Not long ago, the latest technology in cars was having a DVD player installed. Now, according to an article from Information-Age, Google has revealed a new app for cars called Android Auto. Android Auto is a new smart car app with an interactive system focused on navigation, audio, and messaging, which allows drivers to control and interact with their smartphones via their cars’ built-in entertainment systems. A boon for forensic analysts, such systems also present real risks to drivers.
In addition to navigating with Android Auto, users will be able to do things like update their social media profiles and stream live music, leaving a large amount of data in the dashboard. Such data is categorized as either infotainment or telematic, and can be useful to a mobile forensics analyst.
Infotainment includes a collection of devices that provide audio and visual entertainment, as well as automotive navigation systems. If you were to update you Facebook status, download music ,or locate the nearest Starbucks, infotainment is the embedded system where that data will get stored. It also contains the vast majority of data.
Telematics, on the other hand, is the integration of telecommunication and information such as Bluetooth. Because of its housing of call logs, address books, GPS and destination logs, this data mine is great for forensic analysts.
How secure are these smart cars in the first place?
CNet news reported that two security researchers at DefCon 23 demonstrated how vulnerable cars could be taken over and controlled from a laptop. In the demonstration, the presenters were able to disable the breaks, jerk the steering wheel, accelerate, take full control of the steering wheel, tighten the seat-belt, turn the engine off, flicker both interior and exterior lights, honk the horn, and falsify the status of the gas tank, all while the 2010 Toyota Prius was in motion. At one point, the car stopped working and had to be taken back to the dealership for repairs, but the dealership was unable to fix the blown up inverter because they have never encountered that problem before. Consulting Firm PT&C compiled a list of the most hackable cars in the road, including their vulnerabilities. The majority of the cars that had the highest risk of being hacked were the ones with multiple features network features, such as Bluetooth and Wi-Fi. The least car to get hacked appears to be a Tesla.
So how does one protect themselves from their car getting hacked? Companies are becoming aware of the security flaws and are rolling out updates. According to an interview with Jeff Williams and the Business Insider, some of these patches are wireless, need to be updated through a USB device, or brought to the dealership. Williams, who is the Chief Technology Officer of the security firm Contrast Security, advises, “In a lot of ways consumers are helpless in this situation. There’s really not a lot that you can do to truly secure your car because you don’t have visibility into your software or how it is produced. The only power that consumers have is really the power of the purse, and consumers can reward vendors who are open about security and being transparent about the security they provide in their product.”