The automotive industry has been buzzing with activity in the recent weeks. First, cars get hacked remotely, and then the biggest car maker in the world admits to fraud, and now Google is accused of spying on smartcars, The Register reported. Android Auto seemed like a good idea, but a ballsy article published by Motor Trend flatly reported that Porsche opted for the competition as Google was slurping too much data.
What in the world is happening? Read an excerpt from the Motor Trend article:
Certain pieces of data must be collected and mailed back to Mountain View, California. Stuff like vehicle speed, throttle position, coolant and oil temperature, engine revs - basically Google wants a complete OBD2 [on-board diagnostics] dump whenever someone activates Android Auto.
Apple, by way of stark contrast, only wants to know if the car is moving while Apple Play is in use.
Google seemed to ready to answer some of the claims. Emphasis is on some. Check out Google's response:
We take privacy very seriously and do not collect the data the Motor Trend article claims such as throttle position, oil temp, and coolant temp. Users opt in to share information with Android Auto that improves their experience, so the system can be hands-free when in drive and provide more accurate navigation through the car's GPS.
Android Auto is an app and not the car's firmware. The smartphone running the app is then connected to the dashboard to act as a second display. If Android Auto is really just supposed to make playing music more convenient, then the CAN bus must be explained briefly.
The CAN bus acts like the car's central nervous system, Gizmodo reported. It controls important functions like the engine control unit, airbags, powertrain, ABS, power steering, etc. The dashboard links to the CAN directly and indirectly and was not designed to have any security. Knowing this, Google can definitely snag a lot more information if they wanted to.
Also, if the device is compromised in any way, one thing everyone needs to know is if the app can indeed write to the CAN aside from reading it? If yes, then hacking a smartcar becomes much easier (remember Stagefright?).
Apparently, even with the Google rebuttal of these claims, Porsche is not convinced and have confirmed that they are indeed using Apple Carplay instead.
Is your smartcar security a major concern? Share this article and make more people aware of the dangers of car connectivity!