DonalddaExplorer

Has anyone experienced issues with Apple CarPlay after the recent firmware update (Feb2024) on their 2022 NX350?

Prior to this update, I was able to connect to Calendar and then hit Maps destination to map out my route. After the recent update, Apple CarPlay hangs and says can not find server message. I Pause NordVPN on my iPhone and Internet connection goes through fine. This also happens with Siri, too. I’m not sure if it is my NordVPN or the Lexus firmware causing this issue.

Everything was working smoothly prior to the update. Now, I have to Pause my NordVPN before getting my internet connection in Apple CarPlay.

Thanks for any tips or workarounds for this issue.

LeX2K

Try a different server location on your VPN.

midcow3

Does your VPN have whitelists?

midcow3

DonalddaExplorer

Thank you for the suggestions. I tried changing VPN locations and using different protocols and settings within the NordVPN app. Unfortunately, I still couldn’t get Apple Maps to find the server over Bluetooth.

What I found worked for Maps was first connecting USB-A to Lightning cable to my iPhone then starting my car. CarPlay was able to access the server without me pausing NordVPN.

I feel the issue might be due to the recent Apple iOS 17.4 update which changed something with Bluetooth. Getting directions using Google Maps still works with my VPN active, so this issue seems specific to certain iPhone apps only.

esotof

Why are you suing a VPN for maps?

Droid13

Welcome to my life, 40 yrs in IT which includes having to setup & maintain corporate VPNs of all types and flavours across Europe, South and North America, Japan and China dealing with all the connection configuration troubleshooting, sorting out interference issues they create, and general performance penalties they incur on bandwidth. The are necessary in some situations, but always a PITA waiting to happen. I personally don't use one myself, but with my experience I know how to keep my risk profile very low without adding extra layers of potentially problematic software. They are, however, the best way to make your location appear elsewhere if that is a useful goal. But in any case, if it interests you, here's some basic info (I know this is a car forum, but just if people are curious I will try to explain simply some of the nuances of using these):

VPNs work by injecting their own software into the existing network stack of a device. The stack is just layers of software each performing a function to take network traffic, encapsulate it into a packet, add destination and source addresses, and figure out the best path to deliver the packet thru which network interface (WiFi, Mobile Data, BT, etc). The added VPN layer will take the packet contents and add its own extra layer of encryption (most traffic is already encrypted these days) and override the normal destination address with that of its own servers. That packet then makes its way to the VPN server, which then unencrypts and restores the original packet, reset the original destination address (that was replaced to send it to the VPN server), but also replaces the source address with its own (so the response comes back to the VPN server, not directly to your device). In a perfect world all this goes down without a hitch, but every once in a while I've come across applications that are slightly naughty and build the app's source address into the data packet (in addition to where the source address is normally listed in the packet). When this happens, the final destination server sees a packet that claims its coming from "a", but arrived from "b". That will cause these applications to fail and generally requires the VPN developer to create a specific patch to support that application (the VPN layer now needs to snoop around in the data fields to find this info and replace it). Another application specific issue I've seen is that its possible the VPN service is messing around with the original encryption. Most of the time when an application is communicating with a server, it uses the server's "encryption certificate" to encrypt the data. Many (most) applications however are perfectly happy to use ANY "trusted" certificate (a trusted certificate is one generated by a known entity), not necessarily the true one from the server. These apps can still work even when a VPN (or Firewall) messes around with the encryption, but some apps INSIST on using the specific server certificate (generally a more secure but less friendly approach). Those applications will also fail using a VPN/Firewall if its doing anything like this. Many corporate firewalls do this by feeding back to your device its own certificate, not the one from the destination server; this allows them to see inside your encrypted communications so they can inspect the data and make sure you aren't doing anything naughty. In theory it would be possible for a VPN provider to do the same without you knowing (without knowing how to check it that is).

The way around these application specific failure points is to see if you can bypass the VPN for specific destinations (known as a "Split VPN", but also called white lists or other names to denote custom VPN setups, but its not always easy with an app vs a browser because its harder to see how the app is communicating - that's when you need to get a packet capture device out, not fun). The fact that using a cable seems to work suggests to me that the VPN is messing with traffic on the local side (WiFi or less likely, BT and not the mobile data connection). Yes, CarPlay primarily uses WiFi for its data carrier, not just BT. Plugging the cable in is likely bypassing VPN shenanigans on the WiFi. You didn't mention if, once it starts working with a cable, if disconnecting the cable and going back to wireless it continues to work. Switching like this forces a new network connection to be built, but if it continues to work this suggests to me the problem is something the application is doing during the initial setup separate from the network connection. SIgh, I could go on and on with all kinds of weird stuff I've seen over the years. Now you know why I don't use them unless I absolutely have to, LOL.

Lexicon1

Droid13
Would you please comment/help to address, solve or minimize the spying the Lexus system is capable of in the following thread?
The topic is "Spying on users of the Lexus interface"
Any wisdom you can impart is appreciated. Sounds like this topic is right up your alley...
Thanks
see below
https://www.clublexus.com/forums/car...-on-you-2.html

midcow3

VPN is a completely different aspect of security. When you activate one of Lexus's connected services, especially those involving GPS, they can collect data. The insurance company "safe drive" apps collect a lot of data about your driving characteristics. The state an initial reduction of 10 % and up to 30% is you drive feeblely <new word>.

If you drive really really bad, then they could potentially cancel your insurance. A "free" app to be careful with is Life360 it tracks phones in your group and driving speed and acceleration and braking. It is not really "free" they collect data.

Lexus collects data through the "connect" apps, but I wouldn't worry too much about what Lexus does with it because it provides them very little financial incentive. However, some other companies <e.g. insurance> could possibly buy drive connect data from Lexus. You would be surprised at what data analytics and AI ( which by the way has existed actively for more than 50 years) can do with driving data,

You seem to worry about a lot of different subjects; I hope this helps you.

YMMV,
MidCow3

Lexicon1

[QUOTE=

You seem to worry about a lot of different subjects; I hope this helps you.

YMMV,
MidCow3[/QUOTE]

That was a humorous comment, thanks for the psychological evaluation. I will be seeking counseling soon......So, based on your post. you don't know if Lexus provides data to insurance companies...

midcow3

More than likely not. While potentially Lexus could be collecting GPS data/ time/ location information to create acceleration, braking, driving speed, speed in curves, trip length., time of day, trip frequency, Lexus does not currently <driver connect 2 ? more $$> provide any driving analytics to the Lexus driver. However, with drive connect this raw data are available and could be provided to an insurance company. "Drive connect" my not be your friend in the future. And be aware even though Lexus doesn't seem to be astute enough today to massage the raw data, they could potentially do it in the future ( though Lexus competence is sometimes questioned with they way they screwed up profiles and the smart key with multiple drives and multiple profiles) Lexus could very well sell raw GPS data to insurance companies because I am sure Lexus lawyers are better than their technical staff.

YMMV,
MidCow3

P,S, - Hope your sessions work out
P.S.S - Yes, I had policy, compliance, VPN, encryption, and certificate people on my IT Security staff

Lexicon1

copied from your statement above
"However, with drive connect this raw data are available and could be provided to an insurance company"
" Lexus could very well sell raw GPS data to insurance companies"

Midcow, based on your info above, you dont know if Lexus/Toyota is providing info to insurance companies currently. Your IT experience in another company may not apply here . Therefore, the valid concern " by some" that a possible solution is VPN and it may add a layer of anonymity to whatever data IS and may be collected in the future . Thanks for the opinion and guesstimate.

Droid13

I know people hate reading the terms and conditions. but if you put some toothpicks in your eyes to keep your eyelids open, there is a lot of interesting info. And one of the most important things to consider with these things is that what they can collect, how they collect, and how they share should be governed by their own T&C, but also individual countries also have local laws that dictate a certain level of legal compliance for these types of documents. I know for instance that Europe is extremely sensitive to personal data, you have to jump thru some serious hoops to comply. Those guys love suing and taking billions from tech companies, they are always on the hunt for something else to fine them about. We have some similar rules in Canada too, not sure about the US or other countries. For example, in Canada the Lexus Connected Services policy explicitly states that they do not share any data with insurance companies and not with police either without warrants. Assuming the local laws actually permit them to share with insurance cos, they could not without proper notice to you and likely an opt-in. These things are often buried in pages of fine print that most people just skip, but there is at least some protection there if you put the energy in to monitor changes.

One thing (at least for the Canada policy) they admit to more opening sharing is anonymized or aggregate data. Me personally, I don't care about this type of data too much provided I'm dealing with a reasonably reputable company. Others are less trusting than me, that's fine. This kind of data has personal info stripped out, so Lexus and Toyota might share that on average 700 of their cars travel down this road every day and their mix, max, med speed is X, but impossible for anyone receiving that data to know if you and your car were actually part of that data set or not.

I also use the driving app from my insurance company. This one is probably even more important to fully understand their data usage and privacy policies. For the one I use, they state specifically the data cannot be used to affect/cancel your insurance policy and coverage and can't be used to raise rates. They use it to rate a driver for discounts only. Up to 25% discount for using it, or don't use it and stay at the posted rates. I'm usually scoring between 16 and 18% discount. The data it tracks is very similar to the one Lexus tracks. Route, hard braking, hard acceleration, hard cornering. It gives me speeding warnings if I exceed by, say 15 to 20kph. I rarely get warnings in the city because this is a speed buffer I don't typically go over, but on the highway where traffic flows at 110 to 135 kph (in a 100 zone), I do somethings get speed warnings in the app. When I do a lot of city driving my discount creeps up, when I do a lot of highway driving it creeps back down.

Long story short, the easy way is to turn off, opt out, refuse all these types of services. But some people find value in them, in that case, know your local privacy laws, read the privacy polices and T&C docs, and pay attention when they let you know something is changing. I was just recently amusing myself with a story I read that a woman who brought her car in for service, the entire engine bay wires and such were completely wrapped in aluminum foil to prevent the govt from tracking her. To each their own...

midcow3

@Lexicon1 , the level of VPN anonymity is useless if you are sending it directly to the insurance company or whomever is buying the data. A VPN protects your channel or path to another person/machine and makes it almost invisible to hackers therefore providing anonymity to people outside your intended receiver. It does absolutely no good if Lexus lawyer can get around privacy laws and send data to insurance companies or other companies that can analyze raw GPS data, But as @Droid13 pointed out privacy laws are very restrictive and even though people don't read EULAs and click through them without reading. Even the most lost sheep er people are usually protected.

So strong prediction, Lexus will NOT be giving raw GPS data to insurance companies because of strong existing data privacy laws. so probably better odds than the "don't know" you give me.

Back in the ole days the driving insurance issues never occurred with hard-copy maps

Cheers,
MidCow3

P.S. - My IT experience is retired after a very long career

DonalddaExplorer

Thanks Droid13 for the very detailed explanation!