[bri3d]

I dug into the technical details here over the last few days and as usual it's not quite as sinister as the hand wringing:

* Automotive head units are just embedded computers. Most run Linux, QNX, or Windows CE, with some proprietary UI system on top.

* These machines usually store data in an onboard database in flash (sometimes just SQLite).

* Sometimes, phone data is captured using standard Bluetooth mechanisms (Message Access Protocol MAP and Phone Book Access Protocol PBAP) which require authorization on the phone side. Some vendors implement an additional "are you sure you want to share your information" check on the head unit side, and others don't.

* This data is cached on the head unit so that finding a contact to call or reading a text message doesn't require 10 minutes worth of Bluetooth nonsense.

* Some vendors inadequately purge this cached data when a Bluetooth pairing is removed from the head unit.

* Berla sell data extraction exploits to law enforcement, just like other forensics vendors do for mobile phones. Sometimes this can extract latent data and sometimes active data.

My advice:

* Never authorize a head unit to download your contacts or SMS.

* If you use a rental car, Factory Reset the head unit when you leave.

That's decent protection for most people. I didn't find any evidence pointing to a central server upload, a conspiracy to build an LE database, etc. It's just typical crappy hardware manufacturer-made software leaving data around that shouldn't be left around, creating an opening for forensic vendor exploits to slurp the data.

[akira2501]

> This data is cached on the head unit so that finding a contact to call or reading a text message doesn't require 10 minutes worth of Bluetooth nonsense.

This is such an early 2000s idea. I'd much rather my car act as a dumb display that shows a copy of my phone screen then an intelligent agent that tries to replicate functionality already extant in my phone.

[RandallBrown]

I spent some time around 2012 working on in car "infotainment" units at a large tech company for a large car company.

I was told that the infotainment systems were where a large chunk of their profit came from and differentiating their experience was important to the car company.

Of course, they wanted to use decade old CPUs and touchscreens to save money, so the experience was horrible. I left shortly after CarPlay was announced and our response was "That will never catch on."

[everdrive]

>I was told that the infotainment systems were where a large chunk of their profit came from and differentiating their experience was important to the car company.

I wonder how that could be true. Most car companies have pretty terrible infotainment systems, and I've never met anyone who genuinely loved the infotainment system in their car. (Most people I know tend feel that it ranges from "somewhat annoying" to "good enough".)

[hn_throwaway_99]

I think the important point is that the comment you are responding to was talking about 2012. CarPlay didn't come out until 2014, Android Auto in 2015. So before that, the only option for infotainment systems was various levels of suckage, and I think it was a differentiator among people wanting the "least sucky" system.

These days, even when I see the rate infotainment system that is pretty good, people still want CarPlay/Android Auto because that's what they're used to, and it already integrates with settings and data that have already been configured on the user's phone.

[gangstead]

It used to be a standard $1k - $2k upgrade to get the navigation system which I imagine was highly profitable. It certainly didn't seem like any car manufacturer put much effort into it. Sometimes they could even get you to buy $300 map updates! With Car Play and Android Auto I don't know who's paying for that any more.

[amelius]

Once you bought the car they now have a monopoly on the software that is available. There should be laws against this type of monopoly.

[vGPU]

Many cars can be modified even now with increasingly integrated entertainment systems. Beatsonic or its various Chinese copies are an example of this, it’s a box that hijacks the video stream and lets you add CarPlay functionality and stuff.

[zx8080]

Car manufacturers have money. They can and will lobby the monopoly status quo.

Money talks. I know it's hard when you want that nice car, but considering the above, the only way is just not buying the car with software lock-in. Only this stimulus can have some effect.

[patmorgan23]

There is. You can swap out the head unit with an aftermarket one.

[lsaferite]

Most modern cars I've seen don't seem to have old DIN sized head units these days.

[happytiger]

You used to be able to. It’s becoming increasingly difficult.

[thedaly]

Yes, Carplay is the correct way to implement this.

[ShadowBanThis01]

EXACTLY. This "infotainment" BS harks back to vastly overpriced stock car radios of years gone by.

All we need is a place in the dashboard to mount our phones. Phones already have big-ass touchscreens and anything else we want... except of course now the audio outputs have been removed.

We should simply have a well in the dashboard with replaceable inserts that snap in to accommodate different-sized phone models, which would connect to the audio system and power. But no... we still have phones bouncing around in the cabin or attached to hokey third-party claws, and janky-ass Bluetooth which (how many years in now?) can't handle simple music playback reliably.

Every car in my household has an auxiliary input for audio and no support for audio over Bluetooth. One is a 2013 Mini, so it's not as if they're ancient.

And that's just fine. And if it MUST be overcomplicated, then yes... AirPlay seems to be the way.

[neuralRiot]

> All we need is a place in the dashboard to mount our phones. Phones already have big-ass touchscreens and anything else we want...

That might be your personal prefernece, I particularly abhor the phone-centric world not to mention that a 5 inch “big-ass” touch screen becomes tiny when driving and that its UI is meant to be operated sitting down paying 100% attention to it not while operating a machine at 60mph down in the road surrounded by hundreds of people in the same situation.

[ShadowBanThis01]

I can respect that. To some extent, though, that's down to the phone UI. iOS, ummm, 6 if I remember correctly was supposed to be more "car-friendly." Of course, that was another Jony Ive failure... it actually changed the system font to a spindly outline that was hard enough to see in normal conditions, let alone in a car. There was absolutely nothing in that OS that offered a "car-friendlier" experience. I was so glad to see that pompous hack leave Apple.

If you look at CarPlay, it chunks the functionality down to a few big icons on the screen at a time. No reason that can't be done on the phone itself in a "car mode."

Anyway, this is what I ended up doing: https://imgur.com/gallery/krRXQwP

[fzzzy]

That was 7, 6 was the last 'good' one.

[ShadowBanThis01]

Ah, thanks.

Too many regressive releases to keep track of...

[MarioMan]

>We should simply have a well in the dashboard with replaceable inserts that snap in to accommodate different-sized phone models, which would connect to the audio system and power. But no... we still have phones bouncing around in the cabin or attached to hokey third-party claws, and janky-ass Bluetooth which (how many years in now?) can't handle simple music playback reliably.

I've been using Brodit/ProClip USA mounts to solve this. They sell holders designed specifically for your model of phone which attaches to a custom-fit mount for your car's make and model. It's pricy, at about $75 for a holder-mount combo, when cheap Amazon alternatives are closer to $10, but it overcomes a lot of the problems you list. I use it regularly for navigation, since my car doesn't support CarPlay or Android Auto.

[ShadowBanThis01]

Thanks! I can't settle for that, though. This is what I ended up doing in one car. I still haven't tackled my truck, though: https://imgur.com/gallery/krRXQwP

[fho]

> no support for audio over Bluetooth

So you rant about Bluetooth in cars ... without owning a car that gas Bluetooth?

Just checking, because we put after market radios (with BT) in our last two cars and, while not a miracle experience, music playback and handsfree telephony worked without problems.

[ShadowBanThis01]

I guess you don't think people rent cars, or drive family members' cars, or go on road trips with friends.

Bluetooth implementations are trash. Rented a brand-new Toyota over the summer and its radio suffered from all the same playback defects that Bluetooth has been offering for a decade or more. Playback randomly starting when not told to... showing the wrong info on the display... showing that no songs were available but playing songs anyway (four out of five times; once it did decide to show a song list).

[falcolas]

> Bluetooth implementations are trash.

They really are.

> Playback randomly starting when not told to...

Yup. Toyota and Subaru are particularly egregious about this. Something about using old cable/ipod implementations which would immediately reach for the default media player and telling it to start playing (and download a list of songs or some other BS).

> showing the wrong info on the display...

Yup. Especially if you have the audacity to use Spotify or something else.

There's some really shitty bluetooth audio interfaces out there. REALLY shitty.

[ShadowBanThis01]

Oh noes, I've been-modded by some members of the BT consortium, apparently.

Keep up the "good" work, guys! Don't spend all your licensing fees at the pub... unless you're buying a round for the house!

[kevin_thibedeau]

You could have that if manufacturers hadn't abandoned the double-DIN radio bay.

[ShadowBanThis01]

No doubt! I did this though: https://imgur.com/gallery/krRXQwP

And I even installed extra inputs for a guest to plug into on road trips, and the original CD player.

[cameronh90]

Do you not find it overheats in sunny weather, though?

I have an old car without any sort of fancy infotainment system, and I always end up with my phone overheating during long drives into the sun.

[ShadowBanThis01]

It was a concern but didn't happen often. I did consider making some kind of reflective roof for it.

The phones are too tall to fit there now (even the original SE), so there's going to have to be some rework anyway!

[extraduder_ire]

> All we need is a place in the dashboard to mount our phones.

Where I live, even touching your phone while driving is illegal. Doesn't stop most people, but I'd still not mess about.

I do remember reading news of someone getting cited in california when the model 3 was new, for "mounting a screen visible to the driver" which was the stock touchscreen.

[gav]

> * If you use a rental car, Factory Reset the head unit when you leave.

If I rent a car, I won't pair my phone at all, even going so far as to use a car charger instead of the provided USB ports.

[dylan604]

most car USB ports are slow charging. my little power port convert provides fast charging. so not only do i get the extra speed, but the assurance that the USB isn't nefarious. which admittedly is probably a bit paranoid, but what if i'm not?!

i didn't even like having my phone data sunk to a my own personal car. it just made no logical sense on why that would be useful, so being me, i just assumed it was for nefarious purposes. people no longer get the benefit of the doubt of being lazy/incompetent. i immediately jump to the situation essentially being an attack vector.

[JohnFen]

> most car USB ports are slow charging

TBH, in this day and age where it's difficult to replace batteries when they wear out, I strongly prefer slow-charging over fast-charging. Fast-charging wears out the batteries more quickly.

[quantified]

Same. I imagine the risk of malicious USB ports is higher around military and aerospace rental hubs, like Colorado Springs and Huntsville, Alabama.

[lrvick]

It is exactly because people like younger me exist in this world, that I operate under the assumption that all hardware that I have not personally maintained custody of is tampered with regardless of location.

[Symbiote]

I recently rented a car, and the built-in navigation wasn't enabled. The assumption seemed to be that you'd connect your phone.

Driving in the country was fine with just audio navigation, but I had to connect my phone to get the display once I was driving in a big city. "Take the freeway exit" "Use the right lane" "Use the left lane" was coming too quick if I relied only on the audio.

[rsync]

Agreed, although I use a “usb condom” for convenience…

[giantg2]

What's the technical term for those? (I'm afraid to search for that at work haha)

[x86x87]

Usb power-only or charge only cable.

You can create one by severing the data lines in a normal usb cable

[JohnFen]

You can find them with the term "USB data blocker". You might have to add "dongle" onto that.

[Caboose8685]

I think an argument should be made against normalizing this, which could then lead to OEMs building in internet assisted data export functionality in new cars and people won't know until a lawsuit (likely) starts years after the fact and the harm is done.

[zlg_codes]

This is why I've taken a more and more grim look at technology and software, in particular.

Stallman was right, about nearly everything concerning power, companies and governments using it, and the role the citizen is viewed to have in such a limited capitalist view.

Without government mandates to open the source of every chip and firmware, none of the modern hardware we use is trustable.

[gleenn]

I don't understand how you think this isn't nefarious based on your own post. I didn't ask my car to basically give a backdoor to all my texts and contacts to law enforcement. If that exists, it is certainly being used. I find it very sad that you have to prove injury despite the fact that is is clearly not in a user's benefit. Laws are always playing catchup to tech and we shouldn't have to play wackamole for every new absurd way our privacy is being abused just becawe can't prove that police aren't doing parallel construction to avoid the direct "injury" to us.

[bri3d]

Why do I think these features are not nefarious?

* There's an obvious, legitimate want for the vehicle's head unit to ingest this data, in order to display a UI (or provide a voice UI) which allows the user to call a contact by name or read a recently received text message. Is this a poor implementation concept which has mostly been supplanted by better implementations (Android Auto / CarPlay), sure, absolutely but it's not some thing that was added for the express purpose of "stealing" information. It's a long-standing set of features which use obvious, standardized Bluetooth technologies to fill an obvious, straightforward user need. Nothing weird there.

* There's no sign whatsoever that there was any collusion with law enforcement in the construction of these systems. They're just badly implemented, vulnerable software which is exploited by a forensics vendor (just like literally every other piece of hardware and software under the sun).

[lrvick]

I have worked for enough IoT and whitelabeled tech companies to know spying is normally never a plan from the start.

It is the lack of planning to prevent it that is years later branded as a feature to sell when company leadership looking to boost numbers or build political capitol start talking to law enforcement. Often after an acquisition or two.

I personally know a release engineer that was required to quietly send all new code changes to an NSA ftp server, presumably to make sure none of the bugs they rely on were fixed.

If something is in popular use and -can- collect data covertly, it will be co-opted to do so by someone for power or money without fail.

[zlg_codes]

I want to include with your great post that civil action will not stop a government hellbent on gathering data.

Destroying the means of surveillance, capturing targets, and reverse blackhatting is what will work.

[philsnow]

> I personally know a release engineer that was required to quietly send all new code changes to an NSA ftp server, presumably to make sure none of the bugs they rely on were fixed.

... what would they have your acquaintance do if a bug they relied on were fixed? Push back on the change?

[lrvick]

That was implied, but never happened that they know of.

Could be they just decide to go take maximum risky advantage of the flaw before it is patched.

[zlg_codes]

You're totally falling for the plausible deniability governments engage in when conducting surveillance and espionage on their own citizens.

"Oh it wasn't our fault the software was wrote poorly. Not like we wrote laws around it or paid companies to share data with us."

What else do you believe that comes from the govt's mouth? Would you simply never believe they'd take advantage of us unless caught in some precise way, in some precise situation?

Government can start showing us it's loyal to us, or face attack of its own networks.

[mattw2121]

Big opportunity for one of the big car rental agencies to come out looking great by advertising their "privacy focus". They could advertise to customers that they promise/certify that any personal data is wiped between rentals. Sort of like all the cleanliness guarantees that came about right after Covid hit.

[someotherperson]

They'll just monetize it behind a $19.99 fee. And then they still won't do it, leading to some data leak, for which they'll be fined $2,000,000 despite having profited about $30,000,000 from it.

[progman32]

...and then lock the admin UI behind a password so you can't do it yourself :)

[JohnFen]

> They could advertise to customers that they promise/certify that any personal data is wiped between rentals.

I, for one, simply wouldn't believe any such claim. Too much deception has already happened for there to be any trust left.

[DANmode]

Apple Car will be marketed out of both sides of their mouth, just like oh-so-private iOS devices are marketed today.

[simbolit]

Why is everyone so sure Apple Car will be a thing?

[lrvick]

Because Apple likes money, and cars have high profit margins.

[BryanBigs]

Cars have very low profit margins. Last time I checked a few years ago, the gross margin on an average American car was 10-15%. This doesn't count finacing.

[simbolit]

If that is true, an Apple car is very unlikely.

[simbolit]

That is a good reason, but in and of itself, not a sufficient reason.

Chocolate has fantastic profit margins. No Apple chocolate. ... mhhhmm, apple chocolate, that sounds yummy.

A bit closer to home, fabbing microchips has great profit margins. Apple pays good money to TSMC.

Just because it's good money isn't enough reason, I am sorry.

[JohnFen]

My personal solution: I won't own a car that has this sort of capability in the first place, and when I rent a car, I will never allow it and my phone to talk to each other for any reason.

[greentea23]

Is that possible anymore? I think all new cars are always online and always collecting data now, and you void your warranty (very different cost/benefit calculus than voiding a phone warranty) if you tamper with the antennas to keep it offline. Very sad state of affairs.

[lrvick]

Exactly why I only buy used cars that predate all this insanity.

If we can keep cars from the 40s running, keeping cars from the early 00s running is no big deal. Honestly older fully mechanical/analog cars with manual transmissions are often cheaper and easier to maintain than modern ones with high complexity and DRM on every part.

Sadly my desire for privacy will likely prevent me from ever buying electric unless I build my own car, which I might.

[JohnFen]

> Sadly my desire for privacy will likely prevent me from ever buying electric

Me too. I'm not that sad about it, though. Saving an older car from being scrapped also brings environmental benefits.

[everdrive]

Some modern cars do not have telematics systems. As far as I know, base model Nissans often don't. In other cases, some telematics systems can be easily disabled. (in the Ford Maverick, it's got a single dedicate fuse, and doesn't complain when you pull the fuse.)

[uranium]

We were considering a Hyundai Kona after seeing someone online just yank the modem without an issue. The first dealer I worked with said he could have their service department do it, but then couldn't get the model I wanted. The second had the model, but then said even disconnecting the cell modem would void my warranty, so they wouldn't do it without a letter from Hyundai corporate allowing it.

So now I own a brand-new Chevy Bolt. You just yank a single fuse and that takes out OnStar and nothing else.

[JohnFen]

> Is that possible anymore?

Absolutely. I don't buy cars that were made relatively recently.

[patmorgan23]

Uh dude any car made in the last 15 years has this capability.

[everdrive]

This is far from true. Many cars made within the last 15 years don't have any sort of telematics system.

[JohnFen]

Correct, which is why I don't buy them.

[noman-land]

Translation: It is 100% legal for car companies (and by extension just about any company) to, when you connect your phone to them, to download your call and text history and then sell it.

By extension, that means it is 100% legal for anyone, including any branch of any government to get a copy of your call and text history.

[grepfru_it]

>By extension, that means it is 100% legal for anyone, including any branch of any government

Always has been

[noman-land]

The "always" in your comment is only a few decades old. This scale of data collection simply hasn't been possible before.

[DANmode]

> It's not quite as sinister

> Here's the fix that 95%+ of the users impacted will never use

Hopefully you only had HN users in mind while writing your comment, otherwise you've intentionally downplayed one of dozens of security & privacy risks "our moms" are dealing with daily.

[drewcoo]

> * If you use a rental car, Factory Reset the head unit when you leave.

That is ridiculously onerous! Just because geeks can share arcane knowledge about how to be safe does not mean that this isn't horribly anti-consumer.

[dylan604]

It should be policy for the rental company to do this. On more than one occasion, I have received a car with a previous renter's personal data still in the system.

[simbolit]

When I am out of town, I sometimes print at copy shops.

You'd be amazed what kind of PDFs are left open in Acrobat, just because people are too lazy to close the application. I have seen contracts, bank account statements, residency permits, letters of incorporation, private messages logs, ....

All without doing any digging, I just get assigned a computer for printing, turn on the screen, and it's there.

[hilbert42]

"You'd be amazed what kind of PDFs are left open in Acrobat,"

Observation tells us it's a lost cause to teach people about privacy/security of this type and have the large majority of people observe prudent ways of preventing their data from leaking. We've known about this since before the internet when people would chuck old documents in the garbage under the assumption no one would ever bother to go through their trash digging for information. But, we've learned from police, private investigators and espionage accounts that huge amounts of data can be extracted from trash simply because people aren't careful.

We also know there's always been a small percentage of people who have been careful, they're the ones who never throw out old accounts, letters, envelopes or even notes with phone numbers on them into the trash but they're so small in numbers that those who are scrounging for information know that the majority of their pickings will be successful.

The only effective way around this is to build systems that automatically obfuscate data from anyone but their owner. As we know, this is easier said than done.

[simbolit]

> they're so small in numbers ... will be successful

worse, because it's so few people, this is suspicious behavior (in the eye of LEO)

[Caboose8685]

I wholly agree with your sentiment, but as someone who cares to actually take action for my privacy this kind of onerousness is par for the course, unfortunately.

[kulahan]

You're right, but it's the world we live in, and we need to exist within the system. This is the best way to do it - and spread the knowledge among your social circles.

[lencastre]

I factory reset the entertainment system in all car rentals at pick up, never share contacts or give access to media folders of my phone and finally reset again when returning the car. It’s a pain to know who is calling you but you get use to it.