What are the privacy and security implications of Carplay and Android auto?

I apologise in advance if this is the stupidest question on this forum. :smiling_face_with_tear:

I recently got a car and it has options for smartphone linkage using BT, Carplay and Android Auto like every other car.
Naturally, I am suspicious of technology I do not understand. Am I right to not use it to begin with? Am I wrong to be sus of it and am being too paranoid?

1 Like

It’s not and it’s okay that’s why we’re here :grin:

Bleutooth is inherently insecure as a protocol, however using it in a car will do no harm security-wise as long as you’re not specifically targeted by an adversary, even then an attack would be a fairly complicated process.
Privacy-wise make sure to not allow access to the phone’s data when the car asks you to as smart cars are very data hungry and request invasive permissions that store data from the phone and sends it to the company’s servers: Pair your phone and most connections ask to download the phonebook to enable easy access to stored numbers.
Keep that in mind for any kind of connections even wired ones.

I wouldn’t be surprised these are even worse for privacy however I don’t use such features as I use an AUX (pro: it even sounds way better) and I advise you to do so, if you can’t use an AUX (hi Apple) I would advice purchasing an “Apple to Aux Adapter -Amazon

Note: As far as I know Android Auto is under Google’s privacy policy which isn’t good.

Found these along the way:

Random 2016 article:

Android Auto:

I will let somebody else handle this section with more details as I don’t know much about Carplay and Android Auto myself.

Of course not. It’s always a good thing to ask and research everything especially the things you’re using. By being skeptical you’re actually way ahead of 99% of the population who just uses everything on autopilot with no fear of the consequences.

1 Like

Thankyou so much Tony!
Going through the resources and feeling less stupid.
Thanks for such an in depth research.

1 Like

I’m not actually sure what the privacy difference is between using the new car infotainment systems vs just using Bluetooth, but I have a hunch that Bluetooth is more private. Your phone manufacturer already know your location, so the main thing they learn is just what car your drive (total speculation). After that I can see how the infotainment systems could lead to more leaks about what you do on your phone that circumvents some of the work you’ve done to lock your phone down (potentially). I imagine Bluetooth would be more constrained on leaking data because it’s an older and more focused protocol, but I could also be wrong. This is an uninformed opinion, lol.