Obviously, the chances of that are virtually zero. But they'd rather make their product worse than assume with any kind of risk, even if it is virtually zero. That is simply the way in which German enterprises operate.
If their APIs are done correctly, they shouldn't be afraid to expose them.
In fact, that's how a lot of compliance works in industries where there's little little enforcement and relies a lot on self regulation.
But the reality is that every once in a while you have a scandal like this or something like Wirecard, and it happens, because the culture is such that absolutely nobody thinks it possible. That includes officials and regulators whose first instinct will often be to come after the people trying to expose the scandal, as has happened in the case of Wirecard.
Only naive laymen or newcomers to Germany think it's not possible. German business leaders, lawyers and politicians know exactly how much corruption and scamming is going on in the business sector, and it's not a little.
>first instinct will often be to come after the people trying to expose the scandal, as has happened in the case of Wirecard.
That was purely malicious to try to protect Wirecard, not because the regulators couldn't possibly imagine corruption and law breaking exists, that was the story they used as cover for their corruption.
Like you're a regulator and instead of doing the thing you were hired for and look at the evidence The Economist showed you, you instead "use your instincts" to decide not to do your job and not look into Wirecard because you can't imagine something bad can ever happen? Come on! All those regulators should have been fired and tried for corruption and/or accessory to crime.
In Dieselgate VW got caught, made the supervisory authorities and politicians look bad, which is why the authorities also weren't inclined to sweep it under the rug completely. They just shielded VW from the financial consequences in Germany (German VW customers got shafted).
Blocking GrapheneOS is the useless "pretending" part of compliance. They don't really want to do security, because that would cost money, so they pick some actions that seem drastic, harsh and don't cost them anything to implement. Later, when there is a security incident, they will point to their huge heap of pretend compliance, whine a bit about state sponsored actors, high criminal intent and other obvious deflecting bullshit. But they will get away with it, because they did the compliance dance, so they are obviously compliant and did nothing wrong. Nobody in authority will look twice als long as they are neither annoyed or made to look bad.
tl;dr: compliance in Germany is performative
However, VW just seem to make gaff after gaff. Collecting information they shouldn't, exposing information they shouldn't have to hackers via lax security practices.
How many rakes can a company step on?
Now, they're blocking GapheneOS? They've got two hopes of selling me another 'Dub.
(Bob and No).
The company's have done their thing to ensure that the average guy wouldn't even try escaping their lock-in. So chances are becoming smaller and smaller to hope for a critical mass of users to complain.
Vendor lock-in to Play services is ridiculous.
A car is a big purchase, and ideally not something I discard after a few years. I'd like it to not treat me like a second-class citizen and renter who can't make decisions over how to extend the life of my purchase.
So understanding why they drop it is IMHO easy. Understanding why they use only attestation based API despite and forcing their third party ecosystem out is stupid. Companies do not understand open communities.
If you don’t want/need a new car, the used car market in Germany is pretty active with EQAs and EQBs.
Not quite an SUV, but maybe fits the same use case?
It's an easy market to win at this point. The bar has been lowered so much. Already have a nice car? Just don't display utter disdain for your user's privacy and you get our $$.
You should definitely reevaluate how you constructed your list. VW has a history of being scummy (https://en.wikipedia.org/wiki/Volkswagen_emissions_scandal) and their ICE cars are notorious for being unreliable compared to the Japanese car-makers. To be fair, EVs do change the equation a bit, but given their scandal plagued past, there's no way I would put them at the top of any list.
Putting these factors aside: they are usually cheaper than their peers in insurance and they have dealerships absolutely everywhere. I've had multiple Skoda and VW EV rentals and the experience has been nothing but pleasant. Hence my priorities.
I always read this online, but my personal experience in EU doesn't match that at all in quite a sample of people and cars over the last ~15 years. At least not for older cards. The reliability after 100k km seems to be somewhat similar.
The repairability of VW-group stuff in 3rd party services is soo much better and cheaper. The WV-group is huge and many models across the brands share same parts and full engines. There exist non-OEM alternatives and people know how to fix those cars.
I have never bought new car. But driving anything but VW got expensive fast.
Toyota cars can have bespoke parts even between different months of the same year for the same model. Continuous improvement isn't really that cool for cars.
Outside Western Europe, VW is priced like a premium upmarket brand (not quite luxury). Maintenance and general upkeep for a VW are easily two to three times the cost of an equivalent Japanese car.
Which wouldn't be an issue if the cars were actually built to their price point. But the VW cars we get here are shittier versions built in nasty factories. They break down if you look at them wrong. The build quality is nonexistent. They are absolutely an awful deal, no matter how you look at them. You also have to personally import parts from wherever they're available, because otherwise only the dealerships have parts and they are absurdly overpriced.
Also, European brands are afraid of exporting EVs. If you want an EV, you buy a Chinese car. There is no other option. It is as simple as that.
That is why so many rich fly private jets to environment conferences. People put Greenpeace and similar bumper stickers on their SUVs that never go off road and rarely have more than one person inside. They care about the environment, but only when it doesn't impact anything else in their life.
https://en.wikipedia.org/wiki/Diesel_emissions_scandal https://en.wikipedia.org/wiki/Defeat_device
https://www.theguardian.com/environment/2015/sep/24/uk-franc...
Of course the governments probably lobbied for this stuff because it improves their car industry tax profits/employment numbers.