Cash for clunkers, cars.gov stealing personal data?

Discussion in 'privacy general' started by Hiker, Aug 1, 2009.

Thread Status:
Not open for further replies.
  1. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    Here's a video from the Glen Beck show on Faux News that says...

    http://www.youtube.com/watch?v=NgCC...um1/message852815/pg1&feature=player_embedded

    I checked it out and don't see a "submit button"
     
    Last edited: Aug 1, 2009
  2. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    I think this may be for "dealers" only. Beck makes it out to be anyone that logs on to the website.
     
  3. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    More..

    http://www.businessandmedia.org/articles/2009/20090731195723.aspx

    Anyone think this report is legit and the feds are able to do this?
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Absolutely legit and confirmed by an acquaintance of mine. The dealership is NOT happy about it because whether or not this is in the "dealers section", everything on their systems falls under the agreement. That includes:

    1. Personal correspondence between co-workers, management to staff, management to management, staff/management to clients.

    2. Company finances

    3. Staff records such as promotions/demotions, disciplinary, health, addresses, phone numbers, relative's names and numbers.

    4. All personal and business files whether that be installed programs, personal downloads, security software/settings.

    4. Client (meaning you) records of transactions with the dealership, credit reports, workplace/home addresses and phone numbers, co-signer's names, phone numbers and addresses, bank records, anything applicable to vehicle purchases, leases and trade-ins.

    Regardless of whether you like Beck and/or FoxNews, they've uncovered one hell of an issue here that's being confirmed by more than just them or my acquaintance. This is a BIG deal, and I'm afraid there's a lot more to be uncovered with these other "stimulating" and "fix-it" programs....that statement being my personal opinion of course.
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I can't find anything close to that on the site. If anyone has actually found what that video shows, could they PM me the link? I'd like to test that site. I'd be very interested to see how they'd try to extract that data.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I'm sure video will pop up soon for those brave enough to test it outside of dealerships. The issue with that is that those who have done it are doing everything but pleading for those who don't have to NOT to try it. As far as extracting that data, you've been a member here for quite some time and have seen daily the methods used by hackers to steal data, so you already know how. To be specific though, keyloggers would be a fine start.

    You have to remember, businesses don't deal with highly-configured HIPS, behavior blockers and the sort, most of these methods are going to go un-noticed given today's complacency and incompetence in too many IT departments, and, the even bigger issue is, the federal government warned you before you went through with it. You essentially agree to their terms and conditions by clicking "Ok". That WILL hold up in court.

    Edit: I feel I should address an issue I've been seeing as I've researched this and looked at replies in other forums and websites. Once again, the general population is blowing it off since "it won't affect me if it is only in the dealer section". They always do this, if it doesn't directly affect their home computer, no amount of data mining/theft is a "big deal".

    We as people, both American or otherwise have got to get out of this complacency mode. Even I am not so paranoid that I'm looking for men in black suits all the time, but, what's going on around us is a BAD THING. Germany is also using this program, and their version is permanent. Now, whether they also get this warning only Germans can say, but that's a different story. The mere FACT that this warning shows up at ALL should be enough to give pause and concern.

    What people don't seem to get even after all this time is that, if they can bear the real truth, the truth is they don't have ANY control over their data. Whether it be financial, health, whatever, it is stored on servers that are nationwide, and, sometimes, international. We no longer live in the days where our banks, insurance companies, workplaces, whatever, keep our records in locked up drawers. It is digital, it is nation/worldwide. What I am making a long winded point about is that if our dealers have our information, so does the federal government, and the government is outright telling us so in that warning.

    Read that warning, look at how broad it is. There is nothing specific, there are no written exceptions, it is all or nothing. That folks is not something that should be shrugged off.
     
    Last edited: Aug 1, 2009
  7. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    No, I don't like the overly dramatic Beck. I think he's a moron. From the video he says DO NOT click on www.cars.gov that that page can mine your data, implying anyone that clicks on the site. However, it's in the dealership section, the words are up front (if it's real) and if a dealer doesn't like it, they don't have to participate.
     
  8. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Beck isn't even important, what's important is that this thing IS real and it is much too broad. And, there are incentives for dealers to participate, so most are going to. Look, choose to believe or not, that's your god-given right and so is blowing it off as nothing. But, well, I promise I won't come back later and say I told you so ;)
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    They can put any statement on that site they want to. They can also have any data they find on the test unit I'll use. It's an empty piece of old junk with a stripped down OS and a lot of monitoring software. They're also welcome to try to track me thru the foreign proxies I'll be using. I've looked all over on that site and I'm not seeing any such page. I don't even see a place to log in. Maybe it's only available if you're registered as a dealer. At this moment, I not only want to see what they're doing, I'm still trying to verify that this page even exists. I'd like to see that warning on the original webpage, not on someones unverifiable video.
     
  10. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    Right under the FAQ link there's one for dealers. Perhaps if you look around there.

    Here's the privacy page

    http://www.dot.gov/privacy.html
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I've found nothing in the dealers area either. I even bypassed Proxomitron in case it was filtering out some page components. Nothing there. I'm more distrusting of the powers that be than most people and I wouldn't be at all surprised if they did something like that. I'm becoming convinced that the video is a fake. If anyone happens to find the real page, send me the link, please. Nothing they put on a website is going to penetrate this testbox.
     
  12. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    Just as I originally suspected, Glen Beck and Faux News are frauds. It was evident when, even he couldn't get the warning page to come up and had to read it off his notes.

    noone, thanks for checking.
     
  13. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    You know what, no matter how we feel, whether we believed it or not, it's now confirmed that the warning is GONE. My source no longer gets this warning box either. Also, get this, there WERE videos out: http://www.sevenforums.com/chillout-room/18975-warning-do-not-log-cars-gov.html. However, "video has been removed due to copyright violations" when you try to play the YouTube link. I'm sorry, but that's just too damned funny. You can believe what you want, my source is in management at a top Toyota dealership and has no reason to make up entertaining stories for some guy (me) outside the "inner circle". But, again, she confirms it is gone and so does every blog and forum I'm coming across.

    The government caught hell from SOMEPLACE, and they backed out...maybe.
     
  14. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268

    Copyright violations? Whose copyright? Beck's video is still on Youtube.

    Regardless, Beck and Guilfoyle are making it out to be anyone that clicks on the site that their computer and personal data will be mined. If true, and I still don't believe it, the dealers are tying in to DOTs network perhaps it's a valid concern of the government, hence the warning.

    PS the link you provided is pitiful, without substance.
     
  15. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    OK, it's true about the warning to dealers.

    http://www.cars.gov/dealersupport

    Then..

    click here to submit transaction . Notice it says when logged on.

    As I noted, it's not a concern if you're only browsing the site.
     

    Attached Files:

  16. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    So now it's back? WTF is going on with this thing anyway? I really don't care who believes what, I'm certainly not out to prove a point, I'd just LOVE to know what the real deal is behind this. The here one minute, gone the next and back again thing is strange enough, BUT, the HUGE issue remains, why so broad of a warning? The security and integrity of the .gov website does not require that broad of data collection, it just doesn't. By the way, about my link, you asked for video, I gave it. It linked to Youtube, it doesn't matter about the rest of the content on the website. None of that matters though, I'm not going to argue over such nonsense, what DOES matter is this proven warning, why it's THAT broad, and do or do they not follow through with that warning.

    Again, it doesn't matter whether it affects consumers just browsing the website, as long as they participate in the program, their data is the federal governments data on the intranet of the dealership they use.We can go back and forth about links, news channels and all that other BS all day, but we best open our eyes and concentrate on the matter at hand and what it means to us.
     
  17. valjean77

    valjean77 Registered Member

    Joined:
    Aug 2, 2009
    Posts:
    1
    Yeah, I see the photo, but if you follow the exact steps he leaves, that's not what you get. It's not a screenshot, anyway, the dimensions are wrong. Plus the CARS logo is slightly blurred...it's been cut, cleaned up, and pasted in, there's some pixelization on the edges where the "blur edges" tool was used to make it blend in. The dimensions of the logo are also different, and every company and government agency has a design manual with very specific guidelines to go by. That's why the Burger King burger always looks exactly the same, no distortion. The basic design of, and background used on, the page is different. Also, between the lines of text is the same effect as around the logo, which you tend to get when you paste text in as a graphic rather than have actual HTML text on a background. It's Photoshopped.
     
  18. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    *sigh* This is going nowhere rather quickly. Time for me to move on to other topics. :)
     
  19. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    dw426,
    I wasn't trying to disprove what you were saying. I wanted to see how they intended to collect that data. It would have been very interesting to see what tools/methods they have and how my defenses would do against them.

    Even if that warning is gone, there's still the issue of whether they're still going to try to collect that kind of data. I'm wondering if they changed their policy or just no longer feel they have to warn anyone. Like I said earlier, I wouldn't put it past the govt to use such tactics. It would be in everyones interest to know if we need to expect tactics like we would find on a crack site.
     
  20. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    :rolleyes: Not photoshopped.
    I just went the the site and got that same login screen with the same information by following the "Click here to complete a transaction"

    Snapshot taken: Aug 3, 2009 10:41:42 PST View attachment 210981
    [​IMG]
     
  21. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    That's the problem Noone, I'm a bit more concerned about the warning being there then gone just as quickly as it was discovered, without any announcements by any officials, than I was with the warning being there to begin with. Obviously they knew the cat was out of the bag or the warning would still be there, so, the questions remain, why was it there, what or whom prompted removal, and, as you said, is that an indication of a change in policy or did they silently do damage control?
     
  22. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    If wouldn't be worth signing up a phony car dealer to find out but I'm also curious as to whether they can mine your data with ample security products. I'm thinking the warning is there so others won't try to hack in the them.
     
    Last edited: Aug 3, 2009
  23. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    Hahaha too funny.
     
  24. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    'unauthorized attempts to defeat or circumvent security features'

    Quote from the picture.

    So if your HIPS or AV limits or stops inspection or intrusions by 'those guys', you may expect criminal and civil persecution ?

    That may seem paranoid, but is it unjustified ?
     
    Last edited: Aug 3, 2009
  25. Hiker

    Hiker Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    268
    I wouldn't think programs that protect your own computer would be circumventing their security. I think most company networks have FW, AV and such
     
Loading...
Thread Status:
Not open for further replies.