Comment by eigencoder
17 hours ago
> Important: Even after the modem is removed, if you connect your phone to the car via Bluetooth then the car will use your phone as an internet connection and send all the same telemetry data back to Toyota.
How is this the case? I thought bluetooth was just sharing my phone's audio. Why would it allow requests over the internet? Surely there's a way to tell the phone not to give its internet connection to any connected bluetooth device?
When reading the article I think he appears to be talking about car play/android auto connection not audio only connections. I think Bluetooth in AA and Carplay is used to configure a local network between the phone and the car to transmit the images to the cars screen. I would assume that that data capability can also be used for the car to communicate with the Internet.
It does produce a local Wi-Fi network but there's no evidence that it supports internet communication. That would be considered a hotspot, which not all carriers even support.
I've never understood how this can be limited in practice: surely as far as the carrier is concerned, all traffic from the mobile device is the same (unless there are identifiers on the traffic coming from hotspotted devices via the mobile device). Here in Australia we've never had any form of hotspot detection/segmentation - if you have a data plan, all data features work (across all carriers). I do recall lots of online chatter from the US though, especially years back when mobile data was more of a precious resource.
15 replies →
Plus it seems unlikely that the telematics module is even really related to the display screen stuff, let alone being configured to use alternate network connections to transmit data.
How does the carrier know that the traffic is being proxied for another device, and not e.g. requested from the phone's web browser or another app?
Does the phone add a proxy header? Can it be configured to not add the header?
2 replies →
Does anyone have a flow log or pcap or something from the phone showing this tho?
I think there are details being left out. But several people in the comments indicate that there is a Toyota app that provides various features. I bet the app implements some proprietary bluetooth service that the head unit connects to and feeds information through. Or maybe they give the head unit a straight pipe to the internet via that service.
That very much could be the case, in which case deleting the (now useless, because your car is not connected) app would resolve that - no bluetooth restriction needed.
There is a bluetooth protocol for cars to piggyback on your phone's internet connection. There was an article about it here a couple of years ago but I've forgotten the name of the protocol, and trying to search for it turns up a lot of irrelevance.
The fix for this is a phone that doesn't implement that protocol, i.e. not Android or iOS.
Is this specific to carplay, or can other bluetooth devices also silently and nefariously hijack your cellular data connection?
Neither CarPlay nor regular Bluetooth connections allow this. It’s not a thing.
(There is the ability to set up a Bluetooth hotspot on a phone and allow Internet sharing over Bluetooth, but that’s a different thing entirely and you have to explicitly set it up and use it. It’s also slow compared to a modern WiFi hotspot).
The bluetooth protocol includes the ability to network, and share connections like a mobile/personal hotspot.
Older versions of bluetooth may have other networking capabilities.