Pervasive Monitoring of Vehicles: Introduction
The pervasive monitoring of vehicles is a potential benefit and threat to the drivers and owners of these vehicles.
This is a multi-part series on the pervasive monitoring of vehicles and how this can affect owners today and into the future.
This introduction will discuss the overall strategy, with regards to how vehicles are being monitored today and how this may impact customers both now and in the future. The impact on customers can be neutral, no real impact at all, extremely positive with benefits and finally, it may have a very negative outcome for certain owners / drivers. To be clear, I am not an industry expert in automobiles and the systems that support them. Some of my ideas here will come from past experience as an Internet Security engineer.
The reason I have chosen to research and write about this topic is simply to bring to light ways that vehicle data, telemetry are becoming commonplace now with newer vehicles. There is a reason that Tesla is considered to be more than a car company: they are a tech company. Tesla pioneered the delivery of over-the-air (OTA) updates to the software in your car, providing bug fixes and improvements and even completely new features, all in an update that requires no trip to a service center. Remember when you had a navigation system in a new vehicle that quickly became out of date and the only option to upgrade (if the option even existed) was to pay a dealer a huge sum of money to update with the current year version? Yeah, those days are gone (well, a dealer may still want to siphon a lot of your money from your pockets, but it may be for other reasons).
Your car is no longer just a car, it is now a very complicated piece of software that can stream data back to the manufacturer for analysis
I first became aware of the auto telemetry data several years ago when I was told of a self-driving car connected to WiFi and how much data the car was sending back for analysis every night. Then Tesla created cars that were significantly software-based and could send data back for analysis. Electrek did a short piece on the data from Tesla self-driving in 2020.
I hadn't really given it much thought, other than to occasionally think about how incredibly useful this information could be. Tesla has talked about how software can be run in a "shadow" mode where the software logs all the things is sees, knows and what the decision would be if it were actively engaged. For example, if a version of auto-pilot is running in "shadow" mode, it can compare the actions of the driver with the actions auto-pilot would have chosen to make. If those differ, the data could be sent for analysis to understand more about why the driver made a different decision, including photos or videos of the exact timestamp event.
Like so many other examples of data collection, this data can be used in ways that may not be fully appreciated, until much later, or in the worst case after the data has been exploited in some negative way.
In the Internet community RFC 7258 was first introducted in May, 2014 as a document to classify "Pervasive Monitoring Is an Attack." This was subsequently adopted as a Best Common Practice number 188 (BCP-188). What does all the gibberish mean? In short, the Internet Community that defines protocols for how the Internet works defined BCP-188 as:
Pervasive Monitoring (PM) is widespread (and often covert) surveillance through intrusive gathering of protocol artefacts, including application content, or protocol metadata such as headers. Active or passive wiretaps and traffic analysis, (e.g., correlation, timing or measuring packet sizes), or subverting the cryptographic keys used to secure protocols can also be used as part of pervasive monitoring. PM is distinguished by being indiscriminate and very large scale, rather than by introducing new types of technical compromise.
The term "attack" is used here in a technical sense that differs somewhat from common English usage. In common English usage, an attack is an aggressive action perpetrated by an opponent, intended to enforce the opponent's will on the attacked party. The term is used here to refer to behavior that subverts the intent of communicating parties without the agreement of those parties. An attack may change the content of the communication, record the content or external characteristics of the communication, or through correlation with other communication events, reveal information the parties did not intend to be revealed.
I reference this BCP-188 document because it played a pivotal role in how engineers should think about monitoring when it comes to Internet protocols. This defined a process for different users and companies to follow to ensure that what they are building is something that will have Pervasive Monitoring included as a consideration from the start. It was too important to ignore and needs to be a fundamental design component of all applications and protocols. From the IETF summary:
To summarise: current capabilities permit some actors to monitor content and metadata across the Internet at a scale never before seen. This pervasive monitoring is an attack on Internet privacy. The IETF will strive to produce specifications that mitigate pervasive monitoring attacks.
I believe that the data our current and future vehicles will generate should be given the same considerations for privacy and how the use/mis-use of this data could have consequences in a variety of ways.
As I continue this series of discussions we will look at:
- How monitoring can benefit the customer both monetarily and with higher quality
- How monitoring can have multiple benefits to the auto-maker
- Ways this vast trove of data could be used maliciously
Keep reading with the next part of this series: Customer Benefits