Volkswagen hardened its WeConnect/Connect API with client assertion, cryptographic proof that a request came from the official, reviewed app on a non-rooted phone, which broke the popular open-source Home Assistant integration owners used to read charge state, climate, and location and to automate cabin preconditioning. People who already pay roughly 100 dollars a year for WeConnect want programmatic access to their own car and are openly weighing a brand switch. The ask is a maintained, cross-brand (VW, Skoda, Seat, Cupra) bridge that keeps working as VW, in their words, keeps tightening the screws.
builder note Do not sell a 'permanent' fix, because attestation will eventually win on the native-app path and a fire-and-forget HACS add-on will be dead within a quarter. The durable wedge is a hosted, fast-updating relay across all VW-group brands funded by a small subscription (which also pays for the cat-and-mouse), with an honest public changelog every time VW breaks it. The willingness to switch brands over this is the real signal of how much owners value local control.
landscape (3 existing solutions)
The open VW integrations are caught in an authentication arms race. Browser login via TLS fingerprinting still works today, but VW is signalling it will keep clamping down with full client attestation, so every community fix is provisional and there is no sanctioned local API to build on.
homeassistant-volkswagencarnet (robinostlund) The de facto community integration. Authentication keeps breaking against VW's changes (issues #924, #744) and it depends on the WeConnect-python library that is being retired this year. Each fix is temporary. CarConnectivity (WeConnect-python successor) The multi-brand rebuild (VW/Skoda/Seat/Cupra) that replaces the dying library. It restores functionality for now but is subject to the exact same attestation arms race, so it does not solve the durability problem. Official VW / WeConnect app + subscription The only sanctioned client and it works, but it is a closed phone app with no open or local API. Owners cannot automate against it from Home Assistant, which is the entire point. sources (1)
home-assistantevvolkswagenapi-lockoutsmart-home
Privacy-conscious car owners reacting to fresh reporting on how much modern vehicles record and sell are trading DIY hacks on HN (pull fuse 8, yank the cellular/TCU bridge, flip flags in ForScan, even desolder the chips) and one says outright that he would pay for a professional version. They want a plain-language, cross-make tool or service that tells them what their specific vehicle collects and exactly how to disable it, software-only where possible, without breaking OTA updates, eCall, or other safety systems.
builder note The defensible product is the per-VIN knowledge base plus a vetted local-shop or mobile-mechanic network, not a magic universal off switch. Lead with 'here is what you keep and what you lose on YOUR model' because the trap is that newer cars bake the modem into safety-critical modules with no clean disconnect, and promising total silence will get someone's eCall or ABS killed.
landscape (3 existing solutions)
Disabling car telemetry is possible but the how-to is splintered across brand forums and one-off diagnostic tools, with real risk of breaking safety or CAN-bus functions. Nothing gives a typical owner a safe, model-specific, step-by-step answer for their exact vehicle, and newer cars deliberately make the modem harder to isolate.
ForScan Ford/Mazda/Lincoln only, requires an OBD adapter and comfort editing module configs, throws persistent errors when the TCU is disabled, and kills FordPass / remote start in the process. Useless to the average owner and to anyone not driving a Ford. Privacy4Cars (Vehicle Privacy Report) Built around deleting personal data when you sell or rent a car and showing a transparency report of what a model collects. It does not stop the manufacturer's ongoing telemetry on a car you keep, which is the thing owners in the thread actually want shut off. sources (1)
privacyautomotiveright-to-repairtelemetrydata-brokers