Comment by ezfe
20 hours ago
> Even after the modem is removed, if you connect your phone to the car via Bluetooth then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota
What is the basis for this claim? I've never heard of this capability.
It's from the linked rav4world post
> One caveat, if you use bluetooth to connect your phone to the car DCM will use your phone to connect to the mother ship and presumably send your data. I only use my iPhone cable to connect to the car which does not have this effect.
A random post on a forum is not evidence that Toyota has found a magic way to exfiltrate data over a bluetooth connection without turning on hotspot/etc.
It's not evidence against it either. Presumably CarPlay and Android Auto could implement a network interface through the application layer, or even activate Bluetooth tethering at the system level as they are privileged apps.
But they could also do this over USB, so something doesn't add up.
If the car manufacturer got control of an app on the phone it is trivial to exfiltrate data via Bluetooth.
RNDIS was a mechanism for tethering over USB, and you could certainly pair "Bluetooth Network Adapters" for years and there's a profile for it. So there's at least precedent for it. That makes it pretty plausible to me.
There's no basis mentioned there either. It's just stated as a matter of fact without explanation.