NordVPN prevents Apple CarPlay access to server on some apps
#1
NordVPN prevents Apple CarPlay access to server on some apps
Has anyone experienced issues with Apple CarPlay after the recent firmware update (Feb2024) on their 2022 NX350?
Prior to this update, I was able to connect to Calendar and then hit Maps destination to map out my route. After the recent update, Apple CarPlay hangs and says can not find server message. I Pause NordVPN on my iPhone and Internet connection goes through fine. This also happens with Siri, too. I’m not sure if it is my NordVPN or the Lexus firmware causing this issue.
Everything was working smoothly prior to the update. Now, I have to Pause my NordVPN before getting my internet connection in Apple CarPlay.
Thanks for any tips or workarounds for this issue.
Prior to this update, I was able to connect to Calendar and then hit Maps destination to map out my route. After the recent update, Apple CarPlay hangs and says can not find server message. I Pause NordVPN on my iPhone and Internet connection goes through fine. This also happens with Siri, too. I’m not sure if it is my NordVPN or the Lexus firmware causing this issue.
Everything was working smoothly prior to the update. Now, I have to Pause my NordVPN before getting my internet connection in Apple CarPlay.
Thanks for any tips or workarounds for this issue.
#5
IOS update issue
Thank you for the suggestions. I tried changing VPN locations and using different protocols and settings within the NordVPN app. Unfortunately, I still couldn’t get Apple Maps to find the server over Bluetooth.
What I found worked for Maps was first connecting USB-A to Lightning cable to my iPhone then starting my car. CarPlay was able to access the server without me pausing NordVPN.
I feel the issue might be due to the recent Apple iOS 17.4 update which changed something with Bluetooth. Getting directions using Google Maps still works with my VPN active, so this issue seems specific to certain iPhone apps only.
What I found worked for Maps was first connecting USB-A to Lightning cable to my iPhone then starting my car. CarPlay was able to access the server without me pausing NordVPN.
I feel the issue might be due to the recent Apple iOS 17.4 update which changed something with Bluetooth. Getting directions using Google Maps still works with my VPN active, so this issue seems specific to certain iPhone apps only.
#7
Thank you for the suggestions. I tried changing VPN locations and using different protocols and settings within the NordVPN app. Unfortunately, I still couldn’t get Apple Maps to find the server over Bluetooth.
What I found worked for Maps was first connecting USB-A to Lightning cable to my iPhone then starting my car. CarPlay was able to access the server without me pausing NordVPN.
I feel the issue might be due to the recent Apple iOS 17.4 update which changed something with Bluetooth. Getting directions using Google Maps still works with my VPN active, so this issue seems specific to certain iPhone apps only.
What I found worked for Maps was first connecting USB-A to Lightning cable to my iPhone then starting my car. CarPlay was able to access the server without me pausing NordVPN.
I feel the issue might be due to the recent Apple iOS 17.4 update which changed something with Bluetooth. Getting directions using Google Maps still works with my VPN active, so this issue seems specific to certain iPhone apps only.
VPNs work by injecting their own software into the existing network stack of a device. The stack is just layers of software each performing a function to take network traffic, encapsulate it into a packet, add destination and source addresses, and figure out the best path to deliver the packet thru which network interface (WiFi, Mobile Data, BT, etc). The added VPN layer will take the packet contents and add its own extra layer of encryption (most traffic is already encrypted these days) and override the normal destination address with that of its own servers. That packet then makes its way to the VPN server, which then unencrypts and restores the original packet, reset the original destination address (that was replaced to send it to the VPN server), but also replaces the source address with its own (so the response comes back to the VPN server, not directly to your device). In a perfect world all this goes down without a hitch, but every once in a while I've come across applications that are slightly naughty and build the app's source address into the data packet (in addition to where the source address is normally listed in the packet). When this happens, the final destination server sees a packet that claims its coming from "a", but arrived from "b". That will cause these applications to fail and generally requires the VPN developer to create a specific patch to support that application (the VPN layer now needs to snoop around in the data fields to find this info and replace it). Another application specific issue I've seen is that its possible the VPN service is messing around with the original encryption. Most of the time when an application is communicating with a server, it uses the server's "encryption certificate" to encrypt the data. Many (most) applications however are perfectly happy to use ANY "trusted" certificate (a trusted certificate is one generated by a known entity), not necessarily the true one from the server. These apps can still work even when a VPN (or Firewall) messes around with the encryption, but some apps INSIST on using the specific server certificate (generally a more secure but less friendly approach). Those applications will also fail using a VPN/Firewall if its doing anything like this. Many corporate firewalls do this by feeding back to your device its own certificate, not the one from the destination server; this allows them to see inside your encrypted communications so they can inspect the data and make sure you aren't doing anything naughty. In theory it would be possible for a VPN provider to do the same without you knowing (without knowing how to check it that is).
The way around these application specific failure points is to see if you can bypass the VPN for specific destinations (known as a "Split VPN", but also called white lists or other names to denote custom VPN setups, but its not always easy with an app vs a browser because its harder to see how the app is communicating - that's when you need to get a packet capture device out, not fun). The fact that using a cable seems to work suggests to me that the VPN is messing with traffic on the local side (WiFi or less likely, BT and not the mobile data connection). Yes, CarPlay primarily uses WiFi for its data carrier, not just BT. Plugging the cable in is likely bypassing VPN shenanigans on the WiFi. You didn't mention if, once it starts working with a cable, if disconnecting the cable and going back to wireless it continues to work. Switching like this forces a new network connection to be built, but if it continues to work this suggests to me the problem is something the application is doing during the initial setup separate from the network connection. SIgh, I could go on and on with all kinds of weird stuff I've seen over the years. Now you know why I don't use them unless I absolutely have to, LOL.
The following users liked this post:
DonalddaExplorer (03-26-24)
Trending Topics
#8
Droid13
Would you please comment/help to address, solve or minimize the spying the Lexus system is capable of in the following thread?
The topic is "Spying on users of the Lexus interface"
Any wisdom you can impart is appreciated. Sounds like this topic is right up your alley...
Thanks
see below
https://www.clublexus.com/forums/car...-on-you-2.html
Would you please comment/help to address, solve or minimize the spying the Lexus system is capable of in the following thread?
The topic is "Spying on users of the Lexus interface"
Any wisdom you can impart is appreciated. Sounds like this topic is right up your alley...
Thanks
see below
https://www.clublexus.com/forums/car...-on-you-2.html
#9
Droid13
Would you please comment/help to address, solve or minimize the spying the Lexus system is capable of in the following thread?
The topic is "Spying on users of the Lexus interface"
Any wisdom you can impart is appreciated. Sounds like this topic is right up your alley...
Thanks
see below
https://www.clublexus.com/forums/car...-on-you-2.html
Would you please comment/help to address, solve or minimize the spying the Lexus system is capable of in the following thread?
The topic is "Spying on users of the Lexus interface"
Any wisdom you can impart is appreciated. Sounds like this topic is right up your alley...
Thanks
see below
https://www.clublexus.com/forums/car...-on-you-2.html
If you drive really really bad, then they could potentially cancel your insurance. A "free" app to be careful with is Life360 it tracks phones in your group and driving speed and acceleration and braking. It is not really "free" they collect data.
Lexus collects data through the "connect" apps, but I wouldn't worry too much about what Lexus does with it because it provides them very little financial incentive. However, some other companies <e.g. insurance> could possibly buy drive connect data from Lexus. You would be surprised at what data analytics and AI ( which by the way has existed actively for more than 50 years) can do with driving data,
You seem to worry about a lot of different subjects; I hope this helps you.
YMMV,
MidCow3
Last edited by midcow3; 03-18-24 at 09:11 PM.
#10
Worry?
[QUOTE=
You seem to worry about a lot of different subjects; I hope this helps you.
YMMV,
MidCow3[/QUOTE]
That was a humorous comment, thanks for the psychological evaluation. I will be seeking counseling soon......So, based on your post. you don't know if Lexus provides data to insurance companies...
You seem to worry about a lot of different subjects; I hope this helps you.
YMMV,
MidCow3[/QUOTE]
That was a humorous comment, thanks for the psychological evaluation. I will be seeking counseling soon......So, based on your post. you don't know if Lexus provides data to insurance companies...
Last edited by Lexicon1; 03-18-24 at 09:32 PM.
#11
Lexus not fully using raw GPS data
YMMV,
MidCow3
P,S, - Hope your sessions work out
P.S.S - Yes, I had policy, compliance, VPN, encryption, and certificate people on my IT Security staff
#12
More than likely not. While potentially Lexus could be collecting GPS data/ time/ location information to create acceleration, braking, driving speed, speed in curves, trip length., time of day, trip frequency, Lexus does not currently <driver connect 2 ? more $$> provide any driving analytics to the Lexus driver. However, with drive connect this raw data are available and could be provided to an insurance company. "Drive connect" my not be your friend in the future. And be aware even though Lexus doesn't seem to be astute enough today to massage the raw data, they could potentially do it in the future ( though Lexus competence is sometimes questioned with they way they screwed up profiles and the smart key with multiple drives and multiple profiles) Lexus could very well sell raw GPS data to insurance companies because I am sure Lexus lawyers are better than their technical staff.
YMMV,
MidCow3
P,S, - Hope your sessions work out
P.S.S - Yes, I had policy, compliance, VPN, encryption, and certificate people on my IT Security staff
YMMV,
MidCow3
P,S, - Hope your sessions work out
P.S.S - Yes, I had policy, compliance, VPN, encryption, and certificate people on my IT Security staff
"However, with drive connect this raw data are available and could be provided to an insurance company"
" Lexus could very well sell raw GPS data to insurance companies"
Midcow, based on your info above, you dont know if Lexus/Toyota is providing info to insurance companies currently. Your IT experience in another company may not apply here . Therefore, the valid concern " by some" that a possible solution is VPN and it may add a layer of anonymity to whatever data IS and may be collected in the future . Thanks for the opinion and guesstimate.
Last edited by Lexicon1; 03-19-24 at 06:20 AM.
#13
One thing (at least for the Canada policy) they admit to more opening sharing is anonymized or aggregate data. Me personally, I don't care about this type of data too much provided I'm dealing with a reasonably reputable company. Others are less trusting than me, that's fine. This kind of data has personal info stripped out, so Lexus and Toyota might share that on average 700 of their cars travel down this road every day and their mix, max, med speed is X, but impossible for anyone receiving that data to know if you and your car were actually part of that data set or not.
I also use the driving app from my insurance company. This one is probably even more important to fully understand their data usage and privacy policies. For the one I use, they state specifically the data cannot be used to affect/cancel your insurance policy and coverage and can't be used to raise rates. They use it to rate a driver for discounts only. Up to 25% discount for using it, or don't use it and stay at the posted rates. I'm usually scoring between 16 and 18% discount. The data it tracks is very similar to the one Lexus tracks. Route, hard braking, hard acceleration, hard cornering. It gives me speeding warnings if I exceed by, say 15 to 20kph. I rarely get warnings in the city because this is a speed buffer I don't typically go over, but on the highway where traffic flows at 110 to 135 kph (in a 100 zone), I do somethings get speed warnings in the app. When I do a lot of city driving my discount creeps up, when I do a lot of highway driving it creeps back down.
Long story short, the easy way is to turn off, opt out, refuse all these types of services. But some people find value in them, in that case, know your local privacy laws, read the privacy polices and T&C docs, and pay attention when they let you know something is changing. I was just recently amusing myself with a story I read that a woman who brought her car in for service, the entire engine bay wires and such were completely wrapped in aluminum foil to prevent the govt from tracking her. To each their own...
The following users liked this post:
Lexicon1 (03-19-24)
#14
further clarification
copied from your statement above
"However, with drive connect this raw data are available and could be provided to an insurance company"
" Lexus could very well sell raw GPS data to insurance companies"
Midcow, based on your info above, you dont know if Lexus/Toyota is providing info to insurance companies currently. Your IT experience in another company may not apply here . Therefore, the valid concern " by some" that a possible solution is VPN and it may add a layer of anonymity to whatever data IS and may be collected in the future . Thanks for the opinion and guesstimate.
"However, with drive connect this raw data are available and could be provided to an insurance company"
" Lexus could very well sell raw GPS data to insurance companies"
Midcow, based on your info above, you dont know if Lexus/Toyota is providing info to insurance companies currently. Your IT experience in another company may not apply here . Therefore, the valid concern " by some" that a possible solution is VPN and it may add a layer of anonymity to whatever data IS and may be collected in the future . Thanks for the opinion and guesstimate.
So strong prediction, Lexus will NOT be giving raw GPS data to insurance companies because of strong existing data privacy laws. so probably better odds than the "don't know" you give me.
Back in the ole days the driving insurance issues never occurred with hard-copy maps
Cheers,
MidCow3
P.S. - My IT experience is retired after a very long career
The following users liked this post:
Droid13 (03-20-24)