03/05/2026

theSunday Special XV ON SUNDAY MAY 3, 2026

Good Cat crossover GWM Ora 5 Hybrid to roll out with 1.5-litre turbo petrol with e-motor

ON display at Auto China 2026, the GWM Ora 5 HEV crossover has been confirmed for the Malaysian market. Currently, the Ora range here comprises the Good Cat hatchback and the 07 sedan. It is unclear if the Ora 5 will replace the all-electric former or be sold alongside it as a hybrid option. The Ora 5 does measure in larger than the Good Cat, coming in at 4,471mm long, 1,833mm wide and 1,641mm tall with a 2,720mm wheel base. It has a ground clearance of 175 mm, hence the crossover term. Power comes courtesy of a 1.5-litre turbo charged petrol inline-four engine that makes 150PS and 240Nm of torque. Running alongside it is a single permanent-magnet synchronous motor that delivering 190PS and 236Nm of torque, fed by a 1.03kWh lithium-ion battery. The total system output is 223PS and 476Nm. It does the century sprint in a sprightly 7.7 seconds and tops out at 180kph. With a claimed fuel consumption of 23.3km per litre, it should easily be capable of over 1,000km with its 55 litre tank. It rides on MacPherson struts at the front and WE live in a surveillance society. Almost all our activities, whether digital or physical are being watched. Our watches and phones track us. It is impossible to go anywhere without something or someone watching us. In fact, our new cars are monitoring us as well. A test conducted by white hat hackers at cyber-security firm Quarkslab has shown that our every move can be retraced as well. The reason is because almost every new car in the market today comes with something called a data logger or otherwise referred to as a telematics unit. Think of it as a black box of an air plane, except for cars. And the thing about a telematics unit is, they track everything over the lifetime of a car. This telematics box is about the size of an external hard disk, or even a pen cil case if I may, and it manages every thing that is related to connectivity such as GPS, software updates, etc. And the test conducted by Quarkslab proved that almost anyone with the know how can obtain data of a car from the telematics box. To prove this, the group obtained such a unit from a BYD Seal that had been written off after an accident. The group purchased a used unit which means that it had been used in a real world scenario and had all the previous owner’s data on it. A new unit would not have any data on it. After working out how to connect it to a computer since the unit did not come with any wiring harness, they were able to extract the full file system

a multi-link setup at the rear that keep the 18 inch alloys wrapped in 225/60R18 rubbers in check. The exterior is made up of automatic LED headlights, LED DRLs, LED taillights and a manually operated tailgate. On the inside, there is a 14.6-inch central info tainment touchscreen with a smaller 10.25-inch digital instrument cluster for the driver. Standard kit includes Android Auto, Apple CarPlay, voice command, remote functions via an app and a six-speaker sound system. Safety comprises adaptive cruise control with intelligent cornering, autonomous emergency braking, front collision warning, lane centring assist, lane keeping assist, lane departure warn ing, traffic sign recognition and speed limit warning. Stepping up to the premium Ultra variant sees the addition of lane change assist, door open warning, rear cross traffic alert, rear cross traffic braking, front cross traffic alert, front cross traf fic braking and Blis. Pricing for the Ora 5 in Thailand starts from 729,000 baht (RM 89,000).

Big Brother in your shiny new car

So, if privacy is important to you, your best bet is not to drive a modern car as almost all of them have a telematics unit. Even those that are upwards of 10 – 15 years old. Perhaps it would be best to turn back the clock and look at older cars. And before you blame BYD or Chinese marques for this, keep in mind that many premium car makers had access to your data for a long time, all in the name of providing you with a “personal ised ownership experience” such as BMW’s concierge services. It is also worth remembering that some car makers and their suppliers actively monitor their vehicles as well. Perodua for one will monitor the where abouts of the car in the new QV:E elec tric car since you do not buy the bat tery from the car maker, you just lease it. Chine battery maker SVolt too actively monitors the whereabouts and condition of the batteries it manufac tures. It collects real world data and even monitors incidents such as fires. During a recent trip to the company’s research facility in Bao Ding, China, I learnt that they actively monitor close to 1.5 million cars around China. However, the point here is not about monitoring cars. It is about what hap pens to your data after you have sold the car and no longer use it. Because from what Quarkslab just proved, your data will remain, and in some cases, it will not be encrypted. That is something to be worried about for all car buyers.

publicly available information to assess threats, make decisions or answer spe cific questions”. Some organisations also use OSINT as a cybersecurity tool to assess secu rity risks and spot system vulnerabilities. It is also a tool used by cybercriminals and hackers for social engineering, phishing and identifying targets for cyberattacks. But the word open-source in OSINT is the key word here. Because that basi cally means that the tool is publicly available, which also means that it is a to see where the car had been, but when they ran a Google search with some of the data they had, they found social media posts about a BYD Seal that had met with an accident. What is important to know here is the type of data that is stored in car’s telematics unit, and that typically includes time and date logs, operational logs, charging logs, location, vehicle health data, maintenance statistics, and accident or critical events data. Data encryption is important to avoid such things from happening, but they still do happen. And while regulators in some countries take data encryption seriously, not all countries play by the same rule book. free tool. So, with the GNSS logs and the OSINT tools, the team was then able to connect data points to real world events. They were not only able

for the onboard modem, custapp and system partitions. “With the files extracted, we could focus our attention on the root filesys tem (rootfs) and user space (usrfc) to look for interesting or hidden artifacts,” the group mentioned in a report upload to their website. And the most concerning part about all the files was that none of it was encrypted, so accessing all the files was as easy as spreading butter on bread. The group then went on to break down the data loggers GNSS logs, after

which they were able to recon struct the full life of the vehicle from its production in a factory in China, to its use in the United Kingdom and to its dismantling in Poland. From there, they were able to track back every movement of the car, everything was cap tured in the logs, giving a com plete picture of the vehicle’s journey.

WRITTEN BY KESHY DHILLON

In describing the above, I am guilty of oversimplifying the process. But you should know that it wasn’t as simple as it sounds, but it did not require any spe cialised tools either, or neither did the team need to access any private data base. In this case, BYD’s database. The report indicated that a publicly available Open-Source Intelligence (OSINT) tool was more than enough. OSINT is an important tool in the world of cyber security that many are not aware of. IBM for one describes it as “the process of gathering and analysing