Connect with us

Published

2 years ago

on

The Tesla Motors Inc. Model X sport utility vehicle (SUV).

David Paul Morris | Bloomberg | Getty Images

A Tesla Model X totaled in the U.S. late last year suddenly came back online and started sending notifications to the phone of its former owner, CNBC executive editor Jay Yarow, months later.

The car or its computer was suddenly online in a Southern region of war-torn Ukraine, he found by opening up his Tesla app and using a geolocation feature. The new owners in Ukraine were tapping into his still-connected Spotify app to listen to Drake radio playlists, he also discovered.

When Yarow posted about this to the social network X, formerly known as Twitter, his post went viral, and followers wanted to know why this this happening and whether it was a security risk.

According to the CTO of automotive security firm Canis Labs, Ken Tindell, there can indeed be a security risk with totaled cars that are restored.

He explained in an e-mail to CNBC, “The credentials to internet services are clearly left in the vehicle electronics and then can be used by whoever gets hold of the electronics.” He added, “In general it’s possible to get data out of working electronics — it’s merely a question of how much effort that takes.” 

This is far from a Tesla-specific issue, he said. Cars, like laptops, smartphones, and even refrigerators and TVs, are now internet-connected devices that can store personal data.

“I think it needs to be more widely understood by dealers and owners that there is this issue of private data within the vehicle,” Tindell said.

Overseas demand for totaled Teslas

How did the vehicle end up in Ukraine?

CNBC found that after the car was totaled, online auction site Copart listed it for sale, according to website listings. The company, which currently has more than 1,600 Tesla vehicles listed for sale, is connected to salvage yards across the U.S., including one in New Jersey where the car ended up.

Copart specializes in damaged or totaled vehicles that have what’s called a “salvage title,” issued when an insurance company declares it a total loss, warning future buyers that there was a significant problem. Copart sells more than 2 million vehicles a year, with operations in 11 countries, according to the company’s website.

Such vehicles cannot legally drive on U.S. roadways, but some countries aren’t as stringent.

“Cars go to the repair shop or junk yard then find their way to a second market and then are suddenly being shipped overseas,” said Mike Dunne, a former General Motors international executive who now serves as CEO of auto consulting firm ZoZoGo.

The practice has been going on for decades and accelerated with the rise of digital auctions, according to Steven Lang, an auctioneer and founder of used car marketplace 48 Hours And A Used Car.

“Starting in the Y2K era, the digital auction site took over. So now you can have someone in Ukraine bidding on it. And then someone else from Norway bidding on it … and you haven’t even touched an American border or an American bidder,” said Lang, who has been in the vehicle auction business for more than 24 years.

“Virtually all of the vehicles that are totaled will end up at a salvage auction,” he said.

One online auction website that specializes in such sales estimated the winning bid for the vehicle would be between $27,400 and $29,400. A final sale price was not immediately known. Neither the salvage yard nor Copart immediately responded for comment about the vehicle and who bought it.

What owners can do after the fact

Tesla support staff told Yarow he should disconnect his car from his account, offering the following instructions via email:

1. Open the Tesla app Tap profile icon in top-right corner

2. Tap ‘Add/Remove Products’ > ‘Remove’ > ‘Vehicle’

3. Select the VIN, then tap ‘Get Started’

4. Enter the vehicle and sale details, then tap ‘Next’

5. Enter the new owner information, then tap ‘Next’

6. Enter security code from e-mail, then tap ‘Confirm’

7.Submit the request by clicking on ‘Remove Vehicle’

Reminder: If it asks if you sold the vehicle say yes.”

Tesla didn’t tell him how he was supposed to obtain the new owner information as he hadn’t sold the car.

According to Canis Labs CTO Ken Tindell, disconnecting one’s account from a totaled vehicle can help stop others from using apps that had been connected, such as Spotify in Yarow’s case. However, data could still be extracted from the totaled vehicle’s electronics.

“What would the trip history and phone book of a celebrity be worth to a blackmailer or a kidnapper?” Tintell asked.

He and other security experts compared the situation having an Apple laptop stolen. In some cases, Apple can wipe the laptop or device clean remotely when it comes online. But “a malign repair shop can take out the hard drive and copy all the data off it before scrapping a broken laptop.”

This is why Apple routinely encrypts its hard drives, the CTO noted. “It’s the only way to prevent the data being stolen by someone with physical access to an offline device.”

An automotive cybersecurity veteran and the founder of RightHook, Warren Ahner, said that ideally a company like Tesla would “Have a portal where a user can sign in with online credentials and say ‘remove all my info, then disconnect my vehicle from the account,’ and would be able issue a remote-wipe command to the car when it comes online, deleting it all including GPS, saved locations and the rest.”

However, he said, owners can be their own “personal risk police,” and avoid giving their vehicles or rental cars that they use lots of personal info.

“Always purge your data after you are done with the vehicle and try not to share more info with the car than you absolutely need to share,” Ahner recommended. “If I pair my phone with the car I’m renting or owning I don’t allow it to synch location and contacts. I only give it Bluetooth access to talk over the top of my music and so I can us whatever music streaming app I like.”

An automotive white hat hacker who uses the handle Green the Only has been sounding the alarm about data on cars for years. “All the phone directory and calendar stuff might be valuable,” he said.

Once a car or car computer has changed possession is back online, he says that the previous owners “can’t do much.” One problem is that an old owner can “accrue charges for Supercharging,” and other items Tesla — or other vehicle makers — may sell on a subscription or pay-per-charge basis. They can always submit a request to Tesla to remove the car from their account, but that’s it.

Green the Only agreed with Tindell and Ahner — Tesla “probably can add a ‘remote wipe and then remove from my account’ in addition to the ‘remove from my account’ option they have now. They probably should have added that long ago.”

Related Topics:
Continue Reading

Technology

Tech founders call on Sequoia Capital to denounce VC Shaun Maguire’s Mamdani comments

Published

8 hours ago

on

July 7, 2025

By

Tech founders call on Sequoia Capital to denounce VC Shaun Maguire's Mamdani comments

Almost 600 people have signed an open letter to leaders at venture firm Sequoia Capital after one of its partners, Shaun Maguire, posted what the group described as a “deliberate, inflammatory attack” against the Muslim Democratic mayoral candidate in New York City.

Maguire, a vocal supporter of President Donald Trump, posted on X over the weekend that Zohran Mamdani, who won the Democratic primary last month, “comes from a culture that lies about everything” and is out to advance “his Islamist agenda.”

The post had 5.3 million views as of Monday afternoon. Maguire, whose investments include Elon Musk’s SpaceX and X as well as artificial intelligence startup Safe Superintelligence, also published a video on X explaining the remark.

Those signing the letter are asking Sequoia to condemn Maguire’s comments and apologize to Mamdani and Muslim founders. They also want the firm to authorize an independent investigation of Maguire’s behavior in the past two years and post “a zero-tolerance policy on hate speech and religious bigotry.”

They are asking the firm for a public response by July 14, or “we will proceed with broader public disclosure, media outreach and mobilizing our networks to ensure accountability,” the letter says.

Sequoia declined to comment. Maguire didn’t respond to a request for comment, but wrote in a post about the letter on Wednesday that, “You can try everything you want to silence me, but it will just embolden me.”

Among the signees are Mudassir Sheikha, CEO of ride-hailing service Careem, and Amr Awadallah, CEO of AI startup Vectara. Also on the list is Abubakar Abid, who works in machine learning Hugging Face, which is backed by Sequoia, and Ahmed Sabbah, CEO of Telda, a financial technology startup that Sequoia first invested in four years ago.

At least three founders of startups that have gone through startup accelerator program Y Combinator added their names to the letter.

Sequoia as a firm is no stranger to politics. Doug Leone, who led the firm until 2022 and remains a partner, is a longtime Republican donor, who supported Trump in the 2024 election. Following Trump’s victory in November, Leone posted on X, “To all Trump voters:  you no longer have to hide in the shadows…..you’re the majority!!”

By contrast, Leone’s predecessor, Mike Moritz, is a Democratic megadonor, who criticized Trump and, in August, slammed his colleagues in the tech industry for lining up behind the Republican nominee. In a Financial Times opinion piece, Moritz wrote Trump’s tech supporters were “making a big mistake.”

“I doubt whether any of them would want him as part of an investment syndicate that they organised,” wrote Moritz, who stepped down from Sequoia in 2023, over a decade after giving up a management role at the firm. “Why then do they dismiss his recent criminal conviction as nothing more than a politically inspired witch-hunt over a simple book-keeping error?”

Neither Leone nor Moritz returned messages seeking comment.

Roelof Botha, Sequoia’s current lead partner, has taken a more neutral stance. Botha said at an event last July that Sequoia as a partnership doesn’t “take a political point of view,” adding that he’s “not a registered member of either party.” Boelof said he’s “proud of the fact that we’ve enabled many of our partners to express their respected individual views along the way, and given them that freedom.”

Maguire has long been open with his political views. He said on X last year that he had “just donated $300k to President Trump.”

Mamdani, a self-described democratic socialist, has gained the ire of many people in tech and in the business community more broadly since defeating former New York Gov. Andrew Cuomo in the June primary.

— CNBC’s Ari Levy contributed to this report.

WATCH: SpaceX valuation is maybe even conservative, says Sequoia’s Shaun Maguire

Continue Reading

Technology

Samsung expects second-quarter profits to more than halve as it struggles to capture AI demand

Published

8 hours ago

on

July 7, 2025

By

Samsung expects second-quarter profits to more than halve as it struggles to capture AI demand

Samsung signage during the Nvidia GPU Technology Conference (GTC) in San Jose, California, US, on Thursday, March 20, 2025.

David Paul Morris | Bloomberg | Getty Images

South Korea’s Samsung Electronics on Tuesday forecast a 56% fall in profits for the second as the company struggles to capture demand from artificial intelligence chip leader Nvidia. 

The memory chip and smartphone maker said in its guidance that operating profit for the quarter ending June was projected to be around 4.6 trillion won, down from 10.44 trillion Korean won year over year.

The figure is a deeper plunge compared to smart estimates from LSEG, which are weighted toward forecasts from analysts who are more consistently accurate.

According to the smart estimates, Samsung was expected to post an operating profit of 6.26 trillion won ($4.57 billion) for the quarter. Meanwhile, Samsung projected its revenue to hit 74 trillion won, falling short of LSEG smart estimates of 75.55 trillion won.

Samsung is a leading player in the global smartphone market and is also one of the world’s largest makers of memory chips, which are utilized in devices such as laptops and servers.

However, the company has been falling behind competitors like SK Hynix and Micron in high-bandwidth memory chips — an advanced type of memory that is being deployed in AI chips.

“The disappointing earnings are due to ongoing operating losses in the foundry business, while the upside in high-margin HBM business remains muted this quarter,” MS Hwang, Research Director at Counterpoint Research, said about the earnings guidance.

SK Hynix, the leader in HBM, has secured a position as Nvidia’s key supplier. While Samsung has reportedly been working to get the latest version of its HBM chips certified by Nvidia, a report from a local outlet suggests these plans have been pushed back to at least September.

The company did not respond to a request for comment on the status of its deals with Nvidia.

Ray Wang, Research Director of Semiconductors, Supply Chain and Emerging Technology at Futurum Group told CNBC that it is clear that Samsung has yet to pass Nvidia’s qualification for its most advanced HBM.

“Given that Nvidia accounts for roughly 70% of global HBM demand, the delay meaningfully caps near-term upside,” Wang said. He noted that while Samsung has secured some HBM supply for AI processors from AMD, this win is unlikely to contribute to second-quarter results due to the timing of production ramps.

Meanwhile, Samsung’s chip foundry business continues to face weak orders and serious competition from Taiwan Semiconductor Manufacturing Company, Wang added.

Reuters reported in September that Samsung had instructed its subsidiaries worldwide to cut 30% of staff in some divisions, citing sources familiar with the matter.

Continue Reading

Technology

Waymo to begin testing in Philadelphia with safety drivers behind the wheel

Published

12 hours ago

on

July 7, 2025

By

Waymo to begin testing in Philadelphia with safety drivers behind the wheel

A Waymo autonomous self-driving Jaguar electric vehicle sits parked at an EVgo charging station in Los Angeles, California, on May 15, 2024.

Patrick T. Fallon | AFP | Getty Images

Waymo said it will begin testing in Philadelphia, with a limited fleet of vehicles and human safety drivers behind the wheel.

“This city is a National Treasure,” Waymo wrote in a post on X on Monday. “It’s a city of love, where eagles fly with a gritty spirit and cheese that spreads and cheese that steaks. Our road trip continues to Philly next.”

The Alphabet-owned company confirmed to CNBC that it will be testing in Pennsylvania’s largest city through the fall, adding that the initial fleet of cars will be manually driven through the more complex parts of Philadelphia, including downtown and on freeways.

“Folks will see our vehicles driving at all hours throughout various neighborhoods, from North Central to Eastwick, and from University City to as far east as the Delaware River,” a Waymo spokesperson said.

With its so-called road trips, Waymo seeks to collect mapping data and evaluate how its autonomous technology, Waymo Driver, performs in new environments, handling traffic patterns and local infrastructure. Road trips are often used a way for the company to gauge whether it can potentially offer a paid ride share service in a particular location.

The expanded testing, which will go through the fall, comes as Waymo aims for a broader rollout. Last month, the company announced plans to drive vehicles manually in New York for testing, marking the first step toward potentially cracking the largest U.S. city. Waymo applied for a permit with the New York City Department of Transportation to operate autonomously with a trained specialist behind the wheel in Manhattan. State law currently doesn’t allow for such driverless operations.

Waymo One provides more than 250,000 paid trips each week across Phoenix, San Francisco, Los Angeles, and Austin, Texas, and is preparing to bring fully autonomous rides to Atlanta, Miami, and Washington, D.C., in 2026.

Alphabet has been under pressure to monetize artificial intelligence products as it bolsters spending on infrastructure. Alphabet’s “Other Bets” segment, which includes Waymo, brought in revenue of $1.65 billion in 2024, up from $1.53 billion in 2023. However, the segment lost $4.44 billion last year, compared to a loss of $4.09 billion the previous year.

WATCH: We went to Texas for Tesla’s robotaxi launch

We went to Texas for Tesla's robotaxi launch. Here's what we saw

Continue Reading

Trending