You're riding around with a smart phone and this is what you worry about?
I'd rather have the ability for it to call emergency services if I was in incapacitated.

 

My smartphone has an off switch and isn't capable of killing me.

 

Little dramatic. But I have to bite, how would Starlink kill you?

 

This seems like a lot of work for no gain.

 

There's a GREAT pun in there!

 

I haven't bought a 2020 yet, but when I do, I plan to have it wrapped in aluminum foil.

 

???????

 

are you disconnecting the sharkfin one entirely? Isn't that the same one for the navigation? Is the XM antenna that one too, or just the window antenna? will be interesting to see if the radio acts up after disconnecting that (slower startup, halts during startup, and so on).

How are you going to confirm that it's truly disconnected?

 

are you disconnecting the sharkfin one entirely? Isn't that the same one for the navigation? Is the XM antenna that one too, or just the window antenna? will be interesting to see if the radio acts up after disconnecting that (slower startup, halts during startup, and so on).

The XM antenna is in the sharkfin next to the primary telematics antenna and the GPS antenna is in the same assembly as the sub antenna but these all have separate connectors.

How are you going to confirm that it's truly disconnected?

The wifi hotspot uses the same connectivity as the telematics so I'll probably sign up for the 1-month trial of that and ensure that it can't connect.

 

I'm appreciative of people who take the time and energy to modify their vehicles to suit their needs, whether it be safety, performance, comfort, privacy, or looks, and more importantly, take the extra time and effort to communicate to the community what they are doing, why they do it, and how they did it.

He's not advocating that we all take our antennas out. He's simply forging a path for those who in the future may come across this thread and want to do the same - for example, someone who may have legitimate reason not to want to be tracked.

 

the short reddit thread I read a while back on removing it from a different car mentioned a few things that went through the starlink module - front door speakers and the driver's side door lock... also someone had posted a link to a bypass harness if hooking up an aftermarket stereo, I assume that was to get the speakers to function without going through the starlink module. Didn't ever see anything about the door lock issue though. But they were looking to totally disconnect the starlink module from power (at least I think that was the case).

antenna access looked easier by removing the head unit and just unplugging the starlink antenna connections at the module. Not sure how much more complex the 2020 is from the 2019, but removing things to access those at the head unit isn't terribly difficult.

 

The speakers and the GPS antenna both run through the DCM, but I don't see anything about the door locks in the telematics wiring diagram or vice versa; I think that communication runs over the CAN bus. Regardless, disconnecting the whole DCM rather than just the antennas seems like a pretty bad idea.

I haven't looked at the 2019 manual for comparison, but the only discrepancy I see from your description is that it appears the connectors are now behind the instrument panel instead of behind the head unit.

 

Your car still has an EDR (Event Data Recorder) Event data recorder :: General information :: Subaru Forester 2012-2020 Owners Manual :: Subaru Forester - SubSUV.com
Law enforcement, probably even your insurance company can get the data if the car were in a crash. As far as tracking, have a toll transponder like EZ-Pass, as already mentioned a cell phone, not to mention traffic/surveillance cameras, license plate readers, cameras on traffic lights. etc.; bottom line is most of us can be tracked in one form or another. As far as someone getting into your StarLink account, all the remote control apps for cars I've had will not turn off the engine once the car has been started by the driver (key or push button from within the car). As far as nefarious hacking, that's a potential with just about any car these days but likely an extremely remote possibility.

For me, being able to listen to satellite radio, get traffic and weather updates, have the car summon help in case of a crash, and generally make driving safer and more pleasurable, I'll leave everything connected.

I'm more concerned about what Google and others are learning about us from our use of the internet.

You could move to the mountains of Montana and ride a bicycle if you want to preserve your privacy. I'm being facetious.

 

Your car still has an EDR (Event Data Recorder) Event data recorder :: General information :: Subaru Forester 2012-2020 Owners Manual :: Subaru Forester - SubSUV.com
Law enforcement, probably even your insurance company can get the data if the car were in a crash. As far as tracking, have a toll transponder like EZ-Pass, as already mentioned a cell phone, not to mention traffic/surveillance cameras, license plate readers, cameras on traffic lights. etc.; bottom line is most of us can be tracked in one form or another. As far as someone getting into your StarLink account, all the remote control apps for cars I've had will not turn off the engine once the car has been started by the driver (key or push button from within the car). As far as nefarious hacking, that's a potential with just about any car these days but likely an extremely remote possibility.

For me, being able to listen to satellite radio, get traffic and weather updates, have the car summon help in case of a crash, and generally make driving safer and more pleasurable, I'll leave everything connected.

I'm more concerned about what Google and others are learning about us from our use of the internet.

You could move to the mountains of Montana and ride a bicycle if you want to preserve your privacy. I'm being facetious.

I'm aware of the EDR; those have been nearly universal for a long time. Doesn't bother me nearly as much, because there's a significant difference, both practically and legally, between data stored locally and data uploaded to the cloud.

Surveillance cameras, plate scanners, etc… yeah, they suck. But it's somewhat different information going to somewhat different parties, so not being able to defeat one doesn't mean I shouldn't bother resisting the other.

I hear you about the "car crashes and I'm incapacitated" case. Definitely a trade-off, and if for example I had some medical condition that made that more likely I might make a different choice. But in my personal circumstances, I worry more about software vulnerabilities than I do about that. That may seem strange to you because, so far, a lot more people have died because they've had a seizure while driving than have died due to software exploits. But thing about exploits is that a lot of them scale such that hitting every connected car in the world simultaneously is not appreciably harder than just hitting one. So I weigh the risk much the same way as I weigh the risk of a nuclear attack: it may seem remote because it's been 75 years since anybody has died that way, but that number could leap from zero to millions and millions in a big hurry.

 

We're just the opposite. Part of the reason we switched to Subaru from Honda was specifically for the emergency crash notification and other features that are part of the safety and security package. We like it and have actually used it in a remote area of Colorado where we had no cell coverage but somehow the Starlink system still connected us to a live person for help. For those that really don't want this like the OP, consider buying a base model next time, as Premium and up come with Starlink's advanced features whereas the base model does not.

 

@dfranke Why not just find the sim card and remove it?

 

There is a possibility that there is not a SIM card. My cell phone can operate with or without a SIM card.

 

Geez, sounds like an argument to trade up to a 58' Studabaker

 

But no rain-sensing wipers. That's a no-go.

 

You don't have to have "hackers roaming your neighborhood" to receive a malicious update. If the update mechanism isn't also using TLS (which many don't, because the code signing is seen as sufficient), then the attacker can be anywhere on the path between you and the distribution server, or even off the path if the attacker employs DNS or BGP poisoning. And whether or not TLS is used (and properly implemented), the distribution server itself might be compromised.

You'd be correct that if CVE-2018-18203 weren't already patched then disconnecting telematics wouldn't be sufficient to protect from it, because the payload would be delivered over wifi and not LTE.

 

Do you have any indications that Subaru hasn't implemented protection against these threats? There is great sensitivity to this in the auto industry.

 

Good luck when you go to sell it and StarLink doesn't work

 

This is 100% not crazy. I agree that Subaru has in good faith tried to mitigate all threats but some of the vulnerabilities previously disclosed indicate they’ve made decisions that fall short of security best practices. Personally I’m not confident there isn’t a vulnerability yet to be found (or released in an update) that wouldn’t allow someone to brick the car or worse.

I’m not going to do this myself because a) I think the chances of someone acting on this on my car are slim and b) I like the convenience of remote lock/start. Still very interested to hear how it goes.

 

This is neat - I've wondered about what it would take to disentangle superfluous integrated systems like this (for a variety of reasons), and I'm thoroughly looking forward to your documentation! Keep on keepin' on!

 

Can someone sort this out a bit for me?: I just got my 2018 a few weeks ago and have not read the 10lbs of manuals. Not even sure they would help here.

I understand some of what a Starlink subscription can do, but will Starlink do anything without it? Can my stolen car still be found even if I don't subscribe?

And the telematics: That is a separate system from the Starlink portion? Is telematics working via the cell system? All the time?

Then there is the wifi element: Is the car supposed to connect TO a wifi network? Or is it creating a wifi hotspot for Starlink subscribers?

I'm trying to sort out the gratuitous data snorting vs. modestly useful features, free vs. paid.

There's a difference between being able to download data via the OBD connector, vs. always on don't-mind-us privacy erosion. I want to be a truly consenting adult, and I don't mean consenting in the sense that I clicked "yes" at the end of 20 pages of legal masturbation.

 

I understand some of what a Starlink subscription can do, but will Starlink do anything without it? Can my stolen car still be found even if I don't subscribe?

No, Starlink telematics won't do anything useful for you without a subscription, not even make emergency calls. For locating a stolen car I suppose maybe you could try to get away with a just-in-time subscription, but I wouldn't count on it because I suspect it wouldn't take effect until the next time the car is restarted and by then it's probably too late.

And the telematics: That is a separate system from the Starlink portion? Is telematics working via the cell system? All the time?

Subaru uses the "Starlink" branding for both the telematics features and for all features of the head unit, which is confusing. I'm using "telematics" to mean "things that run over the cellular connection", which includes Starlink Safety & Security but also the AT&T hotspot service. Also, while XM radio uses a separate antenna for its downlink I think it may rely on the telematics antennas for selective access (DRM).

Then there is the wifi element: Is the car supposed to connect TO a wifi network? Or is it creating a wifi hotspot for Starlink subscribers?

It does both. The later requires a subscription (a separate one from your Starlink Safety & Security subscription), the former does not and should not rely on the telematics antennas.

I'm trying to sort out the gratuitous data snorting vs. modestly useful features, free vs. paid.

There's a difference between being able to download data via the OBD connector, vs. always on don't-mind-us privacy erosion. I want to be a truly consenting adult, and I don't mean consenting in the sense that I clicked "yes" at the end of 20 pages of legal masturbation.

For stolen vehicle recovery I don't think you can have it both ways: if thieves can be tracked, so can you. But OBD has nothing to do with telematics.

See my initial post for full discussion of privacy impact.

 

Don't forget the black box
The technical term for the device is an event data recorder, and they’ve been placed in vehicles since the 1990s. Early iterations were mostly designed to track when airbags deployed, but the ones placed in newer cars are much more sophisticated.

The gadgets, which aren’t black, can now record dozens of indicators including speed, whether seat belts were worn, if the brakes were applied and steering position. Most event recorders capture about six seconds of data before a crash, but some newer models can retain up to six minutes.

 

Don't forget the black box
The technical term for the device is an event data recorder, and they’ve been placed in vehicles since the 1990s. Early iterations were mostly designed to track when airbags deployed, but the ones placed in newer cars are much more sophisticated.

The gadgets, which aren’t black, can now record dozens of indicators including speed, whether seat belts were worn, if the brakes were applied and steering position. Most event recorders capture about six seconds of data before a crash, but some newer models can retain up to six minutes.

For the 2020 Outback I believe it's 30 seconds.

 

I live in the land of endless Tesla’s and I have to disagree about the styling. I find them incredibly boring.

 

UPDATE: The surgery was a success! The technician went about it slightly differently than I requested, disconnecting everything at the point most proximate to the DCM. He left me this diagram of what he did:

The following functionality no longer works:

• Wifi hotspot: the interface hangs if you try to enable it. You can still exit out by touching the "X".
• XM satellite radio: the UI still works but there's no sound.

Since I already cancelled my Starlink Safety & Security subscription I can't directly verify that it's been truly disabled, but since the wifi hotspot is failing in the expected way I'm confident that it has been.

The following functionality still works just fine:

• Terrestrial radio
• GPS and navigation
• Connecting to external wifi

Thanks a bunch to the service techs at Village Subaru of Acton, MA for coming through on this. This was a pretty weird request and they got it done quickly and capably.

I'm naming my stealth Subaru "Merope".

 

I'm naming my stealth Subaru "Merope".

I had to google that reference:

Merope is the faintest star in the Pleiades (Subaru) star cluster. The star Merope is often called the "lost Pleiad" because she was at first not seen by astronomers or charted like her sisters.

Bravo.

 

I cannot see how the vehicle telematics can collect your smartphone search date, unless you have the accompanying Starlink app on your phone.

Without specific app permissions granted on the device I can’t see how Starlink can access phone based data.

I’m all about privacy but fail to see the issues here.

 

The fundamental issue here is Subaru reselling my vehicle's data without consent. Even when an on-star subscription has terminated, the car is still sending data, including who is driving (Driver Monitoring System), how the car is being driven, where the car is being driven, and vehicle telemetry and possibly other data including what radio stations or songs are being listened to on the audio system, who is wearing seatbelts, driver distraction data (if DriverFocus is enabled and equipped), devices connected to the car's bluetooth/wifi (device identifiers), etc.

Subaru then packages this data (probably anonymized for GDPR reasons) and sells it to companies like The Ulysses Group who then merge this data with other datasets to deanonymize then resell tracking data to paying customers, including insurance companies and governments.

These practices are why I hate this post privacy era and will be doing whatever I can to maintain control over my data footprint.

 

FYI in the news this week. They haven't sold their service to anybody, yet, but the tech is there....

This Surveillance Company Claims It Can Track Nearly Any Car in Real-Time

A document obtained by the office of Sen. Ron Wyden shows Ulysses claims to be able to “remotely geolocate” cars in “nearly any country,” with the exceptions of Cuba and North Korea.

gizmodo.com

Cars Have Your Location. This Spy Firm Wants to Sell It to the U.S. Military

15 billion car locations. Nearly any country on Earth. ‘The Ulysses Group’ is pitching a powerful surveillance technology to the U.S. government.

www.vice.com

 

In my day job I work with a good number of automakers discussing specifically how they collect and share driving data.

I can say that uniformly, they are all VERY concerned with customer reaction to collecting or improperly exposing data.

At a minimum, if a 3rd party like my company wants access to a specific customer's data, it is typically required for the customer to consent again just to that - before the automaker hands the data over. Some are ever more concerned, and take the Euro GDPR as a guide.

Just about the only cases where you might worry about your location being shared without your consent is for an emergency services all or in a post-accident or post-crime reconstruction.

TLDR: I used to worry about this a lot, but I don't worry so much any more. Of course, OP clearly says in the first post he gets all that and just would prefer to not have it collected at all. It's good you were able to figure it out and share how to cut it off via hardware. Make sure to reconnect before reselling car to unsuspecting future driver who might want the safety features to work

 

Thank you dfranke for sharing the diagram from your local dealer. I'll be disconnecting the antennas. Very helpful and appreciated.

 

This is a very interesting thread! I'm a security guy as well, and pick up my slightly used 2020 Outback tomorrow. Not sure I'm going to disconnect everything, but god damn why don't they give you the option to turn all that off? Even better give you a hard switch to do that? You can tell Google and Alexa to stop listening (fine, maybe they are lying about it being off, but you know what I mean). And I can guess why they don't - all connected things collect more data and figure out a way to turn that into money later, it's the default operating model now.

Either way, a couple of observations/thoughts:
1. As @walker pointed out, seems like the MIC is running through the DCM. Seems to me they are capturing voice, and I wonder if it's even possible to eavesdrop on the noise in the car? I can't guess why the front tweeter would go through that. Unless there is an expectation that those will carry data of some kind (ultrasonic? )
2. I see there being a market for an aftermarket harness that you can wire in that would give you a hard switch to turn off all outbound data. Any takers? Remember when laptops used to have a hard "disable radios" switch?
3. I wonder if anyone has done a study with an SDR to see if any other signals are emanating from the car after these wires are disconnected?
4. Remind me again why I'm replacing a perfectly disconnected 2007 Hyundai Tucson with a modern connected car? Oh right, the ever increasing annual maintenance bill as I slowly realize the "ship of Theseus" dream.

 

Either way, a couple of observations/thoughts:
1. As @walker pointed out, seems like the MIC is running through the DCM. Seems to me they are capturing voice, and I wonder if it's even possible to eavesdrop on the noise in the car? I can't guess why the front tweeter would go through that. Unless there is an expectation that those will carry data of some kind (ultrasonic? )

Tweeter doesnt specifically go through that. all front door speakers do. you're mostly hearing the larger speakers in the panel.
Mic and front speakers go through it on the way to the headunit so it can override them for emergency use.

2. I see there being a market for an aftermarket harness that you can wire in that would give you a hard switch to turn off all outbound data. Any takers? Remember when laptops used to have a hard "disable radios" switch?

I dont have a switch, but I made a way to remove it entirely. Not just for these reasons, but also lets you put in a larger headunit.

3. I wonder if anyone has done a study with an SDR to see if any other signals are emanating from the car after these wires are disconnected?

None after it was disconnected, as there was nothing to check...but I did use an SDR to see it calls out to Starlink back when I had battery issues and a valid subscription to it. Wasnt easy to see as the cell phone band was very noisy. I think it was 3G... and of course I couldnt get any good data off what it was sending/receiving other then approximate size. I remember the handshake for call connect was larger than the data transfer.