Testing Out Cell-Phone Viruses on a Prius

Mikko Hypponen writes "Couple of months ago there were rumours floating around that Bluetooth viruses could infect the on-board computers of some Lexus cars, or at least cause some visible effects on them. We took a Toyota Prius to an underground bunker and tested various Bluetooth mobile phone viruses and assorted Bluetooth attacks against the onboard computer. Results were somewhat surprising. It came as no surprise that we could not infect the car, but the Prius performed in the test even better than expected. No matter what we did the car did not react to the Bluetooth traffic at all. Cabir tried to send itself to the car and the car just did not allow the Bluetooth OBEX transfer to happen. Then, the whole car crashed (but not because of a virus)... Full story with pictures in our weblog."

Well, that's good...

[ackthpt]

Apart from the car crashing. Maybe a few less pints of Boddington's next time you head for the bunker, eh?

Re:Well, that's good...

[mekkab]

Let's see... Cream of Manchester.... vs. Good Science practice... screw it. Science can wait.

I'll have a pint as soon as I get home (1 left!)

Re:Well, that's good...

Things like this are a good reason these types of embedded systems (systems that are receptive to bluetooth and the like) should be open sourced.

Still At Risk

[fembots]

The article said "After intensive tests for all morning, the battery of the car was running low".

Does that mean that a similar DOS attack can disable most cars in a car park?

Re:Still At Risk

[promantek]

Probably not, since the article says:

"After intensive tests for all morning, the battery of the car was running low!"

However, if a car was left with it's electronic equipment turned on (for a long period of time), it sounds like it could be possible. It's a very interesting idea to DOS a car...

Re:Still At Risk

[RevDobbs]

Yes. Most cars in park with the key, accessories, and god know what else on -- but the engine not running -- will drain the battery eventually. It's called the "I locked my keys in the car"-DOS.

Re:Still At Risk

[RevDobbs]

It's a very interesting idea to DOS a car.

A much easier to execute Denial-of-Service would be to slash the tires, doncha think? Only takes about 45 seconds to get to all four of 'em, it isn't terribly noisy, and I've never been caught doing it.

I mean, it seems like that detection would be very unlikely.

Re:Still At Risk

[Vellmont]

Yes. This DOS attack has been known for quite a long time. It's only recently become known outside the hacker community. Some people even accidentally do it to themselves. Among laymen it's called "leaving your lights on".

Re:Still At Risk

[promantek]

It's all about the sophistication of your attack.

Sure, we could have nukes Iraq, but isn't it more fun to drop smart bombs guided by freakin' laser beams!?!?

Re:Still At Risk

[RevDobbs]

Sophistication? I have a post with the term "OMFG" modded +5 Insightful... what's this "sophistication" you speak of?

Re:Still At Risk

[Fishstick]

I've always preferred removing the valve stems with a pair of cutting pliers, myself.

Yeah, it makes a nice whistling sound, but that is kinda the attraction too -- somewhere in the parking garage there are four whistles gradually becoming lower, quieter...

The victim walks out, sees four flats with no apparent damage *WTF*

Nothing as serious as having to buy 4x$120 tires, just aggravating to have to have someone come and repair the wheels onsite (esp in a parking garage where clearance will not permit a rollback trailer)

Re:Still At Risk

[prodangle]

The article said "After intensive tests for all morning, the battery of the car was running low". Does that mean that a similar DOS attack can disable most cars in a car park?

The car was underground, hence the engine would not have been running. All the car's electrical systems were in use all morning, with no alternator to keep the battery charged.

Just leaving the ignition switch at ready keeps lots of electrical systems in the car running, such as solendoids within the engine, cabin lights and dozens of sensors, not to mention the very clever looking TFT in that Prius. Bluetooth activity would have had negligible impact in draining the battery. Besides, in a car park all the cars would have their ignitions switched at off; bluetooth devices would not even be powered up.

Re:Still At Risk

[promantek]

I guess the moderators are valley girls who shriek "Oh my gawd" while skipping together arm-in-arm wearing mini-skirts. Clearly, they find your OMFG comments insightful, but only after 90120 has gone on a commercial break.

that's sophistication, my friend.

Re:Still At Risk

Just a note, the Prius does not actually have an alternator. The electric motor doubles as a generator, able to slow the car down without using the brakes by converting kinetic energy into current.

Re:Still At Risk

[sahrss]

"A much easier to execute Denial-of-Service would be to slash the tires, doncha think? Only takes about 45 seconds to get to all four of 'em,..."

Well, yeah, except that one DOS unit in a parking garage that contained 10 bluetooth cars, could disable all 10, and is not detectable. :)

Re:Still At Risk

[Samari711]

a better way to do this is to buy a valve tool at the local auto parts store. rather than do any permenant damage just loosen every tire's stem. Even if the owner could figure out why their tires are flat, they most likely won't have the tool on hand to fix it. even if they have a pump, the tires won't inflate and they'll be very confused. Also note that some car (especially those abominations known as Hummers) have tires that automatically inflate themselves, so doing this to one of them would result in a car with 4 flats and a dead battery :)

Re:Still At Risk

Fortunately, many modern cars have an automatic power down mode, which switches off all headlights, etc. so now you need to 'leave the door open' to kill the battery... and in most locations 'leaving the door open' will result in 'the car driving itself to a chop shop'

Re:Still At Risk

[NanoGator]

"A much easier to execute Denial-of-Service would be to slash the tires, doncha think?"

A security camera will not catch you wirelessly interferring with a car.

Re:Still At Risk

[Technician]

and I've never been caught doing it.


Please elaborate.. I've never been caught doing it either. I've not been caught simply because I've never done it.

Are you implying you've done it?

Re:Still At Risk

[Fishstick]

had a buddy that had one of those fit to a cordless screwdriver he kept in his toolbox in the trunk. He could screw out the valve cores in about 5 seconds per.

he used to leave a love note for the asshole with the removed cores resting on a wiper.

Re:Still At Risk

[FLEB]

Automatic recycling! Inventive!

Re:Still At Risk

[kamileon]

I've actually watched someone DOS a car... A car alarm was going off every few minutes as trucks drove by during the middle of wedding preparations in a San Francisco park. The sensitivity was cranked way up on the alarm. So the best man walked up to the car and tapped his class ring on the window to set the alarm off, and then kept tapping the window every time the alarm stopped. Drained the battery in about 15-20 minutes, in plenty of time for a peaceful wedding. :) Keep this in mind the next time your neighbor's car alarm goes off at 2 AM. Sure, it takes 20 minutes, but then you get a whole night of blissfully uninterrupted sleep. :)

Re:Still At Risk

[Alex+P+Keaton+in+da]

Correction- CTIS is controlled on Hummers by switch- it does not automatically come on when the pressure is low- the reason for this is to deflate the tires to increase the footprint on soft ground. I am not trying to be rude- but you call Hummers an abomination, and then go on to give incorrect facts about Hummers, which makes me wonder if all your arguments agianst the Hummer are based on false assumptions. I have never owned a Hummer, but I did spend a year with a HUMMV my daily driver, let's just say they run nicely over sand.

Re:Still At Risk

[smatthew]

not to nitpick - but 90120 isn't even a valid zip code....

Re:Still At Risk

[promantek]

DAMN MY TYPOS!

90210...Beverly Hills 90210. You know the old show.

*twirling finger in hair while chewing gum loudly*
The moderators can only get work done during the, like, commercials.

i kid, i kid.

Re:Still At Risk

So... how much sand do you see on the LA freeway? How about soft ground on pavement? I don't think the (average) end consumer is going to use that feature.

Re:Still At Risk

[Alex+P+Keaton+in+da]

I agree- However I also am not interested in the government telling me what I can have on my vehicle. How many consumers need a vehicle that goes over 85 mph in the U.S.? There are many things in the world we don't need... Person A may use things that aren't really needed, and bitch about the things person B uses that aren't really needed, and B then bitches about A... and on and on....

Re:Still At Risk

[Profane+MuthaFucka]

OK, then how about this: you can't park your Hummer at your house, because it's over 6000 lbs. You keep it on the main arteries, and everything will be OK.

Re:Still At Risk

many modern cars have an automatic power down mode, which switches off all headlights, etc.

Old cars have that too - it just takes a little longer. :o)

Permalink

Permalink

Only works on the Lexus, not the Prius

[WillAffleckUW]

After all, cell phone virii only attack those who pay way too much for a car, without increased efficiency ...

Hmmm, maybe the Matrix is happening ...

Re:Only works on the Lexus, not the Prius

[sharkey]

Hmmm, maybe the Matrix is happening ...

No, they said it was a Prius, not a Matrix.

Re:Only works on the Lexus, not the Prius

[WillAffleckUW]

No, they said it was a Prius, not a Matrix.

I'll ask Joey (aka Honda in Japan).

He'll know what to do.

Maybe they could just buy a bigger battery? Or just stop playing the MP3 stereo at 11? Or turn off the neon undercarriage lighting?

Re:Only works on the Lexus, not the Prius

[Gadgetfreak]

Don't forget that the option package that includes the DVD nav and Bluetooth phone capabilities is an additional $5065.

Re:Only works on the Lexus, not the Prius

[zbuffered]

Considering the notorious reliability of Lexuses (mine has 198,000+ miles and although I've replaced many ancillary parts [brake parts, power steering pump, starter, cv joint, little things]), I'd say that they're well-priced. You want overpriced and underperforming? Buy a Mercedes.

Re:Only works on the Lexus, not the Prius

[MustardMan]

Or turn off the neon undercarriage lighting?
It's a toyota prius, not a honda civic

Re:Only works on the Lexus, not the Prius

[Mr.+Slippery]

Considering the notorious reliability of Lexuses (mine has 198,000+ miles and although I've replaced many ancillary parts [brake parts, power steering pump, starter, cv joint, little things]), I'd say that they're well-priced.

If you want the reliability w/out the price tag and fancy-shmancy brand name, just get a Toyota. Same company. My 95 Tercel is creeping up on 170k miles with no major problems. I've seen a few old Toyota vans well over 200k.

Re:Only works on the Lexus, not the Prius

[ad1]

car owner may need to pay more for anti-virus software and installation.

Re:Only works on the Lexus, not the Prius

[zbuffered]

Friend's dad bought a Corolla in '78. in '99 he sold/got rid of it with 350,000 miles. Only problem at that time was rust in the gas tank. He kept up with maintenance but never had ANY problems beyond that.

So, yeah. Toyotas are built to last. Lexuses too, and perhaps even more so--Consumer Reports seems to think so. The difference is that I have a factory amplifier, power sunroof, and a leather and wood interior. And a fancy shmancy brand name. :^p

After 200,000 miles, I'm due for a new car. It'll be a Toyota/Scion/Lexus. My pocketbook can't afford anything else.

Of course, the more luxuries you have on your car, the more features it has, the more things can go wrong.

Re:Only works on the Lexus, not the Prius

[Sporkinum]

Doesn't really mean a whole lot as there are tons of Saturn S series running around with 200k plus miles. Since they have plastic bodies, they still look good too.

Re:Serious Question

Some cars are cheaper then some servers.

Re:Serious Question

[winkydink]

RTFA. It wasn't their car. Toyota lent it to them.

Error message

...And the fact that the low battery is reported as a transmission problem is good how?

Sounds bad enough to me.

what a shitty error message

[RevDobbs]

Granted, the transmission may not be working -- but there should be a diagnostic saying "OMFG Battery Voltage Low" first. If you lost your arms in an industrial accident you don't start by telling the doctor that you have a hard time holding pens...

Re:what a shitty error message

If you lost your arms in an industrial accident you don't start by telling the doctor that you have a hard time holding pens...

Of course not... I told him that I have a hard time holding my penis... so now I got a 23 year-old girl as my personal assistant... she performs all those things that I used to be able to perform.

Re:what a shitty error message

[SagSaw]

Granted, the transmission may not be working -- but there should be a diagnostic saying "OMFG Battery Voltage Low" first.

IAAAEE (I am an automotive electrical engieer)...

From an automotive safety standpoint, a malfunctioning park interlock system is pretty close to the top of the list of bad things. The part interlock is the system that prevents the an automatic transmission from shifting out of park unless the vehicle key is in the ignition and there is a second input from the driver (typically by pressing the brake). If the park interlock malfunctions, a simple bump of the shifter (or possibly even the vehicle) might cause the car to shift out of park and begin to roll away. Typically, any failure that disables the function of the park interlock is given the highest severity (Severe injury or death occurs without warning) on any type of DFMEA analysis.

By prominitly displaying a warning on the dashboard, this failure drops down a few notches in severity as there is clear warning that a failure has occured and instructions from how to minimize the risk.

As a result, if the Prius is only capable of displaying one fault condition at a time, a fault with the park interlock system is much more important to display than a low battery voltage. That having been said, some sort of indication of a low battery condition would also be a good idea, perhaps via a trouble light on the dashboard or elsewhere.

Re:what a shitty error message

[slacktide]

Oh my god! It's a Safety Nightmare! It's also the exactly how every manual transmission car on the road works, and we don't see endless parades of them rolling down the hill, do we?

Re:what a shitty error message

[Eivind]

From an automotive safety standpoint, a malfunctioning park interlock system is pretty close to the top of the list of bad things.

Agreed. So when it happens, it should probably be displayed, even if that means hiding other, less important error-messages.

However, this also means it *shouldn't* be happening as a result of something common. A low battery-voltage is a pretty common error-scenario. To have something dangerous happen as a result thereof is simply bad design.

If they do keep this bad design, then including the reason in the error-message would also be a good idea:

Warning: The low battery voltage causes the park-interlock system to behave abnormally ....

This would atleast give the driver some idea what is going on.

Re:what a shitty error message

I saw a brand new BMW 7 series, that had a stereo installed in it by a good friend of mine. somehow the serpentine belt went out on it, which made the alternator not work. which killed the battery. which then made it not start. which made it impossible to even do anything to, because it's ALL electronic, even the parking brake is a button on the dash.

the guy took it to the BMW dealer, they hooked it up to the diagnostic, and said that my friend had fried all the electrical on the system, because it wasn't putting out 14 volts like it should have been. so they towed it over to the stereo shop my friend works at, only to have him look at it, and open the hood (which the BMW mechanics had never even done) to show him the belt had broken. only to have it towed BACK to the bmw dealer to have them replace the belt. there was nothing in thier flow chart of 'how to fix the car' that said 'open the hood', so they didn't.

I fear for people who take thier cars to mechanics in 20 years. I also fear for cars in 20 years. I personally like my 30 year old VW bug, it's simple. easy. and reliable!

I have a feeling simple electrical issues will be creating all kinds of problems in the kind of cars that will be released in the next 10 years.

Re:what a shitty error message

I hope you don't expect the torque converter on an automatic to have the same holding effect as a clutch on a manual...

Why do you think you can stop a car with an automatic transmission by pressing the brake pedal without stalling the engine?

Re:what a shitty error message

[hyfe]

It's also the exactly how every manual transmission car on the road works

A manual car doesn't roll away when left in gear.

Re:what a shitty error message

[Viol8]

Err , but it will if put in neutral which is the equivalent of taking an auto out of park. Duh.

Re:what a shitty error message

Some sort of indication of a low battery condition would also be a good idea, perhaps via a trouble light on the dashboard or elsewhere.

Er, I don't know if you overlooked this, but all of the dashboard lights were on. I'm sure the low battery one was on somewhere.

Re:what a shitty error message

[SagSaw]

Actually, many newer manual transmission cars have a reverse interlock that ensures that the vehicle can't be shifted out of reverse by accident. It's also much more common to actually use the parking brake in a car with a manual, while almost nobody uses the parking brake in an automatic.

Re:what a shitty error message

[SagSaw]

However, this also means it *shouldn't* be happening as a result of something common. A low battery-voltage is a pretty common error-scenario. To have something dangerous happen as a result thereof is simply bad design.

It would be interesting to know exactly how a low battery voltage does prevent proper operation of the park interlock. AFAIK, the Prius uses an entirely shift-by-wire transmission. Unlike some other cars where that implement shift-by-wire, there is no cable attaching a shift lever to the transmission to mechanically engage or disengage the parking pawl. It may simply mean that below a certain voltage, they can't guarantee the actuator that engages the parking pawl can do so reliably under all conditions. The article also doesn't specify how low the battery voltage dropped, or whether it was the low-voltage or high-voltage battery that was too low.

The same thing can happen now with some automatic transmission shifters which have a neutral interlock. Depending on the design of the shifter, a broken wire, blown fuse, low battery voltage, etc, could result in a situation where the shift lever can not be moved from neutral to reverse. However, since the shift lever physically cannot be moved past neutral towards reverse, it gives immediate feedback that a failure has occurred. Hopefully, the driver is smart enough not to leave the car in neutral on a hill without the parking brake engaged. The difference here, IMHO, is that the Prius shifter cannot give any mechanical feedback that this has happened, so the warning must be communicated in another way.

I fully agree, though, that the warning could be more specific.

Re:what a shitty error message

[cloudmaster]

The interlocks aren't there to keep cars from rolling away, they're present to stop you from starting the car in gear or accidentally engaging a drive gear while the engine's running.

It's very easy to slide an automatic car from park to reverse, esp if the gear selector lever is slightly misaligned. With a manual, you have to put the transmission in neutral *and* set the parking brake to leave a running vehicle - or park up against something. If the tranny does slip into gear, the brake or object you parked up against will most likely cause the car to stall quickly. An automatic, thanks to the torque convertor, will not stall. It may well begin to move under its own power, depending on the TQ's stall speed.

Also, an unpowered automatic will roll in any gear but park. An unattended manual will only roll in neutral.

Re:what a shitty error message

And if drivers learned to use the parking brake as the designers intended, this point would be moot.

Re:FP!

[winkydink]

Either one will be fine as I wouldn't expect that flock of women any time soon.

Big Surprise

Why did they even need to test this? The Bluetooth on the Prius only acts as a BT headset, so until a virus can infect a headset Prius owners are safe.

Re:Big Surprise

[AdamWeeden]

Had you read the article you'd realize you can send and recieve phone books between the car and phones.

Re:Big Surprise

[AA1]

Had you read the article you'd realize you can send and recieve phone books between the car and phones.

yah... and you can transfer files between an iPod and a PC too. Does that mean your iPod can be affected by Windows viruses? c'mon people, think things through first...

Re:Big Surprise

[AdamWeeden]

Don't get me wrong, I understand why it wasn't able to infect. I was simply trying to correct the original statement.

Re:Big Surprise

But it begs the question, can I transfer your Prius' phonebook to my cell or PDA?

hmm

[834r9394557r011]

i think with the tons of money these car companies have and the fact that the computers in them are more proprietary than an old compaq, its no surprise that the viruses did nothing. With the amount of R&D cash on hand these guys have, i think they probably thought of that one.

Apocolypse Now!

[WankersRevenge]

It came as no surprise that we could not infect the car, but the Prius performed in the test even better than expected.

We're all doomed!

Re:Apocolypse Now!

[JoeCommodore]

I don't believe in aliens coming down in spaceships... But this is another story give you Weinermobile nightmares!

Re:Serious Question

RTFA.

When I read "pictures in our weblog", I just assumed it would be slashdotted.

NB.

Re:Serious Question

[WillAffleckUW]

Why would you want to intentionally fuck up your car's computer?

Why did/do people make cars into hotrods?

Because it's there.

Because they can.

Next!

In other news...

[Bifurcati]

Two bodies were found dead on the side of the road, apparently flung from a speeding vehicle. Satellite tracking followed the car as it drove itself, without driver, to a house in suburban San Diego. Police arrested 14 year old Neville Splink as he prepared to climb into the drivers seat with a modded Bluetooth enabled Playstation 2 running Linux and a copy of Gran Turismo 4. Neville could not be reached for comment, but sources say he couldn't believe how lucky he was that some idiots deliberately loaded his virus into their car. He had been expecting to have to take over their minds with their mobile phones first.

Police have warned all families with nerdy children to be on the look out for unexplained cars turning up in their garage.

Re:In other news...

[WillAffleckUW]

Two bodies were found dead on the side of the road, apparently flung from a speeding vehicle. Satellite tracking followed the car as it drove itself, without driver, to a house in suburban San Diego. Police arrested 14 year old Neville Splink as he prepared to climb into the drivers seat with a modded Bluetooth enabled Playstation 2 running Linux and a copy of Gran Turismo 4.

Hackers don't kill people while playing GTA: Seattle, insecure OS on People Personality Pleasure Pods (aka Cars For Families) kill people.

Remember, speed up before your jump over the University Street Bridge when it's going up, or you'll splash into the Ship Canal and your car won't work too well ... unless you have it fitted for Bluetooth Snorkel Option.

Virus that pummels users into submission

[G4from128k]

TFA, further down the page, describes the user experience of a Cabir infection. The recipient must click "yes" a number of times to accept the unknown transmission, install the unknown file, and bypass a security warning about installing something from an unverified supplier. Why do people click "yes" to all this? Because if you click "No" the virus keeps trying to install itself and pester you with the messages.

Definitely reminds me of "Abort/Retry/Fail" error message of so long ago. The first time you ever see the message, you hit "retry" a few times hoping it will work. Eventually, the computer teaches you to never try "retry" because it only puts up the error message again.

This virus is social engineering at its best, just like the whiny kid in the grocery store. Keep pestering until they say "yes."

Re:Virus that pummels users into submission

[krbvroc1]

Firefox will do this too. I'll visit a site that says the security certificate is invalid, so I click 'deny'. The another certificate request pops up, ad-infinitum is seems. Since its a modal dialog you can't even close the web browser or close the 'tab' I'm browsing in. I end up either answering yes after examining the cert or kill via the task manager which closes not only that one site, but all all my open tabs.

Re:Virus that pummels users into submission

Interesting. Did you file a bug?

Re:Virus that pummels users into submission

[thegamerformelyknown]

I used to think this as well, until the other day at school when we were imaging computers (ie. copying the entire contents of a HD to the rest of the lab).

The computers are a few years old, and some of them have bad floppy drives. After a successful image, we needed to change each computers network id using a program called SID Changer off of a Floppy disk. On a few of the computers, the program would fail, giving the typical MS-DOS error (Abort/Retry/Fail). Frustrated, I hit r a bunch of times, and lo and behold, it worked. Testing this on a few other computers, I found this to work about half the time. Wow! Just goes to prove something we all thought was a joke isn't...

Re:Virus that pummels users into submission

[Seraphim1982]

Definitely reminds me of "Abort/Retry/Fail" error message of so long ago. The first time you ever see the message, you hit "retry" a few times hoping it will work. Eventually, the computer teaches you to never try "retry" because it only puts up the error message again.

I often found that the retry option was often very useful. In particular if I had a disk that was on its way out I often found it could take a lot of attempts before the computer would be able to read all the data off of the disk. Now, I don't know about you, but often the annoyance was worth getting the data off of my disk.

Re:Virus that pummels users into submission

There is a simple fix:

It's called flood protection.

Simply auto-ignore the infected cell phone after too many atemps for a few minutes / hours, or allow the user to force ignore instead of just having yes/no as an option.

Re:Virus that pummels users into submission

No - I cannot determine exactly how to reproduce and it hasn't exceeded my annoyance threshold yet. By the time I get into the 'loop' and I kill the firefox task, I've forgotten what site I had surfed to.

Re:Virus that pummels users into submission

[twostar]

RTFA, only if you stay within the range of the infected phone. If you walk away it stops asking to install. So if you just walk by you'll get the message but then it stops. Just like the damn whiny kid, you leave him in the car and you don't have to worry about him pestering you to buy candy.

Re:Virus that pummels users into submission

[Doppler00]

If you are dumb enough to install a virus on your phone after getting all those warnings shown in those screenshots you should immediately return the phone and buy one of those cheap $50 phones. If you don't understand the core features of your phone, you have no business owning one just because it's expensive and looks high tech.

I can just imagine those antivirus companies love this. They'll be selling antivirus programs for your phone for a $30/year subscription.

Re:Virus that pummels users into submission

[AdamWeeden]

This virus is social engineering at its best, just like the whiny kid in the grocery store. Keep pestering until they say "yes."

Except that you can't take the virus to the frozen foods aisle and beat it with a loaf of frozen bread to get it to shut up. :)

Re:Virus that pummels users into submission

You're an idiot.

Re:Virus that pummels users into submission

[rnelsonee]

For what it's worth, I think the yes/no question put forth is provided by the phone whenever an install request is broadcast to it - and it only asks once. What's happening here (again, I may be wrong) is that the virus broadcasts itself every few seconds. So the potential victim's phone is simply asking yes/no each time it receives the virus data. The virus doesn't run (if the virus asked yes/no three times, then the virus would be running already) - the phone was engineered correctly to not run the virus. Of course, in hindsight, we see that a timeout should be in place, or possibly a 'no for subsequent requests' choice.

Re:Virus that pummels users into submission

[FLEB]

Well, if you find out who has the infected phone...

Re:Virus that pummels users into submission

[bcmm]

MS-DOS Retry can work, sometimes. Try making a DOS boot disk, booting it, taking out the disk and running a commnad. Retry will bring back the error, until you put the disk back in, which is when Retry works. :)

Not Suprising, But still interesting

[Xeroc]

After all, the cell phones use Symbian OS, and the Prius (and Lexus) both do not use it, so it isn't very suprising that the virus wouldn't work. After all, you don't hear very often that a MS-Windows virus infects a Macintosh.

Also, I liked the apparent security features in the car, that it didn't react to the bluetooth traffic, but then again, this is probably just due to an inconpatiblility - i.e. the car won't except any type of data but a specific type, like a valid VCARD phone book.

Re:Not Suprising, But still interesting

[System.out.println()]

After all, you don't hear very often that a MS-Windows virus infects a Macintosh.

I actually hear that all the time, it's just not true.

Re:Not Suprising, But still interesting

[Stevyn]

and the layman who saw "Independence Day" might also think so. Somehow aliens use the same wireless network protocols and our viruses are binary compatible. I guess that damn i386 just never goes away.

After a while, it becomes aggravating how many people see something having to do with any high "tech mumbo jumbo" and assume it really is just "random mumbo jumbo" that somehow works most of the time.

Re:Serious Question

[douglips]

You do realize that these people (F-Secure) are virus fighters? They intentionally infect all kinds of things all day long, so they can figure out how to cure them.

A Trojan Horse

[thundercatslair]

I wonder when someone will be able to install a trojan horse into a cars on board computer and disable important functions like, lets say braking remotely.

Re:A Trojan Horse

[EvilSporkMan]

I work for a company that makes hardware and software to monitor vehicle networks, and one of my coworkers tells me one protocol (Onstar? I am NOT sure) has a message to disable the brakes.

Re:A Trojan Horse

Bullshit. The brakes are not controlled through the main console/entertainment systems that onstar and other services control, and never will be. It would be like getting a computer virus that makes your garage door go up and down.

Re:A Trojan Horse

Having a virus cause your garage door go up and down is completely possible if you have a home automation system. Most are computer controlled and use the common x10 protocol

Re:A Trojan Horse

Won't happen until those functions are no longer controlled by mechanical means. Even in the latest cars, as far as I know, there is still a direct mechanical (/hydraulic?)linkage from your brake pedal to your brakes. No car I know of has the "fly-by-wire" systems that are dependent on a computer virus. Now, your cruise control and engine, etc, obviously have computers in them and could be susceptible to a virus, however, a failure in your engine computer would, at worst, total your engine, bringing you to a halt.

I think that all the safety-related and otherwise "vital" systems in the car, like the emergency brake, will always be mechanical or at least electrical in nature, and not computerized. And if they are, they better damn well have a manual override or something, cause I don't trust that, just like I wouldn't trust this car that drives for you in the future that is supposedly going to happen.

Crazy

[XFilesFMDS1013]

Reading the article, they're talking about going undergound in order to not effect any other cellphones in the area, and it stuck me as to how much is the same between a computer virus and a "physical" virus. I mean, scientists who work with e.g. bubonic plague, have to take the same cautions, i.e. not letting the virus out into the "wild", where it can spread. I suppose in a few years, many viruses will be tested like this, taking them into a underground bunker, putting them on a computer that has absolutly no connection to the outside world, and trying to find a cure for it. Then the geeks shall hold the true power.

Re:Crazy

That's how it works now in virus labs, except I doubt that most of them are underground...

Re:Crazy

i think those are called LANs

Re:Crazy

[paulymer5]

An LAN is not sufficient when the virus is transmitted wirelessly.

Re:Crazy

[afidel]

No need to go underground, just build a Faraday cage. When I supported Cisco's wireless division we had several large test chambers which were copper sheet lined boxes used for testing high amplification gear without radiating everyone around. A similar setup would work for testing wireless virus transmission.

Re:Crazy

lead box

Re:Crazy

[simscitizen]

The big difference, though, is that the computer virus was willingly conceived and created by some asshat human who was "curious" about how computers work. Most biological viruses (at least the ones not portrayed in Outbreak or similar films...) don't fall in that realm.

Makes you realize the kind of scum unethical crackers are.

Re:Serious Question

[ggvaidya]

Well, somebody's gotta test the stuff that's used in the fireproofing in your house, right?

That's what these guys are doing. They want to see if the rumors that Bluetooth virii can infect your car's computer are true.

Next article

.... "They got this weird message on the phone, requesting a "Yes" or "No" answer. So they clicked "No". But the message popped up immediatly again. And they clicked "No" - only to see the message pop up again. And since "No" didn't seem to be working, they clicked "Yes"..."

Are people THAT stupid?

Re:Next article

[VoidWraith]

Is it that hard to believe? You seem to have two choices, click yes, or stop using your mobile phone.

I am beginning to like the prius a lot

[swschrad]

if I had cash, I'd get on the list for one now, frankly. they have done a lot of good things in a row with that machine, and toyota is very good about licensing their technology to other automakers. they did a techno-swap agreement with ford, and looks like the GM/DC combine is working on one now.

however, I strongly encourage everybody else to hate the car with a purple-veined passion, so when I do get into a position to.... errr, no, I just want you all to hate it. not saying why ;) starting about a year or two from now.......

Re:I am beginning to like the prius a lot

[Anonymous+Freak]

hehe.. In many dealerships, there are no waiting lists any more; nor do you have to pay extra. The trick is to hunt around, sometimes this means calling dealerships 200 miles away or more. But if you're persistent, you CAN get a Prius today, for MSRP. (There are even reports of people paying UNDER MSRP.)

Re:I am beginning to like the prius a lot

[Pfhor]

Try central or western PA as a place to find Priuses.

Toyota sends out a set amount of cars to every dealership, even if one doesn't sell a single one and has to ship it to another dealership. Last march i could have driven 3 hours to pickup a fully loaded white prius in western PA if i wanted to, they had it sitting on the lot. The people who sign up for the car wont get called until their specific color comes in. If you take any color, you can get it fast (the toyota dealership around here had two white ones sitting on the lot with no buyers).

Re:I am beginning to like the prius a lot

they did a techno-swap agreement with ford...

Newsflash: Ford owns toyota.

Re:I am beginning to like the prius a lot

[Technician]

(There are even reports of people paying UNDER MSRP.)


Don't overlook buying used.

I bought mine with 16K on it. As I was signing the paperwork, the finance officer came to the salesman and asked if the price was correct. There was an error. They sold it for the base price. I got the fully loaded model with the NAV system. It should have sold for about 3K more. It was too late. I got my original price. Sweet.. Know the value before you go to the dealer. Watch for a bargin. They are out there.

Re:I am beginning to like the prius a lot

[swschrad]

no, they don't. toyota started out as a maker of pretty dodgy trucks in the 20s or thereabouts in japan. after being bombed out, they restarted after WWII with major funding help from either GM or Ford (can't remember which), paid 'em back, and brought the saddest little waddlewagon to the US in the early 60s. very sad little thing, couldn't get out of its own way with the help of a missle in its trunk.

they learned. well. so well they are threatening to knock DC out of fourth place and are gaining fast on Ford as well.

if GM fails, the first outfit to get in line in bk court for certain selected assets, I predict, will be toyota. just so they don't have to build another half-dozen plants or so to take over the world; building plants takes time, more than occupying empty newer ones and refitting the production line equipment.

I do surely like my exploder, but it's a little too thirsty.

Re:I am beginning to like the prius a lot

[cloudmaster]

You paid the new car price for one with 16K on it? Man, what a deal! Can you come with me next time I buy a used car? :)

Re:I am beginning to like the prius a lot

[Technician]

You paid the new car price for one with 16K on it? Man, what a deal! Can you come with me next time I buy a used car? :)


I didn't think I had to explain the diference between new car MSRP and used car Blue Book.

I got a fully loaded Prius with 16K for under $18K. I'll leave it up to you to figure if that's 3K under MSRP or Blue Book.

Re:I am beginning to like the prius a lot

An '01 Prius with 16K sells at a dealer for about $16.5K around here. An '02: $18K. An '03: $19K

I'd wonder why someone got rid of the car with so few miles on it, personally. Probably because they got tired of people asking them about the ugly car, or honking/shouting at them to get that slow, ugly car out of the way. 72HP and a 10.5 second 0-60 just for a peak of 60MPG? Buy a motorcycle, helmet, and life insurance policy. Split the remaining $10K+ between a Chevy Aveo for $6K that gets 35MPG and a nice garage.

Re:I am beginning to like the prius a lot

[Technician]

An '01 Prius with 16K sells at a dealer for about $16.5K around here. An '02: $18K. An '03: $19K


FYI, the O1 didn't have the NAV option or the cruise control. The 18K price is the current prices at dealers without the options and is the price I paid 2 years ago for the fully loaded 02. It's depreciation has been zip for the first 2 years. I haven't had any other car hold value like that. I got the Car Facts printout on it. I've been happy with it. As far as performance, it's a lot more peppy than my old 4 banger with a 2.3 L engine. I wasn't expecting a 1.5 L car run better than a 2.3 of about the same size and weight.

Rebooting the car...

[gambit3]

Does anyone else feel disturbed by that statement?

We waited hesistantly a moment, turned ignition off and rebooted the car...

Re:Rebooting the car...

[WillAffleckUW]

Does anyone else feel disturbed by that statement?

Well, since MSFT wants to provide the OS for onboard electronics, soon you'll get a Red Screen of Death ...

Re:Rebooting the car...

[taniwha]

well given that the Prius doesn't have a traditional key, just a key-fob that identofies you and an 'on' button it is a lot like rebooting a PC - to be fair they probably didn't push 'reset' (there isn't one) just turned it off then on again

Re:Rebooting the car...

[6Yankee]

Sitting in an A320 at Stuttgart last summer, wondering why it isn't going anywhere. Eventually they tell us that one of the thrust reversers didn't deploy on landing, and they're trying to persuade the computer to open both of them at the same time.

After an hour and a half of this, the captain tells us that they're "just going to try rebooting the aeroplane". You should have seen some of the passengers' faces, especially when all the cabin lights went off and the air conditioning fell silent... :)

(In the end they disabled the thrust reversers.)

Re:Rebooting the car...

[vorm]

Tech Support: "Toyota Technical Support can I help you?"

Car Dealer: "Yes we are having a problem with all of our cars freezing up and crashing"

Tech Support: "Reboot the cars and that should fix it."

Car Dealer: "We have rebooted and it's still happening"

Tech Support: "Reboot again"

Car Dealer: "We have and it's not helping!"

Tech Support: "There is nothing wrong with the cars, but Service Pack 2 should address the issue when it's released. Thank you and have a nice day."

Re:Rebooting the car...

When I used to own one, I rebooted my Pinto so often my ankle still hurts.

MOD PARENT DOWN

[kkerwin]

Please read the fine article, then post.

Re:MOD PARENT DOWN

You're new here, aren't you?

Re:MOD PARENT DOWN

[kkerwin]

LOL

Too true, friend; the Slashdot community does have a problem with "comment first, ask questions later (if ever)". But a reminder every once in a while can help things (let us pray).

Funny, the same thing happened...

[ctl4u]

With my 1979 Toyota Camry no matter what bluetooth signals I sent there was no response. Needless to say, I was shocked!

Re:Funny, the same thing happened...

[whiteranger99x]

Dude, I know what you mean. I have a 1991 Ford Tempo and despite all the available AM and FM signals, I can't get any reception. Of course, the radio was ripped out of the car. I'll have to see if it's can take bluetooth signals

Re:Funny, the same thing happened...

Considering the Camry was first released in 1983, I'm not surprised that your 1979 version failed to show a response.

KITT

[thanjee]

Did KITT ever get a virus?

If he ever got sick it would have been that he was just sick of having David Hasselhoff hanging around all the time.

Re:KITT

[KingSkippus]

KITT had two very hot "doctors" dedicated to keeping him well and in shape. Remember Bonnie and April?

Re:KITT

[EnronHaliburton2004]

Did KITT ever get a virus?

No. Luckily, Mr. T and the A-Team eliminated all of the viruses between 8 & 8:29. Knight Rider wasn't on until 8:30.

8PM Thursday night was a very exciting time to be a kid.

Interesting

[sheldon]

Usually when I want to "test" a car, I call Enterprise.

Just make sure you get the insurance.

Re:Interesting

[Fussen]

hey HEY! Seen Jackass the movie? *nudge nudge*

I think blow up dolls in the back seat is a sign of respect for the company.

I'm not impressed

[tool462]

No matter what we did the car did not react to the Bluetooth traffic at all.

Meh. My car doesn't respond to Bluetooth traffic either. :shrug:

Too late ....

[taniwha]

I love mine .... best part is the car computer has easter eggs - now you can pull the 'engine codes' yourself sitting in the driver's seat and call them in to the dealer ....

No

[he-sk]

I mean, yes.

Toyota should expand its business...

[guardiangod]

into the cellphone industry.

They have done the impossible: they created a bluetooth system that no virus in existant can infect.

Microsoft, are you listening?

God I think I will feel much safer knowing that my cellphone (and probably my comp's OS) is made by Toyota.

Re:Toyota should expand its business...

[roadrunnerro]

Um... I think the Prius is already running a variant of Windows CE/Mobile...

Interesting...

Tell me more about this underground lair

Re:Interesting...

[Fizzl]

It looked like a decomissioned military underground hangar. We have those here in Finland mined all over the bedrock. (And F-Secure is a Finnish company)

Re:Serious Question

[varmittang]

um, the fire fighters do test out fireproofing by setting make shift houses on fire, just like these guys test out viruses on computers.

Non-M$ car

[kihjin]

Obviously this test was not sponsored by Microsoft.

I eagerly await the next article

Where they show how to infect Herbie the Love Bug

Re:I eagerly await the next article

[Dark+Demon]

Haven't you seen his cousin Herpe?

Crashed?

[SleepyHappyDoc]

Perhaps it's time to find a less ambiguous word to describe a system failure. I'm sure I wasn't the only one whose first glance at the article caught a much different meaning than was intended. Crash works fine in contexts where it doesn't already have a use, but when you refer to cars or planes, it does.

Re:Crashed?

So I'm not the only one who saw that and thought "wow, so you were so busy trying to infect your car you couldn't watch the road?"

The item I liked ...

[jc42]

... was the story from the guy whose cell phone caught the cabir virus, and his phone company's solution was to throw it away and buy a new phone.

Now I'm going to be expecting to hear that Microsoft has adopted this approach (and PHBs are ordering their people to do it) ...

Re:The item I liked ...

[Zemrec]

I've been seeing dead and smashed cellphones on the ground these days. I even saw a girl who was talking on one at a red light, and as soon as it turned green, she threw it out the window and smashed on the pavement.

What is with this disposable society?? We just throw these high tech gadgets away like litter.

I for one am not a litter bug, and when it comes to technology, I'm a pack rat. I just don't understand how people can do that.

Not terribly meaningful

[subStance]

I'm no professional scientist, but it was my understanding that in order to prove something was not true, you have to demonstrate why it can never happen, not that it doesn't happen on a single car that you test it on.

There must be hundreds of different versions of the car's software that have varying levels of resilience to the virus.

I can't wait to see the follow up ... "Why Windows never crashes: we tested and it didn't so it never crashes okay ?" No trouble getting funding for that study from Redmond.

Re:Not terribly meaningful

It shows that particular car can't be infected. I doubt they have a stockpile of modern cars laying around.

Re:Not terribly meaningful

Not all Prius models support the bluetooth feature. Since the feature was introduced in the 2004 product line, I doubt there are "hundreds" of other versions of the software.

Also, since the car doesn't run the Symbian OS anyway, IT DON'T FREAKIN' MATTER.

Dumb and dumber...

[ArrayIndexOutOfBound]

This is really good, you guys are killing me.

Trying to infect Prius with a Symbian "virus" is like trying to infect a tree with a choc chip cookie . Hey I can come up with a better one - it's like trying to infect shampoo with a book on eating disorders (now go picture that in your head for a second).

I won't go into debunking this as I have already done that (http://slashdot.org/comments.pl?sid=137390&cid=11 486620).

But this is so sweet - it takes one dumb kid with too much time on their hands and one even dumber kid to moderate at voila! you get slashdot "news".

Don't you love it!

Re:Dumb and dumber...

[staeiou]

Trying to infect Prius with a Symbian "virus" is like trying to infect a tree with a choc chip cookie . Hey I can come up with a better one - it's like trying to infect shampoo with a book on eating disorders (now go picture that in your head for a second). But this is so sweet - it takes one dumb kid with too much time on their hands and one even dumber kid to moderate at voila! you get slashdot "news".

Whenever thousands of Prius owners and millions of concerned drivers hear a rumor about some virus that can infect cars, it is always cause for concern. I had heard about this before, and was actually relieved (not that much, but still) when I read this story. And, even if I had read the post you referenced, I would still be glad that a statement made by ArrayIndexOutOfBound on a tech news site was validated by F-Secure, a company that _knows_ viruses.

Still, I (a reasonably intelligent and informed /. user) personally have no knowledge of how the bluetooth virus everyone has been talking about works. I know nothing of what OS the Prius uses and how it compares with certain cell phones. I thought this was news.

Lighten up, jerk.

Re:Dumb and dumber...

[ArrayIndexOutOfBound]

That's exactly my point. This is not a tech news site nor are most of it's readers reasonably intelligent and informed (moderators included). Had that been the case, F-Secure et al that know viruses would have entertained this dumb rant. Funny though, even when you feed people knowledge on a teaspoon they keep throwing up crap.

Re:Dumb and dumber...

[thegrassyknowl]

Trying to infect Prius with a Symbian "virus" is like trying to infect a tree with a choc chip cookie . Hey I can come up with a better one - it's like trying to infect shampoo with a book on eating disorders (now go picture that in your head for a second).

A lot of these embedded machines run Java-based software now. If it can run Java it doesn't matter what OS is underneath it. Sure, the JVM and the OS may have differing levels of protection depending on the device, but as I said... Java is the key.

From what I understand (from my limited reading becuase I don't really give a flying fuck... nothing I own has Bluetooth for a very good reason) these cellphone virii rely on the Java compatibility to work.

From the site:

In February we published an official statement from Toyota that Lexus does not use Symbian OS, and thus cannot be infected by any of the Cabir variants.

However a mobile worm infecting a car is a thought that one cannot let go easily, and even as we knew that the car cannot be infected, this was something that just had to be tested for real.

So they already knew it isn't possible to infect the car. That much is clear. Now, Toyota could have lied about the OS it runs, and the car may have been vulnerable. You never know for sure until you try these things.

It was still an interesting experiment because they discovered a few flaws in the Toyota Bluetooth system - the corrupted phone name that froze the display and the flat battery wasn't properly handled by the system.

So, saying this was a stupid experiment is really stupid in itself.

Re:Dumb and dumber...

[S3D]

A lot of these embedded machines run Java-based software now. If it can run Java it doesn't matter what OS is underneath it. Sure, the JVM and the OS may have differing levels of protection depending on the device, but as I said... Java is the key. From what I understand (from my limited reading becuase I don't really give a flying fuck... nothing I own has Bluetooth for a very good reason) these cellphone virii rely on the Java compatibility to work.

No, Symian viruses (like Cabir) does not rely on the Java. Java viruses can not exist becuse of limeted functionality of the J2ME . Symbian "viruses" have nothing to do with JVM and can not infect so called "Java phones". In fact they hardly can infect Symbian phones. This story with repeted "yes, no" spamming sounds lame to me. Why not turn off bluetooth after the first attempt ? Or turn off discovery mode for bluetooth ? And don't tell me about clueless user. Clueless user wouldn't know how to turn bluetooth on.

Re:Dumb and dumber...

The plain and simple answer is that the Cabir sends it's bluetooth requests at such a pace that you cannot turn bluetooth off.

As soon you press no to deny transfer, you get another modal pop-up that asks the same.

So it's no wonder that some people install cabir just out of sheer frustration of constant requests.

After all, let's be honest. If you PC/Phone asks question fifth time in a row, do you really read whats on the dialog?

Re:Dumb and dumber...

[S3D]

I stand corrected, in this case it's a clearly bad design on the Symbian part. There should be delay between accepting requests.

Re:Dumb and dumber...

"But this is so sweet - it takes one dumb kid with too much time on their hands and one even dumber kid to moderate at voila! you get slashdot "news"."

Indeed, the meaningfulness of this test is somewhat questionable. But that's what they said in the first place.

As for your argument that Symbian is not used in cars because A) it's a mobile phone OS B) the car manufacturer is not listed at symbian's web page well, that's just stupid. a) Symbian is an operating system b) doesn't prove _anything_.
Note: I'm _not_ claiming it _is_ used in cars.

Calling these guys dumb kids with too much time on their hands.. makes me wonder if you are just a jealous marketing drone working at a competitor. :)

Happened in one episode (sort of)

Actualy, there was an episode (don't remember the name, dang!) where a hacker used a voice changer to trick KITT into thinking she was Bonnie (the tech who maintains KITT's systems). When KITT let her inside, she plugged a catridge into it's system that enabled hackers to mess with it's personaly, and turn against Michael Knight.

BTW: KITT's new alter ego and voice was far more menacing than KARR. Scary!

Re:Still At Risk--Prius power management

[klubar]

Actually, the Prius has a very small aux (12 volt) battery. Generally, if the key* is in the all-power mode (but not the ready-mode), the engine will kick in every so often to charge the aux battery. The park lock does require power, so I suspect they were either in neutral (which will not charge the battery) or doing something else unusual with the car. The prius is very smart about power management and protecting the traction (main) battery and the 12V aux.

Q: How to make a totaly virus proof Bluetooth?

A: Break the antenna off

haha

[harlemjoe]

how about if they got a BSOD
or an RSOD?

One thing left out of the report

[commodoresloat]

Right before the car crashed, it spoke to the driver, saying, "Hi! How are you? I send you crashing into this wall in order to have your advice. See you later. Thanks"

This article is retarded

and shows how much computer people know about automotive engineering. zilch... cars have multiple cpu's each controlling and monitoring a specific aspect of a car's systems. All the sensors and actuators that control the engine are hardwired directly to the ECU so there's really nothing those silly viruses can do to the safety of a car's operation. Same goes for the ABS system and the airbag system. Just because you see something happening doesn't mean you know what is actually going on. So all the idiots that comment about being able to crash a car with a virus are just that...idiots.

Re:This article is retarded

Think about what systems the proposed virus would have access to though. IANAAE, but it seems like it could turn the radio on to an ear piercing volume, or turn the heat all the way on, maybe even open the trunk (just thinkiing of typical functions that you might want to control remotely) whenever it felt like it. Nothing life threatening, but it definitely could be if it distracts you enough

Crash?

Then, the whole car crashed...

I guess bluetooth wasn't the only thing they tested.

That's bad

[b100dian]

If I hang around your car enough time with that viros attacking, I can (D)DOS it by consuming it's battery!

Underground bunker and all that

Disclaimer: I write Symbian software for a living.

So they went to an underground bunker to be safe. Why? Those so-called viruses will ASK you to accept first the transfer, then you'll have to deliberately click through the installation process - the virus just WILL NOT appear on your cell phone like that. It's a completely different mechanism than in the old DOS viruses which just appeared, or the Windows worms which infect your machine through the network behind your back.

They should call those "Symbian viruses" trojans because that's what those are. But then again, failure to create irrational fear translates directly to bad stock performance causing the imaginary money these people never had (stock options) to diminish.

To receive something and to install it into the device requires too much user interaction to be practical. Therefore, among other things, there is no future for viruses in the Symbian platform. I think F-Secure knows this, and is trying to milk the mobile phone virus fear as long as they can.

Re:Underground bunker and all that

[generic]

Thats how I felt, since they could have left the entire part about the car battery being low out of the article. They put it in there to generate interest, since they only proved that you can't infect a car with a cell phone virus. Which isn't that interesting. I am curious as to why it took so long to test as the battery had gotten low.

Re:Underground bunker and all that

[h3rmanni]

>To receive something and to install it into
>the device requires too much user interaction
>to be practical.

Yeah. So Cabir has only spread to 21 countries so far.

Which in fact really is slow: 21 countries in 10 months...where most Windows viruses go worldwide in 24 hours.

But nevertheless, Cabir is really in the wild. So is the Commwarrior virus that spreads via MMS messages - confirmed reports from at least three countries.

Re:Underground bunker and all that

[fbjon]

If Toyota handed me a Prius with those goodies for "testing", I'd be playing with it for a week at least. Just for the "testing".

Data stream capture

[rgcustodio]

They should've at least used a Bluetooth packet analyzer and captured the data stream to and from the phone/car. It should be a good read. And a better disection could be performed.

Re:Still At Risk - for vandals

[saskboy]

Yeah, I don't get what's with all the big-shot vandals around here. Destroying hundreds of dollars of tires, and wasting at least a victim's, a tow-truck driver's, and a cop's time is a sick thing to do under almost any circumstance.

Väestösuoja

Probably just that and not a hangar.

Re:Väestösuoja

I have always thought it is spelled väestönsuoja.

They're killing our comedy!

[Jack+Taylor]

There are three engineers in a car; an electrical engineer, a chemical engineer and a Microsoft engineer. Suddenly the car just stops by the side of the road, and the three engineers look at each other wondering what could be wrong. The electrical engineer suggests stripping down the electronics of the car and trying to trace where a fault might have occurred. The chemical engineer, not knowing much about cars, suggests that maybe the fuel is becoming emulsified and getting blocked somewhere. Then, the Microsoft engineer, not knowing much about anything, comes up with a suggestion "Why don't close all the windows, get out, get back in, then open the windows again, and maybe it'll work!?"

This joke doesn't seem too funny anymore...

No-claims

[Timberwolf0122]

did your premium go up after the crash of was your no-claims bonus protected?

I would hope that car manufacturers would take bluetooth security very serious and install the proper check to ensure any data being loaded was from an authenticated source and that it did not contain any suspect code, IE: VCARDs contained only contact data and and software being loaded should be either certified by the manufacture or run on an isolated sub-system that is firewalled either virtualy of physicaly from the cars critical systems.

Any failure to adhear to the these standards could potentialy result in multiple losses of life (imagin a time bomb set to kill the powersteeing/engine that could transmit between any two BT enabled cars when they pass).

Security

[3.09+a+hour]

Although im not surpised that it passed the virus test (meant for a diffrent application) I was suprised at the security the car offered. Up untill the low battery made it think there was a transmission fault. Great computer you have there guys, that cant even test the battery... but thank god it has shiney bluetooth to keep you busy!

We have laws about this now.

[bullitB]

Then, the whole car crashed...

Do you see what happens when you play with your cell phone instead of look at the road?!

Dumb kid

[upside]

The dumb kid is the director of research at FSecure. Feel silly now?

No they don't

[zakkie]

Um, no they don't.

Why post crap when facts are easy to check out?

Re:No they don't

This just in: Aidsy cocksucking.

Where's the CONTROL test?

[NuShrike]

So it's fine that you can't send viruses to the Prius, but how about normal stuff like phone numbers?

I can speak from personal experience, that the Prius has ASS bluetooth support. Not only is it difficult to dump an entire phonebook to it (you might have to resort to sending one at a time!), but if you have multiple entries in your phone per name, it would stall on transfer or install extremely slowly, and have no way to preselect the specific number the Prius would pick up.

Don't get me started on audio distortion sounding like the phone was out of range even with the phone inside the car, and no way to "adjust it" except to get inside the non-user facing "diagnostic" menus.

The other conclusion to virus immunity could be the Prius has horrible bluetooth functionality.

Only if your name is James Bond

[mpontes]

The battery ran low because they spend a lot of time messing with the bluetooth functions of the onboard computer. A normal user wouldn't stop the car and spend the whole day uploading files to the on-board computer, would he?

Plus, it's stated in the article the car only replies to bluetooth devices paired with the system. You would have to break into the car, find some way to turn on the on-board computer and pair the on-board computer with your bluetooth device before you could do anything. Sounds like something James Bond would do, but it's impracticable in real life. Or even better, a 00s version of

um... does this mean anything...?

other than the car's computer can't be infected with CURRENT viruses? I could be mistaken, but isn't there always a possibility that someone could learn more about the car's computer and write a virus that the car's computer would be suceptable to?

But does it use GRUB?

[muellerr1]

In England, if you tip the boot loader he'll be extra careful when putting your suitcases into the trunk.

Ba-dump tss.

Seriously, though, if you press the 'Turbo' button, does your car get 1/3 faster, but become more unstable and likely to crash?

Thanks, folks, I'll be here all week.

Mine will

[bluGill]

Sure a manual will roll while it is in gear. 5Th gear often does not have the ability to keep the car from moving. Particularly if your engine has 160,000 miles on it, and low compression on one cylinder, like mine does.

Most manual drivers leave their transmission in reverse when they leave the car. Reverse has the highest gear ratio of any gear, so it is the hardest for gravity to work against. (Remember that the driving is happening from the other end of the transmission, so all the gear ratios are backwards)

Re:Still At Risk - for vandals

[RevDobbs]

(Ugh. Why am I even replying?)

First, I was joking when I implied that I have slashed car tires. Get over it.

Second, I was meerly pointing out that if you wanted to make life difficult for someone, the ubergeek way is seldom the easiest; you wouldn't shit on Mitnick for pointing out how Social Engineering works. (Yes, geeks don't do it 'cause it is easy... but most geeks aren't vandals.)

Finally, the whole thread is bunk: "Too much Bluetooth DOSes a Toyota!" The original poster of that comment didn't realize the issue was that the car was on all day with out the alternator spinning, not that teh radi0 wavez were doing nasty things.

Re:Still At Risk - for vandals

[saskboy]

I didn't know you were joking, there are people just that rotten in the world, and sometimes what seems absurd to one, is reality to another.