I'm not an Apple Pay user -- is their privacy policy any good? Does it not collect metadata?
The article highlights CurrentC's brazen lack of privacy. From their policy:
> We share your information across our network of merchants and with our third party service providers. MCX may share...To third-party analytic providers and advertising partners to help us deliver, track and analyze the operations and effectiveness of our marketing campaigns, promotions or advertisements.
Apple knows nothing about your cards (they are all encrypted on-device), and nothing about your transaction except that there was A transaction (since Apple just sees a token that gets passed from you to the card provider).
The merchant doesn't see your real cc number, just a one-use token. So they can't track you unless you choose to add a loyalty card.
The card provider sees all details of the transaction. Just as now, and what you want.
And the real cc details are stored in dedicated silicon on a fingerprint-locked device.
> The merchant doesn't see your real cc number, just a one-use token
It's worth noting that the token is one-per-vendor, rather than one-per-payment. This is what allows TFL to match your tap-in to your tap-out on the London Underground, and what allows them to apply daily/weekly capping on fares.
- A high resolution display
- Decent battery life
- A good keyboard
- A Unix based OS (Though I'm fine with Linux)
- Hardware that feels good to use
The MacBooks are easy to compare to pick the one you want, all look good, and you're pretty well guaranteed that you're going to get what you expect, even if it costs a little more. On the other hand, to pick another manufacturer, you have to dig a lot to even start finding what the options are, much less to refine them. I paid $X more to get a macbook and not go through that :P
Theft of newer-model cars is extremely rare and I don't think vulnerabilities will change that much. Anything that requires computers at all is going to be beyond the average car thief.
If you're worried about safety, buy a car with a good crash safety rating. You're far more likely to get into a normal crash due to bad human drivers or mechanical failures than you are to be hacked.
If you're worried about the financial loss from a crash or theft, your best protection is good insurance.
You're making the mistake of assuming car thiefs are unintelligent or unorganized. Successful thefts that return a profit require a network of skilled people to pull off and talent can be found within that pool or recruited.
By saying a thief would have to understand how a computer exploit works, it's saying a thief needed the equivalence of an engineering degree to drive away with a car before computers entered the equation.
Exploit discovery, maybe, but it doesn't take much to execute packaged tools you bought on the blackmarket.
> while popular older cars are stolen in vast numbers
For now. Once they get out of circulation only newer cars will be left and at that time it might be that thieves could buy devices to hack into these cars just as you can rent botnets today.
Well sure, pretty much by definition. Car thieves who can't handle technology will eventually have to stop stealing cars. There are only so many late 90s Honda Accords out there to be stolen, after all, and they aren't making any more.
But I really doubt that all the thieves out there will learn fancy technology so they can steal newer cars. A few will, but most will find other things to steal.
Right now, popular new cars are stolen in amounts of hundreds per year in the US. Older cars (like the Honda Accord) are stolen by the tens of thousands. That's not because older cars are more valuable, it's just because it's a lot easier.
I drive a Hyundai Accent with manual windows and doors.
No one is going to crack that but a guy with the right piece of plastic can still take down a window, get in, and steal the car. If someone wanted to murder me, they'd need physical access to the car to mess with it.
So...yeah. No situation is 100% safe or secure. However, pretty much anything wireless pretty much guarantees any criminal can just make a kit to do X and sell it to actual car thieves claiming he thought they were [legal profession like car repo].
Sort of like how people sell malware/"security tools" now. "Oh, I sold it to a criminal. HOW COULD I HAVE KNOWN?" :p
Something with no wireless features at all(I think the no-feature nissan versa might be that way?). Not because their manufacturer cares about security, but because of less attack vectors.
It's not possible. Make sure your car is well insured. The insurance companies have traditionally put pressure on manufacturers to add better security. In the UK, the car insurers set up this respected research institute which has steadily improved car security:
That Thatcham rating might not be as good as you think; we used to have massive problems with Thatcham certified motorbike chains and locks, eg: https://www.youtube.com/watch?v=VC3hFr8p2ck
Pro-Tip: If you're chaining your bike up, make sure the chain can't touch the floor.
Don't buy a high end car that has a high theft rate. Research theft rates like you would reliability and resale. Buy a plain vanilla mid-level toyota, honda or the like. Insure your car.
It has been this way for about two decades. It is much easier for thieves to slice-and-dice a common vehicle into hard-to-trace parts, since the hot parts will disappear into a sea of legitimate used and reconditioned parts. High-end cars are comparatively rare, and thus harder to dispose of discreetly.
