[deleted]
I'm French and I don't speak English. So I use subtitles and a translator, so it's possible I didn't understand correctly.
What will Google know about me with Android Auto
[deleted]
RRZishe That's right. Sorry
[deleted] This isn't the lead developer of GrapheneOS and that's not something which was said there.
RRZishe Android Auto is a Google app which heavily depends on Google Play. Android Auto is normally integrated into the OS as a privileged app with extensive access through privileged permissions. The feature we've developed is an extension of our sandboxed Google Play compatibility layer to Android Auto.
You should read https://grapheneos.org/usage#sandboxed-google-play since you seem to be unaware of how that works.
Since Android Auto fundamentally requires special access, support for it can't be part of the baseline sandboxed Google Play compatibility layer which runs those as regular apps with no special access. Instead, there are 4 toggles for enabling different special access required for using different parts of it. We've used the compatibility layer to eliminate most of the requirements for special access and we've made special versions of the privileged permissions reducing the access they provide to a bare minimum. The toggles grant it only the bare minimum access needed for the functionality. The baseline of wired Android Auto barely requires any special access and is quite close to working with out. It only gets the ability to manage USB.
GrapheneOS Thank you so much for responding!
I wasn't aware that Android Auto had anything to do with the play store.
I guess the only thing I still don't understand (maybe it's a dumb question) is what does Google collect about me when I use Android Auto? Since they're sending all the info from the phone to the car do they also send it to their servers?
Also, do the car manufacturers have access to whatever is displayed on the car screen via Android Auto?
Thanks for all the AMAZING work you guys do! πππ
GrapheneOS
How do I become a beta tester for your upcoming Android Auto implementation?
I recently purchased a Carlinkit 4.0 (AA to Apple Carplay bridge) that works great with my Motorola Edge+ and 2019 Toyota Sienna and, as I currently have a Pixel 7 running G/OS, it would be great to have that working with AA as well.
Thanks for the excellent OS!
Larry
nlroth Last I heard, they're testing internally now. When they're ready for people to test, they'll push out a new release. As usual, the release will first be available in the alpha channel, then move to beta, then stable unless there are issues uncovered by alpha/beta testers.
New releases are announced here inAnnouncements. If a new release is pushed out, you can first check if it includes Android Auto then switch to alpha or beta then.
The setting to change which release channel your phone pays attention to is here: Settings > System > System update > Release channel
7 days later
RRZishe do the car manufacturers have access to whatever is displayed on the car screen via Android Auto?
Yes. In fact, it's perfectly legal for cars to harvest your texts and call logs.
RRZishe what does Google collect about me when I use Android Auto?
I'm also curious what Google is getting their hands on when using Android Auto. I'd like the GrapheneOS documentation to add a worst case scenario to describe the security implications for every toggle they add in general.
- Google Camera
- toggle: direct TPU and GXP access
- implication: ?
- Google eSIM
- toggle: execute proprietary code with privileges
- implication: Google learns your esim identifiers and phone number.
- Google Auto
- toggle: execute proprietary code with privileges
- implication: Google learns your location, destination and music playlist?
Android Auto must be running to detect a car. I wonder if Android Auto causes google to learn all your locations, not just when a car is connected. π€
RRZishe I don't think that article says if they used Android Auto or just connected via USB.
This is true. However, that's what Android Auto can do, if for example the "phone control" and "audio routing control" toggles are enabled, I guess it (both Google and the car) can get contacts, phone numbers, messages, recordings such as voice commands, etc. I remember Mozilla wrote a blog post about cars being a privacy nightmare on wheels.
If you want to buy a modern car in the future, don't read Sam's blog Web Hackers vs. The Auto Industry. Let's hope in the future there will be GrapheneCarOS, so we don't have to worry. π
- Edited
RRZishe what can they do with audio routing control?
RRZishe route audio through the cars microphones and the cars speakers, or through googles assistant.
The problem is that cars (and googles assistant) are known to keep recordings of the microphones. This is not done with bad intent. Perhaps it's just a cache for performance reasons or voice analytics, or some type of black box recordings in case you have a severe car accident. However, bad can be done even if it was not intended by design. If it's a modern car, itΒ΄s basically a computer with remote access for the vendor (and the state through FISA order). If it's not that modern, a bad actor car mechanic can still copy the recordings from your car for fun and profit.
It's not that bad, unless it's a risk to your threat model (you're a journalist, whistle-blower or a famous millionaire).
Off topic rant:
I always got around this type of threat by buying old cars. More fun to drive too! But in my country this is becoming hard to do, as youβre not allowed to drive anything other than very new cars in more and more places. This is a good thing for the environment and pollution, but really terrible to be forced into changing from driving a dumb mechanical machine to a semi intelligent, semi autonomous, tracking and listening computer on wheels.
I am also very interested in the privacy implications of android auto. I haven't given any of the google apps network permissions so I'm not too worried, but is there anything that gets sent to google if I were to switch on AA network access?
2 months later
digital If Google know that some random person is driving from point A to point B and listening to Mozart, well that's fine.
If point A and point B are genuinely random, that's one thing. If A is "home" and B is "work", and that trip (and/or the reverse) happens five times, there is a fair chance Google knows who was driving (and thus who likes Mozart).
There are various academic papers about de-anonymization of location data, but most seem paywalled. Here is an Wikipedia article: https://en.m.wikipedia.org/wiki/Data_re-identification
Threat models differ, so many people don't mind Google tying a device to a person. But some likely do.