Are Your Tires Spying On You?
As a result of a mandate by the National Highway Traffic Safety Administration (NHTSA), beginning September 2007, all cars and trucks sold in the US must have a Tire Pressure Monitoring System (TPMS).
Here’s how it works: there’s a sensor, usually in the valve stem, that monitors information like pressure, temperature, and whether the tire is actually moving. That sensor – which has a unique ID – transmits to the car’s computer, much like your Bluetooth earpiece does to your cell phone. Since the transmitter has a unique ID, your car’s computer knows it’s only listening to its own tire sensors, and not the sensors on the car next to you. That information is broadcast as “clear text” – in other words, as something like ASCII (what’s ASCII? Hint: you’re looking at it). If you’ve figured out that the sensor is RFID and that both the data and your car’s identity get openly broadcast without any encryption, then you’ve figured out why I’m writing about it.
The federal government continues to ignore security concerns when it comes to protecting the privacy of its citizens, such as unencrypted US passports. So why is your tire pressure such a big deal? It isn’t, but it’s a means to an end. The goal isn’t p-s-i, it is s-p-y. Real-time traffic monitoring with TPMS can now identify a specific car – useful for when you want to write speeding tickets or tax people according to the mileage they drive. Big Brother will now be in your back seat, and Left Coast (California and Oregon) propositions for taxing people based upon the distance they drive will now be feasible.
In addition, since the data is not encrypted, off-the-shelf solutions can be used to grab that data. All that’s required is to associate the unique ID to a specific person, and then you can track Mr. Wilson down the street when he passes your house. Nice.
Encrypting the data would at least prevent third-party interlopers from tracking people in their cars. Unfortunately, it might not stop governmental types from snooping, since they could enact laws that grant them access to the codes to decrypt the data. If the sensor was designed properly, it would use a different code every time to transmit the data, and only it and the car’s computer would know the right way to decrypt it (sort of like the German Enigma Machine of World War II). That would go far to preserving the identity of the driver and likely render any possible snooping legislation useless.
The fact that you have no choice in the matter, and had no say about its enactment, is also troubling; NHTSA just mandated it and that was that. But as security research firm HexView points out:
As every other tracking technology, the TPMS was introduced as a safety feature “for your protection.” One might wonder why NTHSA (a government agency) would care so much about a small number of accidents related to under-pressurized tires. And why would it choose to mandate TPMS and not run-flat technology? Are we being tracked already? I hope not.
[ … ]
Note the similarity to the keyless entry remote controllers. Initially, the remote controllers did not use any encryption, but when carjackers started to sniff communications and replay them to unlock vehicles, a complex rolling code and encryption functionalities were implemented. Similar solutions can be adopted for TPMS.
No consumer good can come from broadcasting this data openly. Perhaps a letter or two thousand to the NHTSA might persuade them to alter their mandate for the better.
As a society, we must pressure government to adopt privacy standards for such technologies, before the Weights and Measures division of the National Institute of Standards and Technology mandates similar laws for our bathroom scales “for our health.”