29C3 - Version 1.9


Christie Dudley
Day Day 1 - 2012-12-27
Room Saal 4
Start time 18:30
Duration 01:00
ID 5095
Event type Lecture
Language used for presentation English

Privacy and the Car of the Future

Considerations for the Connected Vehicle

To date, remote vehicle communications have provided little in the way of privacy. Much information and misinformation has been spread on what the system is and can do, especially within the information security community. The recent field trial in the US of a connected vehicle infrastructure raises the level of concern amongst all who are aware of existing privacy issues.

In this talk I will examine a current system high level design for North American vehicles, conforming to IEEE and SAE standards and used in a recent road test in Ann Arbor, Michigan, USA. I will consider privacy concerns for each portion of the system, identifying how they may be addressed by current approaches or otherwise considered solutions. I conclude with a discussion of the strategic value in engagement between the privacy community and automotive industry during development efforts and the potential community role in raising privacy as a competitive advantage.

I was contracted to do a privacy audit in July to identify aspects of the technology that would pose threats to users' privacy, as well as offering summaries of methods to partially or completely compromise the system. For this program to be successful, it must be accepted by the public since the benefits are derived from others' broadcasts. Good technologists realize that until the system is close to deployment in the field, none of the details mean that much unless you have real hardware. However, careful early consideration of the overall system design can identify and lead to solutions to information leaks that will compromise the user's ability to control their private information.

Archived page - Impressum/Datenschutz