Car tech privacy: Your car's infotainment system might be grabbing data from your phone

Could it be keeping data from your phone?

HOUSTON – Modern cars have a variety of computers and processors-- dozens of them actually. Gone are the days of carburetors, two and three speed transmissions, and drum brakes. Newer engines automatically adjust for fuel mixtures, temperature, and even air density. GM and Ford have collaborated on a new 10-speed transmission. Anti-lock brakes are now more the norm than the exception. Airbags are everywhere. Your key probably has an embedded ID chip. And all of these things are controlled by on-board computers.

And your car stereo?

In the last decade, car entertainment systems have morphed into something so much more than an AM/FM receiver, cassette deck, and a CD player. Bluetooth, USB connections, Apple CarPlay, Android Auto, MirrorLink, and upcoming wireless NFC connections, all allow our smartphones to seamlessly integrate into infotainment systems. But be warned: once connected, these marvels of technology know more about what goes on in your phone than you’d ever believe.

News 6 has discovered that on thousands of different models of cars, when drivers and passengers plug-in a smartphone using a USB cable or pair it via Bluetooth, infotainment computers are collecting phone data and storing it. What information is being accessed and kept? How about your phone book, your call log, your text messages, photos, social media feeds and every single place you’ve been? If someone has the software, the machine expertise and access to your car, it’s all there for the taking-- and someone does.

How did we get here?

In 2013, the Cyber Security Division (CSD) of the Department of Homeland Security’s Science and Technology Directorate (DHS S&T) was looking for a way to harvest the growing treasure trove of data processed by a car’s on-board computer(s). Some agencies had already figured out how to use built-in cellular connections for real-time surveillance, but after-the-fact “vehicle forensics” was a relatively new area of expertise.

Enter Berla-- the Maryland based company partnered with DHS S&T CSD to create Project iVe (ivy), a digital tool kit to tap into a car’s infotainment and telematics system with the goal of helping law enforcement investigate crimes after the fact.

According to Berla, there are about 70 different computers in each new car, with some cars having over 100 different processors. Berla says that most cars have about five individual networks linking all of those computers. In fact, the company says so much digital automobile information is being processed that, on average, a car’s computers and networks crunch about 25 gigabytes of data per hour. How much is that? You know that 1TB hard drive you have on your computer. A car will process enough data in 40 hours to fill that up.

A standard for security?

Accessing a car’s data is unregulated with no standard from the manufacturers (as of yet) for any sort of “automotive cybersecurity.” In fact, various government agencies and researchers have been hacking car computer and communication systems for more than a decade. How is that possible-- if you know your way around the systems, it actually wasn’t that hard to do. In 2015, Wired reported that it took GM five years to close a security gap that could allow a hacker to remotely take control of a car using OnStar. Two years later, another group of took control of a brand new Jeep using the company’s UConnect system.

Earlier this year, Forbes writer Thomas Fox-Brewster penned an article called “Cartapping: How Feds Have Spied on Connected Cars for 15 Years.” The term “cartapping” is nothing new: it was first coined by University of Dayton law professor Susan Brenner who’s been blogging about the practice since 2006. Brenner, who specializes in cybercrime and cyberconflict, points to an example of how in 2003, the FBI figured out they could get court orders to have companies discreetly use embedded technology to eavesdrop on drivers and passengers.

More than a decade ago, the concern was over tracking vehicles or listening in through systems like GM’s OnStar. Fast-forward to today: Fox-Brewster says cars can still be tracked through OnStar as well as other systems from SiriusXM and ATX Technologies (provider to Mercedes of Tele-Aid services). But technology has shifted and so have expectations.

Built-in systems are slowly being pushed out by BYOS-- bringing your own smartphone. Seventy-seven percent of America has at least one smartphone. With that kind of popularity, you no longer need to be a federal agency like the FBI to get at information.

When Berla started Project iVe in 2013, the company said they could access data on about 80 different car models. Today, Berla says they can crack the code on over 4,600 cars. Why such a significant jump? Consolidation. Successfully hack one GM system (say Cadillac’s CUE) and you’re probably not far off from being able to do the same to IntelliLink (GMC and Buick) and MyLink (Chevrolet). The key to all of this: Project iVe simply reads information from the infotainment and telematics systems already installed by the manufacturers.

Where are we today?

DHS S&T CSD says Project iVe is in use at 17 different federal, state and local law enforcement agencies. The primary customer for this data retrieval technology is law enforcement (there’s even a free Android mobile app cops can use to scan a VIN and see if the car is supported). But aside from police agencies, Berla is also pitching other clients as well.

ATA Associates, an accident reconstruction firm in Texas, is mulling over whether they need Berla’s technology. ATA has been in the accident reconstruction business since 1974 and they recently shared Berla’s sales pitch with News 6’s Houston sister-station KPRC.

April Yergin, an accident reconstructionist with ATA, showed KPRC screenshots of very powerful software that was able to pinpoint where people have been, how fast they got there, and who they talked to, and who they texted along the way.

Yergin told KPRC’s Joel Eisenbaum that although manufacturers “are starting to get into cyber-security… it’s the Wild West out there.” Yergin also said when it comes to privacy, “anything on your phone transfers.” And once your phone sends data to your car, it's pretty much permanently on your infotainment system.

So, is the information in your car or SUV accessible via Berla software? That’s the million dollar question (and probably why you’re still reading).

We have a couple of answers.

First, straight from Berla’s website, the following is a list of infotainment systems the company can tap into:

·         ConnectedDrive™ - BMW
·         CUE™ - Cadillac
·         Entune™ - Toyota
·         IntelliLink™ - GMC and Buick
·         Microsoft SYNC™ - Ford and Lincoln
·         MyFord Touch™ - Ford and Lincoln
·         Mylink™ - Chevrolet
·         OnStar™ - GM
·         Sync®3 - Ford
·         Uconnect™ - Chrysler, Dodge, Fiat, Jeep, RAM

Still not sure about your car? Follow this link to find your specific year, make, and model and get a detailed look at exactly what information Berla’s software has access to: iVe Vehicle Lookup.

About the Authors:

Emmy Award-winning reporter Louis Bolden joined the News 6 team in September of 2001 and hasn't gotten a moment's rest since. Louis has been a General Assignment Reporter for News 6 and Weekend Morning Anchor. He joined the Special Projects/Investigative Unit in 2014.

Donovan is an investigative and special projects producer at News 6. Dr. Myrie (yep, he has a Ph.D.) has been with News 6 since 2016 and has degrees from Ithaca College, Columbia University and Union Institute & University. He’s made quite a name for himself of late in the News 6 family with his comprehensive and creative infographics.