Federal Agents Can Access Deleted Data from Car Infotainment Systems

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,060
Federal agents with the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) are now adding car infotainment systems to search warrants to seek evidence in criminal cases. When you connect your phone to a car's entertainment system, it stores all of your data and never erases it. Even if you have it reset, the memory inside the unit continues to stores your data as it just deletes references to the information. Vehicle forensics companies such as Berla specialize in dumping the entirety of the data stored in the memory of the vehicle's infotainment system.

Because mobile devices typically hook up to in-vehicle infotainment (IVI) systems, a whole host of information might be available, the agent wrote. That included passwords, "voice profiles and other biometric identifiers," contacts, call logs, GPS locations and Web histories. "I know that even after a previously connected mobile device is removed, much historical live and deleted data may remain within the digital storage capabilities of the IVI system," Pitney wrote. "I also know that live and deleted data recovered from IVI systems may show evidence of current or ongoing, future and past criminal activity.
 
Every g-d rental I've used in the last eight years had someone else's contacts in it; I've issued USB condoms to all the sales guys for this reason (as well as the charging station scams at convention centers.)
 
SyncStop inline cable + Disable bluetooth everywhere in mobile universe for me. My phone is used for work and personal, don't need that in the wild.

The next thing I hate the most, auto connecting wifi that I can't prevent from connecting by default when signal roaming.
 
I keep my wifi turned off unless I'm actively using it. Same for bluetooth. People wonder how I only need to charge my phone once a week, well there's my secret.

But I really want to know how the IVI system can have evidence of future crimes. That's some Minority Report shit right there.
 
I hope I'm wrong but I only see this getting worse. I hope people wake up and get ready to say no a damn well mean it.
 
Wow that's actually quite scary. It's probably on NAND storage, so that's why it doesn't go away. But the extent of the data is unreal. Fuck cars with that shit.
 
If it stored all your data and never erased it, it would have to have a hell of a lot more memory than they have. My Radio/Navigation infotainment system is pure Android and can erase any and all files at anytime.
Besides the ATF would arrive in a cattle truck with 45 machine gun carrying agents and shoot the damn thing, it's in their manual.
 
All the more reason to buy a pre 90's vehicle and restore it and listen to CDs/Radio.
 
  • Like
Reactions: DocNo
like this
I hope I'm wrong but I only see this getting worse. I hope people wake up and get ready to say no a damn well mean it.

Not going to happen. People happily give away every personal thing they can and if you confront them about it, they say, "I have nothing to hide....". They do not get it and never will. It is far too late to get our panties in wad about invasion of privacy. It has proliferated, with great abandon, and there is absolutely no sign of anyone doing anything to slow it down. Quite the opposite, actually.
 
Last edited:
If it stored all your data and never erased it, it would have to have a hell of a lot more memory than they have. My Radio/Navigation infotainment system is pure Android and can erase any and all files at anytime.
Besides the ATF would arrive in a cattle truck with 45 machine gun carrying agents and shoot the damn thing, it's in their manual.

Doesn't really take much to store things like contact details and searched-for addresses. Plus, this is talking about factory systems, not aftermarket. You seldom ever get any actual specs on what the factory systems are capable of without tearing into them.
 
There are a few companies that can reprogram and I would assume erase the memory on the GM HMIs. In case any of you are paranoid enough to require such a service.
 
Yes, but "all and never" are infinite terms. "voice profiles and other biometric identifiers," contacts, call logs, GPS locations and Web histories are more than a little information to store. Factory systems usually run a version of android also, usually 4.0 and have almost no addressable memory, both RAM and ROM. Storing this information would certainly not be written to Firmware, but even that can be flashed. It's like the often repeated "your phone can be tracked even if it's turned off" nonsense, if the phone is truly turned off, it is not transmitting a radio signal anymore than is your handkerchief. It's just that they don't really know what off means. The screen being off is not the phone off.
 
Wonder how much information those underpaid used car dealer mechanics are recovering from newly arrived cars? And what about the thousands of cars totaled due to floods and storms where the owners never had a chance to even try to wipe them? Now we have to worry about salvage yards as an identity theft hazard.
 
I hook my work phone up to rental cars, but I never allow it to sync contacts or anything like that. Also, my work phone is strictly work, I have another phone for personal use.
 
Well yeah, when you factory reset the ECU, it won't write 1 and 0's all over the place.... kind of like computer HDD 101.
I would assume that after a few more customers, it should at least be broken of some sort.
 
Nothing is actually ever forgotten or deleted... on some level, it is ALWAYS recoverable... its just a matter of time before tech catches up with you... best make sure you've crossed all your t's and dotted all your I's...
 
Nothing is actually ever forgotten or deleted... on some level, it is ALWAYS recoverable... its just a matter of time before tech catches up with you... best make sure you've crossed all your t's and dotted all your I's...

If you rip out the chips and melt them down in a gas burner, that would do it.
 
If it stored all your data and never erased it, it would have to have a hell of a lot more memory than they have. My Radio/Navigation infotainment system is pure Android and can erase any and all files at anytime.

Technically, most all OS's just deference the files in question; the data isn't lost until it gets overridden at some future point in time. It's actually trivial to restore much of that data; just a matter of restoring the link to the file in the system file table.
 
Nothing is actually ever forgotten or deleted... on some level, it is ALWAYS recoverable... its just a matter of time before tech catches up with you... best make sure you've crossed all your t's and dotted all your I's...

Thats not true. If you overwrite the data enough time with random bits or burn the friggen media its gone forever.

I am not sure why the car is saving passwords thats just stupid.
 
imagine that, just like every other computer out there it really does not delete the data, it just marks the space free when you "delete" it... Nothing new here for anyone that knows how computers operate...
 
Back
Top