"where the user cannot directly access the data from the connected product or related service, the data holder must make the readily available data and necessary metadata accessible to the user without undue delay, in the same quality as available to the data holder, easily, securely, free of charge, in a structured, commonly used, machine-readable format, and continuously/in real time where relevant and technically feasible."
Indeed, this seems to be exactly the area where the Data Act could be used to regain access. Unfortunately it seems that it's not possible to directly sue (e.g.) Volkswagen to get access, unlike the GDPR where you have direct standing under article 79 [1].
There doesn't seem to be much written about enforcing the Data Act, so I looked at the regulation directly. Article 39 [2] seems to require to first lodge a complaint with the competent authority as designated by the member state of your residence. Then when that authority invariably fails to act – I have no idea which timeframe we're talking about here – you can "in accordance with national law, either have the right to an effective judicial remedy or access to review by an impartial body with the appropriate expertise". But then you are suing that authority, and not the company directly (edit: I was originally unsure about who to sue under article 39, but 39(3) does clarify that it is the authority).
I would very much like to be wrong about this. I can imagine Muñoz vs. Superior Fruiticola applies [3] ("it must be possible to enforce that obligation by means of civil proceedings"), but I'm not at all sure, and it's a much weaker route than the one which the GDPR explicitly describes.
Would anyone know or have better references on how to enforce the Data Act, preferably individually?
BYD DMCAd my whole repo to connect to their cars... https://github.com/github/dmca/blob/master/2026/05/2026-05-2...
It's a shame these car makers are locking down their cars (which are brought for a premium!) and going on a crusade against open source.
This sure reads like a "you did nothing illegal but will attempt to make it look illegal" kind of thing. Like putting the key to a public space under the doormat, with a sign "key here" and then complaining you cannot use that key to access the already public space.
They alleging you have broken their encryption.. DMCA would be appropriate I would assume in this case.
OTOH, if there isn't a first party way to get an auth token or a way to connect your car with home assistant, I see that as a deficiency of service.
r/opensource_legalaid
let's reply and demand access to the data.
Quite a few other manufacturers have done the same thing. I use a reverse engineered Polestar library to get charging status but I'm in the middle of building a CANBUS sniffer to do the same job because I don't trust they won't do the same thing as this.
I don't really understand it, it doesn't seem to offer a huge potential revenue stream and it pisses off the people who are most invested in your product.
They already add cryptographic authentication to some CAN messages, so you can't change them. It is only a matter of time until they add encryption.
This is mostly a corporate problem of risk aversion in my opinion. Some department
writes down a risk assessment with a list of miniscule risks, for example of some 3rd party app backend being hacked. Or just a headline "Tinkerer hacked his car to use with his home assistant" in the local press.
This list circulates, and since nobody in the middle management wants to be responsible for anything, and there is no officially approved positive use case, draconian countermeasures are drafted and constructed one by one.
Right? I imagine there would be a non-trivial sales/marketing boost for the one/first company (in any segment) to fully embrace HA. IKEA is arguably a good example of this.
This is kind of an interesting contrast with BSH (Bosch and Siemens home appliances ), who are also German.
They appear to have seen making their Home Connect platform open as at least in part a matter of compliance with EU data transparency and portability laws.
They don’t. Majority of users don’t care, and some middle manager shmuck, working on MySkoda, can report how “we” prevented a huge security risk and funneled valuable ~~cattle~~ user data where it belongs.
By the way, regarding additional profit stream, to access VW data before you still needed WeConnect subscription (100€ a year), just that before you could use another app or automation to access the data. Now you MUST use exclusively WeConnect and partners to access same data even though you paying already for subscription.
Most executives make commercially disadvantageous decisions in exchange for more power.
It's practically a law of business: executives prioritize their power first and their company's profit margins second. This is one reason why outsourcing coding was so popular despite not saving money and being so commercially disastrous - execs were in the driving seat with that relationship much more than they were with us.
Despite what some people will tell you about how the home assistant consumer segment "doesn't matter" (it does) it really is more about the tangibility of control over data vs the intangibility of lost consumer goodwill.
Companies are not profit maximizing at all costs. The shareholders and the executives are not a singular body they have different and sometimes wildly divergent interests.
I've been doing smart home stuff for a long time. This is one of the reasons why I got off of Home Assistant.
It's a very cool and functional project but it is entirely dependent on companies keeping their APIs open, or, more commonly, companies not patching teh magic that makes reverse-engineered APIs possible.
Unfortunately, developments over the years have NOT gone in their favor. Tesla, Ring, MyQ, Ecobee and probably others have closed their APIs over the years. They've usually cited "security concerns" as the motivating factor for the API closures, which has some legitimacy, but IMO it's usually driven by fear of losing subscription revenue.
(Tesla charges a lot for official OAuth apps, though, to be fair, earlier hacks relied on a leaked OAuth app that they never got around to patching. Ecobee locked HomeKit and some other stuff behind their Security+ Subscription, which is a joke considering how anemic their security platform is. MyQ definitely did it to protect their $45/year subscription; jokes on them since RATGDO is infinitely better. Ring still works for some reason, but HomeKit Secure Video support is extremely dicey in part due to the fear of them turning their API off as well.)
For someone like me who primarily used HA for HomeKit integration, depending on it is a ticking timebob. When we moved into our new house, I focused on finding stuff that was natively compatible with HomeKit without workarounds. Our smart home works much better now because of it.
That's a frying pan => fire situation. I started my home automation journey in the same way, and being HK-centric is pretty decent. HA with 100% local-control devices that _bridges_ to HK is what I'm looking at next.
Often, the HK-only devices are terrible wrt WiFi stability, and I need to pay more attention to how matter/thread is working lately.
I know some people complain about zigbee/zwave but they've been way better on average than HK over wifi.
Client Assertion is an OAuth feature, but that is not at all what is being discussed here, if anyone else was confused. It is only present in the HN title and is not mentioned on the page.
With the software supply chain running amok recently having anything connected feels like playing Russian roulette and I say this as somebody who is running home assistant for years. I’m particularly paranoid about connecting my ev (non-vw) to it now, feels like a serious footgun today, would’ve been convenient three months ago, true.
There needs to be a law that makes remote attestation - no matter who provides the root certificates, Google/Apple/GrapheneOS - illegal. There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own, while also making interoperability cryptographically impossible. This is anti-competitive and should simply be illegal.
There is a real chance that in 5-10 years, there will be laptops and smartphones running open processors and operating systems with UX and and an OS comparable or better than the proprietary equivalent, but which are effectively useless to the average consumer because it is cryptographically impossible to use them for anything due to remote attestation proliferating more and more
It already is illegal in the EU under the EU Data act. The VW executives are just criminals who don't care about the law, because they can bend it like before.
> There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own.
Well, that and making it possible to deploy devices you own in environments where they might be physically accessible to people you don't want extracting credentials from them. Or for ensuring people can only access sensitive company information on company issued devices rather than being able to casually make a copy of any data they have access to somewhere else. Or using a phone as a credit card payment terminal without the possibility of displaying one payment amount on screen and authorising for a different amount.
I'm quite firmly in favour of anything I own giving access to the data it's generating in an open format but screaming about how there's no legitimate use for attestation is quite simply nonsense.
Garmin recently did something similar, resorting to tls fingerprinting to prevent unofficial logins to their api (via the popular garth library).
They lost a lifetime customer in me - i think i have spent close to 20k on garmin gear between my wife and myself, watches, gps devices for cars, boats, and hiking gear. If they refuse to give me access to my data, i will (a) lobby for laws to be passed to make this mandatory (b) absolutely never ever buy anything garmin until i see a reversal of this policy and an apology.
More broadly though, its yet another service that blocks API access. No doubt this is caused by proliferation of amateurs armed with agentic tools building nice, personalized frontends for themselves. Companies seem to absolutely hate it when people dont go through their shitty websites with dark patterns, misleading search results and analytics.
Huh, I completely missed that. I've been using python-garminconnect [0] for a few months without issues. I agree though that it's annoying, though not reason enough for me to switch away from Garmin yet.
I recently saw a group of automakers together during an event. The contrast between Chinese and Germans was bizare. The group of german automakers were older men in black suits all wearing badge with titles like Senior Executive Sales blablabla. Whereas the Chinese were all young people wearing causual clothing and much more engineering minded. No wonder why european auto makers are doing so badly. They forgot to please people. The only know how to please their untergang.
Are the Chinese particularly open API-wise here? Another user says BYD applied the DMCA to his repo that reverse-engineered their app (necessary because there's no other way). I think European auto-makers are probably doing poorly because a regime shift occurred in battery tech and EVs became much more useful and EVs are a manufacturing problem that advantages the guys who've been manufacturing electric motors and disadvantages the guys who manufacture cutting-edge gasoline engines.
I'm reminded of the fact that when I got a Roomba ten years ago the box said that the device was open and hackable. Searching online, the text looked like:
> This robot contains an electronic and software interface that allows you to control or modify, and remotely monitor its sensors. For software programmers interested in giving your iRobot new functionality we encourage you to do so.
My Dreame X40 Ultra does work flawlessly with Home Assistant but it carries no such text. In the end, I prefer the working to the text (so perhaps the Chinese companies are better), but things have changed over the intervening years.
This could equally illustrate the difference between long established multi national companies with an overbearing corporate culture vs young upstart companies with a dynamic startup culture.
This entire thing is simply ridiculous, and infuriating! Just sell me a car, or TV, or washing machine, etc. Don't sell me a multi-layered safe with different combinations for each level.
We used to have them. Devices so simple anyone with a hammer could fix. Maybe not open source as we understand it today, but rather - trivially reverse engineerable, often with schematics included. Most complex would be rewiring the motor on a washing machine.
Did their job fine, but you can't sell them forever, so more complex devices were introduced. Nowadays motorcycles would probably be the closest equivalent, they're often very simple to work on.
It means that the request to the API contains cryptographic proof that is was generated by a legitimate, reviewed app running on a unmodified and non-rooted mobile device controlled by Apple or Google.
/me scratches VAG cars from a possible new EV purchase.
I hate Elon as much as the next guy, but Tesla is still playing the API game way better than the rest of the pack (even with the "not so new" Tesla Fleet API change)
Sad to see some people still believe raw capitalism works and that they can "vote with their wallet".. but they don't see that all car manufacturers can just agree to enshittify their products the same way and use their position to ensure you won't just "start your own car company". There's no real choice and those in power don't care.
Only regulation can help.. or a revolution in case the political system in your country is broken..
Anti-competitive practices that you describe ("all car manufacturers can just agree") is definitely not a capitalistic thing (market competition being an important part of capitalism), and indeed regulation can improve the bad outcomes.
I think revolutions are more successful when there is some new idea of what to replace the system with. Currently I did not see anything remotely interesting (ex: french revolution came with the new idea of equality before the law, which was not the case before), and I think is mostly due to low overall education - you can't improve a system if most of the people do not think about complex issues like laws, taxes, efficiency, etc. Everybody loves to point a finger at someone and blame them (immigrants, rich people, woke people, etc.) like that would "miraculously" solve any issue.
I mean, it was founded by the Nazi party, they single handedly destroyed diesels through the world's largest scam, what ethics can you really expect from them? I find it extremely funny when people boycott Teslas for being "Nazi" but won't boycott actual Volkswagens that was founded by the real Nazi party and to date - followed some of the most unethical practices in automative history :)
Just because the Nsdap party created something that doesn't mean you can automatically treat it is bad. That is prejudice. Something bad happening decades and decades after the party's dissolution is not going to be directly related. It is a reach to think unsupported third party apps breaking is related.
Well so the Nazis founded VW with confiscated union capital, and after the war control of the company was basically handed over to the union to make things right.
This is not an intelligent comment. the Nazi parry and modern-day Volkswagen have nothing in common, whereas Tesla is currently^ actively^ run by someone morally reprehensible to many.
If you had any actual understanding—:as opposed to just hearing this little factoid in passing and have been waiting for every opportunity to whip it out— you’d know that already.
It’s funny as a quip, but don’t for a a second act like it’s a legitimate point, which is exactly what you’re doing.
Wasn't the EU Data Act (https://digital-strategy.ec.europa.eu/en/policies/data-act) put in place to exactly prevent these kind of scenarios (Article 4 and 5)?
"where the user cannot directly access the data from the connected product or related service, the data holder must make the readily available data and necessary metadata accessible to the user without undue delay, in the same quality as available to the data holder, easily, securely, free of charge, in a structured, commonly used, machine-readable format, and continuously/in real time where relevant and technically feasible."
There is even special EU guidance for vehicle data for it: https://digital-strategy.ec.europa.eu/en/library/guidance-ve...
Volkswagen has an EU Data Act site:
https://drivesomethinggreater.com/eu-data-act
Indeed, this seems to be exactly the area where the Data Act could be used to regain access. Unfortunately it seems that it's not possible to directly sue (e.g.) Volkswagen to get access, unlike the GDPR where you have direct standing under article 79 [1].
There doesn't seem to be much written about enforcing the Data Act, so I looked at the regulation directly. Article 39 [2] seems to require to first lodge a complaint with the competent authority as designated by the member state of your residence. Then when that authority invariably fails to act – I have no idea which timeframe we're talking about here – you can "in accordance with national law, either have the right to an effective judicial remedy or access to review by an impartial body with the appropriate expertise". But then you are suing that authority, and not the company directly (edit: I was originally unsure about who to sue under article 39, but 39(3) does clarify that it is the authority).
I would very much like to be wrong about this. I can imagine Muñoz vs. Superior Fruiticola applies [3] ("it must be possible to enforce that obligation by means of civil proceedings"), but I'm not at all sure, and it's a much weaker route than the one which the GDPR explicitly describes.
Would anyone know or have better references on how to enforce the Data Act, preferably individually?
[1] https://gdpr-info.eu/art-79-gdpr/
[2] https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=OJ:...
[3] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE...
BYD DMCAd my whole repo to connect to their cars... https://github.com/github/dmca/blob/master/2026/05/2026-05-2... It's a shame these car makers are locking down their cars (which are brought for a premium!) and going on a crusade against open source.
Have you moved it anywhere else? I checked codeberg and didn't see it there.
You should email Louis Rossmann, he's been helping people in similar situations.
This sure reads like a "you did nothing illegal but will attempt to make it look illegal" kind of thing. Like putting the key to a public space under the doormat, with a sign "key here" and then complaining you cannot use that key to access the already public space.
They alleging you have broken their encryption.. DMCA would be appropriate I would assume in this case. OTOH, if there isn't a first party way to get an auth token or a way to connect your car with home assistant, I see that as a deficiency of service.
r/opensource_legalaid let's reply and demand access to the data.
Quite a few other manufacturers have done the same thing. I use a reverse engineered Polestar library to get charging status but I'm in the middle of building a CANBUS sniffer to do the same job because I don't trust they won't do the same thing as this.
I don't really understand it, it doesn't seem to offer a huge potential revenue stream and it pisses off the people who are most invested in your product.
They already add cryptographic authentication to some CAN messages, so you can't change them. It is only a matter of time until they add encryption.
This is mostly a corporate problem of risk aversion in my opinion. Some department writes down a risk assessment with a list of miniscule risks, for example of some 3rd party app backend being hacked. Or just a headline "Tinkerer hacked his car to use with his home assistant" in the local press. This list circulates, and since nobody in the middle management wants to be responsible for anything, and there is no officially approved positive use case, draconian countermeasures are drafted and constructed one by one.
Right? I imagine there would be a non-trivial sales/marketing boost for the one/first company (in any segment) to fully embrace HA. IKEA is arguably a good example of this.
This is kind of an interesting contrast with BSH (Bosch and Siemens home appliances ), who are also German.
They appear to have seen making their Home Connect platform open as at least in part a matter of compliance with EU data transparency and portability laws.
The ability to interface with your car is fundamentally at odds with the regulatory momentum that's going towards encrypted everything.
Take a look what the automotive risc-v people are working on or the requirements of the EU cyber resilience act.
John Deere started the trend with locking down the farm equipment they sell.
Is there a repo for the new project?
This comment has really nice translation of corpo-speek to human language :
https://github.com/robinostlund/homeassistant-volkswagencarn...
Why are they shooting them selves in the feet? Is this really a tangible income stream? Is it really increasing security?
> Why are they shooting them selves in the feet?
They don’t. Majority of users don’t care, and some middle manager shmuck, working on MySkoda, can report how “we” prevented a huge security risk and funneled valuable ~~cattle~~ user data where it belongs.
By the way, regarding additional profit stream, to access VW data before you still needed WeConnect subscription (100€ a year), just that before you could use another app or automation to access the data. Now you MUST use exclusively WeConnect and partners to access same data even though you paying already for subscription.
> Why are they shooting them selves in the feet?
Because people will still buy their cars. The average Joe has very little regard for their privacy. We've been trained to be numb.
> Is this really a tangible income stream?
Yep.
> Is it really increasing security?
Nope.
> Why are they shooting them selves in the feet?
1. They dont think anyone will stop buying their cars because of this
2. They want to make more money
3. (speculation) The drop in demand for their cars in china is leaving them fucked, they need revenue now
Most executives make commercially disadvantageous decisions in exchange for more power.
It's practically a law of business: executives prioritize their power first and their company's profit margins second. This is one reason why outsourcing coding was so popular despite not saving money and being so commercially disastrous - execs were in the driving seat with that relationship much more than they were with us.
Despite what some people will tell you about how the home assistant consumer segment "doesn't matter" (it does) it really is more about the tangibility of control over data vs the intangibility of lost consumer goodwill.
Companies are not profit maximizing at all costs. The shareholders and the executives are not a singular body they have different and sometimes wildly divergent interests.
wow - I was looking at moving from Tesla to Skoda for our next EV. Last month it was interceptor missiles for Israel and now this.
I've been doing smart home stuff for a long time. This is one of the reasons why I got off of Home Assistant.
It's a very cool and functional project but it is entirely dependent on companies keeping their APIs open, or, more commonly, companies not patching teh magic that makes reverse-engineered APIs possible.
Unfortunately, developments over the years have NOT gone in their favor. Tesla, Ring, MyQ, Ecobee and probably others have closed their APIs over the years. They've usually cited "security concerns" as the motivating factor for the API closures, which has some legitimacy, but IMO it's usually driven by fear of losing subscription revenue.
(Tesla charges a lot for official OAuth apps, though, to be fair, earlier hacks relied on a leaked OAuth app that they never got around to patching. Ecobee locked HomeKit and some other stuff behind their Security+ Subscription, which is a joke considering how anemic their security platform is. MyQ definitely did it to protect their $45/year subscription; jokes on them since RATGDO is infinitely better. Ring still works for some reason, but HomeKit Secure Video support is extremely dicey in part due to the fear of them turning their API off as well.)
For someone like me who primarily used HA for HomeKit integration, depending on it is a ticking timebob. When we moved into our new house, I focused on finding stuff that was natively compatible with HomeKit without workarounds. Our smart home works much better now because of it.
That's a frying pan => fire situation. I started my home automation journey in the same way, and being HK-centric is pretty decent. HA with 100% local-control devices that _bridges_ to HK is what I'm looking at next.
Often, the HK-only devices are terrible wrt WiFi stability, and I need to pay more attention to how matter/thread is working lately.
I know some people complain about zigbee/zwave but they've been way better on average than HK over wifi.
Client Assertion is an OAuth feature, but that is not at all what is being discussed here, if anyone else was confused. It is only present in the HN title and is not mentioned on the page.
The apps now require the use of "Security Assertion" from the client.
In this case, it's by Play Protect on Android, and whatever they use on iOS.
Client attestation might be more accurate?
seems like google is playing a part in this ? https://github.com/robinostlund/homeassistant-volkswagencarn...
Yes this is Google helping vendors block access to their APIs by using hardware attestation.
I recently hit the same wall trying to directly my garage door opener's API (MyQ).
I'd be amazed if Google enabling this behavior doesn't violate some EU competition laws.
With the software supply chain running amok recently having anything connected feels like playing Russian roulette and I say this as somebody who is running home assistant for years. I’m particularly paranoid about connecting my ev (non-vw) to it now, feels like a serious footgun today, would’ve been convenient three months ago, true.
Seems doubtful that this security will be very strong. It won't be hard to spoof an official client.
If they’ve done it using Secure Enclave it’s essentially physically impossible to spoof.
There needs to be a law that makes remote attestation - no matter who provides the root certificates, Google/Apple/GrapheneOS - illegal. There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own, while also making interoperability cryptographically impossible. This is anti-competitive and should simply be illegal.
There is a real chance that in 5-10 years, there will be laptops and smartphones running open processors and operating systems with UX and and an OS comparable or better than the proprietary equivalent, but which are effectively useless to the average consumer because it is cryptographically impossible to use them for anything due to remote attestation proliferating more and more
It already is illegal in the EU under the EU Data act. The VW executives are just criminals who don't care about the law, because they can bend it like before.
what you really looking for is API-free services/products. so it works without cloud at all.
or products/companies that explicitly expose API access to their products.
> There is only one use for this technology right now, and it is to prevent people from doing what they want to do with the devices they own.
Well, that and making it possible to deploy devices you own in environments where they might be physically accessible to people you don't want extracting credentials from them. Or for ensuring people can only access sensitive company information on company issued devices rather than being able to casually make a copy of any data they have access to somewhere else. Or using a phone as a credit card payment terminal without the possibility of displaying one payment amount on screen and authorising for a different amount.
I'm quite firmly in favour of anything I own giving access to the data it's generating in an open format but screaming about how there's no legitimate use for attestation is quite simply nonsense.
Ok it's clear my next car will not be a Sköda (or Volkswagen)
Which brand are you thinking of, then?
DIY alternative with https://www.openvehicles.com/
Garmin recently did something similar, resorting to tls fingerprinting to prevent unofficial logins to their api (via the popular garth library).
They lost a lifetime customer in me - i think i have spent close to 20k on garmin gear between my wife and myself, watches, gps devices for cars, boats, and hiking gear. If they refuse to give me access to my data, i will (a) lobby for laws to be passed to make this mandatory (b) absolutely never ever buy anything garmin until i see a reversal of this policy and an apology.
More broadly though, its yet another service that blocks API access. No doubt this is caused by proliferation of amateurs armed with agentic tools building nice, personalized frontends for themselves. Companies seem to absolutely hate it when people dont go through their shitty websites with dark patterns, misleading search results and analytics.
Huh, I completely missed that. I've been using python-garminconnect [0] for a few months without issues. I agree though that it's annoying, though not reason enough for me to switch away from Garmin yet.
I recently saw a group of automakers together during an event. The contrast between Chinese and Germans was bizare. The group of german automakers were older men in black suits all wearing badge with titles like Senior Executive Sales blablabla. Whereas the Chinese were all young people wearing causual clothing and much more engineering minded. No wonder why european auto makers are doing so badly. They forgot to please people. The only know how to please their untergang.
Are the Chinese particularly open API-wise here? Another user says BYD applied the DMCA to his repo that reverse-engineered their app (necessary because there's no other way). I think European auto-makers are probably doing poorly because a regime shift occurred in battery tech and EVs became much more useful and EVs are a manufacturing problem that advantages the guys who've been manufacturing electric motors and disadvantages the guys who manufacture cutting-edge gasoline engines.
I'm reminded of the fact that when I got a Roomba ten years ago the box said that the device was open and hackable. Searching online, the text looked like:
> This robot contains an electronic and software interface that allows you to control or modify, and remotely monitor its sensors. For software programmers interested in giving your iRobot new functionality we encourage you to do so.
My Dreame X40 Ultra does work flawlessly with Home Assistant but it carries no such text. In the end, I prefer the working to the text (so perhaps the Chinese companies are better), but things have changed over the intervening years.
This could equally illustrate the difference between long established multi national companies with an overbearing corporate culture vs young upstart companies with a dynamic startup culture.
This entire thing is simply ridiculous, and infuriating! Just sell me a car, or TV, or washing machine, etc. Don't sell me a multi-layered safe with different combinations for each level.
Where's the 'Open Source Car'?
Where's the open source phone?
The open source washing machine?
We used to have them. Devices so simple anyone with a hammer could fix. Maybe not open source as we understand it today, but rather - trivially reverse engineerable, often with schematics included. Most complex would be rewiring the motor on a washing machine. Did their job fine, but you can't sell them forever, so more complex devices were introduced. Nowadays motorcycles would probably be the closest equivalent, they're often very simple to work on.
There are freely available plans for all of those things. They are just more primitive than what you have in mind.
What does client assertion mean here? I don't see any mention in the GitHub issue.
It means that the request to the API contains cryptographic proof that is was generated by a legitimate, reviewed app running on a unmodified and non-rooted mobile device controlled by Apple or Google.
/me scratches VAG cars from a possible new EV purchase.
I hate Elon as much as the next guy, but Tesla is still playing the API game way better than the rest of the pack (even with the "not so new" Tesla Fleet API change)
Volvo is also doing pretty good with offering an official API
Fleet api kinda sucks, but esphome via ble is solid. Even managed to connect $10 macropad so kids in back can control music.
Sad to see some people still believe raw capitalism works and that they can "vote with their wallet".. but they don't see that all car manufacturers can just agree to enshittify their products the same way and use their position to ensure you won't just "start your own car company". There's no real choice and those in power don't care.
Only regulation can help.. or a revolution in case the political system in your country is broken..
Anti-competitive practices that you describe ("all car manufacturers can just agree") is definitely not a capitalistic thing (market competition being an important part of capitalism), and indeed regulation can improve the bad outcomes.
I think revolutions are more successful when there is some new idea of what to replace the system with. Currently I did not see anything remotely interesting (ex: french revolution came with the new idea of equality before the law, which was not the case before), and I think is mostly due to low overall education - you can't improve a system if most of the people do not think about complex issues like laws, taxes, efficiency, etc. Everybody loves to point a finger at someone and blame them (immigrants, rich people, woke people, etc.) like that would "miraculously" solve any issue.
I mean, it was founded by the Nazi party, they single handedly destroyed diesels through the world's largest scam, what ethics can you really expect from them? I find it extremely funny when people boycott Teslas for being "Nazi" but won't boycott actual Volkswagens that was founded by the real Nazi party and to date - followed some of the most unethical practices in automative history :)
https://m.youtube.com/watch?v=sa8sllg5KIU&pp=ygUOxaFrb2RhIGh...
Insert "we live in a society" meme
Just because the Nsdap party created something that doesn't mean you can automatically treat it is bad. That is prejudice. Something bad happening decades and decades after the party's dissolution is not going to be directly related. It is a reach to think unsupported third party apps breaking is related.
Well so the Nazis founded VW with confiscated union capital, and after the war control of the company was basically handed over to the union to make things right.
This is not an intelligent comment. the Nazi parry and modern-day Volkswagen have nothing in common, whereas Tesla is currently^ actively^ run by someone morally reprehensible to many.
If you had any actual understanding—:as opposed to just hearing this little factoid in passing and have been waiting for every opportunity to whip it out— you’d know that already. It’s funny as a quip, but don’t for a a second act like it’s a legitimate point, which is exactly what you’re doing.
“Nazis”: see Godwins law