Yeah but it really shouldn't be that way. Just add a pin or something, it's way too easy for people to just grab devices or install malware to leak keys. The current standard for security is that everything is encrypted at rest regardless of whole disk encryption.
Signal is still better that most of the stuff out there but it's not above well intentioned criticism
Intrinsically/semantically no but the expectation is that the texts are encrypted at rest and the keys are password and/or tpm+biometric protected. That's just how this works at this point. Also that's the government standard for literally everything from handheld devices to satellites (yes, actually).
At this point one of the most likely threat vectors is someone just taking your shit. Things like border crossings, rubber stamped search warrants, cops raid your house because your roommate pissed them off, protests, needing to go home from work near a protest, on and on.
RF analysis is kinda difficult, you'd need to take the car out into the middle of nowhere and have access to fairly good equipment. A tinySA would maybe work if you're very patient but data transmissions are generally very bursty so it may be difficult to nail down where it's coming from in a sane amount of time.
One option would be to try to figure out if there are any FCC filings for your car. All filings will have pictures of whatever module is being used and what antenna systems it uses which may give you a good idea of where it is and what it looks like. There should be an FCC ID mentioned somewhere at the beginning or end of the cars manual. Googling that should bring up some stuff.
I'm adjacent to the industry. This is dumb but I understand the reasoning. We're getting left behind in the electronics world. Nobody is creating hardware startups because every few months there's a viral blog post with a "hardware is hard" title on HN and none of the VC assholes want to fund anything but web based surveillance capitalism ad tech because it's a surefire way to make money. Even if you do get funded and you're US based you're absolutely doing all your manufacturing in China if you're remotely consumer facing (b2big-b has different rules). That means Chinese companies get all the benefits of all the labor from your highly trained engineers when they get the design files. If you try to build anything at volume in the US you have strikingly few options for boards and parts. Everything is whole number multiples of fucking PCBway and half the time it's lower quality unless you're paying aero-defense prices which is the only business anyone wants.
AGPL just in case they try to put your brain waves into the cloud
You wouldn't download an island
This...isn't how the current paradigm of ai works at all. We've built glorified auto-complete bots, not something that can make a physical robot behave at a human level. Best case, they build something that can carry on a conversation long enough to excite a tech journalist and aimlessly meander like the Boston dynamic bots but without the pre-programmed tasking (assuming they don't cheat and add canned routines).
So that leaves one option: it's a moonshot project to convince the tech illiterate public to take them and their stock price to the moon long enough for a few people to make an obscene amount of money.
Hardware person here, these standards groups are getting out of control. They want thousands of dollars from anyone who wants to make anything compatible with their specs and while hardware and drivers are becoming cheaper and easier than ever to get into, they have become the main roadblock.
It's like the MP3 days all over again.
Yeah, a surprising number of people don't want these hyper complex cars with thousands of microchips and millions of lines of code operating them. Give me an electric 2012 Honda fit/Toyota matrix equivalent that just fucking works and costs $20k or less new.
Recommendation: report the pop-up as a bug with the provided link. Just act confused and claim to not be using an ad blocker. Muddy the waters and make life hell for their devs.
I'm not intimately familiar with the BCM2711 but I believe it's a reasonable, albeit somewhat overpowered, processor for the application. It can be put into a variety of low power states and probably pulled out of sleep by various events like the GSM chip sending packets or accelerometer motion (frequently the peripheral chips have dedicated "wakeup" pins that you can wire to interrupts). It's not the most cost effective option by far, there are sub $5 microcontrollers with multiple cores for handling communications and real time motor control concurrently but you'd need to hire someone like me for a few months @$200/hr to write the low level drivers and design the boards. The rpi lets random web-only devs fumble their way through hardware development using whatever GitHub Python libraries they can find. If you only need a hundred scooters it makes more sense to just yolo it and buy up the remaining supply of rpis to start your grift.
Setup a firewall with the minimum exposed ports, even on Linux. UFW is reasonable