- The Kirchner Report
- Posts
- Automakers, Please Protect Our Data
Automakers, Please Protect Our Data
Focus on subscription revenue and A.I. bullshit AFTER you give us basic data protection.
Chad Kirchner
January 02, 2025
In partnership with
Welcome to 2025! Yesterday was a tragic day involving two rented electric pickup trucks. Because it’s still early, there’s little point in speculating about aspects of each attack. My condolences to all those affected.
Table of Contents
How Many EVs Affected?!
Some may just chalk this up as Volkswagen being Volkswagen, but the latest data leak from the company is bad news and something we’re going to see a lot more of because automakers and the companies they work with are woefully unprepared for what’s to come.
Cariad, the company that handles location data and app services of VW, claims that a “misconfiguration” let several terrabytes — some 460,000 VW EVs — sit unprotected in Amazon cloud storage.
Whiskey. Tango. Foxtrot?
This is bad on so many levels. Data was linked to names. Locations were easily cross-linked to German military barracks. You can’t be doing this shit.
The data connection that EVs utilize is great because some EV-specific features require cloud connectivity. I get that. But what automakers do with that data is extremely important, and protecting it needs to be more secure than a 14-year-old trying to hide his porn collection in “New Folder (3)” on the desktop.
I know y’all (and when I say y’all, I mean the automakers and their representatives that subscribe to this newsletter) want to make money by selling subscriptions. Monthly recurring revenue (MRR) is the new hotness. You want to Software as a Service (SaaS) your way into a Software-Defined Vehicle (SDV) and roll in the profits. You’ve got to get the basics right, though.
We’re about to enter a time where protecting owner data is going to be more important than ever. When it becomes illegal to travel out of state for medical procedures and bounties on the heads of violators, this data can be used in ways to incarcerate and execute people. Yes, most automakers just hand over data without a warrant (which you should not do, by the way), if the data is just sitting on a freakin’ Dropbox unencrypted you’re making it easy for them.
Yes, you spend time making sure your cars can’t be hacked. I’ve seen single chips that run a hypervisor layer that protects the UNIX running the automobile from the Android Automotive powering the infotainment system. I’ve seen genuinely clever stuff at that level that is secure and is something everyone should be doing.
But in the cloud, with that data? Y’all ain’t doing shit and you need to. Data leaks are one thing, and fortunately, this data didn’t go public. But someday it will, and do you want to be sued into oblivion because of your carelessness?
Stop with the A.I. bullshit. Stop with the subscriptions and microtransactions. Prove that you are a technology company. Protect the data you already have first.
The gold standard of business news
Morning Brew is transforming the way working professionals consume business news.
They skip the jargon and lengthy stories, and instead serve up the news impacting your life and career with a hint of wit and humor. This way, you’ll actually enjoy reading the news—and the information sticks.
Best part? Morning Brew’s newsletter is completely free. Sign up in just 10 seconds and if you realize that you prefer long, dense, and boring business news—you can always go back to it.
Don’t Put All Your Ranking Officers In One Shuttlecraft
I have a poster that is titled “All I need to know about life I learned From Star Trek” and one of the tidbits of wisdom is “Don’t put all of your ranking officers in one shuttlecraft.” That’s a play on eggs and baskets and all of that, and recently that has been proven with businesses making money on Twitter.
Reply