branding value in targeting more technical users and have them act as brand ambassadors, but for a car I doubt that's worth much.
To me this smells like a cartel. Why is the EU not doing anything?
My feeling is that this change plus the recent API lock for a few days ago are in fact part of a reworking to enable this EU legislation.
A German philosopher had a lot to say about this a couple hundred years ago... I think his name was Karl.
I strongly recommend saying that the operating system is one of "Android" (there are many variants), "Android (GrapheneOS)", or "GrapheneOS Android".
But if you say only "GrapheneOS", you are practically telling VW to respond that they do not support that operating system.
Happy voting with your wallet folks. See ya.
As a EU citizen, please sign this petition https://www.change.org/p/eu-data-act-durchsetzen-autoherstel...
https://www.theregister.com/on-prem/2026/03/10/microsoft-tig...
["tesla"]
>>> never_buy.append("volkswagen")
The liability culture at companies like VW is delusional, and they are deeply uncomfortable with software. They are suffer from individual departments and groups having individual authority and no drive to collaborate. Hence schizophrenic policies.