Connected cars have become ad-serving platforms: Stellantis pushed a 15-second loyalty offer onto a paid-off Jeep Grand Cherokee at ignition, with no opt-out except a phone call.
Key Takeaways
Drive-by-wire, CAN bus, and cellular modems transformed the car from property into a remotely managed platform with monetized screen inventory.
OTA updates let manufacturers remove features post-sale: Tesla pulled adjustable regen braking, capped battery range, and stripped Autopilot from used vehicles without owner consent.
BMW’s heated seat subscription gated already-installed hardware behind a monthly fee, exposing the logical endpoint of software-controlled vehicle capabilities.
The CAN bus has no native authentication; Miller and Valasek’s 2015 Jeep Cherokee hack showed the infotainment cellular link is a direct path to vehicle control systems.
Unlike the web, connected cars have no consent infrastructure: no cookie banners, no GDPR-equivalent, no standardized opt-out for data collection or ad delivery.
Hacker News Comment Review
Commenters agree the consent gap is the core issue: automakers are running programmatic ad-tech identical to web publishers but skipped every consent layer the web was forced to adopt.
There is demand for a fully disconnected modern vehicle; the Ford Super Duty modem-pull workaround was cited as a rare case where hardware separation is possible without breaking core vehicle functions.
Skepticism about the writing quality surfaced, but did not displace substantive engagement with the underlying architecture and business model.
Notable Comments
@cadito: Automakers are running the same programmatic targeting logic as web publishers and in-store retail networks, deliberately without the consent infrastructure forced onto the web.
@helterskelter: Notes the Ford Super Duty modem can be physically removed without breaking the ICU or triggering nag screens, positioning it as a rare hardware-level escape hatch.
