Secure a New Ford Vehicle by Disconnecting the TCU
Ford doesn't need to know when I accelerate
The What and Why behind the TCU
Purchasing a modern vehicle now requires that you own a smartphone and authenticate yourself to the new vehicle. Salesmen enforce enrollment in apps such as ‘FordPass’, ‘Toyota’, and ‘HondaLink’ which allow owners to remotely start, lock, unlock, and monitor their vehicle. These apps work by communicating with the TCU in the vehicle.
A TCU (Telematics Control Unit) is an embedded system in a vehicle that wirelessly connects the vehicle to cloud services or other vehicles over a cellular network.
This module allows car manufacturers to collect data from your vehicle, and upon connection, your phone.
As I have recently purchased a new Ford, this post will focus on Ford’s privacy policies, apps, and vehicles.
According to the FordPass privacy policy, Ford will collect:
- vehicle location
- driving data (including speed, brakes, steering, seat belts)
- voice commands (when the vehicle’s voice recognition system is in “active listen” state)
- phone location
- phone specifications
- app usage metrics
FordPass does not have multi-factor authenticaion, so anyone who has your password and the VIN of your vehicle is able to start, lock, and unlock your car.
The TCU is also vulnerable to remote vehicle attacks.
- TCU flaws expose cars to remote hacking
- From a single TCU to full control
- Security flaws found in 2G modems used by BMW, Ford, Infiniti, and Nissan cars
These vulnerabilties can be remediated by disconnecting the TCU from its power source.
How to Disconnect the TCU
This process will vary depending on the specific make and model of the vehicle.
- In the owner’s manual, under ‘Fuses’, find the fuse labelled ‘Telematics control unit module’. Specific to my car, this is located under the passenger’s glovebox.
- If needed, remove the cover panel to reveal the fusebox. I took mine from the bottom and pulled gently to un-latch three tabs.
- Identify the fuse.
- Pull out the fuse. While the car is off, use pliers or fingers to gently remove the fuse.
- Replace the panel cover.
- Ensure that the vehicle is disconnected.
- Keep the fuse in a safe place in case of vehicle return, repair, or investigation.
Summary
- Disconnecting the TCU successfully deactivates cellular service to and from the vehicle
- Bluetooth and radio are still operational
- There are no error messages or warnings within the vehicle