As vehicles edge closer and closer to becoming computers with comfortable seats and nice sound systems, the security issues raised by them are becoming more and more serious. Security researchers have been calling attention to these problems for several years, with varying degrees of success, but there also are some considerable privacy problems that come with driving a modern smart vehicle.
The first thing many drivers do when they get into a new car is sync their phones, either over Bluetooth or through a USB connection. These are convenient interfaces to the underlying operating system that’s running the vehicle’s infotainment system, including the navigation, audio, and phone features. They’re also convenient ways for attackers to potentially dig into the car’s OS and find problems. Two researchers from Ixia, a security firm, recently found that some vehicles probe synced devices and download and store significant amounts of information from them. And with a few simple steps, the researchers can retrieve that information
The vehicle that Stefan Tanase and Gabriel Cirlig of Ixia looked at was running a version of Linux and they found that when they synced a new device to it, the vehicle’s infotainment system retrieved the device’s contact list, call history, and texts, among other data.That information is then stored in the car’s on-board memory. Tanase and Cirlig developed a script that they loaded onto a USB stick and then connected it to the car’s USB port. The autorun feature in the car’s system ran the script, which gave them a connection to the infotainment system. They then ran another script that gave them the ability to send the car’s current location to a remote machine.
The privacy implications of modern vehicles collecting and storing this kind of information have not been talked about much publicly. Much of the concern around these vehicles has centered on safety as it pertains to potential remote attacks, and for good reason. But Tanase said all of the data downloaded to this particular vehicle would be available to any attacker who decided to go get it.
"The data stays there even after you disconnect the phone.”
“Call history, contacts, text messages, email messages, and even directory listings from phones that have been synced with the car are being stored persistently on the infotainment unit in plaintext,” he said. “That box is not hardened at all. Everything runs under root so once you are in you have access to everything.”
For most users, the situation in which they’d likely need to worry about this kind of attack is either while renting a car or using a car from a shared-ride service. Tanase said an attacker easily could set up the kind of system he and Cirgil did in a rental car, which could then collect data from each device that’s synced to the car, indefinitely.
“I think this is especially relevant for those who use rentals for business travel, and also in the context of the growing popularity of car-sharing programs in North American and European cities,” Tanase said.
“Because the data stays there even after you disconnect the phone.”